{
"document":{
"aggregate_severity":{
"namespace":"https://nvd.nist.gov/vuln-metrics/cvss",
"text":"High"
},
"category":"csaf_vex",
"csaf_version":"2.0",
"distribution":{
"tlp":{
"label":"WHITE",
"url":"https:/www.first.org/tlp/"
}
},
"lang":"en",
"notes":[
{
"text":"kernel security update",
"category":"general",
"title":"Synopsis"
},
{
"text":"An update for kernel is now available for openEuler-22.03-LTS-SP4",
"category":"general",
"title":"Summary"
},
{
"text":"The Linux Kernel, the operating system core itself.\n\nSecurity Fix(es):\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\napparmor: fix unprivileged local user can do privileged policy management\n\nAn unprivileged local user can load, replace, and remove profiles by\nopening the apparmorfs interfaces, via a confused deputy attack, by\npassing the opened fd to a privileged process, and getting the\nprivileged process to write to the interface.\n\nThis does require a privileged target that can be manipulated to do\nthe write for the unprivileged process, but once such access is\nachieved full policy management is possible and all the possible\nimplications that implies: removing confinement, DoS of system or\ntarget applications by denying all execution, by-passing the\nunprivileged user namespace restriction, to exploiting kernel bugs for\na local privilege escalation.\n\nThe policy management interface can not have its permissions simply\nchanged from 0666 to 0600 because non-root processes need to be able\nto load policy to different policy namespaces.\n\nInstead ensure the task writing the interface has privileges that\nare a subset of the task that opened the interface. This is already\ndone via policy for confined processes, but unconfined can delegate\naccess to the opened fd, by-passing the usual policy check.(CVE-2026-23268)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nnet: usb: pegasus: validate USB endpoints\n\nThe pegasus driver should validate that the device it is probing has the\nproper number and types of USB endpoints it is expecting before it binds\nto it. If a malicious device were to not have the same urbs the driver\nwill crash later on when it blindly accesses these endpoints.(CVE-2026-23290)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: Compare MACs in constant time\n\nTo prevent timing attacks, MAC comparisons need to be constant-time.\nReplace the memcmp() with the correct function, crypto_memneq().(CVE-2026-23364)\n\nIn the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86/mmu: Drop/zap existing present SPTE even when creating an MMIO SPTE\n\nWhen installing an emulated MMIO SPTE, do so *after* dropping/zapping the\nexisting SPTE (if it's shadow-present). While commit a54aa15c6bda3 was\nright about it being impossible to convert a shadow-present SPTE to an\nMMIO SPTE due to a _guest_ write, it failed to account for writes to guest\nmemory that are outside the scope of KVM.\n\nE.g. if host userspace modifies a shadowed gPTE to switch from a memslot\nto emulted MMIO and then the guest hits a relevant page fault, KVM will\ninstall the MMIO SPTE without first zapping the shadow-present SPTE.\n\n ------------[ cut here ]------------\n is_shadow_present_pte(*sptep)\n WARNING: arch/x86/kvm/mmu/mmu.c:484 at mark_mmio_spte+0xb2/0xc0 [kvm], CPU#0: vmx_ept_stale_r/4292\n Modules linked in: kvm_intel kvm irqbypass\n CPU: 0 UID: 1000 PID: 4292 Comm: vmx_ept_stale_r Not tainted 7.0.0-rc2-eafebd2d2ab0-sink-vm #319 PREEMPT\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 0.0.0 02/06/2015\n RIP: 0010:mark_mmio_spte+0xb2/0xc0 [kvm]\n Call Trace:\n \n mmu_set_spte+0x237/0x440 [kvm]\n ept_page_fault+0x535/0x7f0 [kvm]\n kvm_mmu_do_page_fault+0xee/0x1f0 [kvm]\n kvm_mmu_page_fault+0x8d/0x620 [kvm]\n vmx_handle_exit+0x18c/0x5a0 [kvm_intel]\n kvm_arch_vcpu_ioctl_run+0xc55/0x1c20 [kvm]\n kvm_vcpu_ioctl+0x2d5/0x980 [kvm]\n __x64_sys_ioctl+0x8a/0xd0\n do_syscall_64+0xb5/0x730\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\n RIP: 0033:0x47fa3f\n \n ---[ end trace 0000000000000000 ]---(CVE-2026-23401)",
"category":"general",
"title":"Description"
},
{
"text":"An update for kernel is now available for openEuler-20.03-LTS-SP4/openEuler-22.03-LTS-SP4/openEuler-22.03-LTS-SP3.\n\nopenEuler Security has rated this update as having a security impact of high. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.",
"category":"general",
"title":"Topic"
},
{
"text":"High",
"category":"general",
"title":"Severity"
},
{
"text":"kernel",
"category":"general",
"title":"Affected Component"
}
],
"publisher":{
"issuing_authority":"openEuler security committee",
"name":"openEuler",
"namespace":"https://www.openeuler.org",
"contact_details":"openeuler-security@openeuler.org",
"category":"vendor"
},
"references":[
{
"summary":"openEuler-SA-2026-1861",
"category":"self",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1861"
},
{
"summary":"CVE-2026-23268",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2026-23268&packageName=kernel"
},
{
"summary":"CVE-2026-23290",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2026-23290&packageName=kernel"
},
{
"summary":"CVE-2026-23364",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2026-23364&packageName=kernel"
},
{
"summary":"CVE-2026-23401",
"category":"self",
"url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2026-23401&packageName=kernel"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-23268"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-23290"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-23364"
},
{
"summary":"nvd cve",
"category":"external",
"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-23401"
},
{
"summary":"openEuler-SA-2026-1861 vex file",
"category":"self",
"url":"https://repo.openeuler.org/security/data/csaf/advisories/2026/csaf-openeuler-sa-2026-1861.json"
}
],
"title":"An update for kernel is now available for openEuler-22.03-LTS-SP4",
"tracking":{
"initial_release_date":"2026-04-11T22:05:17+08:00",
"revision_history":[
{
"date":"2026-04-11T22:05:17+08:00",
"summary":"Initial",
"number":"1.0.0"
}
],
"generator":{
"date":"2026-04-11T22:05:17+08:00",
"engine":{
"name":"openEuler CSAF Tool V1.0"
}
},
"current_release_date":"2026-04-11T22:05:17+08:00",
"id":"openEuler-SA-2026-1861",
"version":"1.0.0",
"status":"final"
}
},
"product_tree":{
"branches":[
{
"name":"openEuler",
"category":"vendor",
"branches":[
{
"name":"openEuler",
"branches":[
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
},
"product_id":"openEuler-22.03-LTS-SP4",
"name":"openEuler-22.03-LTS-SP4"
},
"name":"openEuler-22.03-LTS-SP4",
"category":"product_version"
}
],
"category":"product_name"
},
{
"name":"aarch64",
"branches":[
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
},
"product_id":"bpftool-5.10.0-308.0.0.211.oe2203sp4.aarch64.rpm",
"name":"bpftool-5.10.0-308.0.0.211.oe2203sp4.aarch64.rpm"
},
"name":"bpftool-5.10.0-308.0.0.211.oe2203sp4.aarch64.rpm",
"category":"product_version"
},
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
},
"product_id":"bpftool-debuginfo-5.10.0-308.0.0.211.oe2203sp4.aarch64.rpm",
"name":"bpftool-debuginfo-5.10.0-308.0.0.211.oe2203sp4.aarch64.rpm"
},
"name":"bpftool-debuginfo-5.10.0-308.0.0.211.oe2203sp4.aarch64.rpm",
"category":"product_version"
},
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
},
"product_id":"kernel-5.10.0-308.0.0.211.oe2203sp4.aarch64.rpm",
"name":"kernel-5.10.0-308.0.0.211.oe2203sp4.aarch64.rpm"
},
"name":"kernel-5.10.0-308.0.0.211.oe2203sp4.aarch64.rpm",
"category":"product_version"
},
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
},
"product_id":"kernel-debuginfo-5.10.0-308.0.0.211.oe2203sp4.aarch64.rpm",
"name":"kernel-debuginfo-5.10.0-308.0.0.211.oe2203sp4.aarch64.rpm"
},
"name":"kernel-debuginfo-5.10.0-308.0.0.211.oe2203sp4.aarch64.rpm",
"category":"product_version"
},
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
},
"product_id":"kernel-debugsource-5.10.0-308.0.0.211.oe2203sp4.aarch64.rpm",
"name":"kernel-debugsource-5.10.0-308.0.0.211.oe2203sp4.aarch64.rpm"
},
"name":"kernel-debugsource-5.10.0-308.0.0.211.oe2203sp4.aarch64.rpm",
"category":"product_version"
},
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
},
"product_id":"kernel-devel-5.10.0-308.0.0.211.oe2203sp4.aarch64.rpm",
"name":"kernel-devel-5.10.0-308.0.0.211.oe2203sp4.aarch64.rpm"
},
"name":"kernel-devel-5.10.0-308.0.0.211.oe2203sp4.aarch64.rpm",
"category":"product_version"
},
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
},
"product_id":"kernel-headers-5.10.0-308.0.0.211.oe2203sp4.aarch64.rpm",
"name":"kernel-headers-5.10.0-308.0.0.211.oe2203sp4.aarch64.rpm"
},
"name":"kernel-headers-5.10.0-308.0.0.211.oe2203sp4.aarch64.rpm",
"category":"product_version"
},
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
},
"product_id":"kernel-source-5.10.0-308.0.0.211.oe2203sp4.aarch64.rpm",
"name":"kernel-source-5.10.0-308.0.0.211.oe2203sp4.aarch64.rpm"
},
"name":"kernel-source-5.10.0-308.0.0.211.oe2203sp4.aarch64.rpm",
"category":"product_version"
},
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
},
"product_id":"kernel-tools-5.10.0-308.0.0.211.oe2203sp4.aarch64.rpm",
"name":"kernel-tools-5.10.0-308.0.0.211.oe2203sp4.aarch64.rpm"
},
"name":"kernel-tools-5.10.0-308.0.0.211.oe2203sp4.aarch64.rpm",
"category":"product_version"
},
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
},
"product_id":"kernel-tools-debuginfo-5.10.0-308.0.0.211.oe2203sp4.aarch64.rpm",
"name":"kernel-tools-debuginfo-5.10.0-308.0.0.211.oe2203sp4.aarch64.rpm"
},
"name":"kernel-tools-debuginfo-5.10.0-308.0.0.211.oe2203sp4.aarch64.rpm",
"category":"product_version"
},
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
},
"product_id":"kernel-tools-devel-5.10.0-308.0.0.211.oe2203sp4.aarch64.rpm",
"name":"kernel-tools-devel-5.10.0-308.0.0.211.oe2203sp4.aarch64.rpm"
},
"name":"kernel-tools-devel-5.10.0-308.0.0.211.oe2203sp4.aarch64.rpm",
"category":"product_version"
},
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
},
"product_id":"perf-5.10.0-308.0.0.211.oe2203sp4.aarch64.rpm",
"name":"perf-5.10.0-308.0.0.211.oe2203sp4.aarch64.rpm"
},
"name":"perf-5.10.0-308.0.0.211.oe2203sp4.aarch64.rpm",
"category":"product_version"
},
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
},
"product_id":"perf-debuginfo-5.10.0-308.0.0.211.oe2203sp4.aarch64.rpm",
"name":"perf-debuginfo-5.10.0-308.0.0.211.oe2203sp4.aarch64.rpm"
},
"name":"perf-debuginfo-5.10.0-308.0.0.211.oe2203sp4.aarch64.rpm",
"category":"product_version"
},
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
},
"product_id":"python3-perf-5.10.0-308.0.0.211.oe2203sp4.aarch64.rpm",
"name":"python3-perf-5.10.0-308.0.0.211.oe2203sp4.aarch64.rpm"
},
"name":"python3-perf-5.10.0-308.0.0.211.oe2203sp4.aarch64.rpm",
"category":"product_version"
},
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
},
"product_id":"python3-perf-debuginfo-5.10.0-308.0.0.211.oe2203sp4.aarch64.rpm",
"name":"python3-perf-debuginfo-5.10.0-308.0.0.211.oe2203sp4.aarch64.rpm"
},
"name":"python3-perf-debuginfo-5.10.0-308.0.0.211.oe2203sp4.aarch64.rpm",
"category":"product_version"
}
],
"category":"architecture"
},
{
"name":"x86_64",
"branches":[
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
},
"product_id":"bpftool-5.10.0-308.0.0.211.oe2203sp4.x86_64.rpm",
"name":"bpftool-5.10.0-308.0.0.211.oe2203sp4.x86_64.rpm"
},
"name":"bpftool-5.10.0-308.0.0.211.oe2203sp4.x86_64.rpm",
"category":"product_version"
},
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
},
"product_id":"bpftool-debuginfo-5.10.0-308.0.0.211.oe2203sp4.x86_64.rpm",
"name":"bpftool-debuginfo-5.10.0-308.0.0.211.oe2203sp4.x86_64.rpm"
},
"name":"bpftool-debuginfo-5.10.0-308.0.0.211.oe2203sp4.x86_64.rpm",
"category":"product_version"
},
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
},
"product_id":"kernel-5.10.0-308.0.0.211.oe2203sp4.x86_64.rpm",
"name":"kernel-5.10.0-308.0.0.211.oe2203sp4.x86_64.rpm"
},
"name":"kernel-5.10.0-308.0.0.211.oe2203sp4.x86_64.rpm",
"category":"product_version"
},
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
},
"product_id":"kernel-debuginfo-5.10.0-308.0.0.211.oe2203sp4.x86_64.rpm",
"name":"kernel-debuginfo-5.10.0-308.0.0.211.oe2203sp4.x86_64.rpm"
},
"name":"kernel-debuginfo-5.10.0-308.0.0.211.oe2203sp4.x86_64.rpm",
"category":"product_version"
},
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
},
"product_id":"kernel-debugsource-5.10.0-308.0.0.211.oe2203sp4.x86_64.rpm",
"name":"kernel-debugsource-5.10.0-308.0.0.211.oe2203sp4.x86_64.rpm"
},
"name":"kernel-debugsource-5.10.0-308.0.0.211.oe2203sp4.x86_64.rpm",
"category":"product_version"
},
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
},
"product_id":"kernel-devel-5.10.0-308.0.0.211.oe2203sp4.x86_64.rpm",
"name":"kernel-devel-5.10.0-308.0.0.211.oe2203sp4.x86_64.rpm"
},
"name":"kernel-devel-5.10.0-308.0.0.211.oe2203sp4.x86_64.rpm",
"category":"product_version"
},
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
},
"product_id":"kernel-headers-5.10.0-308.0.0.211.oe2203sp4.x86_64.rpm",
"name":"kernel-headers-5.10.0-308.0.0.211.oe2203sp4.x86_64.rpm"
},
"name":"kernel-headers-5.10.0-308.0.0.211.oe2203sp4.x86_64.rpm",
"category":"product_version"
},
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
},
"product_id":"kernel-source-5.10.0-308.0.0.211.oe2203sp4.x86_64.rpm",
"name":"kernel-source-5.10.0-308.0.0.211.oe2203sp4.x86_64.rpm"
},
"name":"kernel-source-5.10.0-308.0.0.211.oe2203sp4.x86_64.rpm",
"category":"product_version"
},
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
},
"product_id":"kernel-tools-5.10.0-308.0.0.211.oe2203sp4.x86_64.rpm",
"name":"kernel-tools-5.10.0-308.0.0.211.oe2203sp4.x86_64.rpm"
},
"name":"kernel-tools-5.10.0-308.0.0.211.oe2203sp4.x86_64.rpm",
"category":"product_version"
},
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
},
"product_id":"kernel-tools-debuginfo-5.10.0-308.0.0.211.oe2203sp4.x86_64.rpm",
"name":"kernel-tools-debuginfo-5.10.0-308.0.0.211.oe2203sp4.x86_64.rpm"
},
"name":"kernel-tools-debuginfo-5.10.0-308.0.0.211.oe2203sp4.x86_64.rpm",
"category":"product_version"
},
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
},
"product_id":"kernel-tools-devel-5.10.0-308.0.0.211.oe2203sp4.x86_64.rpm",
"name":"kernel-tools-devel-5.10.0-308.0.0.211.oe2203sp4.x86_64.rpm"
},
"name":"kernel-tools-devel-5.10.0-308.0.0.211.oe2203sp4.x86_64.rpm",
"category":"product_version"
},
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
},
"product_id":"perf-5.10.0-308.0.0.211.oe2203sp4.x86_64.rpm",
"name":"perf-5.10.0-308.0.0.211.oe2203sp4.x86_64.rpm"
},
"name":"perf-5.10.0-308.0.0.211.oe2203sp4.x86_64.rpm",
"category":"product_version"
},
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
},
"product_id":"perf-debuginfo-5.10.0-308.0.0.211.oe2203sp4.x86_64.rpm",
"name":"perf-debuginfo-5.10.0-308.0.0.211.oe2203sp4.x86_64.rpm"
},
"name":"perf-debuginfo-5.10.0-308.0.0.211.oe2203sp4.x86_64.rpm",
"category":"product_version"
},
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
},
"product_id":"python3-perf-5.10.0-308.0.0.211.oe2203sp4.x86_64.rpm",
"name":"python3-perf-5.10.0-308.0.0.211.oe2203sp4.x86_64.rpm"
},
"name":"python3-perf-5.10.0-308.0.0.211.oe2203sp4.x86_64.rpm",
"category":"product_version"
},
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
},
"product_id":"python3-perf-debuginfo-5.10.0-308.0.0.211.oe2203sp4.x86_64.rpm",
"name":"python3-perf-debuginfo-5.10.0-308.0.0.211.oe2203sp4.x86_64.rpm"
},
"name":"python3-perf-debuginfo-5.10.0-308.0.0.211.oe2203sp4.x86_64.rpm",
"category":"product_version"
}
],
"category":"architecture"
},
{
"name":"src",
"branches":[
{
"product":{
"product_identification_helper":{
"cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP4"
},
"product_id":"kernel-5.10.0-308.0.0.211.oe2203sp4.src.rpm",
"name":"kernel-5.10.0-308.0.0.211.oe2203sp4.src.rpm"
},
"name":"kernel-5.10.0-308.0.0.211.oe2203sp4.src.rpm",
"category":"product_version"
}
],
"category":"architecture"
}
]
}
],
"relationships":[
{
"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
"product_reference":"bpftool-5.10.0-308.0.0.211.oe2203sp4.aarch64.rpm",
"full_product_name":{
"product_id":"openEuler-22.03-LTS-SP4:bpftool-5.10.0-308.0.0.211.oe2203sp4.aarch64",
"name":"bpftool-5.10.0-308.0.0.211.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
"product_reference":"bpftool-debuginfo-5.10.0-308.0.0.211.oe2203sp4.aarch64.rpm",
"full_product_name":{
"product_id":"openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-308.0.0.211.oe2203sp4.aarch64",
"name":"bpftool-debuginfo-5.10.0-308.0.0.211.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
"product_reference":"kernel-5.10.0-308.0.0.211.oe2203sp4.aarch64.rpm",
"full_product_name":{
"product_id":"openEuler-22.03-LTS-SP4:kernel-5.10.0-308.0.0.211.oe2203sp4.aarch64",
"name":"kernel-5.10.0-308.0.0.211.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
"product_reference":"kernel-debuginfo-5.10.0-308.0.0.211.oe2203sp4.aarch64.rpm",
"full_product_name":{
"product_id":"openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-308.0.0.211.oe2203sp4.aarch64",
"name":"kernel-debuginfo-5.10.0-308.0.0.211.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
"product_reference":"kernel-debugsource-5.10.0-308.0.0.211.oe2203sp4.aarch64.rpm",
"full_product_name":{
"product_id":"openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-308.0.0.211.oe2203sp4.aarch64",
"name":"kernel-debugsource-5.10.0-308.0.0.211.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
"product_reference":"kernel-devel-5.10.0-308.0.0.211.oe2203sp4.aarch64.rpm",
"full_product_name":{
"product_id":"openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-308.0.0.211.oe2203sp4.aarch64",
"name":"kernel-devel-5.10.0-308.0.0.211.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
"product_reference":"kernel-headers-5.10.0-308.0.0.211.oe2203sp4.aarch64.rpm",
"full_product_name":{
"product_id":"openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-308.0.0.211.oe2203sp4.aarch64",
"name":"kernel-headers-5.10.0-308.0.0.211.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
"product_reference":"kernel-source-5.10.0-308.0.0.211.oe2203sp4.aarch64.rpm",
"full_product_name":{
"product_id":"openEuler-22.03-LTS-SP4:kernel-source-5.10.0-308.0.0.211.oe2203sp4.aarch64",
"name":"kernel-source-5.10.0-308.0.0.211.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
"product_reference":"kernel-tools-5.10.0-308.0.0.211.oe2203sp4.aarch64.rpm",
"full_product_name":{
"product_id":"openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-308.0.0.211.oe2203sp4.aarch64",
"name":"kernel-tools-5.10.0-308.0.0.211.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
"product_reference":"kernel-tools-debuginfo-5.10.0-308.0.0.211.oe2203sp4.aarch64.rpm",
"full_product_name":{
"product_id":"openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-308.0.0.211.oe2203sp4.aarch64",
"name":"kernel-tools-debuginfo-5.10.0-308.0.0.211.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
"product_reference":"kernel-tools-devel-5.10.0-308.0.0.211.oe2203sp4.aarch64.rpm",
"full_product_name":{
"product_id":"openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-308.0.0.211.oe2203sp4.aarch64",
"name":"kernel-tools-devel-5.10.0-308.0.0.211.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
"product_reference":"perf-5.10.0-308.0.0.211.oe2203sp4.aarch64.rpm",
"full_product_name":{
"product_id":"openEuler-22.03-LTS-SP4:perf-5.10.0-308.0.0.211.oe2203sp4.aarch64",
"name":"perf-5.10.0-308.0.0.211.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
"product_reference":"perf-debuginfo-5.10.0-308.0.0.211.oe2203sp4.aarch64.rpm",
"full_product_name":{
"product_id":"openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-308.0.0.211.oe2203sp4.aarch64",
"name":"perf-debuginfo-5.10.0-308.0.0.211.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
"product_reference":"python3-perf-5.10.0-308.0.0.211.oe2203sp4.aarch64.rpm",
"full_product_name":{
"product_id":"openEuler-22.03-LTS-SP4:python3-perf-5.10.0-308.0.0.211.oe2203sp4.aarch64",
"name":"python3-perf-5.10.0-308.0.0.211.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
"product_reference":"python3-perf-debuginfo-5.10.0-308.0.0.211.oe2203sp4.aarch64.rpm",
"full_product_name":{
"product_id":"openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-308.0.0.211.oe2203sp4.aarch64",
"name":"python3-perf-debuginfo-5.10.0-308.0.0.211.oe2203sp4.aarch64 as a component of openEuler-22.03-LTS-SP4"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
"product_reference":"bpftool-5.10.0-308.0.0.211.oe2203sp4.x86_64.rpm",
"full_product_name":{
"product_id":"openEuler-22.03-LTS-SP4:bpftool-5.10.0-308.0.0.211.oe2203sp4.x86_64",
"name":"bpftool-5.10.0-308.0.0.211.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
"product_reference":"bpftool-debuginfo-5.10.0-308.0.0.211.oe2203sp4.x86_64.rpm",
"full_product_name":{
"product_id":"openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-308.0.0.211.oe2203sp4.x86_64",
"name":"bpftool-debuginfo-5.10.0-308.0.0.211.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
"product_reference":"kernel-5.10.0-308.0.0.211.oe2203sp4.x86_64.rpm",
"full_product_name":{
"product_id":"openEuler-22.03-LTS-SP4:kernel-5.10.0-308.0.0.211.oe2203sp4.x86_64",
"name":"kernel-5.10.0-308.0.0.211.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
"product_reference":"kernel-debuginfo-5.10.0-308.0.0.211.oe2203sp4.x86_64.rpm",
"full_product_name":{
"product_id":"openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-308.0.0.211.oe2203sp4.x86_64",
"name":"kernel-debuginfo-5.10.0-308.0.0.211.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
"product_reference":"kernel-debugsource-5.10.0-308.0.0.211.oe2203sp4.x86_64.rpm",
"full_product_name":{
"product_id":"openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-308.0.0.211.oe2203sp4.x86_64",
"name":"kernel-debugsource-5.10.0-308.0.0.211.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
"product_reference":"kernel-devel-5.10.0-308.0.0.211.oe2203sp4.x86_64.rpm",
"full_product_name":{
"product_id":"openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-308.0.0.211.oe2203sp4.x86_64",
"name":"kernel-devel-5.10.0-308.0.0.211.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
"product_reference":"kernel-headers-5.10.0-308.0.0.211.oe2203sp4.x86_64.rpm",
"full_product_name":{
"product_id":"openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-308.0.0.211.oe2203sp4.x86_64",
"name":"kernel-headers-5.10.0-308.0.0.211.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
"product_reference":"kernel-source-5.10.0-308.0.0.211.oe2203sp4.x86_64.rpm",
"full_product_name":{
"product_id":"openEuler-22.03-LTS-SP4:kernel-source-5.10.0-308.0.0.211.oe2203sp4.x86_64",
"name":"kernel-source-5.10.0-308.0.0.211.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
"product_reference":"kernel-tools-5.10.0-308.0.0.211.oe2203sp4.x86_64.rpm",
"full_product_name":{
"product_id":"openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-308.0.0.211.oe2203sp4.x86_64",
"name":"kernel-tools-5.10.0-308.0.0.211.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
"product_reference":"kernel-tools-debuginfo-5.10.0-308.0.0.211.oe2203sp4.x86_64.rpm",
"full_product_name":{
"product_id":"openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-308.0.0.211.oe2203sp4.x86_64",
"name":"kernel-tools-debuginfo-5.10.0-308.0.0.211.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
"product_reference":"kernel-tools-devel-5.10.0-308.0.0.211.oe2203sp4.x86_64.rpm",
"full_product_name":{
"product_id":"openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-308.0.0.211.oe2203sp4.x86_64",
"name":"kernel-tools-devel-5.10.0-308.0.0.211.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
"product_reference":"perf-5.10.0-308.0.0.211.oe2203sp4.x86_64.rpm",
"full_product_name":{
"product_id":"openEuler-22.03-LTS-SP4:perf-5.10.0-308.0.0.211.oe2203sp4.x86_64",
"name":"perf-5.10.0-308.0.0.211.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
"product_reference":"perf-debuginfo-5.10.0-308.0.0.211.oe2203sp4.x86_64.rpm",
"full_product_name":{
"product_id":"openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-308.0.0.211.oe2203sp4.x86_64",
"name":"perf-debuginfo-5.10.0-308.0.0.211.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
"product_reference":"python3-perf-5.10.0-308.0.0.211.oe2203sp4.x86_64.rpm",
"full_product_name":{
"product_id":"openEuler-22.03-LTS-SP4:python3-perf-5.10.0-308.0.0.211.oe2203sp4.x86_64",
"name":"python3-perf-5.10.0-308.0.0.211.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
"product_reference":"python3-perf-debuginfo-5.10.0-308.0.0.211.oe2203sp4.x86_64.rpm",
"full_product_name":{
"product_id":"openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-308.0.0.211.oe2203sp4.x86_64",
"name":"python3-perf-debuginfo-5.10.0-308.0.0.211.oe2203sp4.x86_64 as a component of openEuler-22.03-LTS-SP4"
},
"category":"default_component_of"
},
{
"relates_to_product_reference":"openEuler-22.03-LTS-SP4",
"product_reference":"kernel-5.10.0-308.0.0.211.oe2203sp4.src.rpm",
"full_product_name":{
"product_id":"openEuler-22.03-LTS-SP4:kernel-5.10.0-308.0.0.211.oe2203sp4.src",
"name":"kernel-5.10.0-308.0.0.211.oe2203sp4.src as a component of openEuler-22.03-LTS-SP4"
},
"category":"default_component_of"
}
]
},
"vulnerabilities":[
{
"cve":"CVE-2026-23268",
"notes":[
{
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\napparmor: fix unprivileged local user can do privileged policy management\n\nAn unprivileged local user can load, replace, and remove profiles by\nopening the apparmorfs interfaces, via a confused deputy attack, by\npassing the opened fd to a privileged process, and getting the\nprivileged process to write to the interface.\n\nThis does require a privileged target that can be manipulated to do\nthe write for the unprivileged process, but once such access is\nachieved full policy management is possible and all the possible\nimplications that implies: removing confinement, DoS of system or\ntarget applications by denying all execution, by-passing the\nunprivileged user namespace restriction, to exploiting kernel bugs for\na local privilege escalation.\n\nThe policy management interface can not have its permissions simply\nchanged from 0666 to 0600 because non-root processes need to be able\nto load policy to different policy namespaces.\n\nInstead ensure the task writing the interface has privileges that\nare a subset of the task that opened the interface. This is already\ndone via policy for confined processes, but unconfined can delegate\naccess to the opened fd, by-passing the usual policy check.",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":[
"openEuler-22.03-LTS-SP4:bpftool-5.10.0-308.0.0.211.oe2203sp4.aarch64",
"openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-308.0.0.211.oe2203sp4.aarch64",
"openEuler-22.03-LTS-SP4:kernel-5.10.0-308.0.0.211.oe2203sp4.aarch64",
"openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-308.0.0.211.oe2203sp4.aarch64",
"openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-308.0.0.211.oe2203sp4.aarch64",
"openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-308.0.0.211.oe2203sp4.aarch64",
"openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-308.0.0.211.oe2203sp4.aarch64",
"openEuler-22.03-LTS-SP4:kernel-source-5.10.0-308.0.0.211.oe2203sp4.aarch64",
"openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-308.0.0.211.oe2203sp4.aarch64",
"openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-308.0.0.211.oe2203sp4.aarch64",
"openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-308.0.0.211.oe2203sp4.aarch64",
"openEuler-22.03-LTS-SP4:perf-5.10.0-308.0.0.211.oe2203sp4.aarch64",
"openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-308.0.0.211.oe2203sp4.aarch64",
"openEuler-22.03-LTS-SP4:python3-perf-5.10.0-308.0.0.211.oe2203sp4.aarch64",
"openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-308.0.0.211.oe2203sp4.aarch64",
"openEuler-22.03-LTS-SP4:bpftool-5.10.0-308.0.0.211.oe2203sp4.x86_64",
"openEuler-22.03-LTS-SP4:bpftool-debuginfo-5.10.0-308.0.0.211.oe2203sp4.x86_64",
"openEuler-22.03-LTS-SP4:kernel-5.10.0-308.0.0.211.oe2203sp4.x86_64",
"openEuler-22.03-LTS-SP4:kernel-debuginfo-5.10.0-308.0.0.211.oe2203sp4.x86_64",
"openEuler-22.03-LTS-SP4:kernel-debugsource-5.10.0-308.0.0.211.oe2203sp4.x86_64",
"openEuler-22.03-LTS-SP4:kernel-devel-5.10.0-308.0.0.211.oe2203sp4.x86_64",
"openEuler-22.03-LTS-SP4:kernel-headers-5.10.0-308.0.0.211.oe2203sp4.x86_64",
"openEuler-22.03-LTS-SP4:kernel-source-5.10.0-308.0.0.211.oe2203sp4.x86_64",
"openEuler-22.03-LTS-SP4:kernel-tools-5.10.0-308.0.0.211.oe2203sp4.x86_64",
"openEuler-22.03-LTS-SP4:kernel-tools-debuginfo-5.10.0-308.0.0.211.oe2203sp4.x86_64",
"openEuler-22.03-LTS-SP4:kernel-tools-devel-5.10.0-308.0.0.211.oe2203sp4.x86_64",
"openEuler-22.03-LTS-SP4:perf-5.10.0-308.0.0.211.oe2203sp4.x86_64",
"openEuler-22.03-LTS-SP4:perf-debuginfo-5.10.0-308.0.0.211.oe2203sp4.x86_64",
"openEuler-22.03-LTS-SP4:python3-perf-5.10.0-308.0.0.211.oe2203sp4.x86_64",
"openEuler-22.03-LTS-SP4:python3-perf-debuginfo-5.10.0-308.0.0.211.oe2203sp4.x86_64",
"openEuler-22.03-LTS-SP4:kernel-5.10.0-308.0.0.211.oe2203sp4.src"
]
},
"remediations":[
{
"product_ids":{"$ref":"$.vulnerabilities[0].product_status.fixed"},
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1861"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"HIGH",
"baseScore":7.8,
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version":"3.1"
},
"products":{"$ref":"$.vulnerabilities[0].product_status.fixed"}
}
],
"threats":[
{
"details":"High",
"category":"impact"
}
],
"title":"CVE-2026-23268"
},
{
"cve":"CVE-2026-23290",
"notes":[
{
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet: usb: pegasus: validate USB endpoints\n\nThe pegasus driver should validate that the device it is probing has the\nproper number and types of USB endpoints it is expecting before it binds\nto it. If a malicious device were to not have the same urbs the driver\nwill crash later on when it blindly accesses these endpoints.",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":{"$ref":"$.vulnerabilities[0].product_status.fixed"}
},
"remediations":[
{
"product_ids":{"$ref":"$.vulnerabilities[0].product_status.fixed"},
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1861"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"MEDIUM",
"baseScore":5.5,
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version":"3.1"
},
"products":{"$ref":"$.vulnerabilities[0].product_status.fixed"}
}
],
"threats":[
{
"details":"Medium",
"category":"impact"
}
],
"title":"CVE-2026-23290"
},
{
"cve":"CVE-2026-23364",
"notes":[
{
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: Compare MACs in constant time\n\nTo prevent timing attacks, MAC comparisons need to be constant-time.\nReplace the memcmp() with the correct function, crypto_memneq().",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":{"$ref":"$.vulnerabilities[0].product_status.fixed"}
},
"remediations":[
{
"product_ids":{"$ref":"$.vulnerabilities[0].product_status.fixed"},
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1861"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"MEDIUM",
"baseScore":5.5,
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version":"3.1"
},
"products":{"$ref":"$.vulnerabilities[0].product_status.fixed"}
}
],
"threats":[
{
"details":"Medium",
"category":"impact"
}
],
"title":"CVE-2026-23364"
},
{
"cve":"CVE-2026-23401",
"notes":[
{
"text":"In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86/mmu: Drop/zap existing present SPTE even when creating an MMIO SPTE\n\nWhen installing an emulated MMIO SPTE, do so *after* dropping/zapping the\nexisting SPTE (if it's shadow-present). While commit a54aa15c6bda3 was\nright about it being impossible to convert a shadow-present SPTE to an\nMMIO SPTE due to a _guest_ write, it failed to account for writes to guest\nmemory that are outside the scope of KVM.\n\nE.g. if host userspace modifies a shadowed gPTE to switch from a memslot\nto emulted MMIO and then the guest hits a relevant page fault, KVM will\ninstall the MMIO SPTE without first zapping the shadow-present SPTE.\n\n ------------[ cut here ]------------\n is_shadow_present_pte(*sptep)\n WARNING: arch/x86/kvm/mmu/mmu.c:484 at mark_mmio_spte+0xb2/0xc0 [kvm], CPU#0: vmx_ept_stale_r/4292\n Modules linked in: kvm_intel kvm irqbypass\n CPU: 0 UID: 1000 PID: 4292 Comm: vmx_ept_stale_r Not tainted 7.0.0-rc2-eafebd2d2ab0-sink-vm #319 PREEMPT\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 0.0.0 02/06/2015\n RIP: 0010:mark_mmio_spte+0xb2/0xc0 [kvm]\n Call Trace:\n \n mmu_set_spte+0x237/0x440 [kvm]\n ept_page_fault+0x535/0x7f0 [kvm]\n kvm_mmu_do_page_fault+0xee/0x1f0 [kvm]\n kvm_mmu_page_fault+0x8d/0x620 [kvm]\n vmx_handle_exit+0x18c/0x5a0 [kvm_intel]\n kvm_arch_vcpu_ioctl_run+0xc55/0x1c20 [kvm]\n kvm_vcpu_ioctl+0x2d5/0x980 [kvm]\n __x64_sys_ioctl+0x8a/0xd0\n do_syscall_64+0xb5/0x730\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\n RIP: 0033:0x47fa3f\n \n ---[ end trace 0000000000000000 ]---",
"category":"description",
"title":"Vulnerability Description"
}
],
"product_status":{
"fixed":{"$ref":"$.vulnerabilities[0].product_status.fixed"}
},
"remediations":[
{
"product_ids":{"$ref":"$.vulnerabilities[0].product_status.fixed"},
"details":"kernel security update",
"category":"vendor_fix",
"url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1861"
}
],
"scores":[
{
"cvss_v3":{
"baseSeverity":"MEDIUM",
"baseScore":5.5,
"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version":"3.1"
},
"products":{"$ref":"$.vulnerabilities[0].product_status.fixed"}
}
],
"threats":[
{
"details":"Medium",
"category":"impact"
}
],
"title":"CVE-2026-23401"
}
]
}