An update for kernel is now available for openEuler-20.03-LTS-SP1,openEuler-20.03-LTS-SP2 and openEuler-20.03-LTS-SP3 Security Advisory openeuler-security@openeuler.org openEuler security committee openEuler-SA-2022-1559 Final 1.0 1.0 2022-03-07 Initial 2022-03-07 2022-03-07 openEuler SA Tool V1.0 2022-03-07 kernel security update An update for kernel is now available for openEuler-20.03-LTS-SP1,openEuler-20.03-LTS-SP2 and openEuler-20.03-LTS-SP3. The Linux Kernel, the operating system core itself. Security Fix(es): A vulnerability was found in the Linux kernel's EBPF verifier when handling internal data structures. Internal memory locations could be returned to userspace. A local attacker with the permissions to insert eBPF code to the kernel can use this to leak internal kernel memory details defeating some of the exploit mitigations in place for the kernel.(CVE-2021-4159) An issue was discovered in drivers/usb/gadget/composite.c in the Linux kernel before 5.16.10. The USB Gadget subsystem lacks certain validation of interface OS descriptor requests (ones with a large array index and ones associated with NULL function pointer retrieval). Memory corruption might occur.(CVE-2022-25258) An issue was discovered in drivers/usb/gadget/function/rndis.c in the Linux kernel before 5.16.10. The RNDIS USB gadget lacks validation of the size of the RNDIS_MSG_SET command. Attackers can obtain sensitive information from kernel memory.(CVE-2022-25375) A flaw null pointer dereference in the Linux kernel UDF file system functionality was found in the way user triggers udf_file_write_iter function for the malicious UDF image. A local user could use this flaw to crash the system. Actual from Linux kernel 4.2-rc1 till 5.17-rc2.(CVE-2022-0617) An update for kernel is now available for openEuler-20.03-LTS-SP1,openEuler-20.03-LTS-SP2 and openEuler-20.03-LTS-SP3. openEuler Security has rated this update as having a security impact of medium. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. Medium kernel https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1559 https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2021-4159 https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2022-25258 https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2022-25375 https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2022-0617 https://nvd.nist.gov/vuln/detail/CVE-2021-4159 https://nvd.nist.gov/vuln/detail/CVE-2022-25258 https://nvd.nist.gov/vuln/detail/CVE-2022-25375 https://nvd.nist.gov/vuln/detail/CVE-2022-0617 openEuler-20.03-LTS-SP1 openEuler-20.03-LTS-SP2 openEuler-20.03-LTS-SP3 kernel-4.19.90-2203.1.0.0139.oe1.aarch64.rpm kernel-tools-devel-4.19.90-2203.1.0.0139.oe1.aarch64.rpm kernel-tools-debuginfo-4.19.90-2203.1.0.0139.oe1.aarch64.rpm python2-perf-debuginfo-4.19.90-2203.1.0.0139.oe1.aarch64.rpm kernel-debuginfo-4.19.90-2203.1.0.0139.oe1.aarch64.rpm python3-perf-4.19.90-2203.1.0.0139.oe1.aarch64.rpm python3-perf-debuginfo-4.19.90-2203.1.0.0139.oe1.aarch64.rpm kernel-source-4.19.90-2203.1.0.0139.oe1.aarch64.rpm python2-perf-4.19.90-2203.1.0.0139.oe1.aarch64.rpm bpftool-4.19.90-2203.1.0.0139.oe1.aarch64.rpm kernel-debugsource-4.19.90-2203.1.0.0139.oe1.aarch64.rpm bpftool-debuginfo-4.19.90-2203.1.0.0139.oe1.aarch64.rpm kernel-devel-4.19.90-2203.1.0.0139.oe1.aarch64.rpm kernel-tools-4.19.90-2203.1.0.0139.oe1.aarch64.rpm perf-debuginfo-4.19.90-2203.1.0.0139.oe1.aarch64.rpm perf-4.19.90-2203.1.0.0139.oe1.aarch64.rpm kernel-debuginfo-4.19.90-2203.1.0.0138.oe1.aarch64.rpm perf-debuginfo-4.19.90-2203.1.0.0138.oe1.aarch64.rpm kernel-4.19.90-2203.1.0.0138.oe1.aarch64.rpm python2-perf-debuginfo-4.19.90-2203.1.0.0138.oe1.aarch64.rpm python3-perf-debuginfo-4.19.90-2203.1.0.0138.oe1.aarch64.rpm kernel-source-4.19.90-2203.1.0.0138.oe1.aarch64.rpm python3-perf-4.19.90-2203.1.0.0138.oe1.aarch64.rpm kernel-tools-devel-4.19.90-2203.1.0.0138.oe1.aarch64.rpm bpftool-4.19.90-2203.1.0.0138.oe1.aarch64.rpm kernel-debugsource-4.19.90-2203.1.0.0138.oe1.aarch64.rpm kernel-tools-debuginfo-4.19.90-2203.1.0.0138.oe1.aarch64.rpm kernel-devel-4.19.90-2203.1.0.0138.oe1.aarch64.rpm bpftool-debuginfo-4.19.90-2203.1.0.0138.oe1.aarch64.rpm python2-perf-4.19.90-2203.1.0.0138.oe1.aarch64.rpm kernel-tools-4.19.90-2203.1.0.0138.oe1.aarch64.rpm perf-4.19.90-2203.1.0.0138.oe1.aarch64.rpm kernel-tools-4.19.90-2203.1.0.0139.oe1.aarch64.rpm kernel-debugsource-4.19.90-2203.1.0.0139.oe1.aarch64.rpm kernel-debuginfo-4.19.90-2203.1.0.0139.oe1.aarch64.rpm kernel-tools-devel-4.19.90-2203.1.0.0139.oe1.aarch64.rpm kernel-source-4.19.90-2203.1.0.0139.oe1.aarch64.rpm perf-debuginfo-4.19.90-2203.1.0.0139.oe1.aarch64.rpm python2-perf-debuginfo-4.19.90-2203.1.0.0139.oe1.aarch64.rpm kernel-devel-4.19.90-2203.1.0.0139.oe1.aarch64.rpm python3-perf-4.19.90-2203.1.0.0139.oe1.aarch64.rpm python3-perf-debuginfo-4.19.90-2203.1.0.0139.oe1.aarch64.rpm kernel-4.19.90-2203.1.0.0139.oe1.aarch64.rpm bpftool-debuginfo-4.19.90-2203.1.0.0139.oe1.aarch64.rpm perf-4.19.90-2203.1.0.0139.oe1.aarch64.rpm kernel-tools-debuginfo-4.19.90-2203.1.0.0139.oe1.aarch64.rpm bpftool-4.19.90-2203.1.0.0139.oe1.aarch64.rpm python2-perf-4.19.90-2203.1.0.0139.oe1.aarch64.rpm kernel-4.19.90-2203.1.0.0139.oe1.src.rpm kernel-4.19.90-2203.1.0.0138.oe1.src.rpm kernel-4.19.90-2203.1.0.0139.oe1.src.rpm kernel-devel-4.19.90-2203.1.0.0139.oe1.x86_64.rpm python2-perf-debuginfo-4.19.90-2203.1.0.0139.oe1.x86_64.rpm kernel-source-4.19.90-2203.1.0.0139.oe1.x86_64.rpm perf-debuginfo-4.19.90-2203.1.0.0139.oe1.x86_64.rpm bpftool-4.19.90-2203.1.0.0139.oe1.x86_64.rpm python2-perf-4.19.90-2203.1.0.0139.oe1.x86_64.rpm kernel-debugsource-4.19.90-2203.1.0.0139.oe1.x86_64.rpm kernel-tools-devel-4.19.90-2203.1.0.0139.oe1.x86_64.rpm python3-perf-4.19.90-2203.1.0.0139.oe1.x86_64.rpm perf-4.19.90-2203.1.0.0139.oe1.x86_64.rpm kernel-tools-4.19.90-2203.1.0.0139.oe1.x86_64.rpm python3-perf-debuginfo-4.19.90-2203.1.0.0139.oe1.x86_64.rpm kernel-4.19.90-2203.1.0.0139.oe1.x86_64.rpm kernel-tools-debuginfo-4.19.90-2203.1.0.0139.oe1.x86_64.rpm kernel-debuginfo-4.19.90-2203.1.0.0139.oe1.x86_64.rpm bpftool-debuginfo-4.19.90-2203.1.0.0139.oe1.x86_64.rpm kernel-devel-4.19.90-2203.1.0.0138.oe1.x86_64.rpm bpftool-debuginfo-4.19.90-2203.1.0.0138.oe1.x86_64.rpm kernel-tools-devel-4.19.90-2203.1.0.0138.oe1.x86_64.rpm perf-debuginfo-4.19.90-2203.1.0.0138.oe1.x86_64.rpm python3-perf-4.19.90-2203.1.0.0138.oe1.x86_64.rpm python2-perf-4.19.90-2203.1.0.0138.oe1.x86_64.rpm python3-perf-debuginfo-4.19.90-2203.1.0.0138.oe1.x86_64.rpm kernel-tools-debuginfo-4.19.90-2203.1.0.0138.oe1.x86_64.rpm kernel-debuginfo-4.19.90-2203.1.0.0138.oe1.x86_64.rpm perf-4.19.90-2203.1.0.0138.oe1.x86_64.rpm kernel-source-4.19.90-2203.1.0.0138.oe1.x86_64.rpm bpftool-4.19.90-2203.1.0.0138.oe1.x86_64.rpm python2-perf-debuginfo-4.19.90-2203.1.0.0138.oe1.x86_64.rpm kernel-debugsource-4.19.90-2203.1.0.0138.oe1.x86_64.rpm kernel-4.19.90-2203.1.0.0138.oe1.x86_64.rpm kernel-tools-4.19.90-2203.1.0.0138.oe1.x86_64.rpm bpftool-4.19.90-2203.1.0.0139.oe1.x86_64.rpm perf-debuginfo-4.19.90-2203.1.0.0139.oe1.x86_64.rpm perf-4.19.90-2203.1.0.0139.oe1.x86_64.rpm bpftool-debuginfo-4.19.90-2203.1.0.0139.oe1.x86_64.rpm python2-perf-4.19.90-2203.1.0.0139.oe1.x86_64.rpm kernel-tools-4.19.90-2203.1.0.0139.oe1.x86_64.rpm kernel-tools-debuginfo-4.19.90-2203.1.0.0139.oe1.x86_64.rpm kernel-debugsource-4.19.90-2203.1.0.0139.oe1.x86_64.rpm kernel-4.19.90-2203.1.0.0139.oe1.x86_64.rpm python3-perf-debuginfo-4.19.90-2203.1.0.0139.oe1.x86_64.rpm kernel-devel-4.19.90-2203.1.0.0139.oe1.x86_64.rpm kernel-tools-devel-4.19.90-2203.1.0.0139.oe1.x86_64.rpm python3-perf-4.19.90-2203.1.0.0139.oe1.x86_64.rpm kernel-source-4.19.90-2203.1.0.0139.oe1.x86_64.rpm python2-perf-debuginfo-4.19.90-2203.1.0.0139.oe1.x86_64.rpm kernel-debuginfo-4.19.90-2203.1.0.0139.oe1.x86_64.rpm A vulnerability was found in the Linux kernel s EBPF verifier when handling internal data structures. Internal memory locations could be returned to userspace. A local attacker with the permissions to insert eBPF code to the kernel can use this to leak internal kernel memory details defeating some of the exploit mitigations in place for the kernel. 2022-03-07 CVE-2021-4159 openEuler-20.03-LTS-SP1 openEuler-20.03-LTS-SP2 openEuler-20.03-LTS-SP3 Medium 4.4 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H kernel security update 2022-03-07 https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1559 An issue was discovered in drivers/usb/gadget/composite.c in the Linux kernel before 5.16.10. The USB Gadget subsystem lacks certain validation of interface OS descriptor requests (ones with a large array index and ones associated with NULL function pointer retrieval). Memory corruption might occur. 2022-03-07 CVE-2022-25258 openEuler-20.03-LTS-SP1 openEuler-20.03-LTS-SP2 openEuler-20.03-LTS-SP3 Medium 4.6 AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H kernel security update 2022-03-07 https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1559 An issue was discovered in drivers/usb/gadget/function/rndis.c in the Linux kernel before 5.16.10. The RNDIS USB gadget lacks validation of the size of the RNDIS_MSG_SET command. Attackers can obtain sensitive information from kernel memory. 2022-03-07 CVE-2022-25375 openEuler-20.03-LTS-SP1 openEuler-20.03-LTS-SP2 openEuler-20.03-LTS-SP3 Medium 5.5 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N kernel security update 2022-03-07 https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1559 A flaw null pointer dereference in the Linux kernel UDF file system functionality was found in the way user triggers udf_file_write_iter function for the malicious UDF image. A local user could use this flaw to crash the system. Actual from Linux kernel 4.2-rc1 till 5.17-rc2. 2022-03-07 CVE-2022-0617 openEuler-20.03-LTS-SP1 openEuler-20.03-LTS-SP2 openEuler-20.03-LTS-SP3 Medium 5.1 AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H kernel security update 2022-03-07 https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1559