6234 lines
453 KiB
JSON
6234 lines
453 KiB
JSON
{
|
|
"document":{
|
|
"aggregate_severity":{
|
|
"namespace":"https://nvd.nist.gov/vuln-metrics/cvss",
|
|
"text":"High"
|
|
},
|
|
"category":"csaf_vex",
|
|
"csaf_version":"2.0",
|
|
"distribution":{
|
|
"tlp":{
|
|
"label":"WHITE",
|
|
"url":"https:/www.first.org/tlp/"
|
|
}
|
|
},
|
|
"lang":"en",
|
|
"notes":[
|
|
{
|
|
"text":"kernel security update",
|
|
"category":"general",
|
|
"title":"Synopsis"
|
|
},
|
|
{
|
|
"text":"An update for kernel is now available for openEuler-20.03-LTS-SP4",
|
|
"category":"general",
|
|
"title":"Summary"
|
|
},
|
|
{
|
|
"text":"The Linux Kernel, the operating system core itself.\n\nSecurity Fix(es):\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nusb: fix various gadgets null ptr deref on 10gbps cabling.\n\nThis avoids a null pointer dereference in\nf_{ecm,eem,hid,loopback,printer,rndis,serial,sourcesink,subset,tcm}\nby simply reusing the 5gbps config for 10gbps.(CVE-2021-47270)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nseg6: fix the iif in the IPv6 socket control block\n\nWhen an IPv4 packet is received, the ip_rcv_core(...) sets the receiving\ninterface index into the IPv4 socket control block (v5.16-rc4,\nnet/ipv4/ip_input.c line 510):\n\n IPCB(skb)->iif = skb->skb_iif;\n\nIf that IPv4 packet is meant to be encapsulated in an outer IPv6+SRH\nheader, the seg6_do_srh_encap(...) performs the required encapsulation.\nIn this case, the seg6_do_srh_encap function clears the IPv6 socket control\nblock (v5.16-rc4 net/ipv6/seg6_iptunnel.c line 163):\n\n memset(IP6CB(skb), 0, sizeof(*IP6CB(skb)));\n\nThe memset(...) was introduced in commit ef489749aae5 (\"ipv6: sr: clear\nIP6CB(skb) on SRH ip4ip6 encapsulation\") a long time ago (2019-01-29).\n\nSince the IPv6 socket control block and the IPv4 socket control block share\nthe same memory area (skb->cb), the receiving interface index info is lost\n(IP6CB(skb)->iif is set to zero).\n\nAs a side effect, that condition triggers a NULL pointer dereference if\ncommit 0857d6f8c759 (\"ipv6: When forwarding count rx stats on the orig\nnetdev\") is applied.\n\nTo fix that issue, we set the IP6CB(skb)->iif with the index of the\nreceiving interface once again.(CVE-2021-47515)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nmedia: mxl111sf: change mutex_init() location\n\nSyzbot reported, that mxl111sf_ctrl_msg() uses uninitialized\nmutex. The problem was in wrong mutex_init() location.\n\nPrevious mutex_init(&state->msg_lock) call was in ->init() function, but\ndvb_usbv2_init() has this order of calls:\n\n\tdvb_usbv2_init()\n\t dvb_usbv2_adapter_init()\n\t dvb_usbv2_adapter_frontend_init()\n\t props->frontend_attach()\n\n\t props->init()\n\nSince mxl111sf_* devices call mxl111sf_ctrl_msg() in ->frontend_attach()\ninternally we need to initialize state->msg_lock before\nfrontend_attach(). To achieve it, ->probe() call added to all mxl111sf_*\ndevices, which will simply initiaize mutex.(CVE-2021-47583)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nmac80211: validate extended element ID is present\n\nBefore attempting to parse an extended element, verify that\nthe extended element ID is present.(CVE-2021-47611)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ni40e: Fix queues reservation for XDP\n\nWhen XDP was configured on a system with large number of CPUs\nand X722 NIC there was a call trace with NULL pointer dereference.\n\ni40e 0000:87:00.0: failed to get tracking for 256 queues for VSI 0 err -12\ni40e 0000:87:00.0: setup of MAIN VSI failed\n\nBUG: kernel NULL pointer dereference, address: 0000000000000000\nRIP: 0010:i40e_xdp+0xea/0x1b0 [i40e]\nCall Trace:\n? i40e_reconfig_rss_queues+0x130/0x130 [i40e]\ndev_xdp_install+0x61/0xe0\ndev_xdp_attach+0x18a/0x4c0\ndev_change_xdp_fd+0x1e6/0x220\ndo_setlink+0x616/0x1030\n? ahci_port_stop+0x80/0x80\n? ata_qc_issue+0x107/0x1e0\n? lock_timer_base+0x61/0x80\n? __mod_timer+0x202/0x380\nrtnl_setlink+0xe5/0x170\n? bpf_lsm_binder_transaction+0x10/0x10\n? security_capable+0x36/0x50\nrtnetlink_rcv_msg+0x121/0x350\n? rtnl_calcit.isra.0+0x100/0x100\nnetlink_rcv_skb+0x50/0xf0\nnetlink_unicast+0x1d3/0x2a0\nnetlink_sendmsg+0x22a/0x440\nsock_sendmsg+0x5e/0x60\n__sys_sendto+0xf0/0x160\n? __sys_getsockname+0x7e/0xc0\n? _copy_from_user+0x3c/0x80\n? __sys_setsockopt+0xc8/0x1a0\n__x64_sys_sendto+0x20/0x30\ndo_syscall_64+0x33/0x40\nentry_SYSCALL_64_after_hwframe+0x44/0xae\nRIP: 0033:0x7f83fa7a39e0\n\nThis was caused by PF queue pile fragmentation due to\nflow director VSI queue being placed right after main VSI.\nBecause of this main VSI was not able to resize its\nqueue allocation for XDP resulting in no queues allocated\nfor main VSI when XDP was turned on.\n\nFix this by always allocating last queue in PF queue pile\nfor a flow director VSI.(CVE-2021-47619)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nASoC: max9759: fix underflow in speaker_gain_control_put()\n\nCheck for negative values of \"priv->gain\" to prevent an out of bounds\naccess. The concern is that these might come from the user via:\n -> snd_ctl_elem_write_user()\n -> snd_ctl_elem_write()\n -> kctl->put()(CVE-2022-48717)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nnet: ieee802154: ca8210: Stop leaking skb's\n\nUpon error the ieee802154_xmit_complete() helper is not called. Only\nieee802154_wake_queue() is called manually. We then leak the skb\nstructure.\n\nFree the skb structure upon error before returning.(CVE-2022-48722)\n\nRejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.(CVE-2022-48736)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nASoC: ops: Reject out of bounds values in snd_soc_put_volsw()\n\nWe don't currently validate that the values being set are within the range\nwe advertised to userspace as being valid, do so and reject any values\nthat are out of range.(CVE-2022-48738)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nnet: amd-xgbe: Fix skb data length underflow\n\nThere will be BUG_ON() triggered in include/linux/skbuff.h leading to\nintermittent kernel panic, when the skb length underflow is detected.\n\nFix this by dropping the packet if such length underflows are seen\nbecause of inconsistencies in the hardware descriptors.(CVE-2022-48743)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: Avoid field-overflowing memcpy()\n\nIn preparation for FORTIFY_SOURCE performing compile-time and run-time\nfield bounds checking for memcpy(), memmove(), and memset(), avoid\nintentionally writing across neighboring fields.\n\nUse flexible arrays instead of zero-element arrays (which look like they\nare always overflowing) and split the cross-field memcpy() into two halves\nthat can be appropriately bounds-checked by the compiler.\n\nWe were doing:\n\n\t#define ETH_HLEN 14\n\t#define VLAN_HLEN 4\n\t...\n\t#define MLX5E_XDP_MIN_INLINE (ETH_HLEN + VLAN_HLEN)\n\t...\n struct mlx5e_tx_wqe *wqe = mlx5_wq_cyc_get_wqe(wq, pi);\n\t...\n struct mlx5_wqe_eth_seg *eseg = &wqe->eth;\n struct mlx5_wqe_data_seg *dseg = wqe->data;\n\t...\n\tmemcpy(eseg->inline_hdr.start, xdptxd->data, MLX5E_XDP_MIN_INLINE);\n\ntarget is wqe->eth.inline_hdr.start (which the compiler sees as being\n2 bytes in size), but copying 18, intending to write across start\n(really vlan_tci, 2 bytes). The remaining 16 bytes get written into\nwqe->data[0], covering byte_count (4 bytes), lkey (4 bytes), and addr\n(8 bytes).\n\nstruct mlx5e_tx_wqe {\n struct mlx5_wqe_ctrl_seg ctrl; /* 0 16 */\n struct mlx5_wqe_eth_seg eth; /* 16 16 */\n struct mlx5_wqe_data_seg data[]; /* 32 0 */\n\n /* size: 32, cachelines: 1, members: 3 */\n /* last cacheline: 32 bytes */\n};\n\nstruct mlx5_wqe_eth_seg {\n u8 swp_outer_l4_offset; /* 0 1 */\n u8 swp_outer_l3_offset; /* 1 1 */\n u8 swp_inner_l4_offset; /* 2 1 */\n u8 swp_inner_l3_offset; /* 3 1 */\n u8 cs_flags; /* 4 1 */\n u8 swp_flags; /* 5 1 */\n __be16 mss; /* 6 2 */\n __be32 flow_table_metadata; /* 8 4 */\n union {\n struct {\n __be16 sz; /* 12 2 */\n u8 start[2]; /* 14 2 */\n } inline_hdr; /* 12 4 */\n struct {\n __be16 type; /* 12 2 */\n __be16 vlan_tci; /* 14 2 */\n } insert; /* 12 4 */\n __be32 trailer; /* 12 4 */\n }; /* 12 4 */\n\n /* size: 16, cachelines: 1, members: 9 */\n /* last cacheline: 16 bytes */\n};\n\nstruct mlx5_wqe_data_seg {\n __be32 byte_count; /* 0 4 */\n __be32 lkey; /* 4 4 */\n __be64 addr; /* 8 8 */\n\n /* size: 16, cachelines: 1, members: 3 */\n /* last cacheline: 16 bytes */\n};\n\nSo, split the memcpy() so the compiler can reason about the buffer\nsizes.\n\n\"pahole\" shows no size nor member offset changes to struct mlx5e_tx_wqe\nnor struct mlx5e_umr_wqe. \"objdump -d\" shows no meaningful object\ncode changes (i.e. only source line number induced differences and\noptimizations).(CVE-2022-48744)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nscsi: bnx2fc: Flush destroy_work queue before calling bnx2fc_interface_put()\n\nThe bnx2fc_destroy() functions are removing the interface before calling\ndestroy_work. This results multiple WARNings from sysfs_remove_group() as\nthe controller rport device attributes are removed too early.\n\nReplace the fcoe_port's destroy_work queue. It's not needed.\n\nThe problem is easily reproducible with the following steps.\n\nExample:\n\n $ dmesg -w &\n $ systemctl enable --now fcoe\n $ fipvlan -s -c ens2f1\n $ fcoeadm -d ens2f1.802\n [ 583.464488] host2: libfc: Link down on port (7500a1)\n [ 583.472651] bnx2fc: 7500a1 - rport not created Yet!!\n [ 583.490468] ------------[ cut here ]------------\n [ 583.538725] sysfs group 'power' not found for kobject 'rport-2:0-0'\n [ 583.568814] WARNING: CPU: 3 PID: 192 at fs/sysfs/group.c:279 sysfs_remove_group+0x6f/0x80\n [ 583.607130] Modules linked in: dm_service_time 8021q garp mrp stp llc bnx2fc cnic uio rpcsec_gss_krb5 auth_rpcgss nfsv4 ...\n [ 583.942994] CPU: 3 PID: 192 Comm: kworker/3:2 Kdump: loaded Not tainted 5.14.0-39.el9.x86_64 #1\n [ 583.984105] Hardware name: HP ProLiant DL120 G7, BIOS J01 07/01/2013\n [ 584.016535] Workqueue: fc_wq_2 fc_rport_final_delete [scsi_transport_fc]\n [ 584.050691] RIP: 0010:sysfs_remove_group+0x6f/0x80\n [ 584.074725] Code: ff 5b 48 89 ef 5d 41 5c e9 ee c0 ff ff 48 89 ef e8 f6 b8 ff ff eb d1 49 8b 14 24 48 8b 33 48 c7 c7 ...\n [ 584.162586] RSP: 0018:ffffb567c15afdc0 EFLAGS: 00010282\n [ 584.188225] RAX: 0000000000000000 RBX: ffffffff8eec4220 RCX: 0000000000000000\n [ 584.221053] RDX: ffff8c1586ce84c0 RSI: ffff8c1586cd7cc0 RDI: ffff8c1586cd7cc0\n [ 584.255089] RBP: 0000000000000000 R08: 0000000000000000 R09: ffffb567c15afc00\n [ 584.287954] R10: ffffb567c15afbf8 R11: ffffffff8fbe7f28 R12: ffff8c1486326400\n [ 584.322356] R13: ffff8c1486326480 R14: ffff8c1483a4a000 R15: 0000000000000004\n [ 584.355379] FS: 0000000000000000(0000) GS:ffff8c1586cc0000(0000) knlGS:0000000000000000\n [ 584.394419] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n [ 584.421123] CR2: 00007fe95a6f7840 CR3: 0000000107674002 CR4: 00000000000606e0\n [ 584.454888] Call Trace:\n [ 584.466108] device_del+0xb2/0x3e0\n [ 584.481701] device_unregister+0x13/0x60\n [ 584.501306] bsg_unregister_queue+0x5b/0x80\n [ 584.522029] bsg_remove_queue+0x1c/0x40\n [ 584.541884] fc_rport_final_delete+0xf3/0x1d0 [scsi_transport_fc]\n [ 584.573823] process_one_work+0x1e3/0x3b0\n [ 584.592396] worker_thread+0x50/0x3b0\n [ 584.609256] ? rescuer_thread+0x370/0x370\n [ 584.628877] kthread+0x149/0x170\n [ 584.643673] ? set_kthread_struct+0x40/0x40\n [ 584.662909] ret_from_fork+0x22/0x30\n [ 584.680002] ---[ end trace 53575ecefa942ece ]---(CVE-2022-48758)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nmedia: lgdt3306a: Add a check against null-pointer-def\n\nThe driver should check whether the client provides the platform_data.\n\nThe following log reveals it:\n\n[ 29.610324] BUG: KASAN: null-ptr-deref in kmemdup+0x30/0x40\n[ 29.610730] Read of size 40 at addr 0000000000000000 by task bash/414\n[ 29.612820] Call Trace:\n[ 29.613030] <TASK>\n[ 29.613201] dump_stack_lvl+0x56/0x6f\n[ 29.613496] ? kmemdup+0x30/0x40\n[ 29.613754] print_report.cold+0x494/0x6b7\n[ 29.614082] ? kmemdup+0x30/0x40\n[ 29.614340] kasan_report+0x8a/0x190\n[ 29.614628] ? kmemdup+0x30/0x40\n[ 29.614888] kasan_check_range+0x14d/0x1d0\n[ 29.615213] memcpy+0x20/0x60\n[ 29.615454] kmemdup+0x30/0x40\n[ 29.615700] lgdt3306a_probe+0x52/0x310\n[ 29.616339] i2c_device_probe+0x951/0xa90(CVE-2022-48772)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nmmc: sdio: fix possible resource leaks in some error paths\n\nIf sdio_add_func() or sdio_init_func() fails, sdio_remove_func() can\nnot release the resources, because the sdio function is not presented\nin these two cases, it won't call of_node_put() or put_device().\n\nTo fix these leaks, make sdio_func_present() only control whether\ndevice_del() needs to be called or not, then always call of_node_put()\nand put_device().\n\nIn error case in sdio_init_func(), the reference of 'card->dev' is\nnot get, to avoid redundant put in sdio_free_func_cis(), move the\nget_device() to sdio_alloc_func() and put_device() to sdio_release_func(),\nit can keep the get/put function be balanced.\n\nWithout this patch, while doing fault inject test, it can get the\nfollowing leak reports, after this fix, the leak is gone.\n\nunreferenced object 0xffff888112514000 (size 2048):\n comm \"kworker/3:2\", pid 65, jiffies 4294741614 (age 124.774s)\n hex dump (first 32 bytes):\n 00 e0 6f 12 81 88 ff ff 60 58 8d 06 81 88 ff ff ..o.....`X......\n 10 40 51 12 81 88 ff ff 10 40 51 12 81 88 ff ff .@Q......@Q.....\n backtrace:\n [<000000009e5931da>] kmalloc_trace+0x21/0x110\n [<000000002f839ccb>] mmc_alloc_card+0x38/0xb0 [mmc_core]\n [<0000000004adcbf6>] mmc_sdio_init_card+0xde/0x170 [mmc_core]\n [<000000007538fea0>] mmc_attach_sdio+0xcb/0x1b0 [mmc_core]\n [<00000000d4fdeba7>] mmc_rescan+0x54a/0x640 [mmc_core]\n\nunreferenced object 0xffff888112511000 (size 2048):\n comm \"kworker/3:2\", pid 65, jiffies 4294741623 (age 124.766s)\n hex dump (first 32 bytes):\n 00 40 51 12 81 88 ff ff e0 58 8d 06 81 88 ff ff .@Q......X......\n 10 10 51 12 81 88 ff ff 10 10 51 12 81 88 ff ff ..Q.......Q.....\n backtrace:\n [<000000009e5931da>] kmalloc_trace+0x21/0x110\n [<00000000fcbe706c>] sdio_alloc_func+0x35/0x100 [mmc_core]\n [<00000000c68f4b50>] mmc_attach_sdio.cold.18+0xb1/0x395 [mmc_core]\n [<00000000d4fdeba7>] mmc_rescan+0x54a/0x640 [mmc_core](CVE-2023-52730)\n\nIn the Linux kernel through 6.7.1, there is a use-after-free in cec_queue_msg_fh, related to drivers/media/cec/core/cec-adap.c and drivers/media/cec/core/cec-api.c.(CVE-2024-23848)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ngenirq/cpuhotplug, x86/vector: Prevent vector leak during CPU offline\n\nThe absence of IRQD_MOVE_PCNTXT prevents immediate effectiveness of\ninterrupt affinity reconfiguration via procfs. Instead, the change is\ndeferred until the next instance of the interrupt being triggered on the\noriginal CPU.\n\nWhen the interrupt next triggers on the original CPU, the new affinity is\nenforced within __irq_move_irq(). A vector is allocated from the new CPU,\nbut the old vector on the original CPU remains and is not immediately\nreclaimed. Instead, apicd->move_in_progress is flagged, and the reclaiming\nprocess is delayed until the next trigger of the interrupt on the new CPU.\n\nUpon the subsequent triggering of the interrupt on the new CPU,\nirq_complete_move() adds a task to the old CPU's vector_cleanup list if it\nremains online. Subsequently, the timer on the old CPU iterates over its\nvector_cleanup list, reclaiming old vectors.\n\nHowever, a rare scenario arises if the old CPU is outgoing before the\ninterrupt triggers again on the new CPU.\n\nIn that case irq_force_complete_move() is not invoked on the outgoing CPU\nto reclaim the old apicd->prev_vector because the interrupt isn't currently\naffine to the outgoing CPU, and irq_needs_fixup() returns false. Even\nthough __vector_schedule_cleanup() is later called on the new CPU, it\ndoesn't reclaim apicd->prev_vector; instead, it simply resets both\napicd->move_in_progress and apicd->prev_vector to 0.\n\nAs a result, the vector remains unreclaimed in vector_matrix, leading to a\nCPU vector leak.\n\nTo address this issue, move the invocation of irq_force_complete_move()\nbefore the irq_needs_fixup() call to reclaim apicd->prev_vector, if the\ninterrupt is currently or used to be affine to the outgoing CPU.\n\nAdditionally, reclaim the vector in __vector_schedule_cleanup() as well,\nfollowing a warning message, although theoretically it should never see\napicd->move_in_progress with apicd->prev_cpu pointing to an offline CPU.(CVE-2024-31076)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: act_skbmod: prevent kernel-infoleak\n\nsyzbot found that tcf_skbmod_dump() was copying four bytes\nfrom kernel stack to user space [1].\n\nThe issue here is that 'struct tc_skbmod' has a four bytes hole.\n\nWe need to clear the structure before filling fields.\n\n[1]\nBUG: KMSAN: kernel-infoleak in instrument_copy_to_user include/linux/instrumented.h:114 [inline]\n BUG: KMSAN: kernel-infoleak in copy_to_user_iter lib/iov_iter.c:24 [inline]\n BUG: KMSAN: kernel-infoleak in iterate_ubuf include/linux/iov_iter.h:29 [inline]\n BUG: KMSAN: kernel-infoleak in iterate_and_advance2 include/linux/iov_iter.h:245 [inline]\n BUG: KMSAN: kernel-infoleak in iterate_and_advance include/linux/iov_iter.h:271 [inline]\n BUG: KMSAN: kernel-infoleak in _copy_to_iter+0x366/0x2520 lib/iov_iter.c:185\n instrument_copy_to_user include/linux/instrumented.h:114 [inline]\n copy_to_user_iter lib/iov_iter.c:24 [inline]\n iterate_ubuf include/linux/iov_iter.h:29 [inline]\n iterate_and_advance2 include/linux/iov_iter.h:245 [inline]\n iterate_and_advance include/linux/iov_iter.h:271 [inline]\n _copy_to_iter+0x366/0x2520 lib/iov_iter.c:185\n copy_to_iter include/linux/uio.h:196 [inline]\n simple_copy_to_iter net/core/datagram.c:532 [inline]\n __skb_datagram_iter+0x185/0x1000 net/core/datagram.c:420\n skb_copy_datagram_iter+0x5c/0x200 net/core/datagram.c:546\n skb_copy_datagram_msg include/linux/skbuff.h:4050 [inline]\n netlink_recvmsg+0x432/0x1610 net/netlink/af_netlink.c:1962\n sock_recvmsg_nosec net/socket.c:1046 [inline]\n sock_recvmsg+0x2c4/0x340 net/socket.c:1068\n __sys_recvfrom+0x35a/0x5f0 net/socket.c:2242\n __do_sys_recvfrom net/socket.c:2260 [inline]\n __se_sys_recvfrom net/socket.c:2256 [inline]\n __x64_sys_recvfrom+0x126/0x1d0 net/socket.c:2256\n do_syscall_64+0xd5/0x1f0\n entry_SYSCALL_64_after_hwframe+0x6d/0x75\n\nUninit was stored to memory at:\n pskb_expand_head+0x30f/0x19d0 net/core/skbuff.c:2253\n netlink_trim+0x2c2/0x330 net/netlink/af_netlink.c:1317\n netlink_unicast+0x9f/0x1260 net/netlink/af_netlink.c:1351\n nlmsg_unicast include/net/netlink.h:1144 [inline]\n nlmsg_notify+0x21d/0x2f0 net/netlink/af_netlink.c:2610\n rtnetlink_send+0x73/0x90 net/core/rtnetlink.c:741\n rtnetlink_maybe_send include/linux/rtnetlink.h:17 [inline]\n tcf_add_notify net/sched/act_api.c:2048 [inline]\n tcf_action_add net/sched/act_api.c:2071 [inline]\n tc_ctl_action+0x146e/0x19d0 net/sched/act_api.c:2119\n rtnetlink_rcv_msg+0x1737/0x1900 net/core/rtnetlink.c:6595\n netlink_rcv_skb+0x375/0x650 net/netlink/af_netlink.c:2559\n rtnetlink_rcv+0x34/0x40 net/core/rtnetlink.c:6613\n netlink_unicast_kernel net/netlink/af_netlink.c:1335 [inline]\n netlink_unicast+0xf4c/0x1260 net/netlink/af_netlink.c:1361\n netlink_sendmsg+0x10df/0x11f0 net/netlink/af_netlink.c:1905\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg+0x30f/0x380 net/socket.c:745\n ____sys_sendmsg+0x877/0xb60 net/socket.c:2584\n ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2638\n __sys_sendmsg net/socket.c:2667 [inline]\n __do_sys_sendmsg net/socket.c:2676 [inline]\n __se_sys_sendmsg net/socket.c:2674 [inline]\n __x64_sys_sendmsg+0x307/0x4a0 net/socket.c:2674\n do_syscall_64+0xd5/0x1f0\n entry_SYSCALL_64_after_hwframe+0x6d/0x75\n\nUninit was stored to memory at:\n __nla_put lib/nlattr.c:1041 [inline]\n nla_put+0x1c6/0x230 lib/nlattr.c:1099\n tcf_skbmod_dump+0x23f/0xc20 net/sched/act_skbmod.c:256\n tcf_action_dump_old net/sched/act_api.c:1191 [inline]\n tcf_action_dump_1+0x85e/0x970 net/sched/act_api.c:1227\n tcf_action_dump+0x1fd/0x460 net/sched/act_api.c:1251\n tca_get_fill+0x519/0x7a0 net/sched/act_api.c:1628\n tcf_add_notify_msg net/sched/act_api.c:2023 [inline]\n tcf_add_notify net/sched/act_api.c:2042 [inline]\n tcf_action_add net/sched/act_api.c:2071 [inline]\n tc_ctl_action+0x1365/0x19d0 net/sched/act_api.c:2119\n rtnetlink_rcv_msg+0x1737/0x1900 net/core/rtnetlink.c:6595\n netlink_rcv_skb+0x375/0x650 net/netlink/af_netli\n---truncated---(CVE-2024-35893)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nnfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet\n\nsyzbot reported the following uninit-value access issue [1][2]:\n\nnci_rx_work() parses and processes received packet. When the payload\nlength is zero, each message type handler reads uninitialized payload\nand KMSAN detects this issue. The receipt of a packet with a zero-size\npayload is considered unexpected, and therefore, such packets should be\nsilently discarded.\n\nThis patch resolved this issue by checking payload size before calling\neach message type handler codes.(CVE-2024-35915)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ndrm/arm/malidp: fix a possible null pointer dereference\n\nIn malidp_mw_connector_reset, new memory is allocated with kzalloc, but\nno check is performed. In order to prevent null pointer dereferencing,\nensure that mw_state is checked before calling\n__drm_atomic_helper_connector_reset.(CVE-2024-36014)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\namd/amdkfd: sync all devices to wait all processes being evicted\n\nIf there are more than one device doing reset in parallel, the first\ndevice will call kfd_suspend_all_processes() to evict all processes\non all devices, this call takes time to finish. other device will\nstart reset and recover without waiting. if the process has not been\nevicted before doing recover, it will be restored, then caused page\nfault.(CVE-2024-36949)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ntcp: Fix shift-out-of-bounds in dctcp_update_alpha().\n\nIn dctcp_update_alpha(), we use a module parameter dctcp_shift_g\nas follows:\n\n alpha -= min_not_zero(alpha, alpha >> dctcp_shift_g);\n ...\n delivered_ce <<= (10 - dctcp_shift_g);\n\nIt seems syzkaller started fuzzing module parameters and triggered\nshift-out-of-bounds [0] by setting 100 to dctcp_shift_g:\n\n memcpy((void*)0x20000080,\n \"/sys/module/tcp_dctcp/parameters/dctcp_shift_g\\000\", 47);\n res = syscall(__NR_openat, /*fd=*/0xffffffffffffff9cul, /*file=*/0x20000080ul,\n /*flags=*/2ul, /*mode=*/0ul);\n memcpy((void*)0x20000000, \"100\\000\", 4);\n syscall(__NR_write, /*fd=*/r[0], /*val=*/0x20000000ul, /*len=*/4ul);\n\nLet's limit the max value of dctcp_shift_g by param_set_uint_minmax().\n\nWith this patch:\n\n # echo 10 > /sys/module/tcp_dctcp/parameters/dctcp_shift_g\n # cat /sys/module/tcp_dctcp/parameters/dctcp_shift_g\n 10\n # echo 11 > /sys/module/tcp_dctcp/parameters/dctcp_shift_g\n -bash: echo: write error: Invalid argument\n\n[0]:\nUBSAN: shift-out-of-bounds in net/ipv4/tcp_dctcp.c:143:12\nshift exponent 100 is too large for 32-bit type 'u32' (aka 'unsigned int')\nCPU: 0 PID: 8083 Comm: syz-executor345 Not tainted 6.9.0-05151-g1b294a1f3561 #2\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS\n1.13.0-1ubuntu1.1 04/01/2014\nCall Trace:\n <TASK>\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x201/0x300 lib/dump_stack.c:114\n ubsan_epilogue lib/ubsan.c:231 [inline]\n __ubsan_handle_shift_out_of_bounds+0x346/0x3a0 lib/ubsan.c:468\n dctcp_update_alpha+0x540/0x570 net/ipv4/tcp_dctcp.c:143\n tcp_in_ack_event net/ipv4/tcp_input.c:3802 [inline]\n tcp_ack+0x17b1/0x3bc0 net/ipv4/tcp_input.c:3948\n tcp_rcv_state_process+0x57a/0x2290 net/ipv4/tcp_input.c:6711\n tcp_v4_do_rcv+0x764/0xc40 net/ipv4/tcp_ipv4.c:1937\n sk_backlog_rcv include/net/sock.h:1106 [inline]\n __release_sock+0x20f/0x350 net/core/sock.c:2983\n release_sock+0x61/0x1f0 net/core/sock.c:3549\n mptcp_subflow_shutdown+0x3d0/0x620 net/mptcp/protocol.c:2907\n mptcp_check_send_data_fin+0x225/0x410 net/mptcp/protocol.c:2976\n __mptcp_close+0x238/0xad0 net/mptcp/protocol.c:3072\n mptcp_close+0x2a/0x1a0 net/mptcp/protocol.c:3127\n inet_release+0x190/0x1f0 net/ipv4/af_inet.c:437\n __sock_release net/socket.c:659 [inline]\n sock_close+0xc0/0x240 net/socket.c:1421\n __fput+0x41b/0x890 fs/file_table.c:422\n task_work_run+0x23b/0x300 kernel/task_work.c:180\n exit_task_work include/linux/task_work.h:38 [inline]\n do_exit+0x9c8/0x2540 kernel/exit.c:878\n do_group_exit+0x201/0x2b0 kernel/exit.c:1027\n __do_sys_exit_group kernel/exit.c:1038 [inline]\n __se_sys_exit_group kernel/exit.c:1036 [inline]\n __x64_sys_exit_group+0x3f/0x40 kernel/exit.c:1036\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xe4/0x240 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x67/0x6f\nRIP: 0033:0x7f6c2b5005b6\nCode: Unable to access opcode bytes at 0x7f6c2b50058c.\nRSP: 002b:00007ffe883eb948 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7\nRAX: ffffffffffffffda RBX: 00007f6c2b5862f0 RCX: 00007f6c2b5005b6\nRDX: 0000000000000001 RSI: 000000000000003c RDI: 0000000000000001\nRBP: 0000000000000001 R08: 00000000000000e7 R09: ffffffffffffffc0\nR10: 0000000000000006 R11: 0000000000000246 R12: 00007f6c2b5862f0\nR13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000001\n </TASK>(CVE-2024-37356)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ndrm: vc4: Fix possible null pointer dereference\n\nIn vc4_hdmi_audio_init() of_get_address() may return\nNULL which is later dereferenced. Fix this bug by adding NULL check.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.(CVE-2024-38546)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nnet: fec: remove .ndo_poll_controller to avoid deadlocks\n\nThere is a deadlock issue found in sungem driver, please refer to the\ncommit ac0a230f719b (\"eth: sungem: remove .ndo_poll_controller to avoid\ndeadlocks\"). The root cause of the issue is that netpoll is in atomic\ncontext and disable_irq() is called by .ndo_poll_controller interface\nof sungem driver, however, disable_irq() might sleep. After analyzing\nthe implementation of fec_poll_controller(), the fec driver should have\nthe same issue. Due to the fec driver uses NAPI for TX completions, the\n.ndo_poll_controller is unnecessary to be implemented in the fec driver,\nso fec_poll_controller() can be safely removed.(CVE-2024-38553)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nax25: Fix reference count leak issue of net_device\n\nThere is a reference count leak issue of the object \"net_device\" in\nax25_dev_device_down(). When the ax25 device is shutting down, the\nax25_dev_device_down() drops the reference count of net_device one\nor zero times depending on if we goto unlock_put or not, which will\ncause memory leak.\n\nIn order to solve the above issue, decrease the reference count of\nnet_device after dev->ax25_ptr is set to null.(CVE-2024-38554)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qedf: Ensure the copied buf is NUL terminated\n\nCurrently, we allocate a count-sized kernel buffer and copy count from\nuserspace to that buffer. Later, we use kstrtouint on this buffer but we\ndon't ensure that the string is terminated inside the buffer, this can\nlead to OOB read when using kstrtouint. Fix this issue by using\nmemdup_user_nul instead of memdup_user.(CVE-2024-38559)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\necryptfs: Fix buffer size for tag 66 packet\n\nThe 'TAG 66 Packet Format' description is missing the cipher code and\nchecksum fields that are packed into the message packet. As a result,\nthe buffer allocated for the packet is 3 bytes too small and\nwrite_tag_66_packet() will write up to 3 bytes past the end of the\nbuffer.\n\nFix this by increasing the size of the allocation so the whole packet\nwill always fit in the buffer.\n\nThis fixes the below kasan slab-out-of-bounds bug:\n\n BUG: KASAN: slab-out-of-bounds in ecryptfs_generate_key_packet_set+0x7d6/0xde0\n Write of size 1 at addr ffff88800afbb2a5 by task touch/181\n\n CPU: 0 PID: 181 Comm: touch Not tainted 6.6.13-gnu #1 4c9534092be820851bb687b82d1f92a426598dc6\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.2/GNU Guix 04/01/2014\n Call Trace:\n <TASK>\n dump_stack_lvl+0x4c/0x70\n print_report+0xc5/0x610\n ? ecryptfs_generate_key_packet_set+0x7d6/0xde0\n ? kasan_complete_mode_report_info+0x44/0x210\n ? ecryptfs_generate_key_packet_set+0x7d6/0xde0\n kasan_report+0xc2/0x110\n ? ecryptfs_generate_key_packet_set+0x7d6/0xde0\n __asan_store1+0x62/0x80\n ecryptfs_generate_key_packet_set+0x7d6/0xde0\n ? __pfx_ecryptfs_generate_key_packet_set+0x10/0x10\n ? __alloc_pages+0x2e2/0x540\n ? __pfx_ovl_open+0x10/0x10 [overlay 30837f11141636a8e1793533a02e6e2e885dad1d]\n ? dentry_open+0x8f/0xd0\n ecryptfs_write_metadata+0x30a/0x550\n ? __pfx_ecryptfs_write_metadata+0x10/0x10\n ? ecryptfs_get_lower_file+0x6b/0x190\n ecryptfs_initialize_file+0x77/0x150\n ecryptfs_create+0x1c2/0x2f0\n path_openat+0x17cf/0x1ba0\n ? __pfx_path_openat+0x10/0x10\n do_filp_open+0x15e/0x290\n ? __pfx_do_filp_open+0x10/0x10\n ? __kasan_check_write+0x18/0x30\n ? _raw_spin_lock+0x86/0xf0\n ? __pfx__raw_spin_lock+0x10/0x10\n ? __kasan_check_write+0x18/0x30\n ? alloc_fd+0xf4/0x330\n do_sys_openat2+0x122/0x160\n ? __pfx_do_sys_openat2+0x10/0x10\n __x64_sys_openat+0xef/0x170\n ? __pfx___x64_sys_openat+0x10/0x10\n do_syscall_64+0x60/0xd0\n entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n RIP: 0033:0x7f00a703fd67\n Code: 25 00 00 41 00 3d 00 00 41 00 74 37 64 8b 04 25 18 00 00 00 85 c0 75 5b 44 89 e2 48 89 ee bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 85 00 00 00 48 83 c4 68 5d 41 5c c3 0f 1f\n RSP: 002b:00007ffc088e30b0 EFLAGS: 00000246 ORIG_RAX: 0000000000000101\n RAX: ffffffffffffffda RBX: 00007ffc088e3368 RCX: 00007f00a703fd67\n RDX: 0000000000000941 RSI: 00007ffc088e48d7 RDI: 00000000ffffff9c\n RBP: 00007ffc088e48d7 R08: 0000000000000001 R09: 0000000000000000\n R10: 00000000000001b6 R11: 0000000000000246 R12: 0000000000000941\n R13: 0000000000000000 R14: 00007ffc088e48d7 R15: 00007f00a7180040\n </TASK>\n\n Allocated by task 181:\n kasan_save_stack+0x2f/0x60\n kasan_set_track+0x29/0x40\n kasan_save_alloc_info+0x25/0x40\n __kasan_kmalloc+0xc5/0xd0\n __kmalloc+0x66/0x160\n ecryptfs_generate_key_packet_set+0x6d2/0xde0\n ecryptfs_write_metadata+0x30a/0x550\n ecryptfs_initialize_file+0x77/0x150\n ecryptfs_create+0x1c2/0x2f0\n path_openat+0x17cf/0x1ba0\n do_filp_open+0x15e/0x290\n do_sys_openat2+0x122/0x160\n __x64_sys_openat+0xef/0x170\n do_syscall_64+0x60/0xd0\n entry_SYSCALL_64_after_hwframe+0x6e/0xd8(CVE-2024-38578)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: bcm - Fix pointer arithmetic\n\nIn spu2_dump_omd() value of ptr is increased by ciph_key_len\ninstead of hash_iv_len which could lead to going beyond the\nbuffer boundaries.\nFix this bug by changing ciph_key_len to hash_iv_len.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.(CVE-2024-38579)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix potential hang in nilfs_detach_log_writer()\n\nSyzbot has reported a potential hang in nilfs_detach_log_writer() called\nduring nilfs2 unmount.\n\nAnalysis revealed that this is because nilfs_segctor_sync(), which\nsynchronizes with the log writer thread, can be called after\nnilfs_segctor_destroy() terminates that thread, as shown in the call trace\nbelow:\n\nnilfs_detach_log_writer\n nilfs_segctor_destroy\n nilfs_segctor_kill_thread --> Shut down log writer thread\n flush_work\n nilfs_iput_work_func\n nilfs_dispose_list\n iput\n nilfs_evict_inode\n nilfs_transaction_commit\n nilfs_construct_segment (if inode needs sync)\n nilfs_segctor_sync --> Attempt to synchronize with\n log writer thread\n *** DEADLOCK ***\n\nFix this issue by changing nilfs_segctor_sync() so that the log writer\nthread returns normally without synchronizing after it terminates, and by\nforcing tasks that are already waiting to complete once after the thread\nterminates.\n\nThe skipped inode metadata flushout will then be processed together in the\nsubsequent cleanup work in nilfs_segctor_destroy().(CVE-2024-38582)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix use-after-free of timer for log writer thread\n\nPatch series \"nilfs2: fix log writer related issues\".\n\nThis bug fix series covers three nilfs2 log writer-related issues,\nincluding a timer use-after-free issue and potential deadlock issue on\nunmount, and a potential freeze issue in event synchronization found\nduring their analysis. Details are described in each commit log.\n\n\nThis patch (of 3):\n\nA use-after-free issue has been reported regarding the timer sc_timer on\nthe nilfs_sc_info structure.\n\nThe problem is that even though it is used to wake up a sleeping log\nwriter thread, sc_timer is not shut down until the nilfs_sc_info structure\nis about to be freed, and is used regardless of the thread's lifetime.\n\nFix this issue by limiting the use of sc_timer only while the log writer\nthread is alive.(CVE-2024-38583)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nALSA: timer: Set lower bound of start tick time\n\nCurrently ALSA timer doesn't have the lower limit of the start tick\ntime, and it allows a very small size, e.g. 1 tick with 1ns resolution\nfor hrtimer. Such a situation may lead to an unexpected RCU stall,\nwhere the callback repeatedly queuing the expire update, as reported\nby fuzzer.\n\nThis patch introduces a sanity check of the timer start tick time, so\nthat the system returns an error when a too small start size is set.\nAs of this patch, the lower limit is hard-coded to 100us, which is\nsmall enough but can still work somehow.(CVE-2024-38618)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nserial: max3100: Update uart_driver_registered on driver removal\n\nThe removal of the last MAX3100 device triggers the removal of\nthe driver. However, code doesn't update the respective global\nvariable and after insmod — rmmod — insmod cycle the kernel\noopses:\n\n max3100 spi-PRP0001:01: max3100_probe: adding port 0\n BUG: kernel NULL pointer dereference, address: 0000000000000408\n ...\n RIP: 0010:serial_core_register_port+0xa0/0x840\n ...\n max3100_probe+0x1b6/0x280 [max3100]\n spi_probe+0x8d/0xb0\n\nUpdate the actual state so next time UART driver will be registered\nagain.\n\nHugo also noticed, that the error path in the probe also affected\nby having the variable set, and not cleared. Instead of clearing it\nmove the assignment after the successfull uart_register_driver() call.(CVE-2024-38633)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nserial: max3100: Lock port->lock when calling uart_handle_cts_change()\n\nuart_handle_cts_change() has to be called with port lock taken,\nSince we run it in a separate work, the lock may not be taken at\nthe time of running. Make sure that it's taken by explicitly doing\nthat. Without it we got a splat:\n\n WARNING: CPU: 0 PID: 10 at drivers/tty/serial/serial_core.c:3491 uart_handle_cts_change+0xa6/0xb0\n ...\n Workqueue: max3100-0 max3100_work [max3100]\n RIP: 0010:uart_handle_cts_change+0xa6/0xb0\n ...\n max3100_handlerx+0xc5/0x110 [max3100]\n max3100_work+0x12a/0x340 [max3100](CVE-2024-38634)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ngreybus: lights: check return of get_channel_from_mode\n\nIf channel for the given node is not found we return null from\nget_channel_from_mode. Make sure we validate the return pointer\nbefore using it in two of the missing places.\n\nThis was originally reported in [0]:\nFound by Linux Verification Center (linuxtesting.org) with SVACE.\n\n[0] https://lore.kernel.org/all/20240301190425.120605-1-m.lobanov@rosalinux.ru(CVE-2024-38637)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nenic: Validate length of nl attributes in enic_set_vf_port\n\nenic_set_vf_port assumes that the nl attribute IFLA_PORT_PROFILE\nis of length PORT_PROFILE_MAX and that the nl attributes\nIFLA_PORT_INSTANCE_UUID, IFLA_PORT_HOST_UUID are of length PORT_UUID_MAX.\nThese attributes are validated (in the function do_setlink in rtnetlink.c)\nusing the nla_policy ifla_port_policy. The policy defines IFLA_PORT_PROFILE\nas NLA_STRING, IFLA_PORT_INSTANCE_UUID as NLA_BINARY and\nIFLA_PORT_HOST_UUID as NLA_STRING. That means that the length validation\nusing the policy is for the max size of the attributes and not on exact\nsize so the length of these attributes might be less than the sizes that\nenic_set_vf_port expects. This might cause an out of bands\nread access in the memcpys of the data of these\nattributes in enic_set_vf_port.(CVE-2024-38659)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ndma-buf/sw-sync: don't enable IRQ from sync_print_obj()\n\nSince commit a6aa8fca4d79 (\"dma-buf/sw-sync: Reduce irqsave/irqrestore from\nknown context\") by error replaced spin_unlock_irqrestore() with\nspin_unlock_irq() for both sync_debugfs_show() and sync_print_obj() despite\nsync_print_obj() is called from sync_debugfs_show(), lockdep complains\ninconsistent lock state warning.\n\nUse plain spin_{lock,unlock}() for sync_print_obj(), for\nsync_debugfs_show() is already using spin_{lock,unlock}_irq().(CVE-2024-38780)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nnet/9p: fix uninit-value in p9_client_rpc()\n\nSyzbot with the help of KMSAN reported the following error:\n\nBUG: KMSAN: uninit-value in trace_9p_client_res include/trace/events/9p.h:146 [inline]\nBUG: KMSAN: uninit-value in p9_client_rpc+0x1314/0x1340 net/9p/client.c:754\n trace_9p_client_res include/trace/events/9p.h:146 [inline]\n p9_client_rpc+0x1314/0x1340 net/9p/client.c:754\n p9_client_create+0x1551/0x1ff0 net/9p/client.c:1031\n v9fs_session_init+0x1b9/0x28e0 fs/9p/v9fs.c:410\n v9fs_mount+0xe2/0x12b0 fs/9p/vfs_super.c:122\n legacy_get_tree+0x114/0x290 fs/fs_context.c:662\n vfs_get_tree+0xa7/0x570 fs/super.c:1797\n do_new_mount+0x71f/0x15e0 fs/namespace.c:3352\n path_mount+0x742/0x1f20 fs/namespace.c:3679\n do_mount fs/namespace.c:3692 [inline]\n __do_sys_mount fs/namespace.c:3898 [inline]\n __se_sys_mount+0x725/0x810 fs/namespace.c:3875\n __x64_sys_mount+0xe4/0x150 fs/namespace.c:3875\n do_syscall_64+0xd5/0x1f0\n entry_SYSCALL_64_after_hwframe+0x6d/0x75\n\nUninit was created at:\n __alloc_pages+0x9d6/0xe70 mm/page_alloc.c:4598\n __alloc_pages_node include/linux/gfp.h:238 [inline]\n alloc_pages_node include/linux/gfp.h:261 [inline]\n alloc_slab_page mm/slub.c:2175 [inline]\n allocate_slab mm/slub.c:2338 [inline]\n new_slab+0x2de/0x1400 mm/slub.c:2391\n ___slab_alloc+0x1184/0x33d0 mm/slub.c:3525\n __slab_alloc mm/slub.c:3610 [inline]\n __slab_alloc_node mm/slub.c:3663 [inline]\n slab_alloc_node mm/slub.c:3835 [inline]\n kmem_cache_alloc+0x6d3/0xbe0 mm/slub.c:3852\n p9_tag_alloc net/9p/client.c:278 [inline]\n p9_client_prepare_req+0x20a/0x1770 net/9p/client.c:641\n p9_client_rpc+0x27e/0x1340 net/9p/client.c:688\n p9_client_create+0x1551/0x1ff0 net/9p/client.c:1031\n v9fs_session_init+0x1b9/0x28e0 fs/9p/v9fs.c:410\n v9fs_mount+0xe2/0x12b0 fs/9p/vfs_super.c:122\n legacy_get_tree+0x114/0x290 fs/fs_context.c:662\n vfs_get_tree+0xa7/0x570 fs/super.c:1797\n do_new_mount+0x71f/0x15e0 fs/namespace.c:3352\n path_mount+0x742/0x1f20 fs/namespace.c:3679\n do_mount fs/namespace.c:3692 [inline]\n __do_sys_mount fs/namespace.c:3898 [inline]\n __se_sys_mount+0x725/0x810 fs/namespace.c:3875\n __x64_sys_mount+0xe4/0x150 fs/namespace.c:3875\n do_syscall_64+0xd5/0x1f0\n entry_SYSCALL_64_after_hwframe+0x6d/0x75\n\nIf p9_check_errors() fails early in p9_client_rpc(), req->rc.tag\nwill not be properly initialized. However, trace_9p_client_res()\nends up trying to print it out anyway before p9_client_rpc()\nfinishes.\n\nFix this issue by assigning default values to p9_fcall fields\nsuch as 'tag' and (just in case KMSAN unearths something new) 'id'\nduring the tag allocation stage.(CVE-2024-39301)",
|
|
"category":"general",
|
|
"title":"Description"
|
|
},
|
|
{
|
|
"text":"An update for kernel is now available for openEuler-20.03-LTS-SP4.\n\nopenEuler Security has rated this update as having a security impact of high. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.",
|
|
"category":"general",
|
|
"title":"Topic"
|
|
},
|
|
{
|
|
"text":"High",
|
|
"category":"general",
|
|
"title":"Severity"
|
|
},
|
|
{
|
|
"text":"kernel",
|
|
"category":"general",
|
|
"title":"Affected Component"
|
|
}
|
|
],
|
|
"publisher":{
|
|
"issuing_authority":"openEuler security committee",
|
|
"name":"openEuler",
|
|
"namespace":"https://www.openeuler.org",
|
|
"contact_details":"openeuler-security@openeuler.org",
|
|
"category":"vendor"
|
|
},
|
|
"references":[
|
|
{
|
|
"summary":"openEuler-SA-2024-1835",
|
|
"category":"self",
|
|
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1835"
|
|
},
|
|
{
|
|
"summary":"CVE-2021-47270",
|
|
"category":"self",
|
|
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2021-47270&packageName=kernel"
|
|
},
|
|
{
|
|
"summary":"CVE-2021-47515",
|
|
"category":"self",
|
|
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2021-47515&packageName=kernel"
|
|
},
|
|
{
|
|
"summary":"CVE-2021-47583",
|
|
"category":"self",
|
|
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2021-47583&packageName=kernel"
|
|
},
|
|
{
|
|
"summary":"CVE-2021-47611",
|
|
"category":"self",
|
|
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2021-47611&packageName=kernel"
|
|
},
|
|
{
|
|
"summary":"CVE-2021-47619",
|
|
"category":"self",
|
|
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2021-47619&packageName=kernel"
|
|
},
|
|
{
|
|
"summary":"CVE-2022-48717",
|
|
"category":"self",
|
|
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2022-48717&packageName=kernel"
|
|
},
|
|
{
|
|
"summary":"CVE-2022-48722",
|
|
"category":"self",
|
|
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2022-48722&packageName=kernel"
|
|
},
|
|
{
|
|
"summary":"CVE-2022-48736",
|
|
"category":"self",
|
|
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2022-48736&packageName=kernel"
|
|
},
|
|
{
|
|
"summary":"CVE-2022-48738",
|
|
"category":"self",
|
|
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2022-48738&packageName=kernel"
|
|
},
|
|
{
|
|
"summary":"CVE-2022-48743",
|
|
"category":"self",
|
|
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2022-48743&packageName=kernel"
|
|
},
|
|
{
|
|
"summary":"CVE-2022-48744",
|
|
"category":"self",
|
|
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2022-48744&packageName=kernel"
|
|
},
|
|
{
|
|
"summary":"CVE-2022-48758",
|
|
"category":"self",
|
|
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2022-48758&packageName=kernel"
|
|
},
|
|
{
|
|
"summary":"CVE-2022-48772",
|
|
"category":"self",
|
|
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2022-48772&packageName=kernel"
|
|
},
|
|
{
|
|
"summary":"CVE-2023-52730",
|
|
"category":"self",
|
|
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2023-52730&packageName=kernel"
|
|
},
|
|
{
|
|
"summary":"CVE-2024-23848",
|
|
"category":"self",
|
|
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-23848&packageName=kernel"
|
|
},
|
|
{
|
|
"summary":"CVE-2024-31076",
|
|
"category":"self",
|
|
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-31076&packageName=kernel"
|
|
},
|
|
{
|
|
"summary":"CVE-2024-35893",
|
|
"category":"self",
|
|
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-35893&packageName=kernel"
|
|
},
|
|
{
|
|
"summary":"CVE-2024-35915",
|
|
"category":"self",
|
|
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-35915&packageName=kernel"
|
|
},
|
|
{
|
|
"summary":"CVE-2024-36014",
|
|
"category":"self",
|
|
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-36014&packageName=kernel"
|
|
},
|
|
{
|
|
"summary":"CVE-2024-36949",
|
|
"category":"self",
|
|
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-36949&packageName=kernel"
|
|
},
|
|
{
|
|
"summary":"CVE-2024-37356",
|
|
"category":"self",
|
|
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-37356&packageName=kernel"
|
|
},
|
|
{
|
|
"summary":"CVE-2024-38546",
|
|
"category":"self",
|
|
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-38546&packageName=kernel"
|
|
},
|
|
{
|
|
"summary":"CVE-2024-38553",
|
|
"category":"self",
|
|
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-38553&packageName=kernel"
|
|
},
|
|
{
|
|
"summary":"CVE-2024-38554",
|
|
"category":"self",
|
|
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-38554&packageName=kernel"
|
|
},
|
|
{
|
|
"summary":"CVE-2024-38559",
|
|
"category":"self",
|
|
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-38559&packageName=kernel"
|
|
},
|
|
{
|
|
"summary":"CVE-2024-38578",
|
|
"category":"self",
|
|
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-38578&packageName=kernel"
|
|
},
|
|
{
|
|
"summary":"CVE-2024-38579",
|
|
"category":"self",
|
|
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-38579&packageName=kernel"
|
|
},
|
|
{
|
|
"summary":"CVE-2024-38582",
|
|
"category":"self",
|
|
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-38582&packageName=kernel"
|
|
},
|
|
{
|
|
"summary":"CVE-2024-38583",
|
|
"category":"self",
|
|
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-38583&packageName=kernel"
|
|
},
|
|
{
|
|
"summary":"CVE-2024-38618",
|
|
"category":"self",
|
|
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-38618&packageName=kernel"
|
|
},
|
|
{
|
|
"summary":"CVE-2024-38633",
|
|
"category":"self",
|
|
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-38633&packageName=kernel"
|
|
},
|
|
{
|
|
"summary":"CVE-2024-38634",
|
|
"category":"self",
|
|
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-38634&packageName=kernel"
|
|
},
|
|
{
|
|
"summary":"CVE-2024-38637",
|
|
"category":"self",
|
|
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-38637&packageName=kernel"
|
|
},
|
|
{
|
|
"summary":"CVE-2024-38659",
|
|
"category":"self",
|
|
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-38659&packageName=kernel"
|
|
},
|
|
{
|
|
"summary":"CVE-2024-38780",
|
|
"category":"self",
|
|
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-38780&packageName=kernel"
|
|
},
|
|
{
|
|
"summary":"CVE-2024-39301",
|
|
"category":"self",
|
|
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-39301&packageName=kernel"
|
|
},
|
|
{
|
|
"summary":"nvd cve",
|
|
"category":"external",
|
|
"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-47270"
|
|
},
|
|
{
|
|
"summary":"nvd cve",
|
|
"category":"external",
|
|
"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-47515"
|
|
},
|
|
{
|
|
"summary":"nvd cve",
|
|
"category":"external",
|
|
"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-47583"
|
|
},
|
|
{
|
|
"summary":"nvd cve",
|
|
"category":"external",
|
|
"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-47611"
|
|
},
|
|
{
|
|
"summary":"nvd cve",
|
|
"category":"external",
|
|
"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-47619"
|
|
},
|
|
{
|
|
"summary":"nvd cve",
|
|
"category":"external",
|
|
"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-48717"
|
|
},
|
|
{
|
|
"summary":"nvd cve",
|
|
"category":"external",
|
|
"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-48722"
|
|
},
|
|
{
|
|
"summary":"nvd cve",
|
|
"category":"external",
|
|
"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-48736"
|
|
},
|
|
{
|
|
"summary":"nvd cve",
|
|
"category":"external",
|
|
"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-48738"
|
|
},
|
|
{
|
|
"summary":"nvd cve",
|
|
"category":"external",
|
|
"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-48743"
|
|
},
|
|
{
|
|
"summary":"nvd cve",
|
|
"category":"external",
|
|
"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-48744"
|
|
},
|
|
{
|
|
"summary":"nvd cve",
|
|
"category":"external",
|
|
"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-48758"
|
|
},
|
|
{
|
|
"summary":"nvd cve",
|
|
"category":"external",
|
|
"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-48772"
|
|
},
|
|
{
|
|
"summary":"nvd cve",
|
|
"category":"external",
|
|
"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-52730"
|
|
},
|
|
{
|
|
"summary":"nvd cve",
|
|
"category":"external",
|
|
"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-23848"
|
|
},
|
|
{
|
|
"summary":"nvd cve",
|
|
"category":"external",
|
|
"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-31076"
|
|
},
|
|
{
|
|
"summary":"nvd cve",
|
|
"category":"external",
|
|
"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-35893"
|
|
},
|
|
{
|
|
"summary":"nvd cve",
|
|
"category":"external",
|
|
"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-35915"
|
|
},
|
|
{
|
|
"summary":"nvd cve",
|
|
"category":"external",
|
|
"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-36014"
|
|
},
|
|
{
|
|
"summary":"nvd cve",
|
|
"category":"external",
|
|
"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-36949"
|
|
},
|
|
{
|
|
"summary":"nvd cve",
|
|
"category":"external",
|
|
"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-37356"
|
|
},
|
|
{
|
|
"summary":"nvd cve",
|
|
"category":"external",
|
|
"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-38546"
|
|
},
|
|
{
|
|
"summary":"nvd cve",
|
|
"category":"external",
|
|
"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-38553"
|
|
},
|
|
{
|
|
"summary":"nvd cve",
|
|
"category":"external",
|
|
"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-38554"
|
|
},
|
|
{
|
|
"summary":"nvd cve",
|
|
"category":"external",
|
|
"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-38559"
|
|
},
|
|
{
|
|
"summary":"nvd cve",
|
|
"category":"external",
|
|
"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-38578"
|
|
},
|
|
{
|
|
"summary":"nvd cve",
|
|
"category":"external",
|
|
"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-38579"
|
|
},
|
|
{
|
|
"summary":"nvd cve",
|
|
"category":"external",
|
|
"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-38582"
|
|
},
|
|
{
|
|
"summary":"nvd cve",
|
|
"category":"external",
|
|
"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-38583"
|
|
},
|
|
{
|
|
"summary":"nvd cve",
|
|
"category":"external",
|
|
"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-38618"
|
|
},
|
|
{
|
|
"summary":"nvd cve",
|
|
"category":"external",
|
|
"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-38633"
|
|
},
|
|
{
|
|
"summary":"nvd cve",
|
|
"category":"external",
|
|
"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-38634"
|
|
},
|
|
{
|
|
"summary":"nvd cve",
|
|
"category":"external",
|
|
"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-38637"
|
|
},
|
|
{
|
|
"summary":"nvd cve",
|
|
"category":"external",
|
|
"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-38659"
|
|
},
|
|
{
|
|
"summary":"nvd cve",
|
|
"category":"external",
|
|
"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-38780"
|
|
},
|
|
{
|
|
"summary":"nvd cve",
|
|
"category":"external",
|
|
"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39301"
|
|
},
|
|
{
|
|
"summary":"openEuler-SA-2024-1835 vex file",
|
|
"category":"self",
|
|
"url":"https://repo.openeuler.org/security/data/csaf/advisories/2024/csaf-openEuler-SA-2024-1835.json"
|
|
}
|
|
],
|
|
"title":"An update for kernel is now available for openEuler-20.03-LTS-SP4",
|
|
"tracking":{
|
|
"initial_release_date":"2024-07-12T22:52:14+08:00",
|
|
"revision_history":[
|
|
{
|
|
"date":"2024-07-12T22:52:14+08:00",
|
|
"summary":"Initial",
|
|
"number":"1.0.0"
|
|
}
|
|
],
|
|
"generator":{
|
|
"date":"2024-07-12T22:52:14+08:00",
|
|
"engine":{
|
|
"name":"openEuler CSAF Tool V1.0"
|
|
}
|
|
},
|
|
"current_release_date":"2024-07-12T22:52:14+08:00",
|
|
"id":"openEuler-SA-2024-1835",
|
|
"version":"1.0.0",
|
|
"status":"final"
|
|
}
|
|
},
|
|
"product_tree":{
|
|
"branches":[
|
|
{
|
|
"name":"openEuler",
|
|
"category":"vendor",
|
|
"branches":[
|
|
{
|
|
"name":"openEuler",
|
|
"branches":[
|
|
{
|
|
"product":{
|
|
"product_identification_helper":{
|
|
"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
|
|
},
|
|
"product_id":"openEuler-20.03-LTS-SP4",
|
|
"name":"openEuler-20.03-LTS-SP4"
|
|
},
|
|
"name":"openEuler-20.03-LTS-SP4",
|
|
"category":"product_version"
|
|
}
|
|
],
|
|
"category":"product_name"
|
|
},
|
|
{
|
|
"name":"x86_64",
|
|
"branches":[
|
|
{
|
|
"product":{
|
|
"product_identification_helper":{
|
|
"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
|
|
},
|
|
"product_id":"bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64.rpm",
|
|
"name":"bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64.rpm"
|
|
},
|
|
"name":"bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64.rpm",
|
|
"category":"product_version"
|
|
},
|
|
{
|
|
"product":{
|
|
"product_identification_helper":{
|
|
"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
|
|
},
|
|
"product_id":"bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64.rpm",
|
|
"name":"bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64.rpm"
|
|
},
|
|
"name":"bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64.rpm",
|
|
"category":"product_version"
|
|
},
|
|
{
|
|
"product":{
|
|
"product_identification_helper":{
|
|
"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
|
|
},
|
|
"product_id":"kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64.rpm",
|
|
"name":"kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64.rpm"
|
|
},
|
|
"name":"kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64.rpm",
|
|
"category":"product_version"
|
|
},
|
|
{
|
|
"product":{
|
|
"product_identification_helper":{
|
|
"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
|
|
},
|
|
"product_id":"kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64.rpm",
|
|
"name":"kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64.rpm"
|
|
},
|
|
"name":"kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64.rpm",
|
|
"category":"product_version"
|
|
},
|
|
{
|
|
"product":{
|
|
"product_identification_helper":{
|
|
"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
|
|
},
|
|
"product_id":"kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64.rpm",
|
|
"name":"kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64.rpm"
|
|
},
|
|
"name":"kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64.rpm",
|
|
"category":"product_version"
|
|
},
|
|
{
|
|
"product":{
|
|
"product_identification_helper":{
|
|
"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
|
|
},
|
|
"product_id":"kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64.rpm",
|
|
"name":"kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64.rpm"
|
|
},
|
|
"name":"kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64.rpm",
|
|
"category":"product_version"
|
|
},
|
|
{
|
|
"product":{
|
|
"product_identification_helper":{
|
|
"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
|
|
},
|
|
"product_id":"kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64.rpm",
|
|
"name":"kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64.rpm"
|
|
},
|
|
"name":"kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64.rpm",
|
|
"category":"product_version"
|
|
},
|
|
{
|
|
"product":{
|
|
"product_identification_helper":{
|
|
"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
|
|
},
|
|
"product_id":"kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64.rpm",
|
|
"name":"kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64.rpm"
|
|
},
|
|
"name":"kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64.rpm",
|
|
"category":"product_version"
|
|
},
|
|
{
|
|
"product":{
|
|
"product_identification_helper":{
|
|
"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
|
|
},
|
|
"product_id":"kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64.rpm",
|
|
"name":"kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64.rpm"
|
|
},
|
|
"name":"kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64.rpm",
|
|
"category":"product_version"
|
|
},
|
|
{
|
|
"product":{
|
|
"product_identification_helper":{
|
|
"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
|
|
},
|
|
"product_id":"kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64.rpm",
|
|
"name":"kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64.rpm"
|
|
},
|
|
"name":"kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64.rpm",
|
|
"category":"product_version"
|
|
},
|
|
{
|
|
"product":{
|
|
"product_identification_helper":{
|
|
"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
|
|
},
|
|
"product_id":"perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64.rpm",
|
|
"name":"perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64.rpm"
|
|
},
|
|
"name":"perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64.rpm",
|
|
"category":"product_version"
|
|
},
|
|
{
|
|
"product":{
|
|
"product_identification_helper":{
|
|
"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
|
|
},
|
|
"product_id":"perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64.rpm",
|
|
"name":"perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64.rpm"
|
|
},
|
|
"name":"perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64.rpm",
|
|
"category":"product_version"
|
|
},
|
|
{
|
|
"product":{
|
|
"product_identification_helper":{
|
|
"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
|
|
},
|
|
"product_id":"python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64.rpm",
|
|
"name":"python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64.rpm"
|
|
},
|
|
"name":"python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64.rpm",
|
|
"category":"product_version"
|
|
},
|
|
{
|
|
"product":{
|
|
"product_identification_helper":{
|
|
"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
|
|
},
|
|
"product_id":"python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64.rpm",
|
|
"name":"python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64.rpm"
|
|
},
|
|
"name":"python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64.rpm",
|
|
"category":"product_version"
|
|
},
|
|
{
|
|
"product":{
|
|
"product_identification_helper":{
|
|
"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
|
|
},
|
|
"product_id":"python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64.rpm",
|
|
"name":"python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64.rpm"
|
|
},
|
|
"name":"python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64.rpm",
|
|
"category":"product_version"
|
|
},
|
|
{
|
|
"product":{
|
|
"product_identification_helper":{
|
|
"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
|
|
},
|
|
"product_id":"python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64.rpm",
|
|
"name":"python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64.rpm"
|
|
},
|
|
"name":"python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64.rpm",
|
|
"category":"product_version"
|
|
}
|
|
],
|
|
"category":"product_name"
|
|
},
|
|
{
|
|
"name":"src",
|
|
"branches":[
|
|
{
|
|
"product":{
|
|
"product_identification_helper":{
|
|
"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
|
|
},
|
|
"product_id":"kernel-4.19.90-2407.3.0.0285.oe2003sp4.src.rpm",
|
|
"name":"kernel-4.19.90-2407.3.0.0285.oe2003sp4.src.rpm"
|
|
},
|
|
"name":"kernel-4.19.90-2407.3.0.0285.oe2003sp4.src.rpm",
|
|
"category":"product_version"
|
|
}
|
|
],
|
|
"category":"product_name"
|
|
},
|
|
{
|
|
"name":"aarch64",
|
|
"branches":[
|
|
{
|
|
"product":{
|
|
"product_identification_helper":{
|
|
"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
|
|
},
|
|
"product_id":"bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64.rpm",
|
|
"name":"bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64.rpm"
|
|
},
|
|
"name":"bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64.rpm",
|
|
"category":"product_version"
|
|
},
|
|
{
|
|
"product":{
|
|
"product_identification_helper":{
|
|
"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
|
|
},
|
|
"product_id":"bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64.rpm",
|
|
"name":"bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64.rpm"
|
|
},
|
|
"name":"bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64.rpm",
|
|
"category":"product_version"
|
|
},
|
|
{
|
|
"product":{
|
|
"product_identification_helper":{
|
|
"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
|
|
},
|
|
"product_id":"kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64.rpm",
|
|
"name":"kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64.rpm"
|
|
},
|
|
"name":"kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64.rpm",
|
|
"category":"product_version"
|
|
},
|
|
{
|
|
"product":{
|
|
"product_identification_helper":{
|
|
"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
|
|
},
|
|
"product_id":"kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64.rpm",
|
|
"name":"kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64.rpm"
|
|
},
|
|
"name":"kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64.rpm",
|
|
"category":"product_version"
|
|
},
|
|
{
|
|
"product":{
|
|
"product_identification_helper":{
|
|
"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
|
|
},
|
|
"product_id":"kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64.rpm",
|
|
"name":"kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64.rpm"
|
|
},
|
|
"name":"kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64.rpm",
|
|
"category":"product_version"
|
|
},
|
|
{
|
|
"product":{
|
|
"product_identification_helper":{
|
|
"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
|
|
},
|
|
"product_id":"kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64.rpm",
|
|
"name":"kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64.rpm"
|
|
},
|
|
"name":"kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64.rpm",
|
|
"category":"product_version"
|
|
},
|
|
{
|
|
"product":{
|
|
"product_identification_helper":{
|
|
"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
|
|
},
|
|
"product_id":"kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64.rpm",
|
|
"name":"kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64.rpm"
|
|
},
|
|
"name":"kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64.rpm",
|
|
"category":"product_version"
|
|
},
|
|
{
|
|
"product":{
|
|
"product_identification_helper":{
|
|
"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
|
|
},
|
|
"product_id":"kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64.rpm",
|
|
"name":"kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64.rpm"
|
|
},
|
|
"name":"kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64.rpm",
|
|
"category":"product_version"
|
|
},
|
|
{
|
|
"product":{
|
|
"product_identification_helper":{
|
|
"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
|
|
},
|
|
"product_id":"kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64.rpm",
|
|
"name":"kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64.rpm"
|
|
},
|
|
"name":"kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64.rpm",
|
|
"category":"product_version"
|
|
},
|
|
{
|
|
"product":{
|
|
"product_identification_helper":{
|
|
"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
|
|
},
|
|
"product_id":"kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64.rpm",
|
|
"name":"kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64.rpm"
|
|
},
|
|
"name":"kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64.rpm",
|
|
"category":"product_version"
|
|
},
|
|
{
|
|
"product":{
|
|
"product_identification_helper":{
|
|
"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
|
|
},
|
|
"product_id":"perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64.rpm",
|
|
"name":"perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64.rpm"
|
|
},
|
|
"name":"perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64.rpm",
|
|
"category":"product_version"
|
|
},
|
|
{
|
|
"product":{
|
|
"product_identification_helper":{
|
|
"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
|
|
},
|
|
"product_id":"perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64.rpm",
|
|
"name":"perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64.rpm"
|
|
},
|
|
"name":"perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64.rpm",
|
|
"category":"product_version"
|
|
},
|
|
{
|
|
"product":{
|
|
"product_identification_helper":{
|
|
"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
|
|
},
|
|
"product_id":"python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64.rpm",
|
|
"name":"python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64.rpm"
|
|
},
|
|
"name":"python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64.rpm",
|
|
"category":"product_version"
|
|
},
|
|
{
|
|
"product":{
|
|
"product_identification_helper":{
|
|
"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
|
|
},
|
|
"product_id":"python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64.rpm",
|
|
"name":"python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64.rpm"
|
|
},
|
|
"name":"python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64.rpm",
|
|
"category":"product_version"
|
|
},
|
|
{
|
|
"product":{
|
|
"product_identification_helper":{
|
|
"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
|
|
},
|
|
"product_id":"python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64.rpm",
|
|
"name":"python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64.rpm"
|
|
},
|
|
"name":"python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64.rpm",
|
|
"category":"product_version"
|
|
},
|
|
{
|
|
"product":{
|
|
"product_identification_helper":{
|
|
"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
|
|
},
|
|
"product_id":"python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64.rpm",
|
|
"name":"python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64.rpm"
|
|
},
|
|
"name":"python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64.rpm",
|
|
"category":"product_version"
|
|
}
|
|
],
|
|
"category":"product_name"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"relationships":[
|
|
{
|
|
"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
|
|
"product_reference":"bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64.rpm",
|
|
"full_product_name":{
|
|
"product_id":"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"name":"bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64 as a component of openEuler-20.03-LTS-SP4"
|
|
},
|
|
"category":"default_component_of"
|
|
},
|
|
{
|
|
"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
|
|
"product_reference":"bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64.rpm",
|
|
"full_product_name":{
|
|
"product_id":"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"name":"bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64 as a component of openEuler-20.03-LTS-SP4"
|
|
},
|
|
"category":"default_component_of"
|
|
},
|
|
{
|
|
"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
|
|
"product_reference":"kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64.rpm",
|
|
"full_product_name":{
|
|
"product_id":"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"name":"kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64 as a component of openEuler-20.03-LTS-SP4"
|
|
},
|
|
"category":"default_component_of"
|
|
},
|
|
{
|
|
"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
|
|
"product_reference":"kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64.rpm",
|
|
"full_product_name":{
|
|
"product_id":"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"name":"kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64 as a component of openEuler-20.03-LTS-SP4"
|
|
},
|
|
"category":"default_component_of"
|
|
},
|
|
{
|
|
"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
|
|
"product_reference":"kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64.rpm",
|
|
"full_product_name":{
|
|
"product_id":"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"name":"kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64 as a component of openEuler-20.03-LTS-SP4"
|
|
},
|
|
"category":"default_component_of"
|
|
},
|
|
{
|
|
"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
|
|
"product_reference":"kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64.rpm",
|
|
"full_product_name":{
|
|
"product_id":"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"name":"kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64 as a component of openEuler-20.03-LTS-SP4"
|
|
},
|
|
"category":"default_component_of"
|
|
},
|
|
{
|
|
"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
|
|
"product_reference":"kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64.rpm",
|
|
"full_product_name":{
|
|
"product_id":"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"name":"kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64 as a component of openEuler-20.03-LTS-SP4"
|
|
},
|
|
"category":"default_component_of"
|
|
},
|
|
{
|
|
"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
|
|
"product_reference":"kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64.rpm",
|
|
"full_product_name":{
|
|
"product_id":"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"name":"kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64 as a component of openEuler-20.03-LTS-SP4"
|
|
},
|
|
"category":"default_component_of"
|
|
},
|
|
{
|
|
"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
|
|
"product_reference":"kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64.rpm",
|
|
"full_product_name":{
|
|
"product_id":"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"name":"kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64 as a component of openEuler-20.03-LTS-SP4"
|
|
},
|
|
"category":"default_component_of"
|
|
},
|
|
{
|
|
"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
|
|
"product_reference":"kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64.rpm",
|
|
"full_product_name":{
|
|
"product_id":"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"name":"kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64 as a component of openEuler-20.03-LTS-SP4"
|
|
},
|
|
"category":"default_component_of"
|
|
},
|
|
{
|
|
"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
|
|
"product_reference":"perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64.rpm",
|
|
"full_product_name":{
|
|
"product_id":"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"name":"perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64 as a component of openEuler-20.03-LTS-SP4"
|
|
},
|
|
"category":"default_component_of"
|
|
},
|
|
{
|
|
"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
|
|
"product_reference":"perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64.rpm",
|
|
"full_product_name":{
|
|
"product_id":"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"name":"perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64 as a component of openEuler-20.03-LTS-SP4"
|
|
},
|
|
"category":"default_component_of"
|
|
},
|
|
{
|
|
"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
|
|
"product_reference":"python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64.rpm",
|
|
"full_product_name":{
|
|
"product_id":"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"name":"python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64 as a component of openEuler-20.03-LTS-SP4"
|
|
},
|
|
"category":"default_component_of"
|
|
},
|
|
{
|
|
"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
|
|
"product_reference":"python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64.rpm",
|
|
"full_product_name":{
|
|
"product_id":"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"name":"python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64 as a component of openEuler-20.03-LTS-SP4"
|
|
},
|
|
"category":"default_component_of"
|
|
},
|
|
{
|
|
"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
|
|
"product_reference":"python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64.rpm",
|
|
"full_product_name":{
|
|
"product_id":"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"name":"python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64 as a component of openEuler-20.03-LTS-SP4"
|
|
},
|
|
"category":"default_component_of"
|
|
},
|
|
{
|
|
"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
|
|
"product_reference":"python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64.rpm",
|
|
"full_product_name":{
|
|
"product_id":"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"name":"python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64 as a component of openEuler-20.03-LTS-SP4"
|
|
},
|
|
"category":"default_component_of"
|
|
},
|
|
{
|
|
"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
|
|
"product_reference":"kernel-4.19.90-2407.3.0.0285.oe2003sp4.src.rpm",
|
|
"full_product_name":{
|
|
"product_id":"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"name":"kernel-4.19.90-2407.3.0.0285.oe2003sp4.src as a component of openEuler-20.03-LTS-SP4"
|
|
},
|
|
"category":"default_component_of"
|
|
},
|
|
{
|
|
"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
|
|
"product_reference":"bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64.rpm",
|
|
"full_product_name":{
|
|
"product_id":"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"name":"bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64 as a component of openEuler-20.03-LTS-SP4"
|
|
},
|
|
"category":"default_component_of"
|
|
},
|
|
{
|
|
"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
|
|
"product_reference":"bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64.rpm",
|
|
"full_product_name":{
|
|
"product_id":"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"name":"bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64 as a component of openEuler-20.03-LTS-SP4"
|
|
},
|
|
"category":"default_component_of"
|
|
},
|
|
{
|
|
"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
|
|
"product_reference":"kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64.rpm",
|
|
"full_product_name":{
|
|
"product_id":"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"name":"kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64 as a component of openEuler-20.03-LTS-SP4"
|
|
},
|
|
"category":"default_component_of"
|
|
},
|
|
{
|
|
"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
|
|
"product_reference":"kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64.rpm",
|
|
"full_product_name":{
|
|
"product_id":"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"name":"kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64 as a component of openEuler-20.03-LTS-SP4"
|
|
},
|
|
"category":"default_component_of"
|
|
},
|
|
{
|
|
"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
|
|
"product_reference":"kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64.rpm",
|
|
"full_product_name":{
|
|
"product_id":"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"name":"kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64 as a component of openEuler-20.03-LTS-SP4"
|
|
},
|
|
"category":"default_component_of"
|
|
},
|
|
{
|
|
"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
|
|
"product_reference":"kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64.rpm",
|
|
"full_product_name":{
|
|
"product_id":"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"name":"kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64 as a component of openEuler-20.03-LTS-SP4"
|
|
},
|
|
"category":"default_component_of"
|
|
},
|
|
{
|
|
"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
|
|
"product_reference":"kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64.rpm",
|
|
"full_product_name":{
|
|
"product_id":"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"name":"kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64 as a component of openEuler-20.03-LTS-SP4"
|
|
},
|
|
"category":"default_component_of"
|
|
},
|
|
{
|
|
"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
|
|
"product_reference":"kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64.rpm",
|
|
"full_product_name":{
|
|
"product_id":"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"name":"kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64 as a component of openEuler-20.03-LTS-SP4"
|
|
},
|
|
"category":"default_component_of"
|
|
},
|
|
{
|
|
"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
|
|
"product_reference":"kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64.rpm",
|
|
"full_product_name":{
|
|
"product_id":"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"name":"kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64 as a component of openEuler-20.03-LTS-SP4"
|
|
},
|
|
"category":"default_component_of"
|
|
},
|
|
{
|
|
"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
|
|
"product_reference":"kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64.rpm",
|
|
"full_product_name":{
|
|
"product_id":"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"name":"kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64 as a component of openEuler-20.03-LTS-SP4"
|
|
},
|
|
"category":"default_component_of"
|
|
},
|
|
{
|
|
"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
|
|
"product_reference":"perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64.rpm",
|
|
"full_product_name":{
|
|
"product_id":"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"name":"perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64 as a component of openEuler-20.03-LTS-SP4"
|
|
},
|
|
"category":"default_component_of"
|
|
},
|
|
{
|
|
"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
|
|
"product_reference":"perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64.rpm",
|
|
"full_product_name":{
|
|
"product_id":"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"name":"perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64 as a component of openEuler-20.03-LTS-SP4"
|
|
},
|
|
"category":"default_component_of"
|
|
},
|
|
{
|
|
"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
|
|
"product_reference":"python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64.rpm",
|
|
"full_product_name":{
|
|
"product_id":"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"name":"python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64 as a component of openEuler-20.03-LTS-SP4"
|
|
},
|
|
"category":"default_component_of"
|
|
},
|
|
{
|
|
"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
|
|
"product_reference":"python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64.rpm",
|
|
"full_product_name":{
|
|
"product_id":"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"name":"python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64 as a component of openEuler-20.03-LTS-SP4"
|
|
},
|
|
"category":"default_component_of"
|
|
},
|
|
{
|
|
"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
|
|
"product_reference":"python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64.rpm",
|
|
"full_product_name":{
|
|
"product_id":"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"name":"python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64 as a component of openEuler-20.03-LTS-SP4"
|
|
},
|
|
"category":"default_component_of"
|
|
},
|
|
{
|
|
"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
|
|
"product_reference":"python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64.rpm",
|
|
"full_product_name":{
|
|
"product_id":"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"name":"python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64 as a component of openEuler-20.03-LTS-SP4"
|
|
},
|
|
"category":"default_component_of"
|
|
}
|
|
]
|
|
},
|
|
"vulnerabilities":[
|
|
{
|
|
"cve":"CVE-2021-47270",
|
|
"notes":[
|
|
{
|
|
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\nusb: fix various gadgets null ptr deref on 10gbps cabling.\n\nThis avoids a null pointer dereference in\nf_{ecm,eem,hid,loopback,printer,rndis,serial,sourcesink,subset,tcm}\nby simply reusing the 5gbps config for 10gbps.",
|
|
"category":"description",
|
|
"title":"Vulnerability Description"
|
|
}
|
|
],
|
|
"product_status":{
|
|
"fixed":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
]
|
|
},
|
|
"remediations":[
|
|
{
|
|
"product_ids":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
],
|
|
"details":"kernel security update",
|
|
"category":"vendor_fix",
|
|
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1835"
|
|
}
|
|
],
|
|
"scores":[
|
|
{
|
|
"cvss_v3":{
|
|
"baseSeverity":"LOW",
|
|
"baseScore":3.9,
|
|
"vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L",
|
|
"version":"3.1"
|
|
},
|
|
"products":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
]
|
|
}
|
|
],
|
|
"threats":[
|
|
{
|
|
"details":"Low",
|
|
"category":"impact"
|
|
}
|
|
],
|
|
"title":"CVE-2021-47270"
|
|
},
|
|
{
|
|
"cve":"CVE-2021-47515",
|
|
"notes":[
|
|
{
|
|
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\nseg6: fix the iif in the IPv6 socket control block\n\nWhen an IPv4 packet is received, the ip_rcv_core(...) sets the receiving\ninterface index into the IPv4 socket control block (v5.16-rc4,\nnet/ipv4/ip_input.c line 510):\n\n IPCB(skb)->iif = skb->skb_iif;\n\nIf that IPv4 packet is meant to be encapsulated in an outer IPv6+SRH\nheader, the seg6_do_srh_encap(...) performs the required encapsulation.\nIn this case, the seg6_do_srh_encap function clears the IPv6 socket control\nblock (v5.16-rc4 net/ipv6/seg6_iptunnel.c line 163):\n\n memset(IP6CB(skb), 0, sizeof(*IP6CB(skb)));\n\nThe memset(...) was introduced in commit ef489749aae5 (\"ipv6: sr: clear\nIP6CB(skb) on SRH ip4ip6 encapsulation\") a long time ago (2019-01-29).\n\nSince the IPv6 socket control block and the IPv4 socket control block share\nthe same memory area (skb->cb), the receiving interface index info is lost\n(IP6CB(skb)->iif is set to zero).\n\nAs a side effect, that condition triggers a NULL pointer dereference if\ncommit 0857d6f8c759 (\"ipv6: When forwarding count rx stats on the orig\nnetdev\") is applied.\n\nTo fix that issue, we set the IP6CB(skb)->iif with the index of the\nreceiving interface once again.",
|
|
"category":"description",
|
|
"title":"Vulnerability Description"
|
|
}
|
|
],
|
|
"product_status":{
|
|
"fixed":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
]
|
|
},
|
|
"remediations":[
|
|
{
|
|
"product_ids":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
],
|
|
"details":"kernel security update",
|
|
"category":"vendor_fix",
|
|
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1835"
|
|
}
|
|
],
|
|
"scores":[
|
|
{
|
|
"cvss_v3":{
|
|
"baseSeverity":"LOW",
|
|
"baseScore":3.9,
|
|
"vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L",
|
|
"version":"3.1"
|
|
},
|
|
"products":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
]
|
|
}
|
|
],
|
|
"threats":[
|
|
{
|
|
"details":"Low",
|
|
"category":"impact"
|
|
}
|
|
],
|
|
"title":"CVE-2021-47515"
|
|
},
|
|
{
|
|
"cve":"CVE-2021-47583",
|
|
"notes":[
|
|
{
|
|
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: mxl111sf: change mutex_init() location\n\nSyzbot reported, that mxl111sf_ctrl_msg() uses uninitialized\nmutex. The problem was in wrong mutex_init() location.\n\nPrevious mutex_init(&state->msg_lock) call was in ->init() function, but\ndvb_usbv2_init() has this order of calls:\n\n\tdvb_usbv2_init()\n\t dvb_usbv2_adapter_init()\n\t dvb_usbv2_adapter_frontend_init()\n\t props->frontend_attach()\n\n\t props->init()\n\nSince mxl111sf_* devices call mxl111sf_ctrl_msg() in ->frontend_attach()\ninternally we need to initialize state->msg_lock before\nfrontend_attach(). To achieve it, ->probe() call added to all mxl111sf_*\ndevices, which will simply initiaize mutex.",
|
|
"category":"description",
|
|
"title":"Vulnerability Description"
|
|
}
|
|
],
|
|
"product_status":{
|
|
"fixed":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
]
|
|
},
|
|
"remediations":[
|
|
{
|
|
"product_ids":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
],
|
|
"details":"kernel security update",
|
|
"category":"vendor_fix",
|
|
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1835"
|
|
}
|
|
],
|
|
"scores":[
|
|
{
|
|
"cvss_v3":{
|
|
"baseSeverity":"MEDIUM",
|
|
"baseScore":5.5,
|
|
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
|
|
"version":"3.1"
|
|
},
|
|
"products":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
]
|
|
}
|
|
],
|
|
"threats":[
|
|
{
|
|
"details":"Medium",
|
|
"category":"impact"
|
|
}
|
|
],
|
|
"title":"CVE-2021-47583"
|
|
},
|
|
{
|
|
"cve":"CVE-2021-47611",
|
|
"notes":[
|
|
{
|
|
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\nmac80211: validate extended element ID is present\n\nBefore attempting to parse an extended element, verify that\nthe extended element ID is present.",
|
|
"category":"description",
|
|
"title":"Vulnerability Description"
|
|
}
|
|
],
|
|
"product_status":{
|
|
"fixed":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
]
|
|
},
|
|
"remediations":[
|
|
{
|
|
"product_ids":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
],
|
|
"details":"kernel security update",
|
|
"category":"vendor_fix",
|
|
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1835"
|
|
}
|
|
],
|
|
"scores":[
|
|
{
|
|
"cvss_v3":{
|
|
"baseSeverity":"LOW",
|
|
"baseScore":3.9,
|
|
"vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L",
|
|
"version":"3.1"
|
|
},
|
|
"products":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
]
|
|
}
|
|
],
|
|
"threats":[
|
|
{
|
|
"details":"Low",
|
|
"category":"impact"
|
|
}
|
|
],
|
|
"title":"CVE-2021-47611"
|
|
},
|
|
{
|
|
"cve":"CVE-2021-47619",
|
|
"notes":[
|
|
{
|
|
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\ni40e: Fix queues reservation for XDP\n\nWhen XDP was configured on a system with large number of CPUs\nand X722 NIC there was a call trace with NULL pointer dereference.\n\ni40e 0000:87:00.0: failed to get tracking for 256 queues for VSI 0 err -12\ni40e 0000:87:00.0: setup of MAIN VSI failed\n\nBUG: kernel NULL pointer dereference, address: 0000000000000000\nRIP: 0010:i40e_xdp+0xea/0x1b0 [i40e]\nCall Trace:\n? i40e_reconfig_rss_queues+0x130/0x130 [i40e]\ndev_xdp_install+0x61/0xe0\ndev_xdp_attach+0x18a/0x4c0\ndev_change_xdp_fd+0x1e6/0x220\ndo_setlink+0x616/0x1030\n? ahci_port_stop+0x80/0x80\n? ata_qc_issue+0x107/0x1e0\n? lock_timer_base+0x61/0x80\n? __mod_timer+0x202/0x380\nrtnl_setlink+0xe5/0x170\n? bpf_lsm_binder_transaction+0x10/0x10\n? security_capable+0x36/0x50\nrtnetlink_rcv_msg+0x121/0x350\n? rtnl_calcit.isra.0+0x100/0x100\nnetlink_rcv_skb+0x50/0xf0\nnetlink_unicast+0x1d3/0x2a0\nnetlink_sendmsg+0x22a/0x440\nsock_sendmsg+0x5e/0x60\n__sys_sendto+0xf0/0x160\n? __sys_getsockname+0x7e/0xc0\n? _copy_from_user+0x3c/0x80\n? __sys_setsockopt+0xc8/0x1a0\n__x64_sys_sendto+0x20/0x30\ndo_syscall_64+0x33/0x40\nentry_SYSCALL_64_after_hwframe+0x44/0xae\nRIP: 0033:0x7f83fa7a39e0\n\nThis was caused by PF queue pile fragmentation due to\nflow director VSI queue being placed right after main VSI.\nBecause of this main VSI was not able to resize its\nqueue allocation for XDP resulting in no queues allocated\nfor main VSI when XDP was turned on.\n\nFix this by always allocating last queue in PF queue pile\nfor a flow director VSI.",
|
|
"category":"description",
|
|
"title":"Vulnerability Description"
|
|
}
|
|
],
|
|
"product_status":{
|
|
"fixed":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
]
|
|
},
|
|
"remediations":[
|
|
{
|
|
"product_ids":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
],
|
|
"details":"kernel security update",
|
|
"category":"vendor_fix",
|
|
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1835"
|
|
}
|
|
],
|
|
"scores":[
|
|
{
|
|
"cvss_v3":{
|
|
"baseSeverity":"MEDIUM",
|
|
"baseScore":5.5,
|
|
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
|
|
"version":"3.1"
|
|
},
|
|
"products":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
]
|
|
}
|
|
],
|
|
"threats":[
|
|
{
|
|
"details":"Medium",
|
|
"category":"impact"
|
|
}
|
|
],
|
|
"title":"CVE-2021-47619"
|
|
},
|
|
{
|
|
"cve":"CVE-2022-48717",
|
|
"notes":[
|
|
{
|
|
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: max9759: fix underflow in speaker_gain_control_put()\n\nCheck for negative values of \"priv->gain\" to prevent an out of bounds\naccess. The concern is that these might come from the user via:\n -> snd_ctl_elem_write_user()\n -> snd_ctl_elem_write()\n -> kctl->put()",
|
|
"category":"description",
|
|
"title":"Vulnerability Description"
|
|
}
|
|
],
|
|
"product_status":{
|
|
"fixed":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
]
|
|
},
|
|
"remediations":[
|
|
{
|
|
"product_ids":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
],
|
|
"details":"kernel security update",
|
|
"category":"vendor_fix",
|
|
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1835"
|
|
}
|
|
],
|
|
"scores":[
|
|
{
|
|
"cvss_v3":{
|
|
"baseSeverity":"MEDIUM",
|
|
"baseScore":5.5,
|
|
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
|
|
"version":"3.1"
|
|
},
|
|
"products":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
]
|
|
}
|
|
],
|
|
"threats":[
|
|
{
|
|
"details":"Medium",
|
|
"category":"impact"
|
|
}
|
|
],
|
|
"title":"CVE-2022-48717"
|
|
},
|
|
{
|
|
"cve":"CVE-2022-48722",
|
|
"notes":[
|
|
{
|
|
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ieee802154: ca8210: Stop leaking skb's\n\nUpon error the ieee802154_xmit_complete() helper is not called. Only\nieee802154_wake_queue() is called manually. We then leak the skb\nstructure.\n\nFree the skb structure upon error before returning.",
|
|
"category":"description",
|
|
"title":"Vulnerability Description"
|
|
}
|
|
],
|
|
"product_status":{
|
|
"fixed":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
]
|
|
},
|
|
"remediations":[
|
|
{
|
|
"product_ids":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
],
|
|
"details":"kernel security update",
|
|
"category":"vendor_fix",
|
|
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1835"
|
|
}
|
|
],
|
|
"scores":[
|
|
{
|
|
"cvss_v3":{
|
|
"baseSeverity":"MEDIUM",
|
|
"baseScore":5.5,
|
|
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
|
|
"version":"3.1"
|
|
},
|
|
"products":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
]
|
|
}
|
|
],
|
|
"threats":[
|
|
{
|
|
"details":"Medium",
|
|
"category":"impact"
|
|
}
|
|
],
|
|
"title":"CVE-2022-48722"
|
|
},
|
|
{
|
|
"cve":"CVE-2022-48736",
|
|
"notes":[
|
|
{
|
|
"text":"Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
|
|
"category":"description",
|
|
"title":"Vulnerability Description"
|
|
}
|
|
],
|
|
"product_status":{
|
|
"fixed":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
]
|
|
},
|
|
"remediations":[
|
|
{
|
|
"product_ids":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
],
|
|
"details":"kernel security update",
|
|
"category":"vendor_fix",
|
|
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1835"
|
|
}
|
|
],
|
|
"scores":[
|
|
{
|
|
"cvss_v3":{
|
|
"baseSeverity":"MEDIUM",
|
|
"baseScore":5.5,
|
|
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
|
|
"version":"3.1"
|
|
},
|
|
"products":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
]
|
|
}
|
|
],
|
|
"threats":[
|
|
{
|
|
"details":"Medium",
|
|
"category":"impact"
|
|
}
|
|
],
|
|
"title":"CVE-2022-48736"
|
|
},
|
|
{
|
|
"cve":"CVE-2022-48738",
|
|
"notes":[
|
|
{
|
|
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: ops: Reject out of bounds values in snd_soc_put_volsw()\n\nWe don't currently validate that the values being set are within the range\nwe advertised to userspace as being valid, do so and reject any values\nthat are out of range.",
|
|
"category":"description",
|
|
"title":"Vulnerability Description"
|
|
}
|
|
],
|
|
"product_status":{
|
|
"fixed":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
]
|
|
},
|
|
"remediations":[
|
|
{
|
|
"product_ids":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
],
|
|
"details":"kernel security update",
|
|
"category":"vendor_fix",
|
|
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1835"
|
|
}
|
|
],
|
|
"scores":[
|
|
{
|
|
"cvss_v3":{
|
|
"baseSeverity":"MEDIUM",
|
|
"baseScore":5.5,
|
|
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
|
|
"version":"3.1"
|
|
},
|
|
"products":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
]
|
|
}
|
|
],
|
|
"threats":[
|
|
{
|
|
"details":"Medium",
|
|
"category":"impact"
|
|
}
|
|
],
|
|
"title":"CVE-2022-48738"
|
|
},
|
|
{
|
|
"cve":"CVE-2022-48743",
|
|
"notes":[
|
|
{
|
|
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet: amd-xgbe: Fix skb data length underflow\n\nThere will be BUG_ON() triggered in include/linux/skbuff.h leading to\nintermittent kernel panic, when the skb length underflow is detected.\n\nFix this by dropping the packet if such length underflows are seen\nbecause of inconsistencies in the hardware descriptors.",
|
|
"category":"description",
|
|
"title":"Vulnerability Description"
|
|
}
|
|
],
|
|
"product_status":{
|
|
"fixed":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
]
|
|
},
|
|
"remediations":[
|
|
{
|
|
"product_ids":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
],
|
|
"details":"kernel security update",
|
|
"category":"vendor_fix",
|
|
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1835"
|
|
}
|
|
],
|
|
"scores":[
|
|
{
|
|
"cvss_v3":{
|
|
"baseSeverity":"MEDIUM",
|
|
"baseScore":5.5,
|
|
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
|
|
"version":"3.1"
|
|
},
|
|
"products":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
]
|
|
}
|
|
],
|
|
"threats":[
|
|
{
|
|
"details":"Medium",
|
|
"category":"impact"
|
|
}
|
|
],
|
|
"title":"CVE-2022-48743"
|
|
},
|
|
{
|
|
"cve":"CVE-2022-48744",
|
|
"notes":[
|
|
{
|
|
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: Avoid field-overflowing memcpy()\n\nIn preparation for FORTIFY_SOURCE performing compile-time and run-time\nfield bounds checking for memcpy(), memmove(), and memset(), avoid\nintentionally writing across neighboring fields.\n\nUse flexible arrays instead of zero-element arrays (which look like they\nare always overflowing) and split the cross-field memcpy() into two halves\nthat can be appropriately bounds-checked by the compiler.\n\nWe were doing:\n\n\t#define ETH_HLEN 14\n\t#define VLAN_HLEN 4\n\t...\n\t#define MLX5E_XDP_MIN_INLINE (ETH_HLEN + VLAN_HLEN)\n\t...\n struct mlx5e_tx_wqe *wqe = mlx5_wq_cyc_get_wqe(wq, pi);\n\t...\n struct mlx5_wqe_eth_seg *eseg = &wqe->eth;\n struct mlx5_wqe_data_seg *dseg = wqe->data;\n\t...\n\tmemcpy(eseg->inline_hdr.start, xdptxd->data, MLX5E_XDP_MIN_INLINE);\n\ntarget is wqe->eth.inline_hdr.start (which the compiler sees as being\n2 bytes in size), but copying 18, intending to write across start\n(really vlan_tci, 2 bytes). The remaining 16 bytes get written into\nwqe->data[0], covering byte_count (4 bytes), lkey (4 bytes), and addr\n(8 bytes).\n\nstruct mlx5e_tx_wqe {\n struct mlx5_wqe_ctrl_seg ctrl; /* 0 16 */\n struct mlx5_wqe_eth_seg eth; /* 16 16 */\n struct mlx5_wqe_data_seg data[]; /* 32 0 */\n\n /* size: 32, cachelines: 1, members: 3 */\n /* last cacheline: 32 bytes */\n};\n\nstruct mlx5_wqe_eth_seg {\n u8 swp_outer_l4_offset; /* 0 1 */\n u8 swp_outer_l3_offset; /* 1 1 */\n u8 swp_inner_l4_offset; /* 2 1 */\n u8 swp_inner_l3_offset; /* 3 1 */\n u8 cs_flags; /* 4 1 */\n u8 swp_flags; /* 5 1 */\n __be16 mss; /* 6 2 */\n __be32 flow_table_metadata; /* 8 4 */\n union {\n struct {\n __be16 sz; /* 12 2 */\n u8 start[2]; /* 14 2 */\n } inline_hdr; /* 12 4 */\n struct {\n __be16 type; /* 12 2 */\n __be16 vlan_tci; /* 14 2 */\n } insert; /* 12 4 */\n __be32 trailer; /* 12 4 */\n }; /* 12 4 */\n\n /* size: 16, cachelines: 1, members: 9 */\n /* last cacheline: 16 bytes */\n};\n\nstruct mlx5_wqe_data_seg {\n __be32 byte_count; /* 0 4 */\n __be32 lkey; /* 4 4 */\n __be64 addr; /* 8 8 */\n\n /* size: 16, cachelines: 1, members: 3 */\n /* last cacheline: 16 bytes */\n};\n\nSo, split the memcpy() so the compiler can reason about the buffer\nsizes.\n\n\"pahole\" shows no size nor member offset changes to struct mlx5e_tx_wqe\nnor struct mlx5e_umr_wqe. \"objdump -d\" shows no meaningful object\ncode changes (i.e. only source line number induced differences and\noptimizations).",
|
|
"category":"description",
|
|
"title":"Vulnerability Description"
|
|
}
|
|
],
|
|
"product_status":{
|
|
"fixed":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
]
|
|
},
|
|
"remediations":[
|
|
{
|
|
"product_ids":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
],
|
|
"details":"kernel security update",
|
|
"category":"vendor_fix",
|
|
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1835"
|
|
}
|
|
],
|
|
"scores":[
|
|
{
|
|
"cvss_v3":{
|
|
"baseSeverity":"MEDIUM",
|
|
"baseScore":5.5,
|
|
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
|
|
"version":"3.1"
|
|
},
|
|
"products":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
]
|
|
}
|
|
],
|
|
"threats":[
|
|
{
|
|
"details":"Medium",
|
|
"category":"impact"
|
|
}
|
|
],
|
|
"title":"CVE-2022-48744"
|
|
},
|
|
{
|
|
"cve":"CVE-2022-48758",
|
|
"notes":[
|
|
{
|
|
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: bnx2fc: Flush destroy_work queue before calling bnx2fc_interface_put()\n\nThe bnx2fc_destroy() functions are removing the interface before calling\ndestroy_work. This results multiple WARNings from sysfs_remove_group() as\nthe controller rport device attributes are removed too early.\n\nReplace the fcoe_port's destroy_work queue. It's not needed.\n\nThe problem is easily reproducible with the following steps.\n\nExample:\n\n $ dmesg -w &\n $ systemctl enable --now fcoe\n $ fipvlan -s -c ens2f1\n $ fcoeadm -d ens2f1.802\n [ 583.464488] host2: libfc: Link down on port (7500a1)\n [ 583.472651] bnx2fc: 7500a1 - rport not created Yet!!\n [ 583.490468] ------------[ cut here ]------------\n [ 583.538725] sysfs group 'power' not found for kobject 'rport-2:0-0'\n [ 583.568814] WARNING: CPU: 3 PID: 192 at fs/sysfs/group.c:279 sysfs_remove_group+0x6f/0x80\n [ 583.607130] Modules linked in: dm_service_time 8021q garp mrp stp llc bnx2fc cnic uio rpcsec_gss_krb5 auth_rpcgss nfsv4 ...\n [ 583.942994] CPU: 3 PID: 192 Comm: kworker/3:2 Kdump: loaded Not tainted 5.14.0-39.el9.x86_64 #1\n [ 583.984105] Hardware name: HP ProLiant DL120 G7, BIOS J01 07/01/2013\n [ 584.016535] Workqueue: fc_wq_2 fc_rport_final_delete [scsi_transport_fc]\n [ 584.050691] RIP: 0010:sysfs_remove_group+0x6f/0x80\n [ 584.074725] Code: ff 5b 48 89 ef 5d 41 5c e9 ee c0 ff ff 48 89 ef e8 f6 b8 ff ff eb d1 49 8b 14 24 48 8b 33 48 c7 c7 ...\n [ 584.162586] RSP: 0018:ffffb567c15afdc0 EFLAGS: 00010282\n [ 584.188225] RAX: 0000000000000000 RBX: ffffffff8eec4220 RCX: 0000000000000000\n [ 584.221053] RDX: ffff8c1586ce84c0 RSI: ffff8c1586cd7cc0 RDI: ffff8c1586cd7cc0\n [ 584.255089] RBP: 0000000000000000 R08: 0000000000000000 R09: ffffb567c15afc00\n [ 584.287954] R10: ffffb567c15afbf8 R11: ffffffff8fbe7f28 R12: ffff8c1486326400\n [ 584.322356] R13: ffff8c1486326480 R14: ffff8c1483a4a000 R15: 0000000000000004\n [ 584.355379] FS: 0000000000000000(0000) GS:ffff8c1586cc0000(0000) knlGS:0000000000000000\n [ 584.394419] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n [ 584.421123] CR2: 00007fe95a6f7840 CR3: 0000000107674002 CR4: 00000000000606e0\n [ 584.454888] Call Trace:\n [ 584.466108] device_del+0xb2/0x3e0\n [ 584.481701] device_unregister+0x13/0x60\n [ 584.501306] bsg_unregister_queue+0x5b/0x80\n [ 584.522029] bsg_remove_queue+0x1c/0x40\n [ 584.541884] fc_rport_final_delete+0xf3/0x1d0 [scsi_transport_fc]\n [ 584.573823] process_one_work+0x1e3/0x3b0\n [ 584.592396] worker_thread+0x50/0x3b0\n [ 584.609256] ? rescuer_thread+0x370/0x370\n [ 584.628877] kthread+0x149/0x170\n [ 584.643673] ? set_kthread_struct+0x40/0x40\n [ 584.662909] ret_from_fork+0x22/0x30\n [ 584.680002] ---[ end trace 53575ecefa942ece ]---",
|
|
"category":"description",
|
|
"title":"Vulnerability Description"
|
|
}
|
|
],
|
|
"product_status":{
|
|
"fixed":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
]
|
|
},
|
|
"remediations":[
|
|
{
|
|
"product_ids":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
],
|
|
"details":"kernel security update",
|
|
"category":"vendor_fix",
|
|
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1835"
|
|
}
|
|
],
|
|
"scores":[
|
|
{
|
|
"cvss_v3":{
|
|
"baseSeverity":"MEDIUM",
|
|
"baseScore":5.5,
|
|
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
|
|
"version":"3.1"
|
|
},
|
|
"products":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
]
|
|
}
|
|
],
|
|
"threats":[
|
|
{
|
|
"details":"Medium",
|
|
"category":"impact"
|
|
}
|
|
],
|
|
"title":"CVE-2022-48758"
|
|
},
|
|
{
|
|
"cve":"CVE-2022-48772",
|
|
"notes":[
|
|
{
|
|
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: lgdt3306a: Add a check against null-pointer-def\n\nThe driver should check whether the client provides the platform_data.\n\nThe following log reveals it:\n\n[ 29.610324] BUG: KASAN: null-ptr-deref in kmemdup+0x30/0x40\n[ 29.610730] Read of size 40 at addr 0000000000000000 by task bash/414\n[ 29.612820] Call Trace:\n[ 29.613030] <TASK>\n[ 29.613201] dump_stack_lvl+0x56/0x6f\n[ 29.613496] ? kmemdup+0x30/0x40\n[ 29.613754] print_report.cold+0x494/0x6b7\n[ 29.614082] ? kmemdup+0x30/0x40\n[ 29.614340] kasan_report+0x8a/0x190\n[ 29.614628] ? kmemdup+0x30/0x40\n[ 29.614888] kasan_check_range+0x14d/0x1d0\n[ 29.615213] memcpy+0x20/0x60\n[ 29.615454] kmemdup+0x30/0x40\n[ 29.615700] lgdt3306a_probe+0x52/0x310\n[ 29.616339] i2c_device_probe+0x951/0xa90",
|
|
"category":"description",
|
|
"title":"Vulnerability Description"
|
|
}
|
|
],
|
|
"product_status":{
|
|
"fixed":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
]
|
|
},
|
|
"remediations":[
|
|
{
|
|
"product_ids":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
],
|
|
"details":"kernel security update",
|
|
"category":"vendor_fix",
|
|
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1835"
|
|
}
|
|
],
|
|
"scores":[
|
|
{
|
|
"cvss_v3":{
|
|
"baseSeverity":"MEDIUM",
|
|
"baseScore":5.5,
|
|
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
|
|
"version":"3.1"
|
|
},
|
|
"products":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
]
|
|
}
|
|
],
|
|
"threats":[
|
|
{
|
|
"details":"Medium",
|
|
"category":"impact"
|
|
}
|
|
],
|
|
"title":"CVE-2022-48772"
|
|
},
|
|
{
|
|
"cve":"CVE-2023-52730",
|
|
"notes":[
|
|
{
|
|
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\nmmc: sdio: fix possible resource leaks in some error paths\n\nIf sdio_add_func() or sdio_init_func() fails, sdio_remove_func() can\nnot release the resources, because the sdio function is not presented\nin these two cases, it won't call of_node_put() or put_device().\n\nTo fix these leaks, make sdio_func_present() only control whether\ndevice_del() needs to be called or not, then always call of_node_put()\nand put_device().\n\nIn error case in sdio_init_func(), the reference of 'card->dev' is\nnot get, to avoid redundant put in sdio_free_func_cis(), move the\nget_device() to sdio_alloc_func() and put_device() to sdio_release_func(),\nit can keep the get/put function be balanced.\n\nWithout this patch, while doing fault inject test, it can get the\nfollowing leak reports, after this fix, the leak is gone.\n\nunreferenced object 0xffff888112514000 (size 2048):\n comm \"kworker/3:2\", pid 65, jiffies 4294741614 (age 124.774s)\n hex dump (first 32 bytes):\n 00 e0 6f 12 81 88 ff ff 60 58 8d 06 81 88 ff ff ..o.....`X......\n 10 40 51 12 81 88 ff ff 10 40 51 12 81 88 ff ff .@Q......@Q.....\n backtrace:\n [<000000009e5931da>] kmalloc_trace+0x21/0x110\n [<000000002f839ccb>] mmc_alloc_card+0x38/0xb0 [mmc_core]\n [<0000000004adcbf6>] mmc_sdio_init_card+0xde/0x170 [mmc_core]\n [<000000007538fea0>] mmc_attach_sdio+0xcb/0x1b0 [mmc_core]\n [<00000000d4fdeba7>] mmc_rescan+0x54a/0x640 [mmc_core]\n\nunreferenced object 0xffff888112511000 (size 2048):\n comm \"kworker/3:2\", pid 65, jiffies 4294741623 (age 124.766s)\n hex dump (first 32 bytes):\n 00 40 51 12 81 88 ff ff e0 58 8d 06 81 88 ff ff .@Q......X......\n 10 10 51 12 81 88 ff ff 10 10 51 12 81 88 ff ff ..Q.......Q.....\n backtrace:\n [<000000009e5931da>] kmalloc_trace+0x21/0x110\n [<00000000fcbe706c>] sdio_alloc_func+0x35/0x100 [mmc_core]\n [<00000000c68f4b50>] mmc_attach_sdio.cold.18+0xb1/0x395 [mmc_core]\n [<00000000d4fdeba7>] mmc_rescan+0x54a/0x640 [mmc_core]",
|
|
"category":"description",
|
|
"title":"Vulnerability Description"
|
|
}
|
|
],
|
|
"product_status":{
|
|
"fixed":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
]
|
|
},
|
|
"remediations":[
|
|
{
|
|
"product_ids":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
],
|
|
"details":"kernel security update",
|
|
"category":"vendor_fix",
|
|
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1835"
|
|
}
|
|
],
|
|
"scores":[
|
|
{
|
|
"cvss_v3":{
|
|
"baseSeverity":"MEDIUM",
|
|
"baseScore":4.7,
|
|
"vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
|
|
"version":"3.1"
|
|
},
|
|
"products":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
]
|
|
}
|
|
],
|
|
"threats":[
|
|
{
|
|
"details":"Medium",
|
|
"category":"impact"
|
|
}
|
|
],
|
|
"title":"CVE-2023-52730"
|
|
},
|
|
{
|
|
"cve":"CVE-2024-23848",
|
|
"notes":[
|
|
{
|
|
"text":"In the Linux kernel through 6.7.1, there is a use-after-free in cec_queue_msg_fh, related to drivers/media/cec/core/cec-adap.c and drivers/media/cec/core/cec-api.c.",
|
|
"category":"description",
|
|
"title":"Vulnerability Description"
|
|
}
|
|
],
|
|
"product_status":{
|
|
"fixed":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
]
|
|
},
|
|
"remediations":[
|
|
{
|
|
"product_ids":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
],
|
|
"details":"kernel security update",
|
|
"category":"vendor_fix",
|
|
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1835"
|
|
}
|
|
],
|
|
"scores":[
|
|
{
|
|
"cvss_v3":{
|
|
"baseSeverity":"MEDIUM",
|
|
"baseScore":5.5,
|
|
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
|
|
"version":"3.1"
|
|
},
|
|
"products":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
]
|
|
}
|
|
],
|
|
"threats":[
|
|
{
|
|
"details":"Medium",
|
|
"category":"impact"
|
|
}
|
|
],
|
|
"title":"CVE-2024-23848"
|
|
},
|
|
{
|
|
"cve":"CVE-2024-31076",
|
|
"notes":[
|
|
{
|
|
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\ngenirq/cpuhotplug, x86/vector: Prevent vector leak during CPU offline\n\nThe absence of IRQD_MOVE_PCNTXT prevents immediate effectiveness of\ninterrupt affinity reconfiguration via procfs. Instead, the change is\ndeferred until the next instance of the interrupt being triggered on the\noriginal CPU.\n\nWhen the interrupt next triggers on the original CPU, the new affinity is\nenforced within __irq_move_irq(). A vector is allocated from the new CPU,\nbut the old vector on the original CPU remains and is not immediately\nreclaimed. Instead, apicd->move_in_progress is flagged, and the reclaiming\nprocess is delayed until the next trigger of the interrupt on the new CPU.\n\nUpon the subsequent triggering of the interrupt on the new CPU,\nirq_complete_move() adds a task to the old CPU's vector_cleanup list if it\nremains online. Subsequently, the timer on the old CPU iterates over its\nvector_cleanup list, reclaiming old vectors.\n\nHowever, a rare scenario arises if the old CPU is outgoing before the\ninterrupt triggers again on the new CPU.\n\nIn that case irq_force_complete_move() is not invoked on the outgoing CPU\nto reclaim the old apicd->prev_vector because the interrupt isn't currently\naffine to the outgoing CPU, and irq_needs_fixup() returns false. Even\nthough __vector_schedule_cleanup() is later called on the new CPU, it\ndoesn't reclaim apicd->prev_vector; instead, it simply resets both\napicd->move_in_progress and apicd->prev_vector to 0.\n\nAs a result, the vector remains unreclaimed in vector_matrix, leading to a\nCPU vector leak.\n\nTo address this issue, move the invocation of irq_force_complete_move()\nbefore the irq_needs_fixup() call to reclaim apicd->prev_vector, if the\ninterrupt is currently or used to be affine to the outgoing CPU.\n\nAdditionally, reclaim the vector in __vector_schedule_cleanup() as well,\nfollowing a warning message, although theoretically it should never see\napicd->move_in_progress with apicd->prev_cpu pointing to an offline CPU.",
|
|
"category":"description",
|
|
"title":"Vulnerability Description"
|
|
}
|
|
],
|
|
"product_status":{
|
|
"fixed":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
]
|
|
},
|
|
"remediations":[
|
|
{
|
|
"product_ids":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
],
|
|
"details":"kernel security update",
|
|
"category":"vendor_fix",
|
|
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1835"
|
|
}
|
|
],
|
|
"scores":[
|
|
{
|
|
"cvss_v3":{
|
|
"baseSeverity":"MEDIUM",
|
|
"baseScore":5.5,
|
|
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
|
|
"version":"3.1"
|
|
},
|
|
"products":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
]
|
|
}
|
|
],
|
|
"threats":[
|
|
{
|
|
"details":"Medium",
|
|
"category":"impact"
|
|
}
|
|
],
|
|
"title":"CVE-2024-31076"
|
|
},
|
|
{
|
|
"cve":"CVE-2024-35893",
|
|
"notes":[
|
|
{
|
|
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: act_skbmod: prevent kernel-infoleak\n\nsyzbot found that tcf_skbmod_dump() was copying four bytes\nfrom kernel stack to user space [1].\n\nThe issue here is that 'struct tc_skbmod' has a four bytes hole.\n\nWe need to clear the structure before filling fields.\n\n[1]\nBUG: KMSAN: kernel-infoleak in instrument_copy_to_user include/linux/instrumented.h:114 [inline]\n BUG: KMSAN: kernel-infoleak in copy_to_user_iter lib/iov_iter.c:24 [inline]\n BUG: KMSAN: kernel-infoleak in iterate_ubuf include/linux/iov_iter.h:29 [inline]\n BUG: KMSAN: kernel-infoleak in iterate_and_advance2 include/linux/iov_iter.h:245 [inline]\n BUG: KMSAN: kernel-infoleak in iterate_and_advance include/linux/iov_iter.h:271 [inline]\n BUG: KMSAN: kernel-infoleak in _copy_to_iter+0x366/0x2520 lib/iov_iter.c:185\n instrument_copy_to_user include/linux/instrumented.h:114 [inline]\n copy_to_user_iter lib/iov_iter.c:24 [inline]\n iterate_ubuf include/linux/iov_iter.h:29 [inline]\n iterate_and_advance2 include/linux/iov_iter.h:245 [inline]\n iterate_and_advance include/linux/iov_iter.h:271 [inline]\n _copy_to_iter+0x366/0x2520 lib/iov_iter.c:185\n copy_to_iter include/linux/uio.h:196 [inline]\n simple_copy_to_iter net/core/datagram.c:532 [inline]\n __skb_datagram_iter+0x185/0x1000 net/core/datagram.c:420\n skb_copy_datagram_iter+0x5c/0x200 net/core/datagram.c:546\n skb_copy_datagram_msg include/linux/skbuff.h:4050 [inline]\n netlink_recvmsg+0x432/0x1610 net/netlink/af_netlink.c:1962\n sock_recvmsg_nosec net/socket.c:1046 [inline]\n sock_recvmsg+0x2c4/0x340 net/socket.c:1068\n __sys_recvfrom+0x35a/0x5f0 net/socket.c:2242\n __do_sys_recvfrom net/socket.c:2260 [inline]\n __se_sys_recvfrom net/socket.c:2256 [inline]\n __x64_sys_recvfrom+0x126/0x1d0 net/socket.c:2256\n do_syscall_64+0xd5/0x1f0\n entry_SYSCALL_64_after_hwframe+0x6d/0x75\n\nUninit was stored to memory at:\n pskb_expand_head+0x30f/0x19d0 net/core/skbuff.c:2253\n netlink_trim+0x2c2/0x330 net/netlink/af_netlink.c:1317\n netlink_unicast+0x9f/0x1260 net/netlink/af_netlink.c:1351\n nlmsg_unicast include/net/netlink.h:1144 [inline]\n nlmsg_notify+0x21d/0x2f0 net/netlink/af_netlink.c:2610\n rtnetlink_send+0x73/0x90 net/core/rtnetlink.c:741\n rtnetlink_maybe_send include/linux/rtnetlink.h:17 [inline]\n tcf_add_notify net/sched/act_api.c:2048 [inline]\n tcf_action_add net/sched/act_api.c:2071 [inline]\n tc_ctl_action+0x146e/0x19d0 net/sched/act_api.c:2119\n rtnetlink_rcv_msg+0x1737/0x1900 net/core/rtnetlink.c:6595\n netlink_rcv_skb+0x375/0x650 net/netlink/af_netlink.c:2559\n rtnetlink_rcv+0x34/0x40 net/core/rtnetlink.c:6613\n netlink_unicast_kernel net/netlink/af_netlink.c:1335 [inline]\n netlink_unicast+0xf4c/0x1260 net/netlink/af_netlink.c:1361\n netlink_sendmsg+0x10df/0x11f0 net/netlink/af_netlink.c:1905\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg+0x30f/0x380 net/socket.c:745\n ____sys_sendmsg+0x877/0xb60 net/socket.c:2584\n ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2638\n __sys_sendmsg net/socket.c:2667 [inline]\n __do_sys_sendmsg net/socket.c:2676 [inline]\n __se_sys_sendmsg net/socket.c:2674 [inline]\n __x64_sys_sendmsg+0x307/0x4a0 net/socket.c:2674\n do_syscall_64+0xd5/0x1f0\n entry_SYSCALL_64_after_hwframe+0x6d/0x75\n\nUninit was stored to memory at:\n __nla_put lib/nlattr.c:1041 [inline]\n nla_put+0x1c6/0x230 lib/nlattr.c:1099\n tcf_skbmod_dump+0x23f/0xc20 net/sched/act_skbmod.c:256\n tcf_action_dump_old net/sched/act_api.c:1191 [inline]\n tcf_action_dump_1+0x85e/0x970 net/sched/act_api.c:1227\n tcf_action_dump+0x1fd/0x460 net/sched/act_api.c:1251\n tca_get_fill+0x519/0x7a0 net/sched/act_api.c:1628\n tcf_add_notify_msg net/sched/act_api.c:2023 [inline]\n tcf_add_notify net/sched/act_api.c:2042 [inline]\n tcf_action_add net/sched/act_api.c:2071 [inline]\n tc_ctl_action+0x1365/0x19d0 net/sched/act_api.c:2119\n rtnetlink_rcv_msg+0x1737/0x1900 net/core/rtnetlink.c:6595\n netlink_rcv_skb+0x375/0x650 net/netlink/af_netli\n---truncated---",
|
|
"category":"description",
|
|
"title":"Vulnerability Description"
|
|
}
|
|
],
|
|
"product_status":{
|
|
"fixed":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
]
|
|
},
|
|
"remediations":[
|
|
{
|
|
"product_ids":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
],
|
|
"details":"kernel security update",
|
|
"category":"vendor_fix",
|
|
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1835"
|
|
}
|
|
],
|
|
"scores":[
|
|
{
|
|
"cvss_v3":{
|
|
"baseSeverity":"MEDIUM",
|
|
"baseScore":5.5,
|
|
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
|
|
"version":"3.1"
|
|
},
|
|
"products":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
]
|
|
}
|
|
],
|
|
"threats":[
|
|
{
|
|
"details":"Medium",
|
|
"category":"impact"
|
|
}
|
|
],
|
|
"title":"CVE-2024-35893"
|
|
},
|
|
{
|
|
"cve":"CVE-2024-35915",
|
|
"notes":[
|
|
{
|
|
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\nnfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet\n\nsyzbot reported the following uninit-value access issue [1][2]:\n\nnci_rx_work() parses and processes received packet. When the payload\nlength is zero, each message type handler reads uninitialized payload\nand KMSAN detects this issue. The receipt of a packet with a zero-size\npayload is considered unexpected, and therefore, such packets should be\nsilently discarded.\n\nThis patch resolved this issue by checking payload size before calling\neach message type handler codes.",
|
|
"category":"description",
|
|
"title":"Vulnerability Description"
|
|
}
|
|
],
|
|
"product_status":{
|
|
"fixed":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
]
|
|
},
|
|
"remediations":[
|
|
{
|
|
"product_ids":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
],
|
|
"details":"kernel security update",
|
|
"category":"vendor_fix",
|
|
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1835"
|
|
}
|
|
],
|
|
"scores":[
|
|
{
|
|
"cvss_v3":{
|
|
"baseSeverity":"LOW",
|
|
"baseScore":3.9,
|
|
"vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L",
|
|
"version":"3.1"
|
|
},
|
|
"products":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
]
|
|
}
|
|
],
|
|
"threats":[
|
|
{
|
|
"details":"Low",
|
|
"category":"impact"
|
|
}
|
|
],
|
|
"title":"CVE-2024-35915"
|
|
},
|
|
{
|
|
"cve":"CVE-2024-36014",
|
|
"notes":[
|
|
{
|
|
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/arm/malidp: fix a possible null pointer dereference\n\nIn malidp_mw_connector_reset, new memory is allocated with kzalloc, but\nno check is performed. In order to prevent null pointer dereferencing,\nensure that mw_state is checked before calling\n__drm_atomic_helper_connector_reset.",
|
|
"category":"description",
|
|
"title":"Vulnerability Description"
|
|
}
|
|
],
|
|
"product_status":{
|
|
"fixed":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
]
|
|
},
|
|
"remediations":[
|
|
{
|
|
"product_ids":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
],
|
|
"details":"kernel security update",
|
|
"category":"vendor_fix",
|
|
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1835"
|
|
}
|
|
],
|
|
"scores":[
|
|
{
|
|
"cvss_v3":{
|
|
"baseSeverity":"MEDIUM",
|
|
"baseScore":5.5,
|
|
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
|
|
"version":"3.1"
|
|
},
|
|
"products":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
]
|
|
}
|
|
],
|
|
"threats":[
|
|
{
|
|
"details":"Medium",
|
|
"category":"impact"
|
|
}
|
|
],
|
|
"title":"CVE-2024-36014"
|
|
},
|
|
{
|
|
"cve":"CVE-2024-36949",
|
|
"notes":[
|
|
{
|
|
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\namd/amdkfd: sync all devices to wait all processes being evicted\n\nIf there are more than one device doing reset in parallel, the first\ndevice will call kfd_suspend_all_processes() to evict all processes\non all devices, this call takes time to finish. other device will\nstart reset and recover without waiting. if the process has not been\nevicted before doing recover, it will be restored, then caused page\nfault.",
|
|
"category":"description",
|
|
"title":"Vulnerability Description"
|
|
}
|
|
],
|
|
"product_status":{
|
|
"fixed":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
]
|
|
},
|
|
"remediations":[
|
|
{
|
|
"product_ids":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
],
|
|
"details":"kernel security update",
|
|
"category":"vendor_fix",
|
|
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1835"
|
|
}
|
|
],
|
|
"scores":[
|
|
{
|
|
"cvss_v3":{
|
|
"baseSeverity":"MEDIUM",
|
|
"baseScore":4.7,
|
|
"vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
|
|
"version":"3.1"
|
|
},
|
|
"products":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
]
|
|
}
|
|
],
|
|
"threats":[
|
|
{
|
|
"details":"Medium",
|
|
"category":"impact"
|
|
}
|
|
],
|
|
"title":"CVE-2024-36949"
|
|
},
|
|
{
|
|
"cve":"CVE-2024-37356",
|
|
"notes":[
|
|
{
|
|
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: Fix shift-out-of-bounds in dctcp_update_alpha().\n\nIn dctcp_update_alpha(), we use a module parameter dctcp_shift_g\nas follows:\n\n alpha -= min_not_zero(alpha, alpha >> dctcp_shift_g);\n ...\n delivered_ce <<= (10 - dctcp_shift_g);\n\nIt seems syzkaller started fuzzing module parameters and triggered\nshift-out-of-bounds [0] by setting 100 to dctcp_shift_g:\n\n memcpy((void*)0x20000080,\n \"/sys/module/tcp_dctcp/parameters/dctcp_shift_g\\000\", 47);\n res = syscall(__NR_openat, /*fd=*/0xffffffffffffff9cul, /*file=*/0x20000080ul,\n /*flags=*/2ul, /*mode=*/0ul);\n memcpy((void*)0x20000000, \"100\\000\", 4);\n syscall(__NR_write, /*fd=*/r[0], /*val=*/0x20000000ul, /*len=*/4ul);\n\nLet's limit the max value of dctcp_shift_g by param_set_uint_minmax().\n\nWith this patch:\n\n # echo 10 > /sys/module/tcp_dctcp/parameters/dctcp_shift_g\n # cat /sys/module/tcp_dctcp/parameters/dctcp_shift_g\n 10\n # echo 11 > /sys/module/tcp_dctcp/parameters/dctcp_shift_g\n -bash: echo: write error: Invalid argument\n\n[0]:\nUBSAN: shift-out-of-bounds in net/ipv4/tcp_dctcp.c:143:12\nshift exponent 100 is too large for 32-bit type 'u32' (aka 'unsigned int')\nCPU: 0 PID: 8083 Comm: syz-executor345 Not tainted 6.9.0-05151-g1b294a1f3561 #2\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS\n1.13.0-1ubuntu1.1 04/01/2014\nCall Trace:\n <TASK>\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x201/0x300 lib/dump_stack.c:114\n ubsan_epilogue lib/ubsan.c:231 [inline]\n __ubsan_handle_shift_out_of_bounds+0x346/0x3a0 lib/ubsan.c:468\n dctcp_update_alpha+0x540/0x570 net/ipv4/tcp_dctcp.c:143\n tcp_in_ack_event net/ipv4/tcp_input.c:3802 [inline]\n tcp_ack+0x17b1/0x3bc0 net/ipv4/tcp_input.c:3948\n tcp_rcv_state_process+0x57a/0x2290 net/ipv4/tcp_input.c:6711\n tcp_v4_do_rcv+0x764/0xc40 net/ipv4/tcp_ipv4.c:1937\n sk_backlog_rcv include/net/sock.h:1106 [inline]\n __release_sock+0x20f/0x350 net/core/sock.c:2983\n release_sock+0x61/0x1f0 net/core/sock.c:3549\n mptcp_subflow_shutdown+0x3d0/0x620 net/mptcp/protocol.c:2907\n mptcp_check_send_data_fin+0x225/0x410 net/mptcp/protocol.c:2976\n __mptcp_close+0x238/0xad0 net/mptcp/protocol.c:3072\n mptcp_close+0x2a/0x1a0 net/mptcp/protocol.c:3127\n inet_release+0x190/0x1f0 net/ipv4/af_inet.c:437\n __sock_release net/socket.c:659 [inline]\n sock_close+0xc0/0x240 net/socket.c:1421\n __fput+0x41b/0x890 fs/file_table.c:422\n task_work_run+0x23b/0x300 kernel/task_work.c:180\n exit_task_work include/linux/task_work.h:38 [inline]\n do_exit+0x9c8/0x2540 kernel/exit.c:878\n do_group_exit+0x201/0x2b0 kernel/exit.c:1027\n __do_sys_exit_group kernel/exit.c:1038 [inline]\n __se_sys_exit_group kernel/exit.c:1036 [inline]\n __x64_sys_exit_group+0x3f/0x40 kernel/exit.c:1036\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xe4/0x240 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x67/0x6f\nRIP: 0033:0x7f6c2b5005b6\nCode: Unable to access opcode bytes at 0x7f6c2b50058c.\nRSP: 002b:00007ffe883eb948 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7\nRAX: ffffffffffffffda RBX: 00007f6c2b5862f0 RCX: 00007f6c2b5005b6\nRDX: 0000000000000001 RSI: 000000000000003c RDI: 0000000000000001\nRBP: 0000000000000001 R08: 00000000000000e7 R09: ffffffffffffffc0\nR10: 0000000000000006 R11: 0000000000000246 R12: 00007f6c2b5862f0\nR13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000001\n </TASK>",
|
|
"category":"description",
|
|
"title":"Vulnerability Description"
|
|
}
|
|
],
|
|
"product_status":{
|
|
"fixed":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
]
|
|
},
|
|
"remediations":[
|
|
{
|
|
"product_ids":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
],
|
|
"details":"kernel security update",
|
|
"category":"vendor_fix",
|
|
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1835"
|
|
}
|
|
],
|
|
"scores":[
|
|
{
|
|
"cvss_v3":{
|
|
"baseSeverity":"MEDIUM",
|
|
"baseScore":5.5,
|
|
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
|
|
"version":"3.1"
|
|
},
|
|
"products":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
]
|
|
}
|
|
],
|
|
"threats":[
|
|
{
|
|
"details":"Medium",
|
|
"category":"impact"
|
|
}
|
|
],
|
|
"title":"CVE-2024-37356"
|
|
},
|
|
{
|
|
"cve":"CVE-2024-38546",
|
|
"notes":[
|
|
{
|
|
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrm: vc4: Fix possible null pointer dereference\n\nIn vc4_hdmi_audio_init() of_get_address() may return\nNULL which is later dereferenced. Fix this bug by adding NULL check.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
|
|
"category":"description",
|
|
"title":"Vulnerability Description"
|
|
}
|
|
],
|
|
"product_status":{
|
|
"fixed":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
]
|
|
},
|
|
"remediations":[
|
|
{
|
|
"product_ids":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
],
|
|
"details":"kernel security update",
|
|
"category":"vendor_fix",
|
|
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1835"
|
|
}
|
|
],
|
|
"scores":[
|
|
{
|
|
"cvss_v3":{
|
|
"baseSeverity":"MEDIUM",
|
|
"baseScore":4.4,
|
|
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
|
|
"version":"3.1"
|
|
},
|
|
"products":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
]
|
|
}
|
|
],
|
|
"threats":[
|
|
{
|
|
"details":"Medium",
|
|
"category":"impact"
|
|
}
|
|
],
|
|
"title":"CVE-2024-38546"
|
|
},
|
|
{
|
|
"cve":"CVE-2024-38553",
|
|
"notes":[
|
|
{
|
|
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fec: remove .ndo_poll_controller to avoid deadlocks\n\nThere is a deadlock issue found in sungem driver, please refer to the\ncommit ac0a230f719b (\"eth: sungem: remove .ndo_poll_controller to avoid\ndeadlocks\"). The root cause of the issue is that netpoll is in atomic\ncontext and disable_irq() is called by .ndo_poll_controller interface\nof sungem driver, however, disable_irq() might sleep. After analyzing\nthe implementation of fec_poll_controller(), the fec driver should have\nthe same issue. Due to the fec driver uses NAPI for TX completions, the\n.ndo_poll_controller is unnecessary to be implemented in the fec driver,\nso fec_poll_controller() can be safely removed.",
|
|
"category":"description",
|
|
"title":"Vulnerability Description"
|
|
}
|
|
],
|
|
"product_status":{
|
|
"fixed":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
]
|
|
},
|
|
"remediations":[
|
|
{
|
|
"product_ids":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
],
|
|
"details":"kernel security update",
|
|
"category":"vendor_fix",
|
|
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1835"
|
|
}
|
|
],
|
|
"scores":[
|
|
{
|
|
"cvss_v3":{
|
|
"baseSeverity":"MEDIUM",
|
|
"baseScore":4.7,
|
|
"vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
|
|
"version":"3.1"
|
|
},
|
|
"products":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
]
|
|
}
|
|
],
|
|
"threats":[
|
|
{
|
|
"details":"Medium",
|
|
"category":"impact"
|
|
}
|
|
],
|
|
"title":"CVE-2024-38553"
|
|
},
|
|
{
|
|
"cve":"CVE-2024-38554",
|
|
"notes":[
|
|
{
|
|
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\nax25: Fix reference count leak issue of net_device\n\nThere is a reference count leak issue of the object \"net_device\" in\nax25_dev_device_down(). When the ax25 device is shutting down, the\nax25_dev_device_down() drops the reference count of net_device one\nor zero times depending on if we goto unlock_put or not, which will\ncause memory leak.\n\nIn order to solve the above issue, decrease the reference count of\nnet_device after dev->ax25_ptr is set to null.",
|
|
"category":"description",
|
|
"title":"Vulnerability Description"
|
|
}
|
|
],
|
|
"product_status":{
|
|
"fixed":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
]
|
|
},
|
|
"remediations":[
|
|
{
|
|
"product_ids":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
],
|
|
"details":"kernel security update",
|
|
"category":"vendor_fix",
|
|
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1835"
|
|
}
|
|
],
|
|
"scores":[
|
|
{
|
|
"cvss_v3":{
|
|
"baseSeverity":"MEDIUM",
|
|
"baseScore":4.1,
|
|
"vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
|
|
"version":"3.1"
|
|
},
|
|
"products":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
]
|
|
}
|
|
],
|
|
"threats":[
|
|
{
|
|
"details":"Medium",
|
|
"category":"impact"
|
|
}
|
|
],
|
|
"title":"CVE-2024-38554"
|
|
},
|
|
{
|
|
"cve":"CVE-2024-38559",
|
|
"notes":[
|
|
{
|
|
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qedf: Ensure the copied buf is NUL terminated\n\nCurrently, we allocate a count-sized kernel buffer and copy count from\nuserspace to that buffer. Later, we use kstrtouint on this buffer but we\ndon't ensure that the string is terminated inside the buffer, this can\nlead to OOB read when using kstrtouint. Fix this issue by using\nmemdup_user_nul instead of memdup_user.",
|
|
"category":"description",
|
|
"title":"Vulnerability Description"
|
|
}
|
|
],
|
|
"product_status":{
|
|
"fixed":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
]
|
|
},
|
|
"remediations":[
|
|
{
|
|
"product_ids":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
],
|
|
"details":"kernel security update",
|
|
"category":"vendor_fix",
|
|
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1835"
|
|
}
|
|
],
|
|
"scores":[
|
|
{
|
|
"cvss_v3":{
|
|
"baseSeverity":"HIGH",
|
|
"baseScore":7.8,
|
|
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
|
|
"version":"3.1"
|
|
},
|
|
"products":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
]
|
|
}
|
|
],
|
|
"threats":[
|
|
{
|
|
"details":"High",
|
|
"category":"impact"
|
|
}
|
|
],
|
|
"title":"CVE-2024-38559"
|
|
},
|
|
{
|
|
"cve":"CVE-2024-38578",
|
|
"notes":[
|
|
{
|
|
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\necryptfs: Fix buffer size for tag 66 packet\n\nThe 'TAG 66 Packet Format' description is missing the cipher code and\nchecksum fields that are packed into the message packet. As a result,\nthe buffer allocated for the packet is 3 bytes too small and\nwrite_tag_66_packet() will write up to 3 bytes past the end of the\nbuffer.\n\nFix this by increasing the size of the allocation so the whole packet\nwill always fit in the buffer.\n\nThis fixes the below kasan slab-out-of-bounds bug:\n\n BUG: KASAN: slab-out-of-bounds in ecryptfs_generate_key_packet_set+0x7d6/0xde0\n Write of size 1 at addr ffff88800afbb2a5 by task touch/181\n\n CPU: 0 PID: 181 Comm: touch Not tainted 6.6.13-gnu #1 4c9534092be820851bb687b82d1f92a426598dc6\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.2/GNU Guix 04/01/2014\n Call Trace:\n <TASK>\n dump_stack_lvl+0x4c/0x70\n print_report+0xc5/0x610\n ? ecryptfs_generate_key_packet_set+0x7d6/0xde0\n ? kasan_complete_mode_report_info+0x44/0x210\n ? ecryptfs_generate_key_packet_set+0x7d6/0xde0\n kasan_report+0xc2/0x110\n ? ecryptfs_generate_key_packet_set+0x7d6/0xde0\n __asan_store1+0x62/0x80\n ecryptfs_generate_key_packet_set+0x7d6/0xde0\n ? __pfx_ecryptfs_generate_key_packet_set+0x10/0x10\n ? __alloc_pages+0x2e2/0x540\n ? __pfx_ovl_open+0x10/0x10 [overlay 30837f11141636a8e1793533a02e6e2e885dad1d]\n ? dentry_open+0x8f/0xd0\n ecryptfs_write_metadata+0x30a/0x550\n ? __pfx_ecryptfs_write_metadata+0x10/0x10\n ? ecryptfs_get_lower_file+0x6b/0x190\n ecryptfs_initialize_file+0x77/0x150\n ecryptfs_create+0x1c2/0x2f0\n path_openat+0x17cf/0x1ba0\n ? __pfx_path_openat+0x10/0x10\n do_filp_open+0x15e/0x290\n ? __pfx_do_filp_open+0x10/0x10\n ? __kasan_check_write+0x18/0x30\n ? _raw_spin_lock+0x86/0xf0\n ? __pfx__raw_spin_lock+0x10/0x10\n ? __kasan_check_write+0x18/0x30\n ? alloc_fd+0xf4/0x330\n do_sys_openat2+0x122/0x160\n ? __pfx_do_sys_openat2+0x10/0x10\n __x64_sys_openat+0xef/0x170\n ? __pfx___x64_sys_openat+0x10/0x10\n do_syscall_64+0x60/0xd0\n entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n RIP: 0033:0x7f00a703fd67\n Code: 25 00 00 41 00 3d 00 00 41 00 74 37 64 8b 04 25 18 00 00 00 85 c0 75 5b 44 89 e2 48 89 ee bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 85 00 00 00 48 83 c4 68 5d 41 5c c3 0f 1f\n RSP: 002b:00007ffc088e30b0 EFLAGS: 00000246 ORIG_RAX: 0000000000000101\n RAX: ffffffffffffffda RBX: 00007ffc088e3368 RCX: 00007f00a703fd67\n RDX: 0000000000000941 RSI: 00007ffc088e48d7 RDI: 00000000ffffff9c\n RBP: 00007ffc088e48d7 R08: 0000000000000001 R09: 0000000000000000\n R10: 00000000000001b6 R11: 0000000000000246 R12: 0000000000000941\n R13: 0000000000000000 R14: 00007ffc088e48d7 R15: 00007f00a7180040\n </TASK>\n\n Allocated by task 181:\n kasan_save_stack+0x2f/0x60\n kasan_set_track+0x29/0x40\n kasan_save_alloc_info+0x25/0x40\n __kasan_kmalloc+0xc5/0xd0\n __kmalloc+0x66/0x160\n ecryptfs_generate_key_packet_set+0x6d2/0xde0\n ecryptfs_write_metadata+0x30a/0x550\n ecryptfs_initialize_file+0x77/0x150\n ecryptfs_create+0x1c2/0x2f0\n path_openat+0x17cf/0x1ba0\n do_filp_open+0x15e/0x290\n do_sys_openat2+0x122/0x160\n __x64_sys_openat+0xef/0x170\n do_syscall_64+0x60/0xd0\n entry_SYSCALL_64_after_hwframe+0x6e/0xd8",
|
|
"category":"description",
|
|
"title":"Vulnerability Description"
|
|
}
|
|
],
|
|
"product_status":{
|
|
"fixed":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
]
|
|
},
|
|
"remediations":[
|
|
{
|
|
"product_ids":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
],
|
|
"details":"kernel security update",
|
|
"category":"vendor_fix",
|
|
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1835"
|
|
}
|
|
],
|
|
"scores":[
|
|
{
|
|
"cvss_v3":{
|
|
"baseSeverity":"LOW",
|
|
"baseScore":3.9,
|
|
"vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L",
|
|
"version":"3.1"
|
|
},
|
|
"products":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
]
|
|
}
|
|
],
|
|
"threats":[
|
|
{
|
|
"details":"Low",
|
|
"category":"impact"
|
|
}
|
|
],
|
|
"title":"CVE-2024-38578"
|
|
},
|
|
{
|
|
"cve":"CVE-2024-38579",
|
|
"notes":[
|
|
{
|
|
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: bcm - Fix pointer arithmetic\n\nIn spu2_dump_omd() value of ptr is increased by ciph_key_len\ninstead of hash_iv_len which could lead to going beyond the\nbuffer boundaries.\nFix this bug by changing ciph_key_len to hash_iv_len.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
|
|
"category":"description",
|
|
"title":"Vulnerability Description"
|
|
}
|
|
],
|
|
"product_status":{
|
|
"fixed":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
]
|
|
},
|
|
"remediations":[
|
|
{
|
|
"product_ids":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
],
|
|
"details":"kernel security update",
|
|
"category":"vendor_fix",
|
|
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1835"
|
|
}
|
|
],
|
|
"scores":[
|
|
{
|
|
"cvss_v3":{
|
|
"baseSeverity":"MEDIUM",
|
|
"baseScore":6.1,
|
|
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
|
|
"version":"3.1"
|
|
},
|
|
"products":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
]
|
|
}
|
|
],
|
|
"threats":[
|
|
{
|
|
"details":"Medium",
|
|
"category":"impact"
|
|
}
|
|
],
|
|
"title":"CVE-2024-38579"
|
|
},
|
|
{
|
|
"cve":"CVE-2024-38582",
|
|
"notes":[
|
|
{
|
|
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix potential hang in nilfs_detach_log_writer()\n\nSyzbot has reported a potential hang in nilfs_detach_log_writer() called\nduring nilfs2 unmount.\n\nAnalysis revealed that this is because nilfs_segctor_sync(), which\nsynchronizes with the log writer thread, can be called after\nnilfs_segctor_destroy() terminates that thread, as shown in the call trace\nbelow:\n\nnilfs_detach_log_writer\n nilfs_segctor_destroy\n nilfs_segctor_kill_thread --> Shut down log writer thread\n flush_work\n nilfs_iput_work_func\n nilfs_dispose_list\n iput\n nilfs_evict_inode\n nilfs_transaction_commit\n nilfs_construct_segment (if inode needs sync)\n nilfs_segctor_sync --> Attempt to synchronize with\n log writer thread\n *** DEADLOCK ***\n\nFix this issue by changing nilfs_segctor_sync() so that the log writer\nthread returns normally without synchronizing after it terminates, and by\nforcing tasks that are already waiting to complete once after the thread\nterminates.\n\nThe skipped inode metadata flushout will then be processed together in the\nsubsequent cleanup work in nilfs_segctor_destroy().",
|
|
"category":"description",
|
|
"title":"Vulnerability Description"
|
|
}
|
|
],
|
|
"product_status":{
|
|
"fixed":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
]
|
|
},
|
|
"remediations":[
|
|
{
|
|
"product_ids":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
],
|
|
"details":"kernel security update",
|
|
"category":"vendor_fix",
|
|
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1835"
|
|
}
|
|
],
|
|
"scores":[
|
|
{
|
|
"cvss_v3":{
|
|
"baseSeverity":"NONE",
|
|
"baseScore":0.0,
|
|
"vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:N",
|
|
"version":"3.1"
|
|
},
|
|
"products":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
]
|
|
}
|
|
],
|
|
"threats":[
|
|
{
|
|
"details":"None",
|
|
"category":"impact"
|
|
}
|
|
],
|
|
"title":"CVE-2024-38582"
|
|
},
|
|
{
|
|
"cve":"CVE-2024-38583",
|
|
"notes":[
|
|
{
|
|
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix use-after-free of timer for log writer thread\n\nPatch series \"nilfs2: fix log writer related issues\".\n\nThis bug fix series covers three nilfs2 log writer-related issues,\nincluding a timer use-after-free issue and potential deadlock issue on\nunmount, and a potential freeze issue in event synchronization found\nduring their analysis. Details are described in each commit log.\n\n\nThis patch (of 3):\n\nA use-after-free issue has been reported regarding the timer sc_timer on\nthe nilfs_sc_info structure.\n\nThe problem is that even though it is used to wake up a sleeping log\nwriter thread, sc_timer is not shut down until the nilfs_sc_info structure\nis about to be freed, and is used regardless of the thread's lifetime.\n\nFix this issue by limiting the use of sc_timer only while the log writer\nthread is alive.",
|
|
"category":"description",
|
|
"title":"Vulnerability Description"
|
|
}
|
|
],
|
|
"product_status":{
|
|
"fixed":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
]
|
|
},
|
|
"remediations":[
|
|
{
|
|
"product_ids":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
],
|
|
"details":"kernel security update",
|
|
"category":"vendor_fix",
|
|
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1835"
|
|
}
|
|
],
|
|
"scores":[
|
|
{
|
|
"cvss_v3":{
|
|
"baseSeverity":"HIGH",
|
|
"baseScore":7.0,
|
|
"vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
|
|
"version":"3.1"
|
|
},
|
|
"products":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
]
|
|
}
|
|
],
|
|
"threats":[
|
|
{
|
|
"details":"High",
|
|
"category":"impact"
|
|
}
|
|
],
|
|
"title":"CVE-2024-38583"
|
|
},
|
|
{
|
|
"cve":"CVE-2024-38618",
|
|
"notes":[
|
|
{
|
|
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: timer: Set lower bound of start tick time\n\nCurrently ALSA timer doesn't have the lower limit of the start tick\ntime, and it allows a very small size, e.g. 1 tick with 1ns resolution\nfor hrtimer. Such a situation may lead to an unexpected RCU stall,\nwhere the callback repeatedly queuing the expire update, as reported\nby fuzzer.\n\nThis patch introduces a sanity check of the timer start tick time, so\nthat the system returns an error when a too small start size is set.\nAs of this patch, the lower limit is hard-coded to 100us, which is\nsmall enough but can still work somehow.",
|
|
"category":"description",
|
|
"title":"Vulnerability Description"
|
|
}
|
|
],
|
|
"product_status":{
|
|
"fixed":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
]
|
|
},
|
|
"remediations":[
|
|
{
|
|
"product_ids":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
],
|
|
"details":"kernel security update",
|
|
"category":"vendor_fix",
|
|
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1835"
|
|
}
|
|
],
|
|
"scores":[
|
|
{
|
|
"cvss_v3":{
|
|
"baseSeverity":"MEDIUM",
|
|
"baseScore":4.7,
|
|
"vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
|
|
"version":"3.1"
|
|
},
|
|
"products":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
]
|
|
}
|
|
],
|
|
"threats":[
|
|
{
|
|
"details":"Medium",
|
|
"category":"impact"
|
|
}
|
|
],
|
|
"title":"CVE-2024-38618"
|
|
},
|
|
{
|
|
"cve":"CVE-2024-38633",
|
|
"notes":[
|
|
{
|
|
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\nserial: max3100: Update uart_driver_registered on driver removal\n\nThe removal of the last MAX3100 device triggers the removal of\nthe driver. However, code doesn't update the respective global\nvariable and after insmod — rmmod — insmod cycle the kernel\noopses:\n\n max3100 spi-PRP0001:01: max3100_probe: adding port 0\n BUG: kernel NULL pointer dereference, address: 0000000000000408\n ...\n RIP: 0010:serial_core_register_port+0xa0/0x840\n ...\n max3100_probe+0x1b6/0x280 [max3100]\n spi_probe+0x8d/0xb0\n\nUpdate the actual state so next time UART driver will be registered\nagain.\n\nHugo also noticed, that the error path in the probe also affected\nby having the variable set, and not cleared. Instead of clearing it\nmove the assignment after the successfull uart_register_driver() call.",
|
|
"category":"description",
|
|
"title":"Vulnerability Description"
|
|
}
|
|
],
|
|
"product_status":{
|
|
"fixed":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
]
|
|
},
|
|
"remediations":[
|
|
{
|
|
"product_ids":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
],
|
|
"details":"kernel security update",
|
|
"category":"vendor_fix",
|
|
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1835"
|
|
}
|
|
],
|
|
"scores":[
|
|
{
|
|
"cvss_v3":{
|
|
"baseSeverity":"MEDIUM",
|
|
"baseScore":5.5,
|
|
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
|
|
"version":"3.1"
|
|
},
|
|
"products":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
]
|
|
}
|
|
],
|
|
"threats":[
|
|
{
|
|
"details":"Medium",
|
|
"category":"impact"
|
|
}
|
|
],
|
|
"title":"CVE-2024-38633"
|
|
},
|
|
{
|
|
"cve":"CVE-2024-38634",
|
|
"notes":[
|
|
{
|
|
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\nserial: max3100: Lock port->lock when calling uart_handle_cts_change()\n\nuart_handle_cts_change() has to be called with port lock taken,\nSince we run it in a separate work, the lock may not be taken at\nthe time of running. Make sure that it's taken by explicitly doing\nthat. Without it we got a splat:\n\n WARNING: CPU: 0 PID: 10 at drivers/tty/serial/serial_core.c:3491 uart_handle_cts_change+0xa6/0xb0\n ...\n Workqueue: max3100-0 max3100_work [max3100]\n RIP: 0010:uart_handle_cts_change+0xa6/0xb0\n ...\n max3100_handlerx+0xc5/0x110 [max3100]\n max3100_work+0x12a/0x340 [max3100]",
|
|
"category":"description",
|
|
"title":"Vulnerability Description"
|
|
}
|
|
],
|
|
"product_status":{
|
|
"fixed":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
]
|
|
},
|
|
"remediations":[
|
|
{
|
|
"product_ids":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
],
|
|
"details":"kernel security update",
|
|
"category":"vendor_fix",
|
|
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1835"
|
|
}
|
|
],
|
|
"scores":[
|
|
{
|
|
"cvss_v3":{
|
|
"baseSeverity":"MEDIUM",
|
|
"baseScore":5.5,
|
|
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
|
|
"version":"3.1"
|
|
},
|
|
"products":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
]
|
|
}
|
|
],
|
|
"threats":[
|
|
{
|
|
"details":"Medium",
|
|
"category":"impact"
|
|
}
|
|
],
|
|
"title":"CVE-2024-38634"
|
|
},
|
|
{
|
|
"cve":"CVE-2024-38637",
|
|
"notes":[
|
|
{
|
|
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\ngreybus: lights: check return of get_channel_from_mode\n\nIf channel for the given node is not found we return null from\nget_channel_from_mode. Make sure we validate the return pointer\nbefore using it in two of the missing places.\n\nThis was originally reported in [0]:\nFound by Linux Verification Center (linuxtesting.org) with SVACE.\n\n[0] https://lore.kernel.org/all/20240301190425.120605-1-m.lobanov@rosalinux.ru",
|
|
"category":"description",
|
|
"title":"Vulnerability Description"
|
|
}
|
|
],
|
|
"product_status":{
|
|
"fixed":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
]
|
|
},
|
|
"remediations":[
|
|
{
|
|
"product_ids":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
],
|
|
"details":"kernel security update",
|
|
"category":"vendor_fix",
|
|
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1835"
|
|
}
|
|
],
|
|
"scores":[
|
|
{
|
|
"cvss_v3":{
|
|
"baseSeverity":"LOW",
|
|
"baseScore":3.9,
|
|
"vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L",
|
|
"version":"3.1"
|
|
},
|
|
"products":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
]
|
|
}
|
|
],
|
|
"threats":[
|
|
{
|
|
"details":"Low",
|
|
"category":"impact"
|
|
}
|
|
],
|
|
"title":"CVE-2024-38637"
|
|
},
|
|
{
|
|
"cve":"CVE-2024-38659",
|
|
"notes":[
|
|
{
|
|
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\nenic: Validate length of nl attributes in enic_set_vf_port\n\nenic_set_vf_port assumes that the nl attribute IFLA_PORT_PROFILE\nis of length PORT_PROFILE_MAX and that the nl attributes\nIFLA_PORT_INSTANCE_UUID, IFLA_PORT_HOST_UUID are of length PORT_UUID_MAX.\nThese attributes are validated (in the function do_setlink in rtnetlink.c)\nusing the nla_policy ifla_port_policy. The policy defines IFLA_PORT_PROFILE\nas NLA_STRING, IFLA_PORT_INSTANCE_UUID as NLA_BINARY and\nIFLA_PORT_HOST_UUID as NLA_STRING. That means that the length validation\nusing the policy is for the max size of the attributes and not on exact\nsize so the length of these attributes might be less than the sizes that\nenic_set_vf_port expects. This might cause an out of bands\nread access in the memcpys of the data of these\nattributes in enic_set_vf_port.",
|
|
"category":"description",
|
|
"title":"Vulnerability Description"
|
|
}
|
|
],
|
|
"product_status":{
|
|
"fixed":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
]
|
|
},
|
|
"remediations":[
|
|
{
|
|
"product_ids":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
],
|
|
"details":"kernel security update",
|
|
"category":"vendor_fix",
|
|
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1835"
|
|
}
|
|
],
|
|
"scores":[
|
|
{
|
|
"cvss_v3":{
|
|
"baseSeverity":"LOW",
|
|
"baseScore":3.9,
|
|
"vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L",
|
|
"version":"3.1"
|
|
},
|
|
"products":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
]
|
|
}
|
|
],
|
|
"threats":[
|
|
{
|
|
"details":"Low",
|
|
"category":"impact"
|
|
}
|
|
],
|
|
"title":"CVE-2024-38659"
|
|
},
|
|
{
|
|
"cve":"CVE-2024-38780",
|
|
"notes":[
|
|
{
|
|
"text":"In the Linux kernel, the following vulnerability has been resolved:dma-buf/sw-sync: don t enable IRQ from sync_print_obj()Since commit a6aa8fca4d79 ( dma-buf/sw-sync: Reduce irqsave/irqrestore fromknown context ) by error replaced spin_unlock_irqrestore() withspin_unlock_irq() for both sync_debugfs_show() and sync_print_obj() despitesync_print_obj() is called from sync_debugfs_show(), lockdep complainsinconsistent lock state warning.Use plain spin_{lock,unlock}() for sync_print_obj(), forsync_debugfs_show() is already using spin_{lock,unlock}_irq().",
|
|
"category":"description",
|
|
"title":"Vulnerability Description"
|
|
}
|
|
],
|
|
"product_status":{
|
|
"fixed":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
]
|
|
},
|
|
"remediations":[
|
|
{
|
|
"product_ids":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
],
|
|
"details":"kernel security update",
|
|
"category":"vendor_fix",
|
|
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1835"
|
|
}
|
|
],
|
|
"scores":[
|
|
{
|
|
"cvss_v3":{
|
|
"baseSeverity":"MEDIUM",
|
|
"baseScore":5.5,
|
|
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
|
|
"version":"3.1"
|
|
},
|
|
"products":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
]
|
|
}
|
|
],
|
|
"threats":[
|
|
{
|
|
"details":"Medium",
|
|
"category":"impact"
|
|
}
|
|
],
|
|
"title":"CVE-2024-38780"
|
|
},
|
|
{
|
|
"cve":"CVE-2024-39301",
|
|
"notes":[
|
|
{
|
|
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet/9p: fix uninit-value in p9_client_rpc()\n\nSyzbot with the help of KMSAN reported the following error:\n\nBUG: KMSAN: uninit-value in trace_9p_client_res include/trace/events/9p.h:146 [inline]\nBUG: KMSAN: uninit-value in p9_client_rpc+0x1314/0x1340 net/9p/client.c:754\n trace_9p_client_res include/trace/events/9p.h:146 [inline]\n p9_client_rpc+0x1314/0x1340 net/9p/client.c:754\n p9_client_create+0x1551/0x1ff0 net/9p/client.c:1031\n v9fs_session_init+0x1b9/0x28e0 fs/9p/v9fs.c:410\n v9fs_mount+0xe2/0x12b0 fs/9p/vfs_super.c:122\n legacy_get_tree+0x114/0x290 fs/fs_context.c:662\n vfs_get_tree+0xa7/0x570 fs/super.c:1797\n do_new_mount+0x71f/0x15e0 fs/namespace.c:3352\n path_mount+0x742/0x1f20 fs/namespace.c:3679\n do_mount fs/namespace.c:3692 [inline]\n __do_sys_mount fs/namespace.c:3898 [inline]\n __se_sys_mount+0x725/0x810 fs/namespace.c:3875\n __x64_sys_mount+0xe4/0x150 fs/namespace.c:3875\n do_syscall_64+0xd5/0x1f0\n entry_SYSCALL_64_after_hwframe+0x6d/0x75\n\nUninit was created at:\n __alloc_pages+0x9d6/0xe70 mm/page_alloc.c:4598\n __alloc_pages_node include/linux/gfp.h:238 [inline]\n alloc_pages_node include/linux/gfp.h:261 [inline]\n alloc_slab_page mm/slub.c:2175 [inline]\n allocate_slab mm/slub.c:2338 [inline]\n new_slab+0x2de/0x1400 mm/slub.c:2391\n ___slab_alloc+0x1184/0x33d0 mm/slub.c:3525\n __slab_alloc mm/slub.c:3610 [inline]\n __slab_alloc_node mm/slub.c:3663 [inline]\n slab_alloc_node mm/slub.c:3835 [inline]\n kmem_cache_alloc+0x6d3/0xbe0 mm/slub.c:3852\n p9_tag_alloc net/9p/client.c:278 [inline]\n p9_client_prepare_req+0x20a/0x1770 net/9p/client.c:641\n p9_client_rpc+0x27e/0x1340 net/9p/client.c:688\n p9_client_create+0x1551/0x1ff0 net/9p/client.c:1031\n v9fs_session_init+0x1b9/0x28e0 fs/9p/v9fs.c:410\n v9fs_mount+0xe2/0x12b0 fs/9p/vfs_super.c:122\n legacy_get_tree+0x114/0x290 fs/fs_context.c:662\n vfs_get_tree+0xa7/0x570 fs/super.c:1797\n do_new_mount+0x71f/0x15e0 fs/namespace.c:3352\n path_mount+0x742/0x1f20 fs/namespace.c:3679\n do_mount fs/namespace.c:3692 [inline]\n __do_sys_mount fs/namespace.c:3898 [inline]\n __se_sys_mount+0x725/0x810 fs/namespace.c:3875\n __x64_sys_mount+0xe4/0x150 fs/namespace.c:3875\n do_syscall_64+0xd5/0x1f0\n entry_SYSCALL_64_after_hwframe+0x6d/0x75\n\nIf p9_check_errors() fails early in p9_client_rpc(), req->rc.tag\nwill not be properly initialized. However, trace_9p_client_res()\nends up trying to print it out anyway before p9_client_rpc()\nfinishes.\n\nFix this issue by assigning default values to p9_fcall fields\nsuch as 'tag' and (just in case KMSAN unearths something new) 'id'\nduring the tag allocation stage.",
|
|
"category":"description",
|
|
"title":"Vulnerability Description"
|
|
}
|
|
],
|
|
"product_status":{
|
|
"fixed":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
]
|
|
},
|
|
"remediations":[
|
|
{
|
|
"product_ids":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
],
|
|
"details":"kernel security update",
|
|
"category":"vendor_fix",
|
|
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1835"
|
|
}
|
|
],
|
|
"scores":[
|
|
{
|
|
"cvss_v3":{
|
|
"baseSeverity":"MEDIUM",
|
|
"baseScore":5.5,
|
|
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
|
|
"version":"3.1"
|
|
},
|
|
"products":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.src",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.3.0.0285.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.3.0.0285.oe2003sp4.aarch64"
|
|
]
|
|
}
|
|
],
|
|
"threats":[
|
|
{
|
|
"details":"Medium",
|
|
"category":"impact"
|
|
}
|
|
],
|
|
"title":"CVE-2024-39301"
|
|
}
|
|
]
|
|
} |