An update for kernel is now available for openEuler-20.03-LTS-SP1,openEuler-20.03-LTS-SP3,openEuler-22.03-LTS and openEuler-22.03-LTS-SP1
Security Advisory
openeuler-security@openeuler.org
openEuler security committee
openEuler-SA-2023-1284
Final
1.0
1.0
2023-05-19
Initial
2023-05-19
2023-05-19
openEuler SA Tool V1.0
2023-05-19
kernel security update
An update for kernel is now available for openEuler-20.03-LTS-SP1,openEuler-20.03-LTS-SP3,openEuler-22.03-LTS and openEuler-22.03-LTS-SP1.
The Linux Kernel, the operating system core itself.
Security Fix(es):
A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hci_sock.c in the Linux Kernel. This flaw allows an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth communication.(CVE-2023-2002)
A speculative pointer dereference problem exists in the Linux Kernel on the do_prlimit() function. The resource argument value is controlled and is used in pointer arithmetic for the 'rlim' variable and can be used to leak the contents. We recommend upgrading past version 6.1.8 or commit 739790605705ddcf18f21782b9c99ad7d53a8c11(CVE-2023-0458)
In emac_probe, &adpt->work_thread is bound with emac_work_thread. Then it will be started by timeout handler emac_tx_timeout or a IRQ handler emac_isr. If we remove the driver which will call emac_remove to make cleanup, there may be a unfinished work. This could lead to a use-after-free.
Upstream fix:
https://github.com/torvalds/linux/commit/6b6bc5b8bd2d(CVE-2023-2483)
An issue was discovered in the Linux kernel before 6.1.11. In net/netrom/af_netrom.c, there is a use-after-free because accept is also allowed for a successfully connected AF_NETROM socket. However, in order for an attacker to exploit this, the system must have netrom routing configured or the attacker must have the CAP_NET_ADMIN capability.(CVE-2023-32269)
In the Linux kernel 6.0.8, there is a use-after-free in run_unpack in fs/ntfs3/run.c, related to a difference between NTFS sector size and media sector size.(CVE-2023-26544)
No description is available for this CVE(CVE-2023-0459)
A null pointer dereference issue was found in the sctp network protocol in net/sctp/stream_sched.c in Linux Kernel. If stream_in allocation is failed, stream_out is freed which would further be accessed. A local user could use this flaw to crash the system or potentially cause a denial of service.(CVE-2023-2177)
A use-after-free vulnerability was found in the Linux kernel's ext4 filesystem in the way it handled the extra inode size for extended attributes. This flaw could allow a privileged local user to cause a system crash or other undefined behaviors.(CVE-2023-2513)
An update for kernel is now available for openEuler-20.03-LTS-SP1,openEuler-20.03-LTS-SP3,openEuler-22.03-LTS and openEuler-22.03-LTS-SP1.
openEuler Security has rated this update as having a security impact of high. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.
High
kernel
https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2023-1284
https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2023-2002
https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2023-0458
https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2023-2483
https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2023-32269
https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2023-26544
https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2023-0459
https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2023-2177
https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2023-2513
https://nvd.nist.gov/vuln/detail/CVE-2023-2002
https://nvd.nist.gov/vuln/detail/CVE-2023-0458
https://nvd.nist.gov/vuln/detail/CVE-2023-2483
https://nvd.nist.gov/vuln/detail/CVE-2023-32269
https://nvd.nist.gov/vuln/detail/CVE-2023-26544
https://nvd.nist.gov/vuln/detail/CVE-2023-0459
https://nvd.nist.gov/vuln/detail/CVE-2023-2177
https://nvd.nist.gov/vuln/detail/CVE-2023-2513
openEuler-20.03-LTS-SP1
openEuler-20.03-LTS-SP3
openEuler-22.03-LTS
openEuler-22.03-LTS-SP1
perf-4.19.90-2305.2.0.0201.oe1.aarch64.rpm
kernel-tools-debuginfo-4.19.90-2305.2.0.0201.oe1.aarch64.rpm
python3-perf-4.19.90-2305.2.0.0201.oe1.aarch64.rpm
python3-perf-debuginfo-4.19.90-2305.2.0.0201.oe1.aarch64.rpm
kernel-tools-devel-4.19.90-2305.2.0.0201.oe1.aarch64.rpm
kernel-debugsource-4.19.90-2305.2.0.0201.oe1.aarch64.rpm
bpftool-debuginfo-4.19.90-2305.2.0.0201.oe1.aarch64.rpm
perf-debuginfo-4.19.90-2305.2.0.0201.oe1.aarch64.rpm
bpftool-4.19.90-2305.2.0.0201.oe1.aarch64.rpm
kernel-tools-4.19.90-2305.2.0.0201.oe1.aarch64.rpm
python2-perf-debuginfo-4.19.90-2305.2.0.0201.oe1.aarch64.rpm
kernel-devel-4.19.90-2305.2.0.0201.oe1.aarch64.rpm
python2-perf-4.19.90-2305.2.0.0201.oe1.aarch64.rpm
kernel-4.19.90-2305.2.0.0201.oe1.aarch64.rpm
kernel-source-4.19.90-2305.2.0.0201.oe1.aarch64.rpm
kernel-debuginfo-4.19.90-2305.2.0.0201.oe1.aarch64.rpm
python3-perf-debuginfo-4.19.90-2305.2.0.0201.oe1.aarch64.rpm
kernel-source-4.19.90-2305.2.0.0201.oe1.aarch64.rpm
kernel-tools-debuginfo-4.19.90-2305.2.0.0201.oe1.aarch64.rpm
kernel-devel-4.19.90-2305.2.0.0201.oe1.aarch64.rpm
bpftool-debuginfo-4.19.90-2305.2.0.0201.oe1.aarch64.rpm
kernel-tools-4.19.90-2305.2.0.0201.oe1.aarch64.rpm
python2-perf-debuginfo-4.19.90-2305.2.0.0201.oe1.aarch64.rpm
kernel-debugsource-4.19.90-2305.2.0.0201.oe1.aarch64.rpm
bpftool-4.19.90-2305.2.0.0201.oe1.aarch64.rpm
python2-perf-4.19.90-2305.2.0.0201.oe1.aarch64.rpm
kernel-4.19.90-2305.2.0.0201.oe1.aarch64.rpm
kernel-tools-devel-4.19.90-2305.2.0.0201.oe1.aarch64.rpm
python3-perf-4.19.90-2305.2.0.0201.oe1.aarch64.rpm
perf-debuginfo-4.19.90-2305.2.0.0201.oe1.aarch64.rpm
kernel-debuginfo-4.19.90-2305.2.0.0201.oe1.aarch64.rpm
perf-4.19.90-2305.2.0.0201.oe1.aarch64.rpm
kernel-5.10.0-60.94.0.118.oe2203.aarch64.rpm
kernel-tools-devel-5.10.0-60.94.0.118.oe2203.aarch64.rpm
python3-perf-5.10.0-60.94.0.118.oe2203.aarch64.rpm
kernel-tools-5.10.0-60.94.0.118.oe2203.aarch64.rpm
perf-5.10.0-60.94.0.118.oe2203.aarch64.rpm
bpftool-5.10.0-60.94.0.118.oe2203.aarch64.rpm
bpftool-debuginfo-5.10.0-60.94.0.118.oe2203.aarch64.rpm
kernel-source-5.10.0-60.94.0.118.oe2203.aarch64.rpm
kernel-devel-5.10.0-60.94.0.118.oe2203.aarch64.rpm
kernel-headers-5.10.0-60.94.0.118.oe2203.aarch64.rpm
kernel-debuginfo-5.10.0-60.94.0.118.oe2203.aarch64.rpm
kernel-debugsource-5.10.0-60.94.0.118.oe2203.aarch64.rpm
kernel-tools-debuginfo-5.10.0-60.94.0.118.oe2203.aarch64.rpm
perf-debuginfo-5.10.0-60.94.0.118.oe2203.aarch64.rpm
python3-perf-debuginfo-5.10.0-60.94.0.118.oe2203.aarch64.rpm
kernel-tools-debuginfo-5.10.0-136.32.0.108.oe2203sp1.aarch64.rpm
bpftool-debuginfo-5.10.0-136.32.0.108.oe2203sp1.aarch64.rpm
kernel-5.10.0-136.32.0.108.oe2203sp1.aarch64.rpm
bpftool-5.10.0-136.32.0.108.oe2203sp1.aarch64.rpm
kernel-devel-5.10.0-136.32.0.108.oe2203sp1.aarch64.rpm
kernel-tools-5.10.0-136.32.0.108.oe2203sp1.aarch64.rpm
kernel-debugsource-5.10.0-136.32.0.108.oe2203sp1.aarch64.rpm
kernel-tools-devel-5.10.0-136.32.0.108.oe2203sp1.aarch64.rpm
perf-debuginfo-5.10.0-136.32.0.108.oe2203sp1.aarch64.rpm
python3-perf-5.10.0-136.32.0.108.oe2203sp1.aarch64.rpm
kernel-source-5.10.0-136.32.0.108.oe2203sp1.aarch64.rpm
kernel-debuginfo-5.10.0-136.32.0.108.oe2203sp1.aarch64.rpm
kernel-headers-5.10.0-136.32.0.108.oe2203sp1.aarch64.rpm
perf-5.10.0-136.32.0.108.oe2203sp1.aarch64.rpm
python3-perf-debuginfo-5.10.0-136.32.0.108.oe2203sp1.aarch64.rpm
kernel-4.19.90-2305.2.0.0201.oe1.src.rpm
kernel-4.19.90-2305.2.0.0201.oe1.src.rpm
kernel-5.10.0-60.94.0.118.oe2203.src.rpm
kernel-5.10.0-136.32.0.108.oe2203sp1.src.rpm
kernel-source-4.19.90-2305.2.0.0201.oe1.x86_64.rpm
python3-perf-4.19.90-2305.2.0.0201.oe1.x86_64.rpm
bpftool-4.19.90-2305.2.0.0201.oe1.x86_64.rpm
python2-perf-debuginfo-4.19.90-2305.2.0.0201.oe1.x86_64.rpm
kernel-tools-devel-4.19.90-2305.2.0.0201.oe1.x86_64.rpm
kernel-debugsource-4.19.90-2305.2.0.0201.oe1.x86_64.rpm
kernel-devel-4.19.90-2305.2.0.0201.oe1.x86_64.rpm
kernel-tools-debuginfo-4.19.90-2305.2.0.0201.oe1.x86_64.rpm
perf-debuginfo-4.19.90-2305.2.0.0201.oe1.x86_64.rpm
bpftool-debuginfo-4.19.90-2305.2.0.0201.oe1.x86_64.rpm
perf-4.19.90-2305.2.0.0201.oe1.x86_64.rpm
python3-perf-debuginfo-4.19.90-2305.2.0.0201.oe1.x86_64.rpm
python2-perf-4.19.90-2305.2.0.0201.oe1.x86_64.rpm
kernel-debuginfo-4.19.90-2305.2.0.0201.oe1.x86_64.rpm
kernel-4.19.90-2305.2.0.0201.oe1.x86_64.rpm
kernel-tools-4.19.90-2305.2.0.0201.oe1.x86_64.rpm
kernel-tools-4.19.90-2305.2.0.0201.oe1.x86_64.rpm
kernel-tools-devel-4.19.90-2305.2.0.0201.oe1.x86_64.rpm
perf-debuginfo-4.19.90-2305.2.0.0201.oe1.x86_64.rpm
python3-perf-debuginfo-4.19.90-2305.2.0.0201.oe1.x86_64.rpm
python2-perf-4.19.90-2305.2.0.0201.oe1.x86_64.rpm
kernel-tools-debuginfo-4.19.90-2305.2.0.0201.oe1.x86_64.rpm
bpftool-4.19.90-2305.2.0.0201.oe1.x86_64.rpm
perf-4.19.90-2305.2.0.0201.oe1.x86_64.rpm
python3-perf-4.19.90-2305.2.0.0201.oe1.x86_64.rpm
bpftool-debuginfo-4.19.90-2305.2.0.0201.oe1.x86_64.rpm
kernel-debugsource-4.19.90-2305.2.0.0201.oe1.x86_64.rpm
kernel-source-4.19.90-2305.2.0.0201.oe1.x86_64.rpm
kernel-4.19.90-2305.2.0.0201.oe1.x86_64.rpm
kernel-debuginfo-4.19.90-2305.2.0.0201.oe1.x86_64.rpm
python2-perf-debuginfo-4.19.90-2305.2.0.0201.oe1.x86_64.rpm
kernel-devel-4.19.90-2305.2.0.0201.oe1.x86_64.rpm
kernel-headers-5.10.0-60.94.0.118.oe2203.x86_64.rpm
kernel-tools-5.10.0-60.94.0.118.oe2203.x86_64.rpm
python3-perf-debuginfo-5.10.0-60.94.0.118.oe2203.x86_64.rpm
python3-perf-5.10.0-60.94.0.118.oe2203.x86_64.rpm
bpftool-debuginfo-5.10.0-60.94.0.118.oe2203.x86_64.rpm
bpftool-5.10.0-60.94.0.118.oe2203.x86_64.rpm
kernel-devel-5.10.0-60.94.0.118.oe2203.x86_64.rpm
perf-debuginfo-5.10.0-60.94.0.118.oe2203.x86_64.rpm
kernel-tools-devel-5.10.0-60.94.0.118.oe2203.x86_64.rpm
perf-5.10.0-60.94.0.118.oe2203.x86_64.rpm
kernel-tools-debuginfo-5.10.0-60.94.0.118.oe2203.x86_64.rpm
kernel-5.10.0-60.94.0.118.oe2203.x86_64.rpm
kernel-debugsource-5.10.0-60.94.0.118.oe2203.x86_64.rpm
kernel-source-5.10.0-60.94.0.118.oe2203.x86_64.rpm
kernel-debuginfo-5.10.0-60.94.0.118.oe2203.x86_64.rpm
perf-5.10.0-136.32.0.108.oe2203sp1.x86_64.rpm
perf-debuginfo-5.10.0-136.32.0.108.oe2203sp1.x86_64.rpm
kernel-tools-5.10.0-136.32.0.108.oe2203sp1.x86_64.rpm
kernel-source-5.10.0-136.32.0.108.oe2203sp1.x86_64.rpm
kernel-headers-5.10.0-136.32.0.108.oe2203sp1.x86_64.rpm
kernel-debugsource-5.10.0-136.32.0.108.oe2203sp1.x86_64.rpm
kernel-devel-5.10.0-136.32.0.108.oe2203sp1.x86_64.rpm
kernel-debuginfo-5.10.0-136.32.0.108.oe2203sp1.x86_64.rpm
python3-perf-5.10.0-136.32.0.108.oe2203sp1.x86_64.rpm
kernel-tools-devel-5.10.0-136.32.0.108.oe2203sp1.x86_64.rpm
kernel-tools-debuginfo-5.10.0-136.32.0.108.oe2203sp1.x86_64.rpm
python3-perf-debuginfo-5.10.0-136.32.0.108.oe2203sp1.x86_64.rpm
bpftool-5.10.0-136.32.0.108.oe2203sp1.x86_64.rpm
kernel-5.10.0-136.32.0.108.oe2203sp1.x86_64.rpm
bpftool-debuginfo-5.10.0-136.32.0.108.oe2203sp1.x86_64.rpm
A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hci_sock.c in the Linux Kernel. This flaw allows an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth communication.
2023-05-19
CVE-2023-2002
openEuler-20.03-LTS-SP1
openEuler-20.03-LTS-SP3
openEuler-22.03-LTS
openEuler-22.03-LTS-SP1
High
7.8
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
kernel security update
2023-05-19
https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2023-1284
A speculative pointer dereference problem exists in the Linux Kernel on the do_prlimit() function. The resource argument value is controlled and is used in pointer arithmetic for the rlim variable and can be used to leak the contents. We recommend upgrading past version 6.1.8 or commit 739790605705ddcf18f21782b9c99ad7d53a8c11
2023-05-19
CVE-2023-0458
openEuler-20.03-LTS-SP1
openEuler-20.03-LTS-SP3
Medium
4.7
AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
kernel security update
2023-05-19
https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2023-1284
In emac_probe, &adpt->work_thread is bound with emac_work_thread. Then it will be started by timeout handler emac_tx_timeout or a IRQ handler emac_isr. If we remove the driver which will call emac_remove to make cleanup, there may be a unfinished work. This could lead to a use-after-free.Upstream fix:https://github.com/torvalds/linux/commit/6b6bc5b8bd2d
2023-05-19
CVE-2023-2483
openEuler-20.03-LTS-SP1
openEuler-20.03-LTS-SP3
openEuler-22.03-LTS
openEuler-22.03-LTS-SP1
Medium
6.4
AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
kernel security update
2023-05-19
https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2023-1284
An issue was discovered in the Linux kernel before 6.1.11. In net/netrom/af_netrom.c, there is a use-after-free because accept is also allowed for a successfully connected AF_NETROM socket. However, in order for an attacker to exploit this, the system must have netrom routing configured or the attacker must have the CAP_NET_ADMIN capability.
2023-05-19
CVE-2023-32269
openEuler-20.03-LTS-SP1
openEuler-20.03-LTS-SP3
openEuler-22.03-LTS
openEuler-22.03-LTS-SP1
Medium
6.7
AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
kernel security update
2023-05-19
https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2023-1284
In the Linux kernel 6.0.8, there is a use-after-free in run_unpack in fs/ntfs3/run.c, related to a difference between NTFS sector size and media sector size.
2023-05-19
CVE-2023-26544
openEuler-22.03-LTS
openEuler-22.03-LTS-SP1
High
7.8
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
kernel security update
2023-05-19
https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2023-1284
No description is available for this CVE.
2023-05-19
CVE-2023-0459
openEuler-20.03-LTS-SP1
openEuler-20.03-LTS-SP3
openEuler-22.03-LTS
openEuler-22.03-LTS-SP1
Medium
5.3
AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
kernel security update
2023-05-19
https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2023-1284
A null pointer dereference issue was found in the sctp network protocol in net/sctp/stream_sched.c in Linux Kernel. If stream_in allocation is failed, stream_out is freed which would further be accessed. A local user could use this flaw to crash the system or potentially cause a denial of service.
2023-05-19
CVE-2023-2177
openEuler-22.03-LTS
Medium
5.5
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
kernel security update
2023-05-19
https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2023-1284
A use-after-free vulnerability was found in the Linux kernel s ext4 filesystem in the way it handled the extra inode size for extended attributes. This flaw could allow a privileged local user to cause a system crash or other undefined behaviors.
2023-05-19
CVE-2023-2513
openEuler-20.03-LTS-SP1
openEuler-20.03-LTS-SP3
openEuler-22.03-LTS
Medium
6.7
AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
kernel security update
2023-05-19
https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2023-1284