OESA-2024-1032

See a problem?
Please try reporting it to the source first.
Source
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1032
Import Source
https://repo.openeuler.org/security/data/osv/OESA-2024-1032.json
JSON Data
https://api.test.osv.dev/v1/vulns/OESA-2024-1032
Upstream
Published
2024-01-12T11:06:43Z
Modified
2025-08-12T05:08:33.087743Z
Summary
kernel security update
Details

The Linux Kernel, the operating system core itself.

Security Fix(es):

openeuler-linux-kernel-5.10.149-ext4writeinlinedata-kernelbug-365020(CVE-2021-33631)

An issue was discovered in the Linux kernel through 6.3.8. A use-after-free was found in ravbremove in drivers/net/ethernet/renesas/ravbmain.c.(CVE-2023-35827)

An out-of-bounds read vulnerability was found in smbCalcSize in fs/smb/client/netmisc.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information.(CVE-2023-6606)

An out-of-bounds read vulnerability was found in smb2dumpdetail in fs/smb/client/smb2ops.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information.(CVE-2023-6610)

A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation.

The function nftpipapowalk did not skip inactive elements during set walk which could lead double deactivations of PIPAPO (Pile Packet Policies) elements, leading to use-after-free.

We recommend upgrading past commit 317eb9685095678f2c9f5a8189de698c5354316a.

(CVE-2023-6817)

A heap out-of-bounds write vulnerability in the Linux kernel's Performance Events system component can be exploited to achieve local privilege escalation.

A perfevent's readsize can overflow, leading to an heap out-of-bounds increment or write in perfreadgroup().

We recommend upgrading past commit 382c27f4ed28f803b1f1473ac2d8db0afc795a1b.

(CVE-2023-6931)

A use-after-free vulnerability in the Linux kernel's ipv4: igmp component can be exploited to achieve local privilege escalation.

A race condition can be exploited to cause a timer be mistakenly registered on a RCU read locked object which is freed by another thread.

We recommend upgrading past commit e2b706c691905fe78468c361aaabc719d0a496f1.

(CVE-2023-6932)

Database specific 
{
    "severity": "High"
}
References

Affected packages

openEuler:22.03-LTS / kernel

Package

Name
kernel
Purl
pkg:rpm/openEuler/kernel&distro=openEuler-22.03-LTS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.10.0-60.121.0.148.oe2203

Ecosystem specific 

{
    "src": [
        "kernel-5.10.0-60.121.0.148.oe2203.src.rpm"
    ],
    "x86_64": [
        "kernel-headers-5.10.0-60.121.0.148.oe2203.x86_64.rpm",
        "python3-perf-debuginfo-5.10.0-60.121.0.148.oe2203.x86_64.rpm",
        "kernel-debugsource-5.10.0-60.121.0.148.oe2203.x86_64.rpm",
        "perf-5.10.0-60.121.0.148.oe2203.x86_64.rpm",
        "perf-debuginfo-5.10.0-60.121.0.148.oe2203.x86_64.rpm",
        "kernel-tools-debuginfo-5.10.0-60.121.0.148.oe2203.x86_64.rpm",
        "kernel-5.10.0-60.121.0.148.oe2203.x86_64.rpm",
        "kernel-tools-5.10.0-60.121.0.148.oe2203.x86_64.rpm",
        "kernel-source-5.10.0-60.121.0.148.oe2203.x86_64.rpm",
        "kernel-devel-5.10.0-60.121.0.148.oe2203.x86_64.rpm",
        "bpftool-5.10.0-60.121.0.148.oe2203.x86_64.rpm",
        "kernel-debuginfo-5.10.0-60.121.0.148.oe2203.x86_64.rpm",
        "bpftool-debuginfo-5.10.0-60.121.0.148.oe2203.x86_64.rpm",
        "kernel-tools-devel-5.10.0-60.121.0.148.oe2203.x86_64.rpm",
        "python3-perf-5.10.0-60.121.0.148.oe2203.x86_64.rpm"
    ],
    "aarch64": [
        "kernel-5.10.0-60.121.0.148.oe2203.aarch64.rpm",
        "kernel-tools-5.10.0-60.121.0.148.oe2203.aarch64.rpm",
        "python3-perf-5.10.0-60.121.0.148.oe2203.aarch64.rpm",
        "python3-perf-debuginfo-5.10.0-60.121.0.148.oe2203.aarch64.rpm",
        "bpftool-debuginfo-5.10.0-60.121.0.148.oe2203.aarch64.rpm",
        "kernel-headers-5.10.0-60.121.0.148.oe2203.aarch64.rpm",
        "kernel-debuginfo-5.10.0-60.121.0.148.oe2203.aarch64.rpm",
        "kernel-source-5.10.0-60.121.0.148.oe2203.aarch64.rpm",
        "bpftool-5.10.0-60.121.0.148.oe2203.aarch64.rpm",
        "kernel-debugsource-5.10.0-60.121.0.148.oe2203.aarch64.rpm",
        "perf-debuginfo-5.10.0-60.121.0.148.oe2203.aarch64.rpm",
        "kernel-tools-devel-5.10.0-60.121.0.148.oe2203.aarch64.rpm",
        "kernel-tools-debuginfo-5.10.0-60.121.0.148.oe2203.aarch64.rpm",
        "perf-5.10.0-60.121.0.148.oe2203.aarch64.rpm",
        "kernel-devel-5.10.0-60.121.0.148.oe2203.aarch64.rpm"
    ]
}