OESA-2025-2852
- Source
- https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-2852
- Import Source
- https://repo.openeuler.org/security/data/osv/OESA-2025-2852.json
- JSON Data
- https://api.osv.dev/v1/vulns/OESA-2025-2852
- Upstream
- Published
- 2025-12-19T12:09:45Z
- Modified
- 2025-12-19T12:44:55.654512Z
- Summary
- kernel security update
- Details
-
The Linux Kernel, the operating system core itself.
Security Fix(es):
In the Linux kernel, the following vulnerability has been resolved:
ocfs2: validate ltreedepth to avoid out-of-bounds access
The ltreedepth field is 16-bit (_le16), but the actual maximum depth is limited to OCFS2MAXPATHDEPTH.
Add a check to prevent out-of-bounds access if ltreedepth has an invalid value, which may occur when reading from a corrupted mounted disk [1].(CVE-2025-22079)
In the Linux kernel, the following vulnerability has been resolved:
mfd: ene-kb3930: Fix a potential NULL pointer dereference
The offgpios could be NULL. Add missing check in the kb3930probe(). This is similar to the issue fixed in commit b1ba8bcb2d1f ("backlight: hx8357: Fix potential NULL pointer dereference").
This was detected by our static analysis tool.(CVE-2025-23146)
In the Linux kernel, the following vulnerability has been resolved:
jbd2: remove wrong sb->s_sequence check
Journal emptiness is not determined by sb->ssequence == 0 but rather by sb->sstart == 0 (which is set a few lines above). Furthermore 0 is a valid transaction ID so the check can spuriously trigger. Remove the invalid WARN_ON.(CVE-2025-37839)
In the Linux kernel, bitputcsaligned()/unaligned() derived the glyph pointer from the character value masked by 0xff/0x1ff, which may exceed the actual font's glyph count and read past the end of the built-in font array. Clamp the index to the actual glyph count before computing the address. This fixes a global out-of-bounds read reported by syzbot.(CVE-2025-40322)
- Database specific
{ "severity": "High" }- References
Affected packages
openEuler:22.03-LTS-SP3 / kernel
Package
- Name
- kernel
- Purl
- pkg:rpm/openEuler/kernel&distro=openEuler-22.03-LTS-SP3
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.10.0-295.0.0.197.oe2203sp3
Ecosystem specific
{
"x86_64": [
"kernel-5.10.0-295.0.0.197.oe2203sp3.x86_64.rpm",
"kernel-debuginfo-5.10.0-295.0.0.197.oe2203sp3.x86_64.rpm",
"kernel-debugsource-5.10.0-295.0.0.197.oe2203sp3.x86_64.rpm",
"kernel-devel-5.10.0-295.0.0.197.oe2203sp3.x86_64.rpm",
"kernel-headers-5.10.0-295.0.0.197.oe2203sp3.x86_64.rpm",
"kernel-source-5.10.0-295.0.0.197.oe2203sp3.x86_64.rpm",
"kernel-tools-5.10.0-295.0.0.197.oe2203sp3.x86_64.rpm",
"kernel-tools-debuginfo-5.10.0-295.0.0.197.oe2203sp3.x86_64.rpm",
"kernel-tools-devel-5.10.0-295.0.0.197.oe2203sp3.x86_64.rpm",
"perf-5.10.0-295.0.0.197.oe2203sp3.x86_64.rpm",
"perf-debuginfo-5.10.0-295.0.0.197.oe2203sp3.x86_64.rpm",
"python3-perf-5.10.0-295.0.0.197.oe2203sp3.x86_64.rpm",
"python3-perf-debuginfo-5.10.0-295.0.0.197.oe2203sp3.x86_64.rpm"
],
"src": [
"kernel-5.10.0-295.0.0.197.oe2203sp3.src.rpm"
],
"aarch64": [
"kernel-5.10.0-295.0.0.197.oe2203sp3.aarch64.rpm",
"kernel-debuginfo-5.10.0-295.0.0.197.oe2203sp3.aarch64.rpm",
"kernel-debugsource-5.10.0-295.0.0.197.oe2203sp3.aarch64.rpm",
"kernel-devel-5.10.0-295.0.0.197.oe2203sp3.aarch64.rpm",
"kernel-headers-5.10.0-295.0.0.197.oe2203sp3.aarch64.rpm",
"kernel-source-5.10.0-295.0.0.197.oe2203sp3.aarch64.rpm",
"kernel-tools-5.10.0-295.0.0.197.oe2203sp3.aarch64.rpm",
"kernel-tools-debuginfo-5.10.0-295.0.0.197.oe2203sp3.aarch64.rpm",
"kernel-tools-devel-5.10.0-295.0.0.197.oe2203sp3.aarch64.rpm",
"perf-5.10.0-295.0.0.197.oe2203sp3.aarch64.rpm",
"perf-debuginfo-5.10.0-295.0.0.197.oe2203sp3.aarch64.rpm",
"python3-perf-5.10.0-295.0.0.197.oe2203sp3.aarch64.rpm",
"python3-perf-debuginfo-5.10.0-295.0.0.197.oe2203sp3.aarch64.rpm"
]
}