jiachao2130/cvrf2cusa
1
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
main
cvrf2cusa/cvrf/2022/cvrf-openEuler-SA-2022-1484.xml
Jia Chao 0b34274085 git mv 
Signed-off-by: Jia Chao <jiac13@chinaunicom.cn>
2024-07-25 09:57:37 +08:00

558 lines
40 KiB
XML
Raw Permalink Blame History

<?xml version="1.0" encoding="UTF-8"?>
<cvrfdoc xmlns="http://www.icasi.org/CVRF/schema/cvrf/1.1" xmlns:cvrf="http://www.icasi.org/CVRF/schema/cvrf/1.1">
<DocumentTitle xml:lang="en">An update for kernel is now available for openEuler-20.03-LTS-SP1 and openEuler-20.03-LTS-SP2 and openEuler-20.03-LTS-SP3</DocumentTitle>
<DocumentType>Security Advisory</DocumentType>
<DocumentPublisher Type="Vendor">
<ContactDetails>openeuler-security@openeuler.org</ContactDetails>
<IssuingAuthority>openEuler security committee</IssuingAuthority>
</DocumentPublisher>
<DocumentTracking>
<Identification>
<ID>openEuler-SA-2022-1484</ID>
</Identification>
<Status>Final</Status>
<Version>1.0</Version>
<RevisionHistory>
<Revision>
<Number>1.0</Number>
<Date>2022-01-07</Date>
<Description>Initial</Description>
</Revision>
</RevisionHistory>
<InitialReleaseDate>2022-01-07</InitialReleaseDate>
<CurrentReleaseDate>2022-01-07</CurrentReleaseDate>
<Generator>
<Engine>openEuler SA Tool V1.0</Engine>
<Date>2022-01-07</Date>
</Generator>
</DocumentTracking>
<DocumentNotes>
<Note Title="Synopsis" Type="General" Ordinal="1" xml:lang="en">kernel security update</Note>
<Note Title="Summary" Type="General" Ordinal="2" xml:lang="en">An update for kernel is now available for openEuler-20.03-LTS-SP1 and openEuler-20.03-LTS-SP2 and openEuler-20.03-LTS-SP3.</Note>
<Note Title="Description" Type="General" Ordinal="3" xml:lang="en">The Linux Kernel, the operating system core itself.
Security Fix(es):
In the Linux kernel through 5.15.2, mwifiex_usb_recv in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker (who can connect a crafted USB device) to cause a denial of service (skb_over_panic).(CVE-2021-43976)
In bpf_skb_change_head of filter.c, there is a possible out of bounds read due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-154177719References: Upstream kernel(CVE-2021-0941)
In __f2fs_setxattr in fs/f2fs/xattr.c in the Linux kernel through 5.15.11, there is an out-of-bounds memory access when an inode has an invalid last xattr entry.(CVE-2021-45469)
A use-after-free exists in drivers/tee/tee_shm.c in the TEE subsystem in the Linux kernel through 5.15.11. This occurs because of a race condition in tee_shm_get_from_id during an attempt to free a shared memory object.(CVE-2021-44733)
In ufshcd_eh_device_reset_handler of ufshcd.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-194696049References: Upstream kernel(CVE-2021-39657)
A flaw memory leak in the Linux kernel s eBPF for the Simulated networking device driver in the way user uses BPF for the device such that function nsim_map_alloc_elem being called. A local user could use this flaw to get unauthorized access to some data.(CVE-2021-4135)
There are some measures taken for avoiding to pile up too much data, but those can be bypassed by the guest: There is a timeout how long the client side of an interface can stop consuming new packets before it is assumed to have stalled, but this timeout is rather long. Using a UDP connection on a fast interface can easily accumulate gigabytes of data in that time.(CVE-2021-28715)
The timeout could even never trigger if the guest manages to have only one free slot in its RX queue ring page and the next package would require more than one free slot, which may be the case when using GSO, XDP, or software hashing.(CVE-2021-28714)
Running PV backends in driver domains has one primary security advantage, if a driver domain gets compromised, it doesn't have the privileges to take over the system. However, a malicious driver domain could try to attack other guests via sending events at a high frequency leading to a Denial of Service in the guest due to trying to service interrupts for elongated amounts of time. (CVE-2021-28713)
Running PV backends in driver domains has one primary security advantage, if a driver domain gets compromised, it doesn't have the privileges to take over the system. However, a malicious driver domain could try to attack other guests via sending events at a high frequency leading to a Denial of Service in the guest due to trying to service interrupts for elongated amounts of time. (CVE-2021-28712)
Running PV backends in driver domains has one primary security advantage, if a driver domain gets compromised, it doesn't have the privileges to take over the system. However, a malicious driver domain could try to attack other guests via sending events at a high frequency leading to a Denial of Service in the guest due to trying to service interrupts for elongated amounts of time. (CVE-2021-28711)</Note>
<Note Title="Topic" Type="General" Ordinal="4" xml:lang="en">An update for kernel is now available for openEuler-20.03-LTS-SP1 and openEuler-20.03-LTS-SP2 and openEuler-20.03-LTS-SP3.
openEuler Security has rated this update as having a security impact of high. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.</Note>
<Note Title="Severity" Type="General" Ordinal="5" xml:lang="en">High</Note>
<Note Title="Affected Component" Type="General" Ordinal="6" xml:lang="en">kernel</Note>
</DocumentNotes>
<DocumentReferences>
<Reference Type="Self">
<URL>https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1484</URL>
</Reference>
<Reference Type="openEuler CVE">
<URL>https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2021-43976</URL>
<URL>https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2021-0941</URL>
<URL>https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2021-45469</URL>
<URL>https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2021-44733</URL>
<URL>https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2021-39657</URL>
<URL>https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2021-4135</URL>
<URL>https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2021-28715</URL>
<URL>https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2021-28714</URL>
<URL>https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2021-28713</URL>
<URL>https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2021-28712</URL>
<URL>https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2021-28711</URL>
</Reference>
<Reference Type="Other">
<URL>https://nvd.nist.gov/vuln/detail/CVE-2021-43976</URL>
<URL>https://nvd.nist.gov/vuln/detail/CVE-2021-0941</URL>
<URL>https://nvd.nist.gov/vuln/detail/CVE-2021-45469</URL>
<URL>https://nvd.nist.gov/vuln/detail/CVE-2021-44733</URL>
<URL>https://nvd.nist.gov/vuln/detail/CVE-2021-39657</URL>
<URL>https://nvd.nist.gov/vuln/detail/CVE-2021-4135</URL>
<URL>https://nvd.nist.gov/vuln/detail/CVE-2021-28715</URL>
<URL>https://nvd.nist.gov/vuln/detail/CVE-2021-28714</URL>
<URL>https://nvd.nist.gov/vuln/detail/CVE-2021-28713</URL>
<URL>https://nvd.nist.gov/vuln/detail/CVE-2021-28712</URL>
<URL>https://nvd.nist.gov/vuln/detail/CVE-2021-28711</URL>
</Reference>
</DocumentReferences>
<ProductTree xmlns="http://www.icasi.org/CVRF/schema/prod/1.1">
<Branch Type="Product Name" Name="openEuler">
<FullProductName ProductID="openEuler-20.03-LTS-SP1" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">openEuler-20.03-LTS-SP1</FullProductName>
<FullProductName ProductID="openEuler-20.03-LTS-SP2" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP2">openEuler-20.03-LTS-SP2</FullProductName>
<FullProductName ProductID="openEuler-20.03-LTS-SP3" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">openEuler-20.03-LTS-SP3</FullProductName>
</Branch>
<Branch Type="Package Arch" Name="aarch64">
<FullProductName ProductID="kernel-4.19.90-2201.1.0.0132" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">kernel-4.19.90-2201.1.0.0132.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="bpftool-4.19.90-2201.1.0.0132" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">bpftool-4.19.90-2201.1.0.0132.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="perf-4.19.90-2201.1.0.0132" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">perf-4.19.90-2201.1.0.0132.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="kernel-tools-devel-4.19.90-2201.1.0.0132" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">kernel-tools-devel-4.19.90-2201.1.0.0132.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="python3-perf-debuginfo-4.19.90-2201.1.0.0132" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">python3-perf-debuginfo-4.19.90-2201.1.0.0132.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="kernel-tools-4.19.90-2201.1.0.0132" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">kernel-tools-4.19.90-2201.1.0.0132.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="bpftool-debuginfo-4.19.90-2201.1.0.0132" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">bpftool-debuginfo-4.19.90-2201.1.0.0132.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="python2-perf-debuginfo-4.19.90-2201.1.0.0132" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">python2-perf-debuginfo-4.19.90-2201.1.0.0132.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="perf-debuginfo-4.19.90-2201.1.0.0132" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">perf-debuginfo-4.19.90-2201.1.0.0132.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="kernel-source-4.19.90-2201.1.0.0132" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">kernel-source-4.19.90-2201.1.0.0132.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="kernel-debugsource-4.19.90-2201.1.0.0132" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">kernel-debugsource-4.19.90-2201.1.0.0132.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="python3-perf-4.19.90-2201.1.0.0132" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">python3-perf-4.19.90-2201.1.0.0132.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="kernel-debuginfo-4.19.90-2201.1.0.0132" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">kernel-debuginfo-4.19.90-2201.1.0.0132.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="kernel-tools-debuginfo-4.19.90-2201.1.0.0132" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">kernel-tools-debuginfo-4.19.90-2201.1.0.0132.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="python2-perf-4.19.90-2201.1.0.0132" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">python2-perf-4.19.90-2201.1.0.0132.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="kernel-devel-4.19.90-2201.1.0.0132" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">kernel-devel-4.19.90-2201.1.0.0132.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="python3-perf-debuginfo-4.19.90-2201.1.0.0131" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP2">python3-perf-debuginfo-4.19.90-2201.1.0.0131.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="bpftool-4.19.90-2201.1.0.0131" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP2">bpftool-4.19.90-2201.1.0.0131.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="kernel-4.19.90-2201.1.0.0131" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP2">kernel-4.19.90-2201.1.0.0131.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="kernel-debuginfo-4.19.90-2201.1.0.0131" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP2">kernel-debuginfo-4.19.90-2201.1.0.0131.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="kernel-tools-4.19.90-2201.1.0.0131" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP2">kernel-tools-4.19.90-2201.1.0.0131.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="python2-perf-4.19.90-2201.1.0.0131" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP2">python2-perf-4.19.90-2201.1.0.0131.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="kernel-tools-debuginfo-4.19.90-2201.1.0.0131" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP2">kernel-tools-debuginfo-4.19.90-2201.1.0.0131.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="perf-4.19.90-2201.1.0.0131" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP2">perf-4.19.90-2201.1.0.0131.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="kernel-tools-devel-4.19.90-2201.1.0.0131" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP2">kernel-tools-devel-4.19.90-2201.1.0.0131.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="perf-debuginfo-4.19.90-2201.1.0.0131" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP2">perf-debuginfo-4.19.90-2201.1.0.0131.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="bpftool-debuginfo-4.19.90-2201.1.0.0131" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP2">bpftool-debuginfo-4.19.90-2201.1.0.0131.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="kernel-devel-4.19.90-2201.1.0.0131" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP2">kernel-devel-4.19.90-2201.1.0.0131.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="python3-perf-4.19.90-2201.1.0.0131" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP2">python3-perf-4.19.90-2201.1.0.0131.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="kernel-debugsource-4.19.90-2201.1.0.0131" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP2">kernel-debugsource-4.19.90-2201.1.0.0131.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="kernel-source-4.19.90-2201.1.0.0131" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP2">kernel-source-4.19.90-2201.1.0.0131.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="python2-perf-debuginfo-4.19.90-2201.1.0.0131" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP2">python2-perf-debuginfo-4.19.90-2201.1.0.0131.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="kernel-4.19.90-2201.1.0.0132" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">kernel-4.19.90-2201.1.0.0132.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="bpftool-4.19.90-2201.1.0.0132" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">bpftool-4.19.90-2201.1.0.0132.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="perf-4.19.90-2201.1.0.0132" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">perf-4.19.90-2201.1.0.0132.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="kernel-tools-devel-4.19.90-2201.1.0.0132" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">kernel-tools-devel-4.19.90-2201.1.0.0132.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="python3-perf-debuginfo-4.19.90-2201.1.0.0132" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">python3-perf-debuginfo-4.19.90-2201.1.0.0132.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="kernel-tools-4.19.90-2201.1.0.0132" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">kernel-tools-4.19.90-2201.1.0.0132.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="bpftool-debuginfo-4.19.90-2201.1.0.0132" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">bpftool-debuginfo-4.19.90-2201.1.0.0132.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="python2-perf-debuginfo-4.19.90-2201.1.0.0132" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">python2-perf-debuginfo-4.19.90-2201.1.0.0132.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="perf-debuginfo-4.19.90-2201.1.0.0132" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">perf-debuginfo-4.19.90-2201.1.0.0132.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="kernel-source-4.19.90-2201.1.0.0132" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">kernel-source-4.19.90-2201.1.0.0132.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="kernel-debugsource-4.19.90-2201.1.0.0132" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">kernel-debugsource-4.19.90-2201.1.0.0132.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="python3-perf-4.19.90-2201.1.0.0132" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">python3-perf-4.19.90-2201.1.0.0132.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="kernel-debuginfo-4.19.90-2201.1.0.0132" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">kernel-debuginfo-4.19.90-2201.1.0.0132.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="kernel-tools-debuginfo-4.19.90-2201.1.0.0132" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">kernel-tools-debuginfo-4.19.90-2201.1.0.0132.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="python2-perf-4.19.90-2201.1.0.0132" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">python2-perf-4.19.90-2201.1.0.0132.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="kernel-devel-4.19.90-2201.1.0.0132" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">kernel-devel-4.19.90-2201.1.0.0132.oe1.aarch64.rpm</FullProductName>
</Branch>
<Branch Type="Package Arch" Name="src">
<FullProductName ProductID="kernel-4.19.90-2201.1.0.0132" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">kernel-4.19.90-2201.1.0.0132.oe1.src.rpm</FullProductName>
<FullProductName ProductID="kernel-4.19.90-2201.1.0.0131" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP2">kernel-4.19.90-2201.1.0.0131.oe1.src.rpm</FullProductName>
<FullProductName ProductID="kernel-4.19.90-2201.1.0.0132" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">kernel-4.19.90-2201.1.0.0132.oe1.src.rpm</FullProductName>
</Branch>
<Branch Type="Package Arch" Name="x86_64">
<FullProductName ProductID="kernel-debuginfo-4.19.90-2201.1.0.0132" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">kernel-debuginfo-4.19.90-2201.1.0.0132.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="kernel-tools-4.19.90-2201.1.0.0132" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">kernel-tools-4.19.90-2201.1.0.0132.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="kernel-devel-4.19.90-2201.1.0.0132" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">kernel-devel-4.19.90-2201.1.0.0132.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="python2-perf-4.19.90-2201.1.0.0132" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">python2-perf-4.19.90-2201.1.0.0132.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="bpftool-debuginfo-4.19.90-2201.1.0.0132" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">bpftool-debuginfo-4.19.90-2201.1.0.0132.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="perf-debuginfo-4.19.90-2201.1.0.0132" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">perf-debuginfo-4.19.90-2201.1.0.0132.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="kernel-source-4.19.90-2201.1.0.0132" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">kernel-source-4.19.90-2201.1.0.0132.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="python3-perf-4.19.90-2201.1.0.0132" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">python3-perf-4.19.90-2201.1.0.0132.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="python3-perf-debuginfo-4.19.90-2201.1.0.0132" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">python3-perf-debuginfo-4.19.90-2201.1.0.0132.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="bpftool-4.19.90-2201.1.0.0132" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">bpftool-4.19.90-2201.1.0.0132.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="python2-perf-debuginfo-4.19.90-2201.1.0.0132" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">python2-perf-debuginfo-4.19.90-2201.1.0.0132.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="kernel-tools-debuginfo-4.19.90-2201.1.0.0132" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">kernel-tools-debuginfo-4.19.90-2201.1.0.0132.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="kernel-4.19.90-2201.1.0.0132" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">kernel-4.19.90-2201.1.0.0132.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="perf-4.19.90-2201.1.0.0132" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">perf-4.19.90-2201.1.0.0132.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="kernel-tools-devel-4.19.90-2201.1.0.0132" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">kernel-tools-devel-4.19.90-2201.1.0.0132.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="kernel-debugsource-4.19.90-2201.1.0.0132" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">kernel-debugsource-4.19.90-2201.1.0.0132.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="kernel-debugsource-4.19.90-2201.1.0.0131" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP2">kernel-debugsource-4.19.90-2201.1.0.0131.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="kernel-tools-4.19.90-2201.1.0.0131" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP2">kernel-tools-4.19.90-2201.1.0.0131.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="python3-perf-4.19.90-2201.1.0.0131" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP2">python3-perf-4.19.90-2201.1.0.0131.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="kernel-debuginfo-4.19.90-2201.1.0.0131" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP2">kernel-debuginfo-4.19.90-2201.1.0.0131.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="bpftool-debuginfo-4.19.90-2201.1.0.0131" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP2">bpftool-debuginfo-4.19.90-2201.1.0.0131.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="perf-4.19.90-2201.1.0.0131" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP2">perf-4.19.90-2201.1.0.0131.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="python3-perf-debuginfo-4.19.90-2201.1.0.0131" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP2">python3-perf-debuginfo-4.19.90-2201.1.0.0131.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="kernel-tools-devel-4.19.90-2201.1.0.0131" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP2">kernel-tools-devel-4.19.90-2201.1.0.0131.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="kernel-source-4.19.90-2201.1.0.0131" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP2">kernel-source-4.19.90-2201.1.0.0131.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="python2-perf-debuginfo-4.19.90-2201.1.0.0131" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP2">python2-perf-debuginfo-4.19.90-2201.1.0.0131.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="kernel-tools-debuginfo-4.19.90-2201.1.0.0131" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP2">kernel-tools-debuginfo-4.19.90-2201.1.0.0131.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="python2-perf-4.19.90-2201.1.0.0131" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP2">python2-perf-4.19.90-2201.1.0.0131.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="bpftool-4.19.90-2201.1.0.0131" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP2">bpftool-4.19.90-2201.1.0.0131.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="kernel-4.19.90-2201.1.0.0131" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP2">kernel-4.19.90-2201.1.0.0131.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="kernel-devel-4.19.90-2201.1.0.0131" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP2">kernel-devel-4.19.90-2201.1.0.0131.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="perf-debuginfo-4.19.90-2201.1.0.0131" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP2">perf-debuginfo-4.19.90-2201.1.0.0131.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="kernel-debuginfo-4.19.90-2201.1.0.0132" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">kernel-debuginfo-4.19.90-2201.1.0.0132.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="kernel-tools-4.19.90-2201.1.0.0132" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">kernel-tools-4.19.90-2201.1.0.0132.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="kernel-devel-4.19.90-2201.1.0.0132" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">kernel-devel-4.19.90-2201.1.0.0132.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="python2-perf-4.19.90-2201.1.0.0132" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">python2-perf-4.19.90-2201.1.0.0132.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="bpftool-debuginfo-4.19.90-2201.1.0.0132" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">bpftool-debuginfo-4.19.90-2201.1.0.0132.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="perf-debuginfo-4.19.90-2201.1.0.0132" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">perf-debuginfo-4.19.90-2201.1.0.0132.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="kernel-source-4.19.90-2201.1.0.0132" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">kernel-source-4.19.90-2201.1.0.0132.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="python3-perf-4.19.90-2201.1.0.0132" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">python3-perf-4.19.90-2201.1.0.0132.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="python3-perf-debuginfo-4.19.90-2201.1.0.0132" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">python3-perf-debuginfo-4.19.90-2201.1.0.0132.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="bpftool-4.19.90-2201.1.0.0132" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">bpftool-4.19.90-2201.1.0.0132.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="python2-perf-debuginfo-4.19.90-2201.1.0.0132" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">python2-perf-debuginfo-4.19.90-2201.1.0.0132.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="kernel-tools-debuginfo-4.19.90-2201.1.0.0132" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">kernel-tools-debuginfo-4.19.90-2201.1.0.0132.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="kernel-4.19.90-2201.1.0.0132" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">kernel-4.19.90-2201.1.0.0132.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="perf-4.19.90-2201.1.0.0132" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">perf-4.19.90-2201.1.0.0132.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="kernel-tools-devel-4.19.90-2201.1.0.0132" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">kernel-tools-devel-4.19.90-2201.1.0.0132.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="kernel-debugsource-4.19.90-2201.1.0.0132" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">kernel-debugsource-4.19.90-2201.1.0.0132.oe1.x86_64.rpm</FullProductName>
</Branch>
</ProductTree>
<Vulnerability Ordinal="1" xmlns="http://www.icasi.org/CVRF/schema/vuln/1.1">
<Notes>
<Note Title="Vulnerability Description" Type="General" Ordinal="1" xml:lang="en">In the Linux kernel through 5.15.2, mwifiex_usb_recv in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker (who can connect a crafted USB device) to cause a denial of service (skb_over_panic).</Note>
</Notes>
<ReleaseDate>2022-01-07</ReleaseDate>
<CVE>CVE-2021-43976</CVE>
<ProductStatuses>
<Status Type="Fixed">
<ProductID>openEuler-20.03-LTS-SP1</ProductID>
<ProductID>openEuler-20.03-LTS-SP2</ProductID>
<ProductID>openEuler-20.03-LTS-SP3</ProductID>
</Status>
</ProductStatuses>
<Threats>
<Threat Type="Impact">
<Description>Low</Description>
</Threat>
</Threats>
<CVSSScoreSets>
<ScoreSet>
<BaseScore>2.4</BaseScore>
<Vector>AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L</Vector>
</ScoreSet>
</CVSSScoreSets>
<Remediations>
<Remediation Type="Vendor Fix">
<Description>kernel security update</Description>
<DATE>2022-01-07</DATE>
<URL>https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1484</URL>
</Remediation>
</Remediations>
</Vulnerability>
<Vulnerability Ordinal="2" xmlns="http://www.icasi.org/CVRF/schema/vuln/1.1">
<Notes>
<Note Title="Vulnerability Description" Type="General" Ordinal="2" xml:lang="en">In bpf_skb_change_head of filter.c, there is a possible out of bounds read due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-154177719References: Upstream kernel</Note>
</Notes>
<ReleaseDate>2022-01-07</ReleaseDate>
<CVE>CVE-2021-0941</CVE>
<ProductStatuses>
<Status Type="Fixed">
<ProductID>openEuler-20.03-LTS-SP1</ProductID>
<ProductID>openEuler-20.03-LTS-SP2</ProductID>
<ProductID>openEuler-20.03-LTS-SP3</ProductID>
</Status>
</ProductStatuses>
<Threats>
<Threat Type="Impact">
<Description>Medium</Description>
</Threat>
</Threats>
<CVSSScoreSets>
<ScoreSet>
<BaseScore>6.7</BaseScore>
<Vector>AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H</Vector>
</ScoreSet>
</CVSSScoreSets>
<Remediations>
<Remediation Type="Vendor Fix">
<Description>kernel security update</Description>
<DATE>2022-01-07</DATE>
<URL>https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1484</URL>
</Remediation>
</Remediations>
</Vulnerability>
<Vulnerability Ordinal="3" xmlns="http://www.icasi.org/CVRF/schema/vuln/1.1">
<Notes>
<Note Title="Vulnerability Description" Type="General" Ordinal="3" xml:lang="en">In __f2fs_setxattr in fs/f2fs/xattr.c in the Linux kernel through 5.15.11, there is an out-of-bounds memory access when an inode has an invalid last xattr entry.</Note>
</Notes>
<ReleaseDate>2022-01-07</ReleaseDate>
<CVE>CVE-2021-45469</CVE>
<ProductStatuses>
<Status Type="Fixed">
<ProductID>openEuler-20.03-LTS-SP1</ProductID>
<ProductID>openEuler-20.03-LTS-SP2</ProductID>
<ProductID>openEuler-20.03-LTS-SP3</ProductID>
</Status>
</ProductStatuses>
<Threats>
<Threat Type="Impact">
<Description>High</Description>
</Threat>
</Threats>
<CVSSScoreSets>
<ScoreSet>
<BaseScore>8.4</BaseScore>
<Vector>AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H</Vector>
</ScoreSet>
</CVSSScoreSets>
<Remediations>
<Remediation Type="Vendor Fix">
<Description>kernel security update</Description>
<DATE>2022-01-07</DATE>
<URL>https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1484</URL>
</Remediation>
</Remediations>
</Vulnerability>
<Vulnerability Ordinal="4" xmlns="http://www.icasi.org/CVRF/schema/vuln/1.1">
<Notes>
<Note Title="Vulnerability Description" Type="General" Ordinal="4" xml:lang="en">A use-after-free exists in drivers/tee/tee_shm.c in the TEE subsystem in the Linux kernel through 5.15.11. This occurs because of a race condition in tee_shm_get_from_id during an attempt to free a shared memory object.</Note>
</Notes>
<ReleaseDate>2022-01-07</ReleaseDate>
<CVE>CVE-2021-44733</CVE>
<ProductStatuses>
<Status Type="Fixed">
<ProductID>openEuler-20.03-LTS-SP1</ProductID>
<ProductID>openEuler-20.03-LTS-SP2</ProductID>
<ProductID>openEuler-20.03-LTS-SP3</ProductID>
</Status>
</ProductStatuses>
<Threats>
<Threat Type="Impact">
<Description>High</Description>
</Threat>
</Threats>
<CVSSScoreSets>
<ScoreSet>
<BaseScore>7.0</BaseScore>
<Vector>AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H</Vector>
</ScoreSet>
</CVSSScoreSets>
<Remediations>
<Remediation Type="Vendor Fix">
<Description>kernel security update</Description>
<DATE>2022-01-07</DATE>
<URL>https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1484</URL>
</Remediation>
</Remediations>
</Vulnerability>
<Vulnerability Ordinal="5" xmlns="http://www.icasi.org/CVRF/schema/vuln/1.1">
<Notes>
<Note Title="Vulnerability Description" Type="General" Ordinal="5" xml:lang="en">In ufshcd_eh_device_reset_handler of ufshcd.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-194696049References: Upstream kernel</Note>
</Notes>
<ReleaseDate>2022-01-07</ReleaseDate>
<CVE>CVE-2021-39657</CVE>
<ProductStatuses>
<Status Type="Fixed">
<ProductID>openEuler-20.03-LTS-SP1</ProductID>
<ProductID>openEuler-20.03-LTS-SP2</ProductID>
<ProductID>openEuler-20.03-LTS-SP3</ProductID>
</Status>
</ProductStatuses>
<Threats>
<Threat Type="Impact">
<Description>Medium</Description>
</Threat>
</Threats>
<CVSSScoreSets>
<ScoreSet>
<BaseScore>4.4</BaseScore>
<Vector>AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N</Vector>
</ScoreSet>
</CVSSScoreSets>
<Remediations>
<Remediation Type="Vendor Fix">
<Description>kernel security update</Description>
<DATE>2022-01-07</DATE>
<URL>https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1484</URL>
</Remediation>
</Remediations>
</Vulnerability>
<Vulnerability Ordinal="6" xmlns="http://www.icasi.org/CVRF/schema/vuln/1.1">
<Notes>
<Note Title="Vulnerability Description" Type="General" Ordinal="6" xml:lang="en">A flaw memory leak in the Linux kernel s eBPF for the Simulated networking device driver in the way user uses BPF for the device such that function nsim_map_alloc_elem being called. A local user could use this flaw to get unauthorized access to some data.</Note>
</Notes>
<ReleaseDate>2022-01-07</ReleaseDate>
<CVE>CVE-2021-4135</CVE>
<ProductStatuses>
<Status Type="Fixed">
<ProductID>openEuler-20.03-LTS-SP1</ProductID>
<ProductID>openEuler-20.03-LTS-SP2</ProductID>
<ProductID>openEuler-20.03-LTS-SP3</ProductID>
</Status>
</ProductStatuses>
<Threats>
<Threat Type="Impact">
<Description>Medium</Description>
</Threat>
</Threats>
<CVSSScoreSets>
<ScoreSet>
<BaseScore>5.1</BaseScore>
<Vector>AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N</Vector>
</ScoreSet>
</CVSSScoreSets>
<Remediations>
<Remediation Type="Vendor Fix">
<Description>kernel security update</Description>
<DATE>2022-01-07</DATE>
<URL>https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1484</URL>
</Remediation>
</Remediations>
</Vulnerability>
<Vulnerability Ordinal="7" xmlns="http://www.icasi.org/CVRF/schema/vuln/1.1">
<Notes>
<Note Title="Vulnerability Description" Type="General" Ordinal="7" xml:lang="en">There are some measures taken for avoiding to pile up too much data, but those can be bypassed by the guest: There is a timeout how long the client side of an interface can stop consuming new packets before it is assumed to have stalled, but this timeout is rather long. Using a UDP connection on a fast interface can easily accumulate gigabytes of data in that time</Note>
</Notes>
<ReleaseDate>2022-01-07</ReleaseDate>
<CVE>CVE-2021-28715</CVE>
<ProductStatuses>
<Status Type="Fixed">
<ProductID>openEuler-20.03-LTS-SP1</ProductID>
<ProductID>openEuler-20.03-LTS-SP2</ProductID>
<ProductID>openEuler-20.03-LTS-SP3</ProductID>
</Status>
</ProductStatuses>
<Threats>
<Threat Type="Impact">
<Description>Medium</Description>
</Threat>
</Threats>
<CVSSScoreSets>
<ScoreSet>
<BaseScore>5.3</BaseScore>
<Vector>AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L</Vector>
</ScoreSet>
</CVSSScoreSets>
<Remediations>
<Remediation Type="Vendor Fix">
<Description>kernel security update</Description>
<DATE>2022-01-07</DATE>
<URL>https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1484</URL>
</Remediation>
</Remediations>
</Vulnerability>
<Vulnerability Ordinal="8" xmlns="http://www.icasi.org/CVRF/schema/vuln/1.1">
<Notes>
<Note Title="Vulnerability Description" Type="General" Ordinal="8" xml:lang="en">The timeout could even never trigger if the guest manages to have only one free slot in its RX queue ring page and the next package would require more than one free slot, which may be the case when using GSO, XDP, or software hashing.</Note>
</Notes>
<ReleaseDate>2022-01-07</ReleaseDate>
<CVE>CVE-2021-28714</CVE>
<ProductStatuses>
<Status Type="Fixed">
<ProductID>openEuler-20.03-LTS-SP1</ProductID>
<ProductID>openEuler-20.03-LTS-SP2</ProductID>
<ProductID>openEuler-20.03-LTS-SP3</ProductID>
</Status>
</ProductStatuses>
<Threats>
<Threat Type="Impact">
<Description>Medium</Description>
</Threat>
</Threats>
<CVSSScoreSets>
<ScoreSet>
<BaseScore>5.3</BaseScore>
<Vector>AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L</Vector>
</ScoreSet>
</CVSSScoreSets>
<Remediations>
<Remediation Type="Vendor Fix">
<Description>kernel security update</Description>
<DATE>2022-01-07</DATE>
<URL>https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1484</URL>
</Remediation>
</Remediations>
</Vulnerability>
<Vulnerability Ordinal="9" xmlns="http://www.icasi.org/CVRF/schema/vuln/1.1">
<Notes>
<Note Title="Vulnerability Description" Type="General" Ordinal="9" xml:lang="en">Running PV backends in driver domains has one primary security advantage,if a driver domain gets compromised, it doesn't have the privileges to take over the system. However, a malicious driver domain could try to attack other guests via sending events at a high frequency leading to a Denial of Service in the guest due to trying to service interrupts for elongated amounts of time. </Note>
</Notes>
<ReleaseDate>2022-01-07</ReleaseDate>
<CVE>CVE-2021-28713</CVE>
<ProductStatuses>
<Status Type="Fixed">
<ProductID>openEuler-20.03-LTS-SP1</ProductID>
<ProductID>openEuler-20.03-LTS-SP2</ProductID>
<ProductID>openEuler-20.03-LTS-SP3</ProductID>
</Status>
</ProductStatuses>
<Threats>
<Threat Type="Impact">
<Description>Medium</Description>
</Threat>
</Threats>
<CVSSScoreSets>
<ScoreSet>
<BaseScore>6.2</BaseScore>
<Vector>AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H</Vector>
</ScoreSet>
</CVSSScoreSets>
<Remediations>
<Remediation Type="Vendor Fix">
<Description>kernel security update</Description>
<DATE>2022-01-07</DATE>
<URL>https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1484</URL>
</Remediation>
</Remediations>
</Vulnerability>
<Vulnerability Ordinal="10" xmlns="http://www.icasi.org/CVRF/schema/vuln/1.1">
<Notes>
<Note Title="Vulnerability Description" Type="General" Ordinal="10" xml:lang="en">Running PV backends in driver domains has one primary security advantage, if a driver domain gets compromised, it doesn't have the privileges to take over the system. However, a malicious driver domain could try to attack other guests via sending events at a high frequency leading to a Denial of Service in the guest due to trying to service interrupts for elongated amounts of time. </Note>
</Notes>
<ReleaseDate>2022-01-07</ReleaseDate>
<CVE>CVE-2021-28712</CVE>
<ProductStatuses>
<Status Type="Fixed">
<ProductID>openEuler-20.03-LTS-SP1</ProductID>
<ProductID>openEuler-20.03-LTS-SP2</ProductID>
<ProductID>openEuler-20.03-LTS-SP3</ProductID>
</Status>
</ProductStatuses>
<Threats>
<Threat Type="Impact">
<Description>Medium</Description>
</Threat>
</Threats>
<CVSSScoreSets>
<ScoreSet>
<BaseScore>6.2</BaseScore>
<Vector>AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H</Vector>
</ScoreSet>
</CVSSScoreSets>
<Remediations>
<Remediation Type="Vendor Fix">
<Description>kernel security update</Description>
<DATE>2022-01-07</DATE>
<URL>https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1484</URL>
</Remediation>
</Remediations>
</Vulnerability>
<Vulnerability Ordinal="11" xmlns="http://www.icasi.org/CVRF/schema/vuln/1.1">
<Notes>
<Note Title="Vulnerability Description" Type="General" Ordinal="11" xml:lang="en">Running PV backends in driver domains has one primary security advantage,if a driver domain gets compromised, it doesn't have the privileges to take over the system. However, a malicious driver domain could try to attack other guests via sending events at a high frequency leading to a Denial of Service in the guest due to trying to service interrupts for elongated amounts of time. </Note>
</Notes>
<ReleaseDate>2022-01-07</ReleaseDate>
<CVE>CVE-2021-28711</CVE>
<ProductStatuses>
<Status Type="Fixed">
<ProductID>openEuler-20.03-LTS-SP1</ProductID>
<ProductID>openEuler-20.03-LTS-SP2</ProductID>
<ProductID>openEuler-20.03-LTS-SP3</ProductID>
</Status>
</ProductStatuses>
<Threats>
<Threat Type="Impact">
<Description>Medium</Description>
</Threat>
</Threats>
<CVSSScoreSets>
<ScoreSet>
<BaseScore>6.2</BaseScore>
<Vector>AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H</Vector>
</ScoreSet>
</CVSSScoreSets>
<Remediations>
<Remediation Type="Vendor Fix">
<Description>kernel security update</Description>
<DATE>2022-01-07</DATE>
<URL>https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1484</URL>
</Remediation>
</Remediations>
</Vulnerability>
</cvrfdoc>
Reference in New Issue View Git Blame Copy Permalink