An update for kernel is now available for openEuler-20.03-LTS-SP1,openEuler-20.03-LTS-SP3,openEuler-22.03-LTS,openEuler-22.03-LTS-SP1 and openEuler-22.03-LTS-SP2 Security Advisory openeuler-security@openeuler.org openEuler security committee openEuler-SA-2023-1448 Final 1.0 1.0 2023-07-29 Initial 2023-07-29 2023-07-29 openEuler SA Tool V1.0 2023-07-29 kernel security update An update for kernel is now available for openEuler-20.03-LTS-SP1,openEuler-20.03-LTS-SP3,openEuler-22.03-LTS,openEuler-22.03-LTS-SP1 and openEuler-22.03-LTS-SP2. The Linux Kernel, the operating system core itself. Security Fix(es): An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvb_net.c has a .disconnect versus dvb_device_open race condition that leads to a use-after-free.(CVE-2022-45886) A use-after-free vulnerability was found in the Linux kernel's netfilter subsystem in net/netfilter/nf_tables_api.c. Mishandled error handling with NFT_MSG_NEWRULE makes it possible to use a dangling pointer in the same transaction causing a use-after-free vulnerability. This flaw allows a local attacker with user access to cause a privilege escalation issue. We recommend upgrading past commit 1240eb93f0616b21c675416516ff3d74798fdc97.(CVE-2023-3390) Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace(CVE-2023-35001) An update for kernel is now available for openEuler-20.03-LTS-SP1,openEuler-20.03-LTS-SP3,openEuler-22.03-LTS,openEuler-22.03-LTS-SP1 and openEuler-22.03-LTS-SP2. openEuler Security has rated this update as having a security impact of high. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. High kernel https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2023-1448 https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2022-45886 https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2023-3390 https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2023-35001 https://nvd.nist.gov/vuln/detail/CVE-2022-45886 https://nvd.nist.gov/vuln/detail/CVE-2023-3390 https://nvd.nist.gov/vuln/detail/CVE-2023-35001 openEuler-20.03-LTS-SP1 openEuler-20.03-LTS-SP3 openEuler-22.03-LTS openEuler-22.03-LTS-SP1 openEuler-22.03-LTS-SP2 kernel-debugsource-4.19.90-2307.5.0.0211.oe1.aarch64.rpm bpftool-debuginfo-4.19.90-2307.5.0.0211.oe1.aarch64.rpm bpftool-4.19.90-2307.5.0.0211.oe1.aarch64.rpm perf-4.19.90-2307.5.0.0211.oe1.aarch64.rpm kernel-4.19.90-2307.5.0.0211.oe1.aarch64.rpm kernel-debuginfo-4.19.90-2307.5.0.0211.oe1.aarch64.rpm kernel-tools-debuginfo-4.19.90-2307.5.0.0211.oe1.aarch64.rpm python2-perf-debuginfo-4.19.90-2307.5.0.0211.oe1.aarch64.rpm kernel-source-4.19.90-2307.5.0.0211.oe1.aarch64.rpm python3-perf-4.19.90-2307.5.0.0211.oe1.aarch64.rpm python2-perf-4.19.90-2307.5.0.0211.oe1.aarch64.rpm kernel-devel-4.19.90-2307.5.0.0211.oe1.aarch64.rpm kernel-tools-devel-4.19.90-2307.5.0.0211.oe1.aarch64.rpm python3-perf-debuginfo-4.19.90-2307.5.0.0211.oe1.aarch64.rpm kernel-tools-4.19.90-2307.5.0.0211.oe1.aarch64.rpm perf-debuginfo-4.19.90-2307.5.0.0211.oe1.aarch64.rpm python3-perf-debuginfo-4.19.90-2307.5.0.0211.oe1.aarch64.rpm kernel-4.19.90-2307.5.0.0211.oe1.aarch64.rpm python2-perf-debuginfo-4.19.90-2307.5.0.0211.oe1.aarch64.rpm kernel-devel-4.19.90-2307.5.0.0211.oe1.aarch64.rpm python2-perf-4.19.90-2307.5.0.0211.oe1.aarch64.rpm kernel-tools-debuginfo-4.19.90-2307.5.0.0211.oe1.aarch64.rpm kernel-tools-devel-4.19.90-2307.5.0.0211.oe1.aarch64.rpm kernel-debuginfo-4.19.90-2307.5.0.0211.oe1.aarch64.rpm kernel-debugsource-4.19.90-2307.5.0.0211.oe1.aarch64.rpm bpftool-4.19.90-2307.5.0.0211.oe1.aarch64.rpm kernel-tools-4.19.90-2307.5.0.0211.oe1.aarch64.rpm kernel-source-4.19.90-2307.5.0.0211.oe1.aarch64.rpm perf-debuginfo-4.19.90-2307.5.0.0211.oe1.aarch64.rpm bpftool-debuginfo-4.19.90-2307.5.0.0211.oe1.aarch64.rpm perf-4.19.90-2307.5.0.0211.oe1.aarch64.rpm python3-perf-4.19.90-2307.5.0.0211.oe1.aarch64.rpm kernel-debugsource-5.10.0-60.104.0.131.oe2203.aarch64.rpm kernel-devel-5.10.0-60.104.0.131.oe2203.aarch64.rpm kernel-headers-5.10.0-60.104.0.131.oe2203.aarch64.rpm bpftool-5.10.0-60.104.0.131.oe2203.aarch64.rpm kernel-source-5.10.0-60.104.0.131.oe2203.aarch64.rpm kernel-5.10.0-60.104.0.131.oe2203.aarch64.rpm python3-perf-debuginfo-5.10.0-60.104.0.131.oe2203.aarch64.rpm perf-debuginfo-5.10.0-60.104.0.131.oe2203.aarch64.rpm kernel-tools-debuginfo-5.10.0-60.104.0.131.oe2203.aarch64.rpm bpftool-debuginfo-5.10.0-60.104.0.131.oe2203.aarch64.rpm perf-5.10.0-60.104.0.131.oe2203.aarch64.rpm python3-perf-5.10.0-60.104.0.131.oe2203.aarch64.rpm kernel-debuginfo-5.10.0-60.104.0.131.oe2203.aarch64.rpm kernel-tools-5.10.0-60.104.0.131.oe2203.aarch64.rpm kernel-tools-devel-5.10.0-60.104.0.131.oe2203.aarch64.rpm kernel-tools-5.10.0-136.42.0.120.oe2203sp1.aarch64.rpm kernel-debuginfo-5.10.0-136.42.0.120.oe2203sp1.aarch64.rpm bpftool-debuginfo-5.10.0-136.42.0.120.oe2203sp1.aarch64.rpm kernel-debugsource-5.10.0-136.42.0.120.oe2203sp1.aarch64.rpm kernel-headers-5.10.0-136.42.0.120.oe2203sp1.aarch64.rpm kernel-5.10.0-136.42.0.120.oe2203sp1.aarch64.rpm kernel-tools-debuginfo-5.10.0-136.42.0.120.oe2203sp1.aarch64.rpm kernel-devel-5.10.0-136.42.0.120.oe2203sp1.aarch64.rpm python3-perf-5.10.0-136.42.0.120.oe2203sp1.aarch64.rpm kernel-tools-devel-5.10.0-136.42.0.120.oe2203sp1.aarch64.rpm perf-debuginfo-5.10.0-136.42.0.120.oe2203sp1.aarch64.rpm perf-5.10.0-136.42.0.120.oe2203sp1.aarch64.rpm kernel-source-5.10.0-136.42.0.120.oe2203sp1.aarch64.rpm python3-perf-debuginfo-5.10.0-136.42.0.120.oe2203sp1.aarch64.rpm bpftool-5.10.0-136.42.0.120.oe2203sp1.aarch64.rpm python3-perf-5.10.0-153.20.0.96.oe2203sp2.aarch64.rpm bpftool-debuginfo-5.10.0-153.20.0.96.oe2203sp2.aarch64.rpm python3-perf-debuginfo-5.10.0-153.20.0.96.oe2203sp2.aarch64.rpm kernel-headers-5.10.0-153.20.0.96.oe2203sp2.aarch64.rpm kernel-tools-debuginfo-5.10.0-153.20.0.96.oe2203sp2.aarch64.rpm perf-debuginfo-5.10.0-153.20.0.96.oe2203sp2.aarch64.rpm kernel-debugsource-5.10.0-153.20.0.96.oe2203sp2.aarch64.rpm kernel-devel-5.10.0-153.20.0.96.oe2203sp2.aarch64.rpm kernel-5.10.0-153.20.0.96.oe2203sp2.aarch64.rpm bpftool-5.10.0-153.20.0.96.oe2203sp2.aarch64.rpm perf-5.10.0-153.20.0.96.oe2203sp2.aarch64.rpm kernel-source-5.10.0-153.20.0.96.oe2203sp2.aarch64.rpm kernel-tools-5.10.0-153.20.0.96.oe2203sp2.aarch64.rpm kernel-tools-devel-5.10.0-153.20.0.96.oe2203sp2.aarch64.rpm kernel-debuginfo-5.10.0-153.20.0.96.oe2203sp2.aarch64.rpm kernel-4.19.90-2307.5.0.0211.oe1.src.rpm kernel-4.19.90-2307.5.0.0211.oe1.src.rpm kernel-5.10.0-60.104.0.131.oe2203.src.rpm kernel-5.10.0-136.42.0.120.oe2203sp1.src.rpm kernel-5.10.0-153.20.0.96.oe2203sp2.src.rpm python2-perf-4.19.90-2307.5.0.0211.oe1.x86_64.rpm bpftool-4.19.90-2307.5.0.0211.oe1.x86_64.rpm perf-debuginfo-4.19.90-2307.5.0.0211.oe1.x86_64.rpm kernel-tools-4.19.90-2307.5.0.0211.oe1.x86_64.rpm python3-perf-4.19.90-2307.5.0.0211.oe1.x86_64.rpm bpftool-debuginfo-4.19.90-2307.5.0.0211.oe1.x86_64.rpm kernel-4.19.90-2307.5.0.0211.oe1.x86_64.rpm kernel-debuginfo-4.19.90-2307.5.0.0211.oe1.x86_64.rpm python2-perf-debuginfo-4.19.90-2307.5.0.0211.oe1.x86_64.rpm kernel-debugsource-4.19.90-2307.5.0.0211.oe1.x86_64.rpm python3-perf-debuginfo-4.19.90-2307.5.0.0211.oe1.x86_64.rpm kernel-tools-devel-4.19.90-2307.5.0.0211.oe1.x86_64.rpm kernel-devel-4.19.90-2307.5.0.0211.oe1.x86_64.rpm kernel-source-4.19.90-2307.5.0.0211.oe1.x86_64.rpm perf-4.19.90-2307.5.0.0211.oe1.x86_64.rpm kernel-tools-debuginfo-4.19.90-2307.5.0.0211.oe1.x86_64.rpm kernel-debuginfo-4.19.90-2307.5.0.0211.oe1.x86_64.rpm kernel-tools-devel-4.19.90-2307.5.0.0211.oe1.x86_64.rpm bpftool-4.19.90-2307.5.0.0211.oe1.x86_64.rpm python3-perf-debuginfo-4.19.90-2307.5.0.0211.oe1.x86_64.rpm kernel-source-4.19.90-2307.5.0.0211.oe1.x86_64.rpm python3-perf-4.19.90-2307.5.0.0211.oe1.x86_64.rpm kernel-devel-4.19.90-2307.5.0.0211.oe1.x86_64.rpm perf-4.19.90-2307.5.0.0211.oe1.x86_64.rpm perf-debuginfo-4.19.90-2307.5.0.0211.oe1.x86_64.rpm python2-perf-4.19.90-2307.5.0.0211.oe1.x86_64.rpm kernel-debugsource-4.19.90-2307.5.0.0211.oe1.x86_64.rpm kernel-4.19.90-2307.5.0.0211.oe1.x86_64.rpm kernel-tools-debuginfo-4.19.90-2307.5.0.0211.oe1.x86_64.rpm bpftool-debuginfo-4.19.90-2307.5.0.0211.oe1.x86_64.rpm kernel-tools-4.19.90-2307.5.0.0211.oe1.x86_64.rpm python2-perf-debuginfo-4.19.90-2307.5.0.0211.oe1.x86_64.rpm perf-5.10.0-60.104.0.131.oe2203.x86_64.rpm kernel-tools-devel-5.10.0-60.104.0.131.oe2203.x86_64.rpm bpftool-5.10.0-60.104.0.131.oe2203.x86_64.rpm python3-perf-debuginfo-5.10.0-60.104.0.131.oe2203.x86_64.rpm kernel-5.10.0-60.104.0.131.oe2203.x86_64.rpm kernel-debugsource-5.10.0-60.104.0.131.oe2203.x86_64.rpm python3-perf-5.10.0-60.104.0.131.oe2203.x86_64.rpm kernel-tools-5.10.0-60.104.0.131.oe2203.x86_64.rpm kernel-headers-5.10.0-60.104.0.131.oe2203.x86_64.rpm perf-debuginfo-5.10.0-60.104.0.131.oe2203.x86_64.rpm kernel-devel-5.10.0-60.104.0.131.oe2203.x86_64.rpm kernel-tools-debuginfo-5.10.0-60.104.0.131.oe2203.x86_64.rpm kernel-debuginfo-5.10.0-60.104.0.131.oe2203.x86_64.rpm kernel-source-5.10.0-60.104.0.131.oe2203.x86_64.rpm bpftool-debuginfo-5.10.0-60.104.0.131.oe2203.x86_64.rpm kernel-headers-5.10.0-136.42.0.120.oe2203sp1.x86_64.rpm kernel-tools-debuginfo-5.10.0-136.42.0.120.oe2203sp1.x86_64.rpm perf-debuginfo-5.10.0-136.42.0.120.oe2203sp1.x86_64.rpm bpftool-debuginfo-5.10.0-136.42.0.120.oe2203sp1.x86_64.rpm kernel-devel-5.10.0-136.42.0.120.oe2203sp1.x86_64.rpm perf-5.10.0-136.42.0.120.oe2203sp1.x86_64.rpm kernel-5.10.0-136.42.0.120.oe2203sp1.x86_64.rpm kernel-debuginfo-5.10.0-136.42.0.120.oe2203sp1.x86_64.rpm bpftool-5.10.0-136.42.0.120.oe2203sp1.x86_64.rpm kernel-tools-devel-5.10.0-136.42.0.120.oe2203sp1.x86_64.rpm python3-perf-debuginfo-5.10.0-136.42.0.120.oe2203sp1.x86_64.rpm kernel-debugsource-5.10.0-136.42.0.120.oe2203sp1.x86_64.rpm kernel-tools-5.10.0-136.42.0.120.oe2203sp1.x86_64.rpm python3-perf-5.10.0-136.42.0.120.oe2203sp1.x86_64.rpm kernel-source-5.10.0-136.42.0.120.oe2203sp1.x86_64.rpm perf-5.10.0-153.20.0.96.oe2203sp2.x86_64.rpm python3-perf-5.10.0-153.20.0.96.oe2203sp2.x86_64.rpm kernel-5.10.0-153.20.0.96.oe2203sp2.x86_64.rpm kernel-tools-5.10.0-153.20.0.96.oe2203sp2.x86_64.rpm kernel-headers-5.10.0-153.20.0.96.oe2203sp2.x86_64.rpm kernel-debugsource-5.10.0-153.20.0.96.oe2203sp2.x86_64.rpm bpftool-5.10.0-153.20.0.96.oe2203sp2.x86_64.rpm kernel-source-5.10.0-153.20.0.96.oe2203sp2.x86_64.rpm kernel-debuginfo-5.10.0-153.20.0.96.oe2203sp2.x86_64.rpm bpftool-debuginfo-5.10.0-153.20.0.96.oe2203sp2.x86_64.rpm perf-debuginfo-5.10.0-153.20.0.96.oe2203sp2.x86_64.rpm python3-perf-debuginfo-5.10.0-153.20.0.96.oe2203sp2.x86_64.rpm kernel-devel-5.10.0-153.20.0.96.oe2203sp2.x86_64.rpm kernel-tools-devel-5.10.0-153.20.0.96.oe2203sp2.x86_64.rpm kernel-tools-debuginfo-5.10.0-153.20.0.96.oe2203sp2.x86_64.rpm An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvb_net.c has a .disconnect versus dvb_device_open race condition that leads to a use-after-free. 2023-07-29 CVE-2022-45886 openEuler-20.03-LTS-SP1 openEuler-20.03-LTS-SP3 openEuler-22.03-LTS openEuler-22.03-LTS-SP1 openEuler-22.03-LTS-SP2 High 7.0 AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H kernel security update 2023-07-29 https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2023-1448 A use-after-free vulnerability was found in the Linux kernel s netfilter subsystem in net/netfilter/nf_tables_api.c.Mishandled error handling with NFT_MSG_NEWRULE makes it possible to use a dangling pointer in the same transaction causing a use-after-free vulnerability. This flaw allows a local attacker with user access to cause a privilege escalation issue.We recommend upgrading past commit 1240eb93f0616b21c675416516ff3d74798fdc97. 2023-07-29 CVE-2023-3390 openEuler-20.03-LTS-SP1 openEuler-20.03-LTS-SP3 openEuler-22.03-LTS openEuler-22.03-LTS-SP1 openEuler-22.03-LTS-SP2 High 7.8 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H kernel security update 2023-07-29 https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2023-1448 Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace 2023-07-29 CVE-2023-35001 openEuler-20.03-LTS-SP1 openEuler-20.03-LTS-SP3 openEuler-22.03-LTS openEuler-22.03-LTS-SP1 openEuler-22.03-LTS-SP2 High 7.8 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H kernel security update 2023-07-29 https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2023-1448