CVE-2024-53095

一、漏洞信息
 漏洞编号：[CVE-2024-53095](https://nvd.nist.gov/vuln/detail/CVE-2024-53095)
 漏洞归属组件：[kernel](https://gitee.com/src-openeuler/kernel)
 漏洞归属的版本：4.19.140,4.19.194,4.19.90,5.10.0,6.1.19,6.4.0,6.6.0
 CVSS V3.0分值：
  BaseScore：7.8 High
  Vector：CVSS：3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
 漏洞简述：
  In the Linux kernel, the following vulnerability has been resolved:smb: client: Fix use-after-free of network namespace.Recently, we got a customer report that CIFS triggers oops whilereconnecting to a server.  [0]The workload runs on Kubernetes, and some pods mount CIFS serversin non-root network namespaces.  The problem rarely happened, butit was always while the pod was dying.The root cause is wrong reference counting for network namespace.CIFS uses kernel sockets, which do not hold refcnt of the netns thatthe socket belongs to.  That means CIFS must ensure the socket isalways freed before its netns; otherwise, use-after-free happens.The repro steps are roughly:  1. mount CIFS in a non-root netns  2. drop packets from the netns  3. destroy the netns  4. unmount CIFSWe can reproduce the issue quickly with the script [1] below and seethe splat [2] if CONFIG_NET_NS_REFCNT_TRACKER is enabled.When the socket is TCP, it is hard to guarantee the netns lifetimewithout holding refcnt due to async timers.Let s hold netns refcnt for each socket as done for SMC in commit9744d2bf1976 ( smc: Fix use-after-free in tcp_write_timer_handler(). ).Note that we need to move put_net() from cifs_put_tcp_session() toclean_demultiplex_info(); otherwise, __sock_create() still could touch afreed netns while cifsd tries to reconnect from cifs_demultiplex_thread().Also, maybe_get_net() cannot be put just before __sock_create() becausethe code is not under RCU and there is a small chance that the sameaddress happened to be reallocated to another netns.[0]:CIFS: VFS:   XXXXXXXXXXX has not responded in 15 seconds. Reconnecting...CIFS: Serverclose failed 4 times, giving upUnable to handle kernel paging request at virtual address 14de99e461f84a07Mem abort info:  ESR = 0x0000000096000004  EC = 0x25: DABT (current EL), IL = 32 bits  SET = 0, FnV = 0  EA = 0, S1PTW = 0  FSC = 0x04: level 0 translation faultData abort info:  ISV = 0, ISS = 0x00000004  CM = 0, WnR = 0[14de99e461f84a07] address between user and kernel address rangesInternal error: Oops: 0000000096000004 [#1] SMPModules linked in: cls_bpf sch_ingress nls_utf8 cifs cifs_arc4 cifs_md4 dns_resolver tcp_diag inet_diag veth xt_state xt_connmark nf_conntrack_netlink xt_nat xt_statistic xt_MASQUERADE xt_mark xt_addrtype ipt_REJECT nf_reject_ipv4 nft_chain_nat nf_nat xt_conntrack nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 xt_comment nft_compat nf_tables nfnetlink overlay nls_ascii nls_cp437 sunrpc vfat fat aes_ce_blk aes_ce_cipher ghash_ce sm4_ce_cipher sm4 sm3_ce sm3 sha3_ce sha512_ce sha512_arm64 sha1_ce ena button sch_fq_codel loop fuse configfs dmi_sysfs sha2_ce sha256_arm64 dm_mirror dm_region_hash dm_log dm_mod dax efivarfsCPU: 5 PID: 2690970 Comm: cifsd Not tainted 6.1.103-109.184.amzn2023.aarch64 #1Hardware name: Amazon EC2 r7g.4xlarge/, BIOS 1.0 11/1/2018pstate: 00400005 (nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)pc : fib_rules_lookup+0x44/0x238lr : __fib_lookup+0x64/0xbcsp : ffff8000265db790x29: ffff8000265db790 x28: 0000000000000000 x27: 000000000000bd01x26: 0000000000000000 x25: ffff000b4baf8000 x24: ffff00047b5e4580x23: ffff8000265db7e0 x22: 0000000000000000 x21: ffff00047b5e4500x20: ffff0010e3f694f8 x19: 14de99e461f849f7 x18: 0000000000000000x17: 0000000000000000 x16: 0000000000000000 x15: 0000000000000000x14: 0000000000000000 x13: 0000000000000000 x12: 3f92800abd010002x11: 0000000000000001 x10: ffff0010e3f69420 x9 : ffff800008a6f294x8 : 0000000000000000 x7 : 0000000000000006 x6 : 0000000000000000x5 : 0000000000000001 x4 : ffff001924354280 x3 : ffff8000265db7e0x2 : 0000000000000000 x1 : ffff0010e3f694f8 x0 : ffff00047b5e4500Call trace: fib_rules_lookup+0x44/0x238 __fib_lookup+0x64/0xbc ip_route_output_key_hash_rcu+0x2c4/0x398 ip_route_output_key_hash+0x60/0x8c tcp_v4_connect+0x290/0x488 __inet_stream_connect+0x108/0x3d0 inet_stream_connect+0x50/0x78 kernel_connect+0x6c/0xac generic_ip_conne---truncated---
 漏洞公开时间：2024-11-22 03:15:12
 漏洞创建时间：2024-11-22 04:49:20
 漏洞详情参考链接：
  https://nvd.nist.gov/vuln/detail/CVE-2024-53095
<details>
<summary>更多参考(点击展开)</summary>

| 参考来源 | 参考链接 | 来源链接 |
| ------- | -------- | -------- |
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | https://git.kernel.org/stable/c/c7f9282fc27fc36dbaffc8527c723de264a132f8 |  |
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | https://git.kernel.org/stable/c/e8c71494181153a134c96da28766a57bd1eac8cb |  |
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | https://git.kernel.org/stable/c/ef7134c7fc48e1441b398e55a862232868a6f0a7 |  |
| suse_bugzilla | http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-53095 | https://bugzilla.suse.com/show_bug.cgi?id=1233642 |
| suse_bugzilla | https://git.kernel.org/pub/scm/linux/security/vulns.git/plain/cve/published/2024/CVE-2024-53095.mbox | https://bugzilla.suse.com/show_bug.cgi?id=1233642 |
| suse_bugzilla | https://git.kernel.org/stable/c/e8c71494181153a134c96da28766a57bd1eac8cb | https://bugzilla.suse.com/show_bug.cgi?id=1233642 |
| suse_bugzilla | https://git.kernel.org/stable/c/c7f9282fc27fc36dbaffc8527c723de264a132f8 | https://bugzilla.suse.com/show_bug.cgi?id=1233642 |
| suse_bugzilla | https://git.kernel.org/stable/c/ef7134c7fc48e1441b398e55a862232868a6f0a7 | https://bugzilla.suse.com/show_bug.cgi?id=1233642 |
| suse_bugzilla | https://www.cve.org/CVERecord?id=CVE-2024-53095 | https://bugzilla.suse.com/show_bug.cgi?id=1233642 |
| redhat_bugzilla | https://lore.kernel.org/linux-cve-announce/2024112152-CVE-2024-53095-7ffd@gregkh/T | https://bugzilla.redhat.com/show_bug.cgi?id=2327888 |
| debian |  | https://security-tracker.debian.org/tracker/CVE-2024-53095 |
| mageia |  | http://advisories.mageia.org/MGASA-2024-0392.html |

</details>

漏洞分析指导链接：
  https://gitee.com/openeuler/cve-manager/blob/master/cve-vulner-manager/doc/md/manual.md
 漏洞数据来源:
  openBrain开源漏洞感知系统
 漏洞补丁信息：
  <details>
<summary>详情(点击展开)</summary>

| 影响的包 | 修复版本 | 修复补丁 | 问题引入补丁 | 来源  |
| ------- | -------- | ------- | -------- | --------- |
|  |  | https://git.kernel.org/stable/c/c7f9282fc27fc36dbaffc8527c723de264a132f8 |  | nvd |
|  |  | https://git.kernel.org/stable/c/e8c71494181153a134c96da28766a57bd1eac8cb |  | nvd |
|  |  | https://git.kernel.org/stable/c/ef7134c7fc48e1441b398e55a862232868a6f0a7 |  | nvd |
| linux_kernel | 6.6.62 | https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=e8c714941811Issue | https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=26abe14379f8 | linuxkernelcves |
| linux_kernel | 6.11.9 | https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=c7f9282fc27fIssue | https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=26abe14379f8 | linuxkernelcves |
| linux_kernel | 6.12 | https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=ef7134c7fc48Please | https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=26abe14379f8 | linuxkernelcves |

</details>

二、漏洞分析结构反馈
 影响性分析说明：
  In the Linux kernel, the following vulnerability has been resolved:smb: client: Fix use-after-free of network namespace.Recently, we got a customer report that CIFS triggers oops whilereconnecting to a server.  [0]The workload runs on Kubernetes, and some pods mount CIFS serversin non-root network namespaces.  The problem rarely happened, butit was always while the pod was dying.The root cause is wrong reference counting for network namespace.CIFS uses kernel sockets, which do not hold refcnt of the netns thatthe socket belongs to.  That means CIFS must ensure the socket isalways freed before its netns; otherwise, use-after-free happens.The repro steps are roughly:  1. mount CIFS in a non-root netns  2. drop packets from the netns  3. destroy the netns  4. unmount CIFSWe can reproduce the issue quickly with the script [1] below and seethe splat [2] if CONFIG_NET_NS_REFCNT_TRACKER is enabled.When the socket is TCP, it is hard to guarantee the netns lifetimewithout holding refcnt due to async timers.Let s hold netns refcnt for each socket as done for SMC in commit9744d2bf1976 ( smc: Fix use-after-free in tcp_write_timer_handler(). ).Note that we need to move put_net() from cifs_put_tcp_session() toclean_demultiplex_info(); otherwise, __sock_create() still could touch afreed netns while cifsd tries to reconnect from cifs_demultiplex_thread().Also, maybe_get_net() cannot be put just before __sock_create() becausethe code is not under RCU and there is a small chance that the sameaddress happened to be reallocated to another netns.[0]:CIFS: VFS:   XXXXXXXXXXX has not responded in 15 seconds. Reconnecting...CIFS: Serverclose failed 4 times, giving upUnable to handle kernel paging request at virtual address 14de99e461f84a07Mem abort info:  ESR = 0x0000000096000004  EC = 0x25: DABT (current EL), IL = 32 bits  SET = 0, FnV = 0  EA = 0, S1PTW = 0  FSC = 0x04: level 0 translation faultData abort info:  ISV = 0, ISS = 0x00000004  CM = 0, WnR = 0[14de99e461f84a07] address between user and kernel address rangesInternal error: Oops: 0000000096000004 [#1] SMPModules linked in: cls_bpf sch_ingress nls_utf8 cifs cifs_arc4 cifs_md4 dns_resolver tcp_diag inet_diag veth xt_state xt_connmark nf_conntrack_netlink xt_nat xt_statistic xt_MASQUERADE xt_mark xt_addrtype ipt_REJECT nf_reject_ipv4 nft_chain_nat nf_nat xt_conntrack nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 xt_comment nft_compat nf_tables nfnetlink overlay nls_ascii nls_cp437 sunrpc vfat fat aes_ce_blk aes_ce_cipher ghash_ce sm4_ce_cipher sm4 sm3_ce sm3 sha3_ce sha512_ce sha512_arm64 sha1_ce ena button sch_fq_codel loop fuse configfs dmi_sysfs sha2_ce sha256_arm64 dm_mirror dm_region_hash dm_log dm_mod dax efivarfsCPU: 5 PID: 2690970 Comm: cifsd Not tainted 6.1.103-109.184.amzn2023.aarch64 #1Hardware name: Amazon EC2 r7g.4xlarge/, BIOS 1.0 11/1/2018pstate: 00400005 (nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)pc : fib_rules_lookup+0x44/0x238lr : __fib_lookup+0x64/0xbcsp : ffff8000265db790x29: ffff8000265db790 x28: 0000000000000000 x27: 000000000000bd01x26: 0000000000000000 x25: ffff000b4baf8000 x24: ffff00047b5e4580x23: ffff8000265db7e0 x22: 0000000000000000 x21: ffff00047b5e4500x20: ffff0010e3f694f8 x19: 14de99e461f849f7 x18: 0000000000000000x17: 0000000000000000 x16: 0000000000000000 x15: 0000000000000000x14: 0000000000000000 x13: 0000000000000000 x12: 3f92800abd010002x11: 0000000000000001 x10: ffff0010e3f69420 x9 : ffff800008a6f294x8 : 0000000000000000 x7 : 0000000000000006 x6 : 0000000000000000x5 : 0000000000000001 x4 : ffff001924354280 x3 : ffff8000265db7e0x2 : 0000000000000000 x1 : ffff0010e3f694f8 x0 : ffff00047b5e4500Call trace: fib_rules_lookup+0x44/0x238 __fib_lookup+0x64/0xbc ip_route_output_key_hash_rcu+0x2c4/0x398 ip_route_output_key_hash+0x60/0x8c tcp_v4_connect+0x290/0x488 __inet_stream_connect+0x108/0x3d0 inet_stream_connect+0x50/0x78 kernel_connect+0x6c/0xac generic_ip_conne---truncated---
 openEuler评分：
  7.8
 Vector：CVSS：3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
 受影响版本排查(受影响/不受影响)：
  1.openEuler-20.03-LTS-SP4(4.19.90):受影响
2.openEuler-22.03-LTS-SP3(5.10.0):受影响
3.openEuler-22.03-LTS-SP4(5.10.0):受影响
4.openEuler-24.03-LTS(6.6.0):受影响
5.openEuler-24.03-LTS-SP1(6.6.0):受影响
6.master(6.6.0):不受影响
7.openEuler-24.03-LTS-Next(6.6.0):不受影响

修复是否涉及abi变化(是/否)：
  1.openEuler-20.03-LTS-SP4(4.19.90):否
2.openEuler-22.03-LTS-SP3(5.10.0):否
3.master(6.6.0):否
4.openEuler-24.03-LTS(6.6.0):否
5.openEuler-24.03-LTS-Next(6.6.0):否
6.openEuler-22.03-LTS-SP4(5.10.0):否
7.openEuler-24.03-LTS-SP1(6.6.0):否

原因说明：
  1.openEuler-20.03-LTS-SP4(4.19.90):正常修复
2.openEuler-22.03-LTS-SP3(5.10.0):正常修复
3.openEuler-22.03-LTS-SP4(5.10.0):正常修复
4.openEuler-24.03-LTS(6.6.0):正常修复
5.openEuler-24.03-LTS-SP1(6.6.0):正常修复
6.master(6.6.0):不受影响-漏洞代码不能被攻击者触发
7.openEuler-24.03-LTS-Next(6.6.0):不受影响-漏洞代码不能被攻击者触发

三、漏洞修复
安全公告链接：https://www.openeuler.org/zh/security/safety-bulletin/detail/?id=openEuler-SA-2024-2591

Hi openeuler-ci-bot, welcome to the openEuler Community.
I'm the Bot here serving you. You can find the instructions on how to interact with me at Here.
If you have any questions, please contact the SIG: Kernel, and any of the maintainers.

@yangyingliang ,@jiaoff ,@guohaocs2c ,@hanjun-guo ,@woqidaideshi ,@newbeats ,@zhangyi089 ,@colyli ,@thundertown ,@htforge ,@chiqijun ,@lengchao ,@zhujianwei001 ,@kylin-mayukun ,@wangxiongfeng ,@wkfxxx ,@SuperSix173 ,@jentlestea ,@oskernel0719 ,@gasonchen 
**issue处理注意事项:** 
**1. 当前issue受影响的分支提交pr时, 须在pr描述中填写当前issue编号进行关联, 否则无法关闭当前issue;**
**2. 模板内容需要填写完整, 无论是受影响或者不受影响都需要填写完整内容,未引入的分支不需要填写, 否则无法关闭当前issue;**
**3. 以下为模板中需要填写完整的内容, 请复制到评论区回复, 注: 内容的标题名称(影响性分析说明, openEuler评分, 受影响版本排查(受影响/不受影响), 修复是否涉及abi变化(是/否), 原因说明)不能省略,省略后cve-manager将无法正常解析填写内容.**
************************************************************************
影响性分析说明:

openEuler评分: (评分和向量)

受影响版本排查(受影响/不受影响): 
1.master(6.6.0):
2.openEuler-20.03-LTS-SP4(4.19.90):
3.openEuler-22.03-LTS-SP1(5.10.0):
4.openEuler-22.03-LTS-SP3(5.10.0):
5.openEuler-22.03-LTS-SP4(5.10.0):
6.openEuler-24.03-LTS(6.6.0):
7.openEuler-24.03-LTS-Next(6.6.0):
8.openEuler-24.03-LTS-SP1:

修复是否涉及abi变化(是/否)：
1.master(6.6.0):
2.openEuler-20.03-LTS-SP4(4.19.90):
3.openEuler-22.03-LTS-SP1(5.10.0):
4.openEuler-22.03-LTS-SP3(5.10.0):
5.openEuler-22.03-LTS-SP4(5.10.0):
6.openEuler-24.03-LTS(6.6.0):
7.openEuler-24.03-LTS-Next(6.6.0):
8.openEuler-24.03-LTS-SP1:

原因说明：
1.master(6.6.0):
2.openEuler-20.03-LTS-SP4(4.19.90):
3.openEuler-22.03-LTS-SP1(5.10.0):
4.openEuler-22.03-LTS-SP3(5.10.0):
5.openEuler-22.03-LTS-SP4(5.10.0):
6.openEuler-24.03-LTS(6.6.0):
7.openEuler-24.03-LTS-Next(6.6.0):
8.openEuler-24.03-LTS-SP1:

issue处理具体操作请参考: 
https://gitee.com/openeuler/cve-manager/blob/master/cve-vulner-manager/doc/md/manual.md
pr关联issue具体操作请参考:
https://gitee.com/help/articles/4142

CVE-2024-53095

影响性分析说明：
In the Linux kernel, the following vulnerability has been resolved:

smb: client: Fix use-after-free of network namespace.

Recently, we got a customer report that CIFS triggers oops while
reconnecting to a server.  [0]

The workload runs on Kubernetes, and some pods mount CIFS servers
in non-root network namespaces.  The problem rarely happened, but
it was always while the pod was dying.

The root cause is wrong reference counting for network namespace.

CIFS uses kernel sockets, which do not hold refcnt of the netns that
the socket belongs to.  That means CIFS must ensure the socket is
always freed before its netns; otherwise, use-after-free happens.

The repro steps are roughly:

1. mount CIFS in a non-root netns
  2. drop packets from the netns
  3. destroy the netns
  4. unmount CIFS

We can reproduce the issue quickly with the script [1] below and see
the splat [2] if CONFIG_NET_NS_REFCNT_TRACKER is enabled.

When the socket is TCP, it is hard to guarantee the netns lifetime
without holding refcnt due to async timers.

Let's hold netns refcnt for each socket as done for SMC in commit
9744d2bf1976 ("smc: Fix use-after-free in tcp_write_timer_handler().").

Note that we need to move put_net() from cifs_put_tcp_session() to
clean_demultiplex_info(); otherwise, __sock_create() still could touch a
freed netns while cifsd tries to reconnect from cifs_demultiplex_thread().

Also, maybe_get_net() cannot be put just before __sock_create() because
the code is not under RCU and there is a small chance that the same
address happened to be reallocated to another netns.

[0]:
CIFS: VFS: \\XXXXXXXXXXX has not responded in 15 seconds. Reconnecting...
CIFS: Serverclose failed 4 times, giving up
Unable to handle kernel paging request at virtual address 14de99e461f84a07
Mem abort info:
  ESR = 0x0000000096000004
  EC = 0x25: DABT (current EL), IL = 32 bits
  SET = 0, FnV = 0
  EA = 0, S1PTW = 0
  FSC = 0x04: level 0 translation fault
Data abort info:
  ISV = 0, ISS = 0x00000004
  CM = 0, WnR = 0
[14de99e461f84a07] address between user and kernel address ranges
Internal error: Oops: 0000000096000004 [#1] SMP
Modules linked in: cls_bpf sch_ingress nls_utf8 cifs cifs_arc4 cifs_md4 dns_resolver tcp_diag inet_diag veth xt_state xt_connmark nf_conntrack_netlink xt_nat xt_statistic xt_MASQUERADE xt_mark xt_addrtype ipt_REJECT nf_reject_ipv4 nft_chain_nat nf_nat xt_conntrack nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 xt_comment nft_compat nf_tables nfnetlink overlay nls_ascii nls_cp437 sunrpc vfat fat aes_ce_blk aes_ce_cipher ghash_ce sm4_ce_cipher sm4 sm3_ce sm3 sha3_ce sha512_ce sha512_arm64 sha1_ce ena button sch_fq_codel loop fuse configfs dmi_sysfs sha2_ce sha256_arm64 dm_mirror dm_region_hash dm_log dm_mod dax efivarfs
CPU: 5 PID: 2690970 Comm: cifsd Not tainted 6.1.103-109.184.amzn2023.aarch64 #1
Hardware name: Amazon EC2 r7g.4xlarge/, BIOS 1.0 11/1/2018
pstate: 00400005 (nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : fib_rules_lookup+0x44/0x238
lr : __fib_lookup+0x64/0xbc
sp : ffff8000265db790
x29: ffff8000265db790 x28: 0000000000000000 x27: 000000000000bd01
x26: 0000000000000000 x25: ffff000b4baf8000 x24: ffff00047b5e4580
x23: ffff8000265db7e0 x22: 0000000000000000 x21: ffff00047b5e4500
x20: ffff0010e3f694f8 x19: 14de99e461f849f7 x18: 0000000000000000
x17: 0000000000000000 x16: 0000000000000000 x15: 0000000000000000
x14: 0000000000000000 x13: 0000000000000000 x12: 3f92800abd010002
x11: 0000000000000001 x10: ffff0010e3f69420 x9 : ffff800008a6f294
x8 : 0000000000000000 x7 : 0000000000000006 x6 : 0000000000000000
x5 : 0000000000000001 x4 : ffff001924354280 x3 : ffff8000265db7e0
x2 : 0000000000000000 x1 : ffff0010e3f694f8 x0 : ffff00047b5e4500
Call trace:
 fib_rules_lookup+0x44/0x238
 __fib_lookup+0x64/0xbc
 ip_route_output_key_hash_rcu+0x2c4/0x398
 ip_route_output_key_hash+0x60/0x8c
 tcp_v4_connect+0x290/0x488
 __inet_stream_connect+0x108/0x3d0
 inet_stream_connect+0x50/0x78
 kernel_connect+0x6c/0xac
 generic_ip_conne
---truncated---

openEuler评分:(评分和向量)
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

受影响版本排查(受影响/不受影响):
1.openEuler-20.03-LTS-SP4:受影响
2.openEuler-22.03-LTS-SP1:受影响
3.openEuler-22.03-LTS-SP3:受影响
4.openEuler-22.03-LTS-SP4:受影响
5.master(6.1.0):不受影响
6.openEuler-24.03-LTS:受影响
7.openEuler-24.03-LTS-Next:不受影响

修复是否涉及abi变化(是/否)：
1.openEuler-20.03-LTS-SP4:否
2.openEuler-22.03-LTS-SP1:否
3.openEuler-22.03-LTS-SP3:否
4.master(6.1.0):否
5.openEuler-24.03-LTS:否
6.openEuler-24.03-LTS-Next:否
7.openEuler-22.03-LTS-SP4:否