2761 lines
192 KiB
JSON
2761 lines
192 KiB
JSON
{
|
|
"document":{
|
|
"aggregate_severity":{
|
|
"namespace":"https://nvd.nist.gov/vuln-metrics/cvss",
|
|
"text":"High"
|
|
},
|
|
"category":"csaf_vex",
|
|
"csaf_version":"2.0",
|
|
"distribution":{
|
|
"tlp":{
|
|
"label":"WHITE",
|
|
"url":"https:/www.first.org/tlp/"
|
|
}
|
|
},
|
|
"lang":"en",
|
|
"notes":[
|
|
{
|
|
"text":"kernel security update",
|
|
"category":"general",
|
|
"title":"Synopsis"
|
|
},
|
|
{
|
|
"text":"An update for kernel is now available for openEuler-20.03-LTS-SP4",
|
|
"category":"general",
|
|
"title":"Summary"
|
|
},
|
|
{
|
|
"text":"The Linux Kernel, the operating system core itself.\n\nSecurity Fix(es):\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nKVM: PPC: Fix kvm_arch_vcpu_ioctl vcpu_load leak\n\nvcpu_put is not called if the user copy fails. This can result in preempt\nnotifier corruption and crashes, among other issues.(CVE-2021-47296)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nnet: qcom/emac: fix UAF in emac_remove\n\nadpt is netdev private data and it cannot be\nused after free_netdev() call. Using adpt after free_netdev()\ncan cause UAF bug. Fix it by moving free_netdev() at the end of the\nfunction.(CVE-2021-47311)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/cma: Ensure rdma_addr_cancel() happens before issuing more requests\n\nThe FSM can run in a circle allowing rdma_resolve_ip() to be called twice\non the same id_priv. While this cannot happen without going through the\nwork, it violates the invariant that the same address resolution\nbackground request cannot be active twice.\n\n CPU 1 CPU 2\n\nrdma_resolve_addr():\n RDMA_CM_IDLE -> RDMA_CM_ADDR_QUERY\n rdma_resolve_ip(addr_handler) #1\n\n\t\t\t process_one_req(): for #1\n addr_handler():\n RDMA_CM_ADDR_QUERY -> RDMA_CM_ADDR_BOUND\n mutex_unlock(&id_priv->handler_mutex);\n [.. handler still running ..]\n\nrdma_resolve_addr():\n RDMA_CM_ADDR_BOUND -> RDMA_CM_ADDR_QUERY\n rdma_resolve_ip(addr_handler)\n !! two requests are now on the req_list\n\nrdma_destroy_id():\n destroy_id_handler_unlock():\n _destroy_id():\n cma_cancel_operation():\n rdma_addr_cancel()\n\n // process_one_req() self removes it\n\t\t spin_lock_bh(&lock);\n cancel_delayed_work(&req->work);\n\t if (!list_empty(&req->list)) == true\n\n ! rdma_addr_cancel() returns after process_on_req #1 is done\n\n kfree(id_priv)\n\n\t\t\t process_one_req(): for #2\n addr_handler():\n\t mutex_lock(&id_priv->handler_mutex);\n !! Use after free on id_priv\n\nrdma_addr_cancel() expects there to be one req on the list and only\ncancels the first one. The self-removal behavior of the work only happens\nafter the handler has returned. This yields a situations where the\nreq_list can have two reqs for the same \"handle\" but rdma_addr_cancel()\nonly cancels the first one.\n\nThe second req remains active beyond rdma_destroy_id() and will\nuse-after-free id_priv once it inevitably triggers.\n\nFix this by remembering if the id_priv has called rdma_resolve_ip() and\nalways cancel before calling it again. This ensures the req_list never\ngets more than one item in it and doesn't cost anything in the normal flow\nthat never uses this strange error path.(CVE-2021-47391)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nsch_cake: do not call cake_destroy() from cake_init()\n\nqdiscs are not supposed to call their own destroy() method\nfrom init(), because core stack already does that.\n\nsyzbot was able to trigger use after free:\n\nDEBUG_LOCKS_WARN_ON(lock->magic != lock)\nWARNING: CPU: 0 PID: 21902 at kernel/locking/mutex.c:586 __mutex_lock_common kernel/locking/mutex.c:586 [inline]\nWARNING: CPU: 0 PID: 21902 at kernel/locking/mutex.c:586 __mutex_lock+0x9ec/0x12f0 kernel/locking/mutex.c:740\nModules linked in:\nCPU: 0 PID: 21902 Comm: syz-executor189 Not tainted 5.16.0-rc4-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\nRIP: 0010:__mutex_lock_common kernel/locking/mutex.c:586 [inline]\nRIP: 0010:__mutex_lock+0x9ec/0x12f0 kernel/locking/mutex.c:740\nCode: 08 84 d2 0f 85 19 08 00 00 8b 05 97 38 4b 04 85 c0 0f 85 27 f7 ff ff 48 c7 c6 20 00 ac 89 48 c7 c7 a0 fe ab 89 e8 bf 76 ba ff <0f> 0b e9 0d f7 ff ff 48 8b 44 24 40 48 8d b8 c8 08 00 00 48 89 f8\nRSP: 0018:ffffc9000627f290 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000\nRDX: ffff88802315d700 RSI: ffffffff815f1db8 RDI: fffff52000c4fe44\nRBP: ffff88818f28e000 R08: 0000000000000000 R09: 0000000000000000\nR10: ffffffff815ebb5e R11: 0000000000000000 R12: 0000000000000000\nR13: dffffc0000000000 R14: ffffc9000627f458 R15: 0000000093c30000\nFS: 0000555556abc400(0000) GS:ffff8880b9c00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007fda689c3303 CR3: 000000001cfbb000 CR4: 0000000000350ef0\nCall Trace:\n <TASK>\n tcf_chain0_head_change_cb_del+0x2e/0x3d0 net/sched/cls_api.c:810\n tcf_block_put_ext net/sched/cls_api.c:1381 [inline]\n tcf_block_put_ext net/sched/cls_api.c:1376 [inline]\n tcf_block_put+0xbc/0x130 net/sched/cls_api.c:1394\n cake_destroy+0x3f/0x80 net/sched/sch_cake.c:2695\n qdisc_create.constprop.0+0x9da/0x10f0 net/sched/sch_api.c:1293\n tc_modify_qdisc+0x4c5/0x1980 net/sched/sch_api.c:1660\n rtnetlink_rcv_msg+0x413/0xb80 net/core/rtnetlink.c:5571\n netlink_rcv_skb+0x153/0x420 net/netlink/af_netlink.c:2496\n netlink_unicast_kernel net/netlink/af_netlink.c:1319 [inline]\n netlink_unicast+0x533/0x7d0 net/netlink/af_netlink.c:1345\n netlink_sendmsg+0x904/0xdf0 net/netlink/af_netlink.c:1921\n sock_sendmsg_nosec net/socket.c:704 [inline]\n sock_sendmsg+0xcf/0x120 net/socket.c:724\n ____sys_sendmsg+0x6e8/0x810 net/socket.c:2409\n ___sys_sendmsg+0xf3/0x170 net/socket.c:2463\n __sys_sendmsg+0xe5/0x1b0 net/socket.c:2492\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x44/0xae\nRIP: 0033:0x7f1bb06badb9\nCode: Unable to access opcode bytes at RIP 0x7f1bb06bad8f.\nRSP: 002b:00007fff3012a658 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\nRAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f1bb06badb9\nRDX: 0000000000000000 RSI: 00000000200007c0 RDI: 0000000000000003\nRBP: 0000000000000000 R08: 0000000000000003 R09: 0000000000000003\nR10: 0000000000000003 R11: 0000000000000246 R12: 00007fff3012a688\nR13: 00007fff3012a6a0 R14: 00007fff3012a6e0 R15: 00000000000013c2\n </TASK>(CVE-2021-47598)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\ndrm/nouveau: fix off by one in BIOS boundary checking\n\nBounds checking when parsing init scripts embedded in the BIOS reject\naccess to the last byte. This causes driver initialization to fail on\nApple eMac's with GeForce 2 MX GPUs, leaving the system with no working\nconsole.\n\nThis is probably only seen on OpenFirmware machines like PowerPC Macs\nbecause the BIOS image provided by OF is only the used parts of the ROM,\nnot a power-of-two blocks read from PCI directly so PCs always have\nempty bytes at the end that are never accessed.(CVE-2022-48732)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nnet: fix information leakage in /proc/net/ptype\n\nIn one net namespace, after creating a packet socket without binding\nit to a device, users in other net namespaces can observe the new\n`packet_type` added by this packet socket by reading `/proc/net/ptype`\nfile. This is minor information leakage as packet socket is\nnamespace aware.\n\nAdd a net pointer in `packet_type` to keep the net namespace of\nof corresponding packet socket. In `ptype_seq_show`, this net pointer\nmust be checked when it is not NULL.(CVE-2022-48757)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nUSB: core: Fix hang in usb_kill_urb by adding memory barriers\n\nThe syzbot fuzzer has identified a bug in which processes hang waiting\nfor usb_kill_urb() to return. It turns out the issue is not unlinking\nthe URB; that works just fine. Rather, the problem arises when the\nwakeup notification that the URB has completed is not received.\n\nThe reason is memory-access ordering on SMP systems. In outline form,\nusb_kill_urb() and __usb_hcd_giveback_urb() operating concurrently on\ndifferent CPUs perform the following actions:\n\nCPU 0\t\t\t\t\tCPU 1\n----------------------------\t\t---------------------------------\nusb_kill_urb():\t\t\t\t__usb_hcd_giveback_urb():\n ...\t\t\t\t\t ...\n atomic_inc(&urb->reject);\t\t atomic_dec(&urb->use_count);\n ...\t\t\t\t\t ...\n wait_event(usb_kill_urb_queue,\n\tatomic_read(&urb->use_count) == 0);\n\t\t\t\t\t if (atomic_read(&urb->reject))\n\t\t\t\t\t\twake_up(&usb_kill_urb_queue);\n\nConfining your attention to urb->reject and urb->use_count, you can\nsee that the overall pattern of accesses on CPU 0 is:\n\n\twrite urb->reject, then read urb->use_count;\n\nwhereas the overall pattern of accesses on CPU 1 is:\n\n\twrite urb->use_count, then read urb->reject.\n\nThis pattern is referred to in memory-model circles as SB (for \"Store\nBuffering\"), and it is well known that without suitable enforcement of\nthe desired order of accesses -- in the form of memory barriers -- it\nis entirely possible for one or both CPUs to execute their reads ahead\nof their writes. The end result will be that sometimes CPU 0 sees the\nold un-decremented value of urb->use_count while CPU 1 sees the old\nun-incremented value of urb->reject. Consequently CPU 0 ends up on\nthe wait queue and never gets woken up, leading to the observed hang\nin usb_kill_urb().\n\nThe same pattern of accesses occurs in usb_poison_urb() and the\nfailure pathway of usb_hcd_submit_urb().\n\nThe problem is fixed by adding suitable memory barriers. To provide\nproper memory-access ordering in the SB pattern, a full barrier is\nrequired on both CPUs. The atomic_inc() and atomic_dec() accesses\nthemselves don't provide any memory ordering, but since they are\npresent, we can use the optimized smp_mb__after_atomic() memory\nbarrier in the various routines to obtain the desired effect.\n\nThis patch adds the necessary memory barriers.(CVE-2022-48760)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nnet: openvswitch: fix overwriting ct original tuple for ICMPv6\n\nOVS_PACKET_CMD_EXECUTE has 3 main attributes:\n - OVS_PACKET_ATTR_KEY - Packet metadata in a netlink format.\n - OVS_PACKET_ATTR_PACKET - Binary packet content.\n - OVS_PACKET_ATTR_ACTIONS - Actions to execute on the packet.\n\nOVS_PACKET_ATTR_KEY is parsed first to populate sw_flow_key structure\nwith the metadata like conntrack state, input port, recirculation id,\netc. Then the packet itself gets parsed to populate the rest of the\nkeys from the packet headers.\n\nWhenever the packet parsing code starts parsing the ICMPv6 header, it\nfirst zeroes out fields in the key corresponding to Neighbor Discovery\ninformation even if it is not an ND packet.\n\nIt is an 'ipv6.nd' field. However, the 'ipv6' is a union that shares\nthe space between 'nd' and 'ct_orig' that holds the original tuple\nconntrack metadata parsed from the OVS_PACKET_ATTR_KEY.\n\nND packets should not normally have conntrack state, so it's fine to\nshare the space, but normal ICMPv6 Echo packets or maybe other types of\nICMPv6 can have the state attached and it should not be overwritten.\n\nThe issue results in all but the last 4 bytes of the destination\naddress being wiped from the original conntrack tuple leading to\nincorrect packet matching and potentially executing wrong actions\nin case this packet recirculates within the datapath or goes back\nto userspace.\n\nND fields should not be accessed in non-ND packets, so not clearing\nthem should be fine. Executing memset() only for actual ND packets to\navoid the issue.\n\nInitializing the whole thing before parsing is needed because ND packet\nmay not contain all the options.\n\nThe issue only affects the OVS_PACKET_CMD_EXECUTE path and doesn't\naffect packets entering OVS datapath from network interfaces, because\nin this case CT metadata is populated from skb after the packet is\nalready parsed.(CVE-2024-38558)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nvfio/pci: fix potential memory leak in vfio_intx_enable()\n\nIf vfio_irq_ctx_alloc() failed will lead to 'name' memory leak.(CVE-2024-38632)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nkdb: Fix buffer overflow during tab-complete\n\nCurrently, when the user attempts symbol completion with the Tab key, kdb\nwill use strncpy() to insert the completed symbol into the command buffer.\nUnfortunately it passes the size of the source buffer rather than the\ndestination to strncpy() with predictably horrible results. Most obviously\nif the command buffer is already full but cp, the cursor position, is in\nthe middle of the buffer, then we will write past the end of the supplied\nbuffer.\n\nFix this by replacing the dubious strncpy() calls with memmove()/memcpy()\ncalls plus explicit boundary checks to make sure we have enough space\nbefore we start moving characters around.(CVE-2024-39480)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nbonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set()\n\nIn function bond_option_arp_ip_targets_set(), if newval->string is an\nempty string, newval->string+1 will point to the byte after the\nstring, causing an out-of-bound read.\n\nBUG: KASAN: slab-out-of-bounds in strlen+0x7d/0xa0 lib/string.c:418\nRead of size 1 at addr ffff8881119c4781 by task syz-executor665/8107\nCPU: 1 PID: 8107 Comm: syz-executor665 Not tainted 6.7.0-rc7 #1\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\nCall Trace:\n <TASK>\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0xd9/0x150 lib/dump_stack.c:106\n print_address_description mm/kasan/report.c:364 [inline]\n print_report+0xc1/0x5e0 mm/kasan/report.c:475\n kasan_report+0xbe/0xf0 mm/kasan/report.c:588\n strlen+0x7d/0xa0 lib/string.c:418\n __fortify_strlen include/linux/fortify-string.h:210 [inline]\n in4_pton+0xa3/0x3f0 net/core/utils.c:130\n bond_option_arp_ip_targets_set+0xc2/0x910\ndrivers/net/bonding/bond_options.c:1201\n __bond_opt_set+0x2a4/0x1030 drivers/net/bonding/bond_options.c:767\n __bond_opt_set_notify+0x48/0x150 drivers/net/bonding/bond_options.c:792\n bond_opt_tryset_rtnl+0xda/0x160 drivers/net/bonding/bond_options.c:817\n bonding_sysfs_store_option+0xa1/0x120 drivers/net/bonding/bond_sysfs.c:156\n dev_attr_store+0x54/0x80 drivers/base/core.c:2366\n sysfs_kf_write+0x114/0x170 fs/sysfs/file.c:136\n kernfs_fop_write_iter+0x337/0x500 fs/kernfs/file.c:334\n call_write_iter include/linux/fs.h:2020 [inline]\n new_sync_write fs/read_write.c:491 [inline]\n vfs_write+0x96a/0xd80 fs/read_write.c:584\n ksys_write+0x122/0x250 fs/read_write.c:637\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0x40/0x110 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x63/0x6b\n---[ end trace ]---\n\nFix it by adding a check of string length before using it.(CVE-2024-39487)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\narm64: asm-bug: Add .align 2 to the end of __BUG_ENTRY\n\nWhen CONFIG_DEBUG_BUGVERBOSE=n, we fail to add necessary padding bytes\nto bug_table entries, and as a result the last entry in a bug table will\nbe ignored, potentially leading to an unexpected panic(). All prior\nentries in the table will be handled correctly.\n\nThe arm64 ABI requires that struct fields of up to 8 bytes are\nnaturally-aligned, with padding added within a struct such that struct\nare suitably aligned within arrays.\n\nWhen CONFIG_DEBUG_BUGVERPOSE=y, the layout of a bug_entry is:\n\n\tstruct bug_entry {\n\t\tsigned int bug_addr_disp;\t// 4 bytes\n\t\tsigned int file_disp;\t// 4 bytes\n\t\tunsigned short line;\t\t// 2 bytes\n\t\tunsigned short flags;\t\t// 2 bytes\n\t}\n\n... with 12 bytes total, requiring 4-byte alignment.\n\nWhen CONFIG_DEBUG_BUGVERBOSE=n, the layout of a bug_entry is:\n\n\tstruct bug_entry {\n\t\tsigned int bug_addr_disp;\t// 4 bytes\n\t\tunsigned short flags;\t\t// 2 bytes\n\t\t< implicit padding >\t\t// 2 bytes\n\t}\n\n... with 8 bytes total, with 6 bytes of data and 2 bytes of trailing\npadding, requiring 4-byte alginment.\n\nWhen we create a bug_entry in assembly, we align the start of the entry\nto 4 bytes, which implicitly handles padding for any prior entries.\nHowever, we do not align the end of the entry, and so when\nCONFIG_DEBUG_BUGVERBOSE=n, the final entry lacks the trailing padding\nbytes.\n\nFor the main kernel image this is not a problem as find_bug() doesn't\ndepend on the trailing padding bytes when searching for entries:\n\n\tfor (bug = __start___bug_table; bug < __stop___bug_table; ++bug)\n\t\tif (bugaddr == bug_addr(bug))\n\t\t\treturn bug;\n\nHowever for modules, module_bug_finalize() depends on the trailing\nbytes when calculating the number of entries:\n\n\tmod->num_bugs = sechdrs[i].sh_size / sizeof(struct bug_entry);\n\n... and as the last bug_entry lacks the necessary padding bytes, this entry\nwill not be counted, e.g. in the case of a single entry:\n\n\tsechdrs[i].sh_size == 6\n\tsizeof(struct bug_entry) == 8;\n\n\tsechdrs[i].sh_size / sizeof(struct bug_entry) == 0;\n\nConsequently module_find_bug() will miss the last bug_entry when it does:\n\n\tfor (i = 0; i < mod->num_bugs; ++i, ++bug)\n\t\tif (bugaddr == bug_addr(bug))\n\t\t\tgoto out;\n\n... which can lead to a kenrel panic due to an unhandled bug.\n\nThis can be demonstrated with the following module:\n\n\tstatic int __init buginit(void)\n\t{\n\t\tWARN(1, \"hello\\n\");\n\t\treturn 0;\n\t}\n\n\tstatic void __exit bugexit(void)\n\t{\n\t}\n\n\tmodule_init(buginit);\n\tmodule_exit(bugexit);\n\tMODULE_LICENSE(\"GPL\");\n\n... which will trigger a kernel panic when loaded:\n\n\t------------[ cut here ]------------\n\thello\n\tUnexpected kernel BRK exception at EL1\n\tInternal error: BRK handler: 00000000f2000800 [#1] PREEMPT SMP\n\tModules linked in: hello(O+)\n\tCPU: 0 PID: 50 Comm: insmod Tainted: G O 6.9.1 #8\n\tHardware name: linux,dummy-virt (DT)\n\tpstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n\tpc : buginit+0x18/0x1000 [hello]\n\tlr : buginit+0x18/0x1000 [hello]\n\tsp : ffff800080533ae0\n\tx29: ffff800080533ae0 x28: 0000000000000000 x27: 0000000000000000\n\tx26: ffffaba8c4e70510 x25: ffff800080533c30 x24: ffffaba8c4a28a58\n\tx23: 0000000000000000 x22: 0000000000000000 x21: ffff3947c0eab3c0\n\tx20: ffffaba8c4e3f000 x19: ffffaba846464000 x18: 0000000000000006\n\tx17: 0000000000000000 x16: ffffaba8c2492834 x15: 0720072007200720\n\tx14: 0720072007200720 x13: ffffaba8c49b27c8 x12: 0000000000000312\n\tx11: 0000000000000106 x10: ffffaba8c4a0a7c8 x9 : ffffaba8c49b27c8\n\tx8 : 00000000ffffefff x7 : ffffaba8c4a0a7c8 x6 : 80000000fffff000\n\tx5 : 0000000000000107 x4 : 0000000000000000 x3 : 0000000000000000\n\tx2 : 0000000000000000 x1 : 0000000000000000 x0 : ffff3947c0eab3c0\n\tCall trace:\n\t buginit+0x18/0x1000 [hello]\n\t do_one_initcall+0x80/0x1c8\n\t do_init_module+0x60/0x218\n\t load_module+0x1ba4/0x1d70\n\t __do_sys_init_module+0x198/0x1d0\n\t __arm64_sys_init_module+0x1c/0x28\n\t invoke_syscall+0x48/0x114\n\t el0_svc\n---truncated---(CVE-2024-39488)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nipv6: sr: fix memleak in seg6_hmac_init_algo\n\nseg6_hmac_init_algo returns without cleaning up the previous allocations\nif one fails, so it's going to leak all that memory and the crypto tfms.\n\nUpdate seg6_hmac_exit to only free the memory when allocated, so we can\nreuse the code directly.(CVE-2024-39489)",
|
|
"category":"general",
|
|
"title":"Description"
|
|
},
|
|
{
|
|
"text":"An update for kernel is now available for openEuler-20.03-LTS-SP4.\n\nopenEuler Security has rated this update as having a security impact of high. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.",
|
|
"category":"general",
|
|
"title":"Topic"
|
|
},
|
|
{
|
|
"text":"High",
|
|
"category":"general",
|
|
"title":"Severity"
|
|
},
|
|
{
|
|
"text":"kernel",
|
|
"category":"general",
|
|
"title":"Affected Component"
|
|
}
|
|
],
|
|
"publisher":{
|
|
"issuing_authority":"openEuler security committee",
|
|
"name":"openEuler",
|
|
"namespace":"https://www.openeuler.org",
|
|
"contact_details":"openeuler-security@openeuler.org",
|
|
"category":"vendor"
|
|
},
|
|
"references":[
|
|
{
|
|
"summary":"openEuler-SA-2024-1862",
|
|
"category":"self",
|
|
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1862"
|
|
},
|
|
{
|
|
"summary":"CVE-2021-47296",
|
|
"category":"self",
|
|
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2021-47296&packageName=kernel"
|
|
},
|
|
{
|
|
"summary":"CVE-2021-47311",
|
|
"category":"self",
|
|
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2021-47311&packageName=kernel"
|
|
},
|
|
{
|
|
"summary":"CVE-2021-47391",
|
|
"category":"self",
|
|
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2021-47391&packageName=kernel"
|
|
},
|
|
{
|
|
"summary":"CVE-2021-47598",
|
|
"category":"self",
|
|
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2021-47598&packageName=kernel"
|
|
},
|
|
{
|
|
"summary":"CVE-2022-48732",
|
|
"category":"self",
|
|
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2022-48732&packageName=kernel"
|
|
},
|
|
{
|
|
"summary":"CVE-2022-48757",
|
|
"category":"self",
|
|
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2022-48757&packageName=kernel"
|
|
},
|
|
{
|
|
"summary":"CVE-2022-48760",
|
|
"category":"self",
|
|
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2022-48760&packageName=kernel"
|
|
},
|
|
{
|
|
"summary":"CVE-2024-38558",
|
|
"category":"self",
|
|
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-38558&packageName=kernel"
|
|
},
|
|
{
|
|
"summary":"CVE-2024-38632",
|
|
"category":"self",
|
|
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-38632&packageName=kernel"
|
|
},
|
|
{
|
|
"summary":"CVE-2024-39480",
|
|
"category":"self",
|
|
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-39480&packageName=kernel"
|
|
},
|
|
{
|
|
"summary":"CVE-2024-39487",
|
|
"category":"self",
|
|
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-39487&packageName=kernel"
|
|
},
|
|
{
|
|
"summary":"CVE-2024-39488",
|
|
"category":"self",
|
|
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-39488&packageName=kernel"
|
|
},
|
|
{
|
|
"summary":"CVE-2024-39489",
|
|
"category":"self",
|
|
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-39489&packageName=kernel"
|
|
},
|
|
{
|
|
"summary":"nvd cve",
|
|
"category":"external",
|
|
"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-47296"
|
|
},
|
|
{
|
|
"summary":"nvd cve",
|
|
"category":"external",
|
|
"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-47311"
|
|
},
|
|
{
|
|
"summary":"nvd cve",
|
|
"category":"external",
|
|
"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-47391"
|
|
},
|
|
{
|
|
"summary":"nvd cve",
|
|
"category":"external",
|
|
"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-47598"
|
|
},
|
|
{
|
|
"summary":"nvd cve",
|
|
"category":"external",
|
|
"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-48732"
|
|
},
|
|
{
|
|
"summary":"nvd cve",
|
|
"category":"external",
|
|
"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-48757"
|
|
},
|
|
{
|
|
"summary":"nvd cve",
|
|
"category":"external",
|
|
"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-48760"
|
|
},
|
|
{
|
|
"summary":"nvd cve",
|
|
"category":"external",
|
|
"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-38558"
|
|
},
|
|
{
|
|
"summary":"nvd cve",
|
|
"category":"external",
|
|
"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-38632"
|
|
},
|
|
{
|
|
"summary":"nvd cve",
|
|
"category":"external",
|
|
"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39480"
|
|
},
|
|
{
|
|
"summary":"nvd cve",
|
|
"category":"external",
|
|
"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39487"
|
|
},
|
|
{
|
|
"summary":"nvd cve",
|
|
"category":"external",
|
|
"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39488"
|
|
},
|
|
{
|
|
"summary":"nvd cve",
|
|
"category":"external",
|
|
"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-39489"
|
|
},
|
|
{
|
|
"summary":"openEuler-SA-2024-1862 vex file",
|
|
"category":"self",
|
|
"url":"https://repo.openeuler.org/security/data/csaf/advisories/2024/csaf-openEuler-SA-2024-1862.json"
|
|
}
|
|
],
|
|
"title":"An update for kernel is now available for openEuler-20.03-LTS-SP4",
|
|
"tracking":{
|
|
"initial_release_date":"2024-07-19T21:24:05+08:00",
|
|
"revision_history":[
|
|
{
|
|
"date":"2024-07-19T21:24:05+08:00",
|
|
"summary":"Initial",
|
|
"number":"1.0.0"
|
|
}
|
|
],
|
|
"generator":{
|
|
"date":"2024-07-19T21:24:05+08:00",
|
|
"engine":{
|
|
"name":"openEuler CSAF Tool V1.0"
|
|
}
|
|
},
|
|
"current_release_date":"2024-07-19T21:24:05+08:00",
|
|
"id":"openEuler-SA-2024-1862",
|
|
"version":"1.0.0",
|
|
"status":"final"
|
|
}
|
|
},
|
|
"product_tree":{
|
|
"branches":[
|
|
{
|
|
"name":"openEuler",
|
|
"category":"vendor",
|
|
"branches":[
|
|
{
|
|
"name":"openEuler",
|
|
"branches":[
|
|
{
|
|
"product":{
|
|
"product_identification_helper":{
|
|
"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
|
|
},
|
|
"product_id":"openEuler-20.03-LTS-SP4",
|
|
"name":"openEuler-20.03-LTS-SP4"
|
|
},
|
|
"name":"openEuler-20.03-LTS-SP4",
|
|
"category":"product_version"
|
|
}
|
|
],
|
|
"category":"product_name"
|
|
},
|
|
{
|
|
"name":"aarch64",
|
|
"branches":[
|
|
{
|
|
"product":{
|
|
"product_identification_helper":{
|
|
"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
|
|
},
|
|
"product_id":"bpftool-4.19.90-2407.4.0.0286.oe2003sp4.aarch64.rpm",
|
|
"name":"bpftool-4.19.90-2407.4.0.0286.oe2003sp4.aarch64.rpm"
|
|
},
|
|
"name":"bpftool-4.19.90-2407.4.0.0286.oe2003sp4.aarch64.rpm",
|
|
"category":"product_version"
|
|
},
|
|
{
|
|
"product":{
|
|
"product_identification_helper":{
|
|
"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
|
|
},
|
|
"product_id":"bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64.rpm",
|
|
"name":"bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64.rpm"
|
|
},
|
|
"name":"bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64.rpm",
|
|
"category":"product_version"
|
|
},
|
|
{
|
|
"product":{
|
|
"product_identification_helper":{
|
|
"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
|
|
},
|
|
"product_id":"kernel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64.rpm",
|
|
"name":"kernel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64.rpm"
|
|
},
|
|
"name":"kernel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64.rpm",
|
|
"category":"product_version"
|
|
},
|
|
{
|
|
"product":{
|
|
"product_identification_helper":{
|
|
"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
|
|
},
|
|
"product_id":"kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64.rpm",
|
|
"name":"kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64.rpm"
|
|
},
|
|
"name":"kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64.rpm",
|
|
"category":"product_version"
|
|
},
|
|
{
|
|
"product":{
|
|
"product_identification_helper":{
|
|
"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
|
|
},
|
|
"product_id":"kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.aarch64.rpm",
|
|
"name":"kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.aarch64.rpm"
|
|
},
|
|
"name":"kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.aarch64.rpm",
|
|
"category":"product_version"
|
|
},
|
|
{
|
|
"product":{
|
|
"product_identification_helper":{
|
|
"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
|
|
},
|
|
"product_id":"kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64.rpm",
|
|
"name":"kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64.rpm"
|
|
},
|
|
"name":"kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64.rpm",
|
|
"category":"product_version"
|
|
},
|
|
{
|
|
"product":{
|
|
"product_identification_helper":{
|
|
"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
|
|
},
|
|
"product_id":"kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.aarch64.rpm",
|
|
"name":"kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.aarch64.rpm"
|
|
},
|
|
"name":"kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.aarch64.rpm",
|
|
"category":"product_version"
|
|
},
|
|
{
|
|
"product":{
|
|
"product_identification_helper":{
|
|
"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
|
|
},
|
|
"product_id":"kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.aarch64.rpm",
|
|
"name":"kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.aarch64.rpm"
|
|
},
|
|
"name":"kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.aarch64.rpm",
|
|
"category":"product_version"
|
|
},
|
|
{
|
|
"product":{
|
|
"product_identification_helper":{
|
|
"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
|
|
},
|
|
"product_id":"kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64.rpm",
|
|
"name":"kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64.rpm"
|
|
},
|
|
"name":"kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64.rpm",
|
|
"category":"product_version"
|
|
},
|
|
{
|
|
"product":{
|
|
"product_identification_helper":{
|
|
"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
|
|
},
|
|
"product_id":"kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64.rpm",
|
|
"name":"kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64.rpm"
|
|
},
|
|
"name":"kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64.rpm",
|
|
"category":"product_version"
|
|
},
|
|
{
|
|
"product":{
|
|
"product_identification_helper":{
|
|
"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
|
|
},
|
|
"product_id":"perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64.rpm",
|
|
"name":"perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64.rpm"
|
|
},
|
|
"name":"perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64.rpm",
|
|
"category":"product_version"
|
|
},
|
|
{
|
|
"product":{
|
|
"product_identification_helper":{
|
|
"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
|
|
},
|
|
"product_id":"perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64.rpm",
|
|
"name":"perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64.rpm"
|
|
},
|
|
"name":"perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64.rpm",
|
|
"category":"product_version"
|
|
},
|
|
{
|
|
"product":{
|
|
"product_identification_helper":{
|
|
"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
|
|
},
|
|
"product_id":"python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64.rpm",
|
|
"name":"python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64.rpm"
|
|
},
|
|
"name":"python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64.rpm",
|
|
"category":"product_version"
|
|
},
|
|
{
|
|
"product":{
|
|
"product_identification_helper":{
|
|
"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
|
|
},
|
|
"product_id":"python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64.rpm",
|
|
"name":"python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64.rpm"
|
|
},
|
|
"name":"python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64.rpm",
|
|
"category":"product_version"
|
|
},
|
|
{
|
|
"product":{
|
|
"product_identification_helper":{
|
|
"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
|
|
},
|
|
"product_id":"python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64.rpm",
|
|
"name":"python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64.rpm"
|
|
},
|
|
"name":"python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64.rpm",
|
|
"category":"product_version"
|
|
},
|
|
{
|
|
"product":{
|
|
"product_identification_helper":{
|
|
"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
|
|
},
|
|
"product_id":"python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64.rpm",
|
|
"name":"python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64.rpm"
|
|
},
|
|
"name":"python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64.rpm",
|
|
"category":"product_version"
|
|
}
|
|
],
|
|
"category":"product_name"
|
|
},
|
|
{
|
|
"name":"x86_64",
|
|
"branches":[
|
|
{
|
|
"product":{
|
|
"product_identification_helper":{
|
|
"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
|
|
},
|
|
"product_id":"bpftool-4.19.90-2407.4.0.0286.oe2003sp4.x86_64.rpm",
|
|
"name":"bpftool-4.19.90-2407.4.0.0286.oe2003sp4.x86_64.rpm"
|
|
},
|
|
"name":"bpftool-4.19.90-2407.4.0.0286.oe2003sp4.x86_64.rpm",
|
|
"category":"product_version"
|
|
},
|
|
{
|
|
"product":{
|
|
"product_identification_helper":{
|
|
"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
|
|
},
|
|
"product_id":"bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64.rpm",
|
|
"name":"bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64.rpm"
|
|
},
|
|
"name":"bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64.rpm",
|
|
"category":"product_version"
|
|
},
|
|
{
|
|
"product":{
|
|
"product_identification_helper":{
|
|
"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
|
|
},
|
|
"product_id":"kernel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64.rpm",
|
|
"name":"kernel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64.rpm"
|
|
},
|
|
"name":"kernel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64.rpm",
|
|
"category":"product_version"
|
|
},
|
|
{
|
|
"product":{
|
|
"product_identification_helper":{
|
|
"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
|
|
},
|
|
"product_id":"kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64.rpm",
|
|
"name":"kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64.rpm"
|
|
},
|
|
"name":"kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64.rpm",
|
|
"category":"product_version"
|
|
},
|
|
{
|
|
"product":{
|
|
"product_identification_helper":{
|
|
"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
|
|
},
|
|
"product_id":"kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.x86_64.rpm",
|
|
"name":"kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.x86_64.rpm"
|
|
},
|
|
"name":"kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.x86_64.rpm",
|
|
"category":"product_version"
|
|
},
|
|
{
|
|
"product":{
|
|
"product_identification_helper":{
|
|
"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
|
|
},
|
|
"product_id":"kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64.rpm",
|
|
"name":"kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64.rpm"
|
|
},
|
|
"name":"kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64.rpm",
|
|
"category":"product_version"
|
|
},
|
|
{
|
|
"product":{
|
|
"product_identification_helper":{
|
|
"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
|
|
},
|
|
"product_id":"kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.x86_64.rpm",
|
|
"name":"kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.x86_64.rpm"
|
|
},
|
|
"name":"kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.x86_64.rpm",
|
|
"category":"product_version"
|
|
},
|
|
{
|
|
"product":{
|
|
"product_identification_helper":{
|
|
"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
|
|
},
|
|
"product_id":"kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.x86_64.rpm",
|
|
"name":"kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.x86_64.rpm"
|
|
},
|
|
"name":"kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.x86_64.rpm",
|
|
"category":"product_version"
|
|
},
|
|
{
|
|
"product":{
|
|
"product_identification_helper":{
|
|
"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
|
|
},
|
|
"product_id":"kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64.rpm",
|
|
"name":"kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64.rpm"
|
|
},
|
|
"name":"kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64.rpm",
|
|
"category":"product_version"
|
|
},
|
|
{
|
|
"product":{
|
|
"product_identification_helper":{
|
|
"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
|
|
},
|
|
"product_id":"kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64.rpm",
|
|
"name":"kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64.rpm"
|
|
},
|
|
"name":"kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64.rpm",
|
|
"category":"product_version"
|
|
},
|
|
{
|
|
"product":{
|
|
"product_identification_helper":{
|
|
"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
|
|
},
|
|
"product_id":"perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64.rpm",
|
|
"name":"perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64.rpm"
|
|
},
|
|
"name":"perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64.rpm",
|
|
"category":"product_version"
|
|
},
|
|
{
|
|
"product":{
|
|
"product_identification_helper":{
|
|
"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
|
|
},
|
|
"product_id":"perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64.rpm",
|
|
"name":"perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64.rpm"
|
|
},
|
|
"name":"perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64.rpm",
|
|
"category":"product_version"
|
|
},
|
|
{
|
|
"product":{
|
|
"product_identification_helper":{
|
|
"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
|
|
},
|
|
"product_id":"python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64.rpm",
|
|
"name":"python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64.rpm"
|
|
},
|
|
"name":"python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64.rpm",
|
|
"category":"product_version"
|
|
},
|
|
{
|
|
"product":{
|
|
"product_identification_helper":{
|
|
"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
|
|
},
|
|
"product_id":"python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64.rpm",
|
|
"name":"python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64.rpm"
|
|
},
|
|
"name":"python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64.rpm",
|
|
"category":"product_version"
|
|
},
|
|
{
|
|
"product":{
|
|
"product_identification_helper":{
|
|
"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
|
|
},
|
|
"product_id":"python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64.rpm",
|
|
"name":"python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64.rpm"
|
|
},
|
|
"name":"python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64.rpm",
|
|
"category":"product_version"
|
|
},
|
|
{
|
|
"product":{
|
|
"product_identification_helper":{
|
|
"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
|
|
},
|
|
"product_id":"python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64.rpm",
|
|
"name":"python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64.rpm"
|
|
},
|
|
"name":"python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64.rpm",
|
|
"category":"product_version"
|
|
}
|
|
],
|
|
"category":"product_name"
|
|
},
|
|
{
|
|
"name":"src",
|
|
"branches":[
|
|
{
|
|
"product":{
|
|
"product_identification_helper":{
|
|
"cpe":"cpe:/a:openEuler:openEuler:20.03-LTS-SP4"
|
|
},
|
|
"product_id":"kernel-4.19.90-2407.4.0.0286.oe2003sp4.src.rpm",
|
|
"name":"kernel-4.19.90-2407.4.0.0286.oe2003sp4.src.rpm"
|
|
},
|
|
"name":"kernel-4.19.90-2407.4.0.0286.oe2003sp4.src.rpm",
|
|
"category":"product_version"
|
|
}
|
|
],
|
|
"category":"product_name"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"relationships":[
|
|
{
|
|
"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
|
|
"product_reference":"bpftool-4.19.90-2407.4.0.0286.oe2003sp4.aarch64.rpm",
|
|
"full_product_name":{
|
|
"product_id":"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"name":"bpftool-4.19.90-2407.4.0.0286.oe2003sp4.aarch64 as a component of openEuler-20.03-LTS-SP4"
|
|
},
|
|
"category":"default_component_of"
|
|
},
|
|
{
|
|
"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
|
|
"product_reference":"bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64.rpm",
|
|
"full_product_name":{
|
|
"product_id":"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"name":"bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64 as a component of openEuler-20.03-LTS-SP4"
|
|
},
|
|
"category":"default_component_of"
|
|
},
|
|
{
|
|
"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
|
|
"product_reference":"kernel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64.rpm",
|
|
"full_product_name":{
|
|
"product_id":"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"name":"kernel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64 as a component of openEuler-20.03-LTS-SP4"
|
|
},
|
|
"category":"default_component_of"
|
|
},
|
|
{
|
|
"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
|
|
"product_reference":"kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64.rpm",
|
|
"full_product_name":{
|
|
"product_id":"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"name":"kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64 as a component of openEuler-20.03-LTS-SP4"
|
|
},
|
|
"category":"default_component_of"
|
|
},
|
|
{
|
|
"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
|
|
"product_reference":"kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.aarch64.rpm",
|
|
"full_product_name":{
|
|
"product_id":"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"name":"kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.aarch64 as a component of openEuler-20.03-LTS-SP4"
|
|
},
|
|
"category":"default_component_of"
|
|
},
|
|
{
|
|
"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
|
|
"product_reference":"kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64.rpm",
|
|
"full_product_name":{
|
|
"product_id":"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"name":"kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64 as a component of openEuler-20.03-LTS-SP4"
|
|
},
|
|
"category":"default_component_of"
|
|
},
|
|
{
|
|
"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
|
|
"product_reference":"kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.aarch64.rpm",
|
|
"full_product_name":{
|
|
"product_id":"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"name":"kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.aarch64 as a component of openEuler-20.03-LTS-SP4"
|
|
},
|
|
"category":"default_component_of"
|
|
},
|
|
{
|
|
"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
|
|
"product_reference":"kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.aarch64.rpm",
|
|
"full_product_name":{
|
|
"product_id":"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"name":"kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.aarch64 as a component of openEuler-20.03-LTS-SP4"
|
|
},
|
|
"category":"default_component_of"
|
|
},
|
|
{
|
|
"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
|
|
"product_reference":"kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64.rpm",
|
|
"full_product_name":{
|
|
"product_id":"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"name":"kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64 as a component of openEuler-20.03-LTS-SP4"
|
|
},
|
|
"category":"default_component_of"
|
|
},
|
|
{
|
|
"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
|
|
"product_reference":"kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64.rpm",
|
|
"full_product_name":{
|
|
"product_id":"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"name":"kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64 as a component of openEuler-20.03-LTS-SP4"
|
|
},
|
|
"category":"default_component_of"
|
|
},
|
|
{
|
|
"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
|
|
"product_reference":"perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64.rpm",
|
|
"full_product_name":{
|
|
"product_id":"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"name":"perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64 as a component of openEuler-20.03-LTS-SP4"
|
|
},
|
|
"category":"default_component_of"
|
|
},
|
|
{
|
|
"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
|
|
"product_reference":"perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64.rpm",
|
|
"full_product_name":{
|
|
"product_id":"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"name":"perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64 as a component of openEuler-20.03-LTS-SP4"
|
|
},
|
|
"category":"default_component_of"
|
|
},
|
|
{
|
|
"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
|
|
"product_reference":"python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64.rpm",
|
|
"full_product_name":{
|
|
"product_id":"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"name":"python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64 as a component of openEuler-20.03-LTS-SP4"
|
|
},
|
|
"category":"default_component_of"
|
|
},
|
|
{
|
|
"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
|
|
"product_reference":"python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64.rpm",
|
|
"full_product_name":{
|
|
"product_id":"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"name":"python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64 as a component of openEuler-20.03-LTS-SP4"
|
|
},
|
|
"category":"default_component_of"
|
|
},
|
|
{
|
|
"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
|
|
"product_reference":"python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64.rpm",
|
|
"full_product_name":{
|
|
"product_id":"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"name":"python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64 as a component of openEuler-20.03-LTS-SP4"
|
|
},
|
|
"category":"default_component_of"
|
|
},
|
|
{
|
|
"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
|
|
"product_reference":"python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64.rpm",
|
|
"full_product_name":{
|
|
"product_id":"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"name":"python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64 as a component of openEuler-20.03-LTS-SP4"
|
|
},
|
|
"category":"default_component_of"
|
|
},
|
|
{
|
|
"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
|
|
"product_reference":"bpftool-4.19.90-2407.4.0.0286.oe2003sp4.x86_64.rpm",
|
|
"full_product_name":{
|
|
"product_id":"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"name":"bpftool-4.19.90-2407.4.0.0286.oe2003sp4.x86_64 as a component of openEuler-20.03-LTS-SP4"
|
|
},
|
|
"category":"default_component_of"
|
|
},
|
|
{
|
|
"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
|
|
"product_reference":"bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64.rpm",
|
|
"full_product_name":{
|
|
"product_id":"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"name":"bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64 as a component of openEuler-20.03-LTS-SP4"
|
|
},
|
|
"category":"default_component_of"
|
|
},
|
|
{
|
|
"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
|
|
"product_reference":"kernel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64.rpm",
|
|
"full_product_name":{
|
|
"product_id":"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"name":"kernel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64 as a component of openEuler-20.03-LTS-SP4"
|
|
},
|
|
"category":"default_component_of"
|
|
},
|
|
{
|
|
"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
|
|
"product_reference":"kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64.rpm",
|
|
"full_product_name":{
|
|
"product_id":"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"name":"kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64 as a component of openEuler-20.03-LTS-SP4"
|
|
},
|
|
"category":"default_component_of"
|
|
},
|
|
{
|
|
"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
|
|
"product_reference":"kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.x86_64.rpm",
|
|
"full_product_name":{
|
|
"product_id":"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"name":"kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.x86_64 as a component of openEuler-20.03-LTS-SP4"
|
|
},
|
|
"category":"default_component_of"
|
|
},
|
|
{
|
|
"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
|
|
"product_reference":"kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64.rpm",
|
|
"full_product_name":{
|
|
"product_id":"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"name":"kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64 as a component of openEuler-20.03-LTS-SP4"
|
|
},
|
|
"category":"default_component_of"
|
|
},
|
|
{
|
|
"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
|
|
"product_reference":"kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.x86_64.rpm",
|
|
"full_product_name":{
|
|
"product_id":"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"name":"kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.x86_64 as a component of openEuler-20.03-LTS-SP4"
|
|
},
|
|
"category":"default_component_of"
|
|
},
|
|
{
|
|
"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
|
|
"product_reference":"kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.x86_64.rpm",
|
|
"full_product_name":{
|
|
"product_id":"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"name":"kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.x86_64 as a component of openEuler-20.03-LTS-SP4"
|
|
},
|
|
"category":"default_component_of"
|
|
},
|
|
{
|
|
"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
|
|
"product_reference":"kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64.rpm",
|
|
"full_product_name":{
|
|
"product_id":"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"name":"kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64 as a component of openEuler-20.03-LTS-SP4"
|
|
},
|
|
"category":"default_component_of"
|
|
},
|
|
{
|
|
"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
|
|
"product_reference":"kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64.rpm",
|
|
"full_product_name":{
|
|
"product_id":"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"name":"kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64 as a component of openEuler-20.03-LTS-SP4"
|
|
},
|
|
"category":"default_component_of"
|
|
},
|
|
{
|
|
"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
|
|
"product_reference":"perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64.rpm",
|
|
"full_product_name":{
|
|
"product_id":"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"name":"perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64 as a component of openEuler-20.03-LTS-SP4"
|
|
},
|
|
"category":"default_component_of"
|
|
},
|
|
{
|
|
"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
|
|
"product_reference":"perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64.rpm",
|
|
"full_product_name":{
|
|
"product_id":"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"name":"perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64 as a component of openEuler-20.03-LTS-SP4"
|
|
},
|
|
"category":"default_component_of"
|
|
},
|
|
{
|
|
"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
|
|
"product_reference":"python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64.rpm",
|
|
"full_product_name":{
|
|
"product_id":"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"name":"python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64 as a component of openEuler-20.03-LTS-SP4"
|
|
},
|
|
"category":"default_component_of"
|
|
},
|
|
{
|
|
"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
|
|
"product_reference":"python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64.rpm",
|
|
"full_product_name":{
|
|
"product_id":"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"name":"python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64 as a component of openEuler-20.03-LTS-SP4"
|
|
},
|
|
"category":"default_component_of"
|
|
},
|
|
{
|
|
"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
|
|
"product_reference":"python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64.rpm",
|
|
"full_product_name":{
|
|
"product_id":"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"name":"python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64 as a component of openEuler-20.03-LTS-SP4"
|
|
},
|
|
"category":"default_component_of"
|
|
},
|
|
{
|
|
"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
|
|
"product_reference":"python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64.rpm",
|
|
"full_product_name":{
|
|
"product_id":"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"name":"python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64 as a component of openEuler-20.03-LTS-SP4"
|
|
},
|
|
"category":"default_component_of"
|
|
},
|
|
{
|
|
"relates_to_product_reference":"openEuler-20.03-LTS-SP4",
|
|
"product_reference":"kernel-4.19.90-2407.4.0.0286.oe2003sp4.src.rpm",
|
|
"full_product_name":{
|
|
"product_id":"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.src",
|
|
"name":"kernel-4.19.90-2407.4.0.0286.oe2003sp4.src as a component of openEuler-20.03-LTS-SP4"
|
|
},
|
|
"category":"default_component_of"
|
|
}
|
|
]
|
|
},
|
|
"vulnerabilities":[
|
|
{
|
|
"cve":"CVE-2021-47296",
|
|
"notes":[
|
|
{
|
|
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: PPC: Fix kvm_arch_vcpu_ioctl vcpu_load leak\n\nvcpu_put is not called if the user copy fails. This can result in preempt\nnotifier corruption and crashes, among other issues.",
|
|
"category":"description",
|
|
"title":"Vulnerability Description"
|
|
}
|
|
],
|
|
"product_status":{
|
|
"fixed":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.src"
|
|
]
|
|
},
|
|
"remediations":[
|
|
{
|
|
"product_ids":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.src"
|
|
],
|
|
"details":"kernel security update",
|
|
"category":"vendor_fix",
|
|
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1862"
|
|
}
|
|
],
|
|
"scores":[
|
|
{
|
|
"cvss_v3":{
|
|
"baseSeverity":"LOW",
|
|
"baseScore":3.9,
|
|
"vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L",
|
|
"version":"3.1"
|
|
},
|
|
"products":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.src"
|
|
]
|
|
}
|
|
],
|
|
"threats":[
|
|
{
|
|
"details":"Low",
|
|
"category":"impact"
|
|
}
|
|
],
|
|
"title":"CVE-2021-47296"
|
|
},
|
|
{
|
|
"cve":"CVE-2021-47311",
|
|
"notes":[
|
|
{
|
|
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet: qcom/emac: fix UAF in emac_remove\n\nadpt is netdev private data and it cannot be\nused after free_netdev() call. Using adpt after free_netdev()\ncan cause UAF bug. Fix it by moving free_netdev() at the end of the\nfunction.",
|
|
"category":"description",
|
|
"title":"Vulnerability Description"
|
|
}
|
|
],
|
|
"product_status":{
|
|
"fixed":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.src"
|
|
]
|
|
},
|
|
"remediations":[
|
|
{
|
|
"product_ids":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.src"
|
|
],
|
|
"details":"kernel security update",
|
|
"category":"vendor_fix",
|
|
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1862"
|
|
}
|
|
],
|
|
"scores":[
|
|
{
|
|
"cvss_v3":{
|
|
"baseSeverity":"HIGH",
|
|
"baseScore":7.0,
|
|
"vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
|
|
"version":"3.1"
|
|
},
|
|
"products":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.src"
|
|
]
|
|
}
|
|
],
|
|
"threats":[
|
|
{
|
|
"details":"High",
|
|
"category":"impact"
|
|
}
|
|
],
|
|
"title":"CVE-2021-47311"
|
|
},
|
|
{
|
|
"cve":"CVE-2021-47391",
|
|
"notes":[
|
|
{
|
|
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/cma: Ensure rdma_addr_cancel() happens before issuing more requests\n\nThe FSM can run in a circle allowing rdma_resolve_ip() to be called twice\non the same id_priv. While this cannot happen without going through the\nwork, it violates the invariant that the same address resolution\nbackground request cannot be active twice.\n\n CPU 1 CPU 2\n\nrdma_resolve_addr():\n RDMA_CM_IDLE -> RDMA_CM_ADDR_QUERY\n rdma_resolve_ip(addr_handler) #1\n\n\t\t\t process_one_req(): for #1\n addr_handler():\n RDMA_CM_ADDR_QUERY -> RDMA_CM_ADDR_BOUND\n mutex_unlock(&id_priv->handler_mutex);\n [.. handler still running ..]\n\nrdma_resolve_addr():\n RDMA_CM_ADDR_BOUND -> RDMA_CM_ADDR_QUERY\n rdma_resolve_ip(addr_handler)\n !! two requests are now on the req_list\n\nrdma_destroy_id():\n destroy_id_handler_unlock():\n _destroy_id():\n cma_cancel_operation():\n rdma_addr_cancel()\n\n // process_one_req() self removes it\n\t\t spin_lock_bh(&lock);\n cancel_delayed_work(&req->work);\n\t if (!list_empty(&req->list)) == true\n\n ! rdma_addr_cancel() returns after process_on_req #1 is done\n\n kfree(id_priv)\n\n\t\t\t process_one_req(): for #2\n addr_handler():\n\t mutex_lock(&id_priv->handler_mutex);\n !! Use after free on id_priv\n\nrdma_addr_cancel() expects there to be one req on the list and only\ncancels the first one. The self-removal behavior of the work only happens\nafter the handler has returned. This yields a situations where the\nreq_list can have two reqs for the same \"handle\" but rdma_addr_cancel()\nonly cancels the first one.\n\nThe second req remains active beyond rdma_destroy_id() and will\nuse-after-free id_priv once it inevitably triggers.\n\nFix this by remembering if the id_priv has called rdma_resolve_ip() and\nalways cancel before calling it again. This ensures the req_list never\ngets more than one item in it and doesn't cost anything in the normal flow\nthat never uses this strange error path.",
|
|
"category":"description",
|
|
"title":"Vulnerability Description"
|
|
}
|
|
],
|
|
"product_status":{
|
|
"fixed":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.src"
|
|
]
|
|
},
|
|
"remediations":[
|
|
{
|
|
"product_ids":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.src"
|
|
],
|
|
"details":"kernel security update",
|
|
"category":"vendor_fix",
|
|
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1862"
|
|
}
|
|
],
|
|
"scores":[
|
|
{
|
|
"cvss_v3":{
|
|
"baseSeverity":"LOW",
|
|
"baseScore":3.9,
|
|
"vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L",
|
|
"version":"3.1"
|
|
},
|
|
"products":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.src"
|
|
]
|
|
}
|
|
],
|
|
"threats":[
|
|
{
|
|
"details":"Low",
|
|
"category":"impact"
|
|
}
|
|
],
|
|
"title":"CVE-2021-47391"
|
|
},
|
|
{
|
|
"cve":"CVE-2021-47598",
|
|
"notes":[
|
|
{
|
|
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\nsch_cake: do not call cake_destroy() from cake_init()\n\nqdiscs are not supposed to call their own destroy() method\nfrom init(), because core stack already does that.\n\nsyzbot was able to trigger use after free:\n\nDEBUG_LOCKS_WARN_ON(lock->magic != lock)\nWARNING: CPU: 0 PID: 21902 at kernel/locking/mutex.c:586 __mutex_lock_common kernel/locking/mutex.c:586 [inline]\nWARNING: CPU: 0 PID: 21902 at kernel/locking/mutex.c:586 __mutex_lock+0x9ec/0x12f0 kernel/locking/mutex.c:740\nModules linked in:\nCPU: 0 PID: 21902 Comm: syz-executor189 Not tainted 5.16.0-rc4-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\nRIP: 0010:__mutex_lock_common kernel/locking/mutex.c:586 [inline]\nRIP: 0010:__mutex_lock+0x9ec/0x12f0 kernel/locking/mutex.c:740\nCode: 08 84 d2 0f 85 19 08 00 00 8b 05 97 38 4b 04 85 c0 0f 85 27 f7 ff ff 48 c7 c6 20 00 ac 89 48 c7 c7 a0 fe ab 89 e8 bf 76 ba ff <0f> 0b e9 0d f7 ff ff 48 8b 44 24 40 48 8d b8 c8 08 00 00 48 89 f8\nRSP: 0018:ffffc9000627f290 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000\nRDX: ffff88802315d700 RSI: ffffffff815f1db8 RDI: fffff52000c4fe44\nRBP: ffff88818f28e000 R08: 0000000000000000 R09: 0000000000000000\nR10: ffffffff815ebb5e R11: 0000000000000000 R12: 0000000000000000\nR13: dffffc0000000000 R14: ffffc9000627f458 R15: 0000000093c30000\nFS: 0000555556abc400(0000) GS:ffff8880b9c00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007fda689c3303 CR3: 000000001cfbb000 CR4: 0000000000350ef0\nCall Trace:\n <TASK>\n tcf_chain0_head_change_cb_del+0x2e/0x3d0 net/sched/cls_api.c:810\n tcf_block_put_ext net/sched/cls_api.c:1381 [inline]\n tcf_block_put_ext net/sched/cls_api.c:1376 [inline]\n tcf_block_put+0xbc/0x130 net/sched/cls_api.c:1394\n cake_destroy+0x3f/0x80 net/sched/sch_cake.c:2695\n qdisc_create.constprop.0+0x9da/0x10f0 net/sched/sch_api.c:1293\n tc_modify_qdisc+0x4c5/0x1980 net/sched/sch_api.c:1660\n rtnetlink_rcv_msg+0x413/0xb80 net/core/rtnetlink.c:5571\n netlink_rcv_skb+0x153/0x420 net/netlink/af_netlink.c:2496\n netlink_unicast_kernel net/netlink/af_netlink.c:1319 [inline]\n netlink_unicast+0x533/0x7d0 net/netlink/af_netlink.c:1345\n netlink_sendmsg+0x904/0xdf0 net/netlink/af_netlink.c:1921\n sock_sendmsg_nosec net/socket.c:704 [inline]\n sock_sendmsg+0xcf/0x120 net/socket.c:724\n ____sys_sendmsg+0x6e8/0x810 net/socket.c:2409\n ___sys_sendmsg+0xf3/0x170 net/socket.c:2463\n __sys_sendmsg+0xe5/0x1b0 net/socket.c:2492\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x44/0xae\nRIP: 0033:0x7f1bb06badb9\nCode: Unable to access opcode bytes at RIP 0x7f1bb06bad8f.\nRSP: 002b:00007fff3012a658 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\nRAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f1bb06badb9\nRDX: 0000000000000000 RSI: 00000000200007c0 RDI: 0000000000000003\nRBP: 0000000000000000 R08: 0000000000000003 R09: 0000000000000003\nR10: 0000000000000003 R11: 0000000000000246 R12: 00007fff3012a688\nR13: 00007fff3012a6a0 R14: 00007fff3012a6e0 R15: 00000000000013c2\n </TASK>",
|
|
"category":"description",
|
|
"title":"Vulnerability Description"
|
|
}
|
|
],
|
|
"product_status":{
|
|
"fixed":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.src"
|
|
]
|
|
},
|
|
"remediations":[
|
|
{
|
|
"product_ids":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.src"
|
|
],
|
|
"details":"kernel security update",
|
|
"category":"vendor_fix",
|
|
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1862"
|
|
}
|
|
],
|
|
"scores":[
|
|
{
|
|
"cvss_v3":{
|
|
"baseSeverity":"LOW",
|
|
"baseScore":3.9,
|
|
"vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L",
|
|
"version":"3.1"
|
|
},
|
|
"products":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.src"
|
|
]
|
|
}
|
|
],
|
|
"threats":[
|
|
{
|
|
"details":"Low",
|
|
"category":"impact"
|
|
}
|
|
],
|
|
"title":"CVE-2021-47598"
|
|
},
|
|
{
|
|
"cve":"CVE-2022-48732",
|
|
"notes":[
|
|
{
|
|
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/nouveau: fix off by one in BIOS boundary checking\n\nBounds checking when parsing init scripts embedded in the BIOS reject\naccess to the last byte. This causes driver initialization to fail on\nApple eMac's with GeForce 2 MX GPUs, leaving the system with no working\nconsole.\n\nThis is probably only seen on OpenFirmware machines like PowerPC Macs\nbecause the BIOS image provided by OF is only the used parts of the ROM,\nnot a power-of-two blocks read from PCI directly so PCs always have\nempty bytes at the end that are never accessed.",
|
|
"category":"description",
|
|
"title":"Vulnerability Description"
|
|
}
|
|
],
|
|
"product_status":{
|
|
"fixed":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.src"
|
|
]
|
|
},
|
|
"remediations":[
|
|
{
|
|
"product_ids":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.src"
|
|
],
|
|
"details":"kernel security update",
|
|
"category":"vendor_fix",
|
|
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1862"
|
|
}
|
|
],
|
|
"scores":[
|
|
{
|
|
"cvss_v3":{
|
|
"baseSeverity":"MEDIUM",
|
|
"baseScore":5.5,
|
|
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
|
|
"version":"3.1"
|
|
},
|
|
"products":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.src"
|
|
]
|
|
}
|
|
],
|
|
"threats":[
|
|
{
|
|
"details":"Medium",
|
|
"category":"impact"
|
|
}
|
|
],
|
|
"title":"CVE-2022-48732"
|
|
},
|
|
{
|
|
"cve":"CVE-2022-48757",
|
|
"notes":[
|
|
{
|
|
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fix information leakage in /proc/net/ptype\n\nIn one net namespace, after creating a packet socket without binding\nit to a device, users in other net namespaces can observe the new\n`packet_type` added by this packet socket by reading `/proc/net/ptype`\nfile. This is minor information leakage as packet socket is\nnamespace aware.\n\nAdd a net pointer in `packet_type` to keep the net namespace of\nof corresponding packet socket. In `ptype_seq_show`, this net pointer\nmust be checked when it is not NULL.",
|
|
"category":"description",
|
|
"title":"Vulnerability Description"
|
|
}
|
|
],
|
|
"product_status":{
|
|
"fixed":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.src"
|
|
]
|
|
},
|
|
"remediations":[
|
|
{
|
|
"product_ids":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.src"
|
|
],
|
|
"details":"kernel security update",
|
|
"category":"vendor_fix",
|
|
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1862"
|
|
}
|
|
],
|
|
"scores":[
|
|
{
|
|
"cvss_v3":{
|
|
"baseSeverity":"MEDIUM",
|
|
"baseScore":5.5,
|
|
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
|
|
"version":"3.1"
|
|
},
|
|
"products":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.src"
|
|
]
|
|
}
|
|
],
|
|
"threats":[
|
|
{
|
|
"details":"Medium",
|
|
"category":"impact"
|
|
}
|
|
],
|
|
"title":"CVE-2022-48757"
|
|
},
|
|
{
|
|
"cve":"CVE-2022-48760",
|
|
"notes":[
|
|
{
|
|
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: core: Fix hang in usb_kill_urb by adding memory barriers\n\nThe syzbot fuzzer has identified a bug in which processes hang waiting\nfor usb_kill_urb() to return. It turns out the issue is not unlinking\nthe URB; that works just fine. Rather, the problem arises when the\nwakeup notification that the URB has completed is not received.\n\nThe reason is memory-access ordering on SMP systems. In outline form,\nusb_kill_urb() and __usb_hcd_giveback_urb() operating concurrently on\ndifferent CPUs perform the following actions:\n\nCPU 0\t\t\t\t\tCPU 1\n----------------------------\t\t---------------------------------\nusb_kill_urb():\t\t\t\t__usb_hcd_giveback_urb():\n ...\t\t\t\t\t ...\n atomic_inc(&urb->reject);\t\t atomic_dec(&urb->use_count);\n ...\t\t\t\t\t ...\n wait_event(usb_kill_urb_queue,\n\tatomic_read(&urb->use_count) == 0);\n\t\t\t\t\t if (atomic_read(&urb->reject))\n\t\t\t\t\t\twake_up(&usb_kill_urb_queue);\n\nConfining your attention to urb->reject and urb->use_count, you can\nsee that the overall pattern of accesses on CPU 0 is:\n\n\twrite urb->reject, then read urb->use_count;\n\nwhereas the overall pattern of accesses on CPU 1 is:\n\n\twrite urb->use_count, then read urb->reject.\n\nThis pattern is referred to in memory-model circles as SB (for \"Store\nBuffering\"), and it is well known that without suitable enforcement of\nthe desired order of accesses -- in the form of memory barriers -- it\nis entirely possible for one or both CPUs to execute their reads ahead\nof their writes. The end result will be that sometimes CPU 0 sees the\nold un-decremented value of urb->use_count while CPU 1 sees the old\nun-incremented value of urb->reject. Consequently CPU 0 ends up on\nthe wait queue and never gets woken up, leading to the observed hang\nin usb_kill_urb().\n\nThe same pattern of accesses occurs in usb_poison_urb() and the\nfailure pathway of usb_hcd_submit_urb().\n\nThe problem is fixed by adding suitable memory barriers. To provide\nproper memory-access ordering in the SB pattern, a full barrier is\nrequired on both CPUs. The atomic_inc() and atomic_dec() accesses\nthemselves don't provide any memory ordering, but since they are\npresent, we can use the optimized smp_mb__after_atomic() memory\nbarrier in the various routines to obtain the desired effect.\n\nThis patch adds the necessary memory barriers.",
|
|
"category":"description",
|
|
"title":"Vulnerability Description"
|
|
}
|
|
],
|
|
"product_status":{
|
|
"fixed":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.src"
|
|
]
|
|
},
|
|
"remediations":[
|
|
{
|
|
"product_ids":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.src"
|
|
],
|
|
"details":"kernel security update",
|
|
"category":"vendor_fix",
|
|
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1862"
|
|
}
|
|
],
|
|
"scores":[
|
|
{
|
|
"cvss_v3":{
|
|
"baseSeverity":"MEDIUM",
|
|
"baseScore":5.5,
|
|
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
|
|
"version":"3.1"
|
|
},
|
|
"products":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.src"
|
|
]
|
|
}
|
|
],
|
|
"threats":[
|
|
{
|
|
"details":"Medium",
|
|
"category":"impact"
|
|
}
|
|
],
|
|
"title":"CVE-2022-48760"
|
|
},
|
|
{
|
|
"cve":"CVE-2024-38558",
|
|
"notes":[
|
|
{
|
|
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet: openvswitch: fix overwriting ct original tuple for ICMPv6\n\nOVS_PACKET_CMD_EXECUTE has 3 main attributes:\n - OVS_PACKET_ATTR_KEY - Packet metadata in a netlink format.\n - OVS_PACKET_ATTR_PACKET - Binary packet content.\n - OVS_PACKET_ATTR_ACTIONS - Actions to execute on the packet.\n\nOVS_PACKET_ATTR_KEY is parsed first to populate sw_flow_key structure\nwith the metadata like conntrack state, input port, recirculation id,\netc. Then the packet itself gets parsed to populate the rest of the\nkeys from the packet headers.\n\nWhenever the packet parsing code starts parsing the ICMPv6 header, it\nfirst zeroes out fields in the key corresponding to Neighbor Discovery\ninformation even if it is not an ND packet.\n\nIt is an 'ipv6.nd' field. However, the 'ipv6' is a union that shares\nthe space between 'nd' and 'ct_orig' that holds the original tuple\nconntrack metadata parsed from the OVS_PACKET_ATTR_KEY.\n\nND packets should not normally have conntrack state, so it's fine to\nshare the space, but normal ICMPv6 Echo packets or maybe other types of\nICMPv6 can have the state attached and it should not be overwritten.\n\nThe issue results in all but the last 4 bytes of the destination\naddress being wiped from the original conntrack tuple leading to\nincorrect packet matching and potentially executing wrong actions\nin case this packet recirculates within the datapath or goes back\nto userspace.\n\nND fields should not be accessed in non-ND packets, so not clearing\nthem should be fine. Executing memset() only for actual ND packets to\navoid the issue.\n\nInitializing the whole thing before parsing is needed because ND packet\nmay not contain all the options.\n\nThe issue only affects the OVS_PACKET_CMD_EXECUTE path and doesn't\naffect packets entering OVS datapath from network interfaces, because\nin this case CT metadata is populated from skb after the packet is\nalready parsed.",
|
|
"category":"description",
|
|
"title":"Vulnerability Description"
|
|
}
|
|
],
|
|
"product_status":{
|
|
"fixed":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.src"
|
|
]
|
|
},
|
|
"remediations":[
|
|
{
|
|
"product_ids":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.src"
|
|
],
|
|
"details":"kernel security update",
|
|
"category":"vendor_fix",
|
|
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1862"
|
|
}
|
|
],
|
|
"scores":[
|
|
{
|
|
"cvss_v3":{
|
|
"baseSeverity":"MEDIUM",
|
|
"baseScore":5.5,
|
|
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
|
|
"version":"3.1"
|
|
},
|
|
"products":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.src"
|
|
]
|
|
}
|
|
],
|
|
"threats":[
|
|
{
|
|
"details":"Medium",
|
|
"category":"impact"
|
|
}
|
|
],
|
|
"title":"CVE-2024-38558"
|
|
},
|
|
{
|
|
"cve":"CVE-2024-38632",
|
|
"notes":[
|
|
{
|
|
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\nvfio/pci: fix potential memory leak in vfio_intx_enable()\n\nIf vfio_irq_ctx_alloc() failed will lead to 'name' memory leak.",
|
|
"category":"description",
|
|
"title":"Vulnerability Description"
|
|
}
|
|
],
|
|
"product_status":{
|
|
"fixed":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.src"
|
|
]
|
|
},
|
|
"remediations":[
|
|
{
|
|
"product_ids":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.src"
|
|
],
|
|
"details":"kernel security update",
|
|
"category":"vendor_fix",
|
|
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1862"
|
|
}
|
|
],
|
|
"scores":[
|
|
{
|
|
"cvss_v3":{
|
|
"baseSeverity":"MEDIUM",
|
|
"baseScore":5.5,
|
|
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
|
|
"version":"3.1"
|
|
},
|
|
"products":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.src"
|
|
]
|
|
}
|
|
],
|
|
"threats":[
|
|
{
|
|
"details":"Medium",
|
|
"category":"impact"
|
|
}
|
|
],
|
|
"title":"CVE-2024-38632"
|
|
},
|
|
{
|
|
"cve":"CVE-2024-39480",
|
|
"notes":[
|
|
{
|
|
"text":"In the Linux kernel, the following vulnerability has been resolved:kdb: Fix buffer overflow during tab-completeCurrently, when the user attempts symbol completion with the Tab key, kdbwill use strncpy() to insert the completed symbol into the command buffer.Unfortunately it passes the size of the source buffer rather than thedestination to strncpy() with predictably horrible results. Most obviouslyif the command buffer is already full but cp, the cursor position, is inthe middle of the buffer, then we will write past the end of the suppliedbuffer.Fix this by replacing the dubious strncpy() calls with memmove()/memcpy()calls plus explicit boundary checks to make sure we have enough spacebefore we start moving characters around.",
|
|
"category":"description",
|
|
"title":"Vulnerability Description"
|
|
}
|
|
],
|
|
"product_status":{
|
|
"fixed":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.src"
|
|
]
|
|
},
|
|
"remediations":[
|
|
{
|
|
"product_ids":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.src"
|
|
],
|
|
"details":"kernel security update",
|
|
"category":"vendor_fix",
|
|
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1862"
|
|
}
|
|
],
|
|
"scores":[
|
|
{
|
|
"cvss_v3":{
|
|
"baseSeverity":"MEDIUM",
|
|
"baseScore":5.5,
|
|
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
|
|
"version":"3.1"
|
|
},
|
|
"products":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.src"
|
|
]
|
|
}
|
|
],
|
|
"threats":[
|
|
{
|
|
"details":"Medium",
|
|
"category":"impact"
|
|
}
|
|
],
|
|
"title":"CVE-2024-39480"
|
|
},
|
|
{
|
|
"cve":"CVE-2024-39487",
|
|
"notes":[
|
|
{
|
|
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\nbonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set()\n\nIn function bond_option_arp_ip_targets_set(), if newval->string is an\nempty string, newval->string+1 will point to the byte after the\nstring, causing an out-of-bound read.\n\nBUG: KASAN: slab-out-of-bounds in strlen+0x7d/0xa0 lib/string.c:418\nRead of size 1 at addr ffff8881119c4781 by task syz-executor665/8107\nCPU: 1 PID: 8107 Comm: syz-executor665 Not tainted 6.7.0-rc7 #1\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\nCall Trace:\n <TASK>\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0xd9/0x150 lib/dump_stack.c:106\n print_address_description mm/kasan/report.c:364 [inline]\n print_report+0xc1/0x5e0 mm/kasan/report.c:475\n kasan_report+0xbe/0xf0 mm/kasan/report.c:588\n strlen+0x7d/0xa0 lib/string.c:418\n __fortify_strlen include/linux/fortify-string.h:210 [inline]\n in4_pton+0xa3/0x3f0 net/core/utils.c:130\n bond_option_arp_ip_targets_set+0xc2/0x910\ndrivers/net/bonding/bond_options.c:1201\n __bond_opt_set+0x2a4/0x1030 drivers/net/bonding/bond_options.c:767\n __bond_opt_set_notify+0x48/0x150 drivers/net/bonding/bond_options.c:792\n bond_opt_tryset_rtnl+0xda/0x160 drivers/net/bonding/bond_options.c:817\n bonding_sysfs_store_option+0xa1/0x120 drivers/net/bonding/bond_sysfs.c:156\n dev_attr_store+0x54/0x80 drivers/base/core.c:2366\n sysfs_kf_write+0x114/0x170 fs/sysfs/file.c:136\n kernfs_fop_write_iter+0x337/0x500 fs/kernfs/file.c:334\n call_write_iter include/linux/fs.h:2020 [inline]\n new_sync_write fs/read_write.c:491 [inline]\n vfs_write+0x96a/0xd80 fs/read_write.c:584\n ksys_write+0x122/0x250 fs/read_write.c:637\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0x40/0x110 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x63/0x6b\n---[ end trace ]---\n\nFix it by adding a check of string length before using it.",
|
|
"category":"description",
|
|
"title":"Vulnerability Description"
|
|
}
|
|
],
|
|
"product_status":{
|
|
"fixed":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.src"
|
|
]
|
|
},
|
|
"remediations":[
|
|
{
|
|
"product_ids":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.src"
|
|
],
|
|
"details":"kernel security update",
|
|
"category":"vendor_fix",
|
|
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1862"
|
|
}
|
|
],
|
|
"scores":[
|
|
{
|
|
"cvss_v3":{
|
|
"baseSeverity":"MEDIUM",
|
|
"baseScore":5.5,
|
|
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
|
|
"version":"3.1"
|
|
},
|
|
"products":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.src"
|
|
]
|
|
}
|
|
],
|
|
"threats":[
|
|
{
|
|
"details":"Medium",
|
|
"category":"impact"
|
|
}
|
|
],
|
|
"title":"CVE-2024-39487"
|
|
},
|
|
{
|
|
"cve":"CVE-2024-39488",
|
|
"notes":[
|
|
{
|
|
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\narm64: asm-bug: Add .align 2 to the end of __BUG_ENTRY\n\nWhen CONFIG_DEBUG_BUGVERBOSE=n, we fail to add necessary padding bytes\nto bug_table entries, and as a result the last entry in a bug table will\nbe ignored, potentially leading to an unexpected panic(). All prior\nentries in the table will be handled correctly.\n\nThe arm64 ABI requires that struct fields of up to 8 bytes are\nnaturally-aligned, with padding added within a struct such that struct\nare suitably aligned within arrays.\n\nWhen CONFIG_DEBUG_BUGVERPOSE=y, the layout of a bug_entry is:\n\n\tstruct bug_entry {\n\t\tsigned int bug_addr_disp;\t// 4 bytes\n\t\tsigned int file_disp;\t// 4 bytes\n\t\tunsigned short line;\t\t// 2 bytes\n\t\tunsigned short flags;\t\t// 2 bytes\n\t}\n\n... with 12 bytes total, requiring 4-byte alignment.\n\nWhen CONFIG_DEBUG_BUGVERBOSE=n, the layout of a bug_entry is:\n\n\tstruct bug_entry {\n\t\tsigned int bug_addr_disp;\t// 4 bytes\n\t\tunsigned short flags;\t\t// 2 bytes\n\t\t< implicit padding >\t\t// 2 bytes\n\t}\n\n... with 8 bytes total, with 6 bytes of data and 2 bytes of trailing\npadding, requiring 4-byte alginment.\n\nWhen we create a bug_entry in assembly, we align the start of the entry\nto 4 bytes, which implicitly handles padding for any prior entries.\nHowever, we do not align the end of the entry, and so when\nCONFIG_DEBUG_BUGVERBOSE=n, the final entry lacks the trailing padding\nbytes.\n\nFor the main kernel image this is not a problem as find_bug() doesn't\ndepend on the trailing padding bytes when searching for entries:\n\n\tfor (bug = __start___bug_table; bug < __stop___bug_table; ++bug)\n\t\tif (bugaddr == bug_addr(bug))\n\t\t\treturn bug;\n\nHowever for modules, module_bug_finalize() depends on the trailing\nbytes when calculating the number of entries:\n\n\tmod->num_bugs = sechdrs[i].sh_size / sizeof(struct bug_entry);\n\n... and as the last bug_entry lacks the necessary padding bytes, this entry\nwill not be counted, e.g. in the case of a single entry:\n\n\tsechdrs[i].sh_size == 6\n\tsizeof(struct bug_entry) == 8;\n\n\tsechdrs[i].sh_size / sizeof(struct bug_entry) == 0;\n\nConsequently module_find_bug() will miss the last bug_entry when it does:\n\n\tfor (i = 0; i < mod->num_bugs; ++i, ++bug)\n\t\tif (bugaddr == bug_addr(bug))\n\t\t\tgoto out;\n\n... which can lead to a kenrel panic due to an unhandled bug.\n\nThis can be demonstrated with the following module:\n\n\tstatic int __init buginit(void)\n\t{\n\t\tWARN(1, \"hello\\n\");\n\t\treturn 0;\n\t}\n\n\tstatic void __exit bugexit(void)\n\t{\n\t}\n\n\tmodule_init(buginit);\n\tmodule_exit(bugexit);\n\tMODULE_LICENSE(\"GPL\");\n\n... which will trigger a kernel panic when loaded:\n\n\t------------[ cut here ]------------\n\thello\n\tUnexpected kernel BRK exception at EL1\n\tInternal error: BRK handler: 00000000f2000800 [#1] PREEMPT SMP\n\tModules linked in: hello(O+)\n\tCPU: 0 PID: 50 Comm: insmod Tainted: G O 6.9.1 #8\n\tHardware name: linux,dummy-virt (DT)\n\tpstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n\tpc : buginit+0x18/0x1000 [hello]\n\tlr : buginit+0x18/0x1000 [hello]\n\tsp : ffff800080533ae0\n\tx29: ffff800080533ae0 x28: 0000000000000000 x27: 0000000000000000\n\tx26: ffffaba8c4e70510 x25: ffff800080533c30 x24: ffffaba8c4a28a58\n\tx23: 0000000000000000 x22: 0000000000000000 x21: ffff3947c0eab3c0\n\tx20: ffffaba8c4e3f000 x19: ffffaba846464000 x18: 0000000000000006\n\tx17: 0000000000000000 x16: ffffaba8c2492834 x15: 0720072007200720\n\tx14: 0720072007200720 x13: ffffaba8c49b27c8 x12: 0000000000000312\n\tx11: 0000000000000106 x10: ffffaba8c4a0a7c8 x9 : ffffaba8c49b27c8\n\tx8 : 00000000ffffefff x7 : ffffaba8c4a0a7c8 x6 : 80000000fffff000\n\tx5 : 0000000000000107 x4 : 0000000000000000 x3 : 0000000000000000\n\tx2 : 0000000000000000 x1 : 0000000000000000 x0 : ffff3947c0eab3c0\n\tCall trace:\n\t buginit+0x18/0x1000 [hello]\n\t do_one_initcall+0x80/0x1c8\n\t do_init_module+0x60/0x218\n\t load_module+0x1ba4/0x1d70\n\t __do_sys_init_module+0x198/0x1d0\n\t __arm64_sys_init_module+0x1c/0x28\n\t invoke_syscall+0x48/0x114\n\t el0_svc\n---truncated---",
|
|
"category":"description",
|
|
"title":"Vulnerability Description"
|
|
}
|
|
],
|
|
"product_status":{
|
|
"fixed":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.src"
|
|
]
|
|
},
|
|
"remediations":[
|
|
{
|
|
"product_ids":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.src"
|
|
],
|
|
"details":"kernel security update",
|
|
"category":"vendor_fix",
|
|
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1862"
|
|
}
|
|
],
|
|
"scores":[
|
|
{
|
|
"cvss_v3":{
|
|
"baseSeverity":"MEDIUM",
|
|
"baseScore":5.5,
|
|
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
|
|
"version":"3.1"
|
|
},
|
|
"products":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.src"
|
|
]
|
|
}
|
|
],
|
|
"threats":[
|
|
{
|
|
"details":"Medium",
|
|
"category":"impact"
|
|
}
|
|
],
|
|
"title":"CVE-2024-39488"
|
|
},
|
|
{
|
|
"cve":"CVE-2024-39489",
|
|
"notes":[
|
|
{
|
|
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: sr: fix memleak in seg6_hmac_init_algo\n\nseg6_hmac_init_algo returns without cleaning up the previous allocations\nif one fails, so it's going to leak all that memory and the crypto tfms.\n\nUpdate seg6_hmac_exit to only free the memory when allocated, so we can\nreuse the code directly.",
|
|
"category":"description",
|
|
"title":"Vulnerability Description"
|
|
}
|
|
],
|
|
"product_status":{
|
|
"fixed":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.src"
|
|
]
|
|
},
|
|
"remediations":[
|
|
{
|
|
"product_ids":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.src"
|
|
],
|
|
"details":"kernel security update",
|
|
"category":"vendor_fix",
|
|
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1862"
|
|
}
|
|
],
|
|
"scores":[
|
|
{
|
|
"cvss_v3":{
|
|
"baseSeverity":"LOW",
|
|
"baseScore":3.3,
|
|
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
|
|
"version":"3.1"
|
|
},
|
|
"products":[
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.aarch64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:bpftool-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-debugsource-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-source-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-tools-devel-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python2-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:python3-perf-debuginfo-4.19.90-2407.4.0.0286.oe2003sp4.x86_64",
|
|
"openEuler-20.03-LTS-SP4:kernel-4.19.90-2407.4.0.0286.oe2003sp4.src"
|
|
]
|
|
}
|
|
],
|
|
"threats":[
|
|
{
|
|
"details":"Low",
|
|
"category":"impact"
|
|
}
|
|
],
|
|
"title":"CVE-2024-39489"
|
|
}
|
|
]
|
|
} |