Detections
Analytics
EulerOS 2.0 SP12 : kernel (EulerOS-SA-2025-1590)
high Nessus Plugin ID 238183
Synopsis
The remote EulerOS host is missing multiple security updates.Description
According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :xsk: Fix race at socket teardown(CVE-2022-49215)
acct: perform last write from workqueue(CVE-2025-21846)
nvme-pci: fix a NULL pointer dereference in nvme_alloc_admin_tags(CVE-2022-49492)
drop_monitor: fix incorrect initialization order(CVE-2025-21862)
iommu/arm-smmu-v3: check return value after calling platform_get_resource().(CVE-2022-49319)
ipv4: Fix a data-race around sysctl_fib_sync_mem.(CVE-2022-49637)
memcg: fix soft lockup in the OOM process(CVE-2024-57977)
ima: Fix potential memory leak in ima_init_crypto().(CVE-2022-49627)
rdma/cxgb4: Prevent potential integer overflow on 32bit(CVE-2024-57973)
tracing: Make sure trace_printk() can output as soon as it can be used(CVE-2023-53007)
trace_events_hist: add check for return value of 'create_hist_field'(CVE-2023-53005)
Squashfs: fix handling and sanity checking of xattr_ids count(CVE-2023-52933)
tcp: Fix a data-race around sysctl_tcp_probe_threshold.(CVE-2022-49595)
tcp: Fix data-races around sysctl_tcp_min_snd_mss.(CVE-2022-49596)
tcp: Fix data-races around sysctl_tcp_base_mss.(CVE-2022-49597)
tcp: Fix data-races around sysctl_tcp_l3mdev_accept.(CVE-2022-49599)
hrtimers: Force migrate away hrtimers queued after CPUHP_AP_HRTIMERS_DYING(CVE-2025-21816)
RDMA/hfi1: Prevent use of lock before it is initialized(CVE-2022-49433)
openvswitch: fix lockup on tx to unregistering netdev with carrier(CVE-2025-21681)
net: hns3: add vlan list lock to protect vlan list(CVE-2022-49182)
driver: base: fix UAF when driver_attach failed(CVE-2022-49385)
ubi: ubi_create_volume: Fix use-after-free when volume creation failed(CVE-2022-49388)
rtc: pcf85063: fix potential OOB write in PCF85063 NVMEM read(CVE-2024-58069)
lz4: fix LZ4_decompress_safe_partial read out of bound(CVE-2022-49078)
um: Fix out-of-bounds read in LDT setup(CVE-2022-49395)
KVM: Explicitly verify target vCPU is online in kvm_get_vcpu().(CVE-2024-58083)
ipv6: mcast: extend RCU protection in igmp6_send().(CVE-2025-21759)
vsock: Keep the binding until socket destruction(CVE-2025-21756)
pps: Fix a use-after-free(CVE-2024-57979)
RDMA/hfi1: Fix use-after-free bug for mm struct(CVE-2022-49076)
padata: fix UAF in padata_reorder(CVE-2025-21727)
net: bonding: fix use-after-free after 802.3ad slave unbind(CVE-2022-49667)
netfilter: nf_tables: avoid skb access on nf_stolen(CVE-2022-49622)
srcu: Tighten cleanup_srcu_struct() GP checks(CVE-2022-49651)
openvswitch: use RCU protection in ovs_vport_cmd_fill_info().(CVE-2025-21761)
cgroup: Use separate src/dst nodes when preloading css_sets for migration(CVE-2022-49647)
ice: arfs: fix use-after-free when freeing @rx_cpu_rmap(CVE-2022-49063)
sfc: fix use after free when disabling sriov(CVE-2022-49626)
macsec: fix UAF bug for real_dev(CVE-2022-49390)
ndisc: extend RCU protection in ndisc_send_skb().(CVE-2025-21760)
nfsd: release svc_expkey(CVE-2024-53216)
nfsd: make sure exp active before svc_export_show(CVE-2024-56558)
net: sched: Disallow replacing of child qdisc from one parent to another(CVE-2025-21700)
tipc: fix use-after-free Read in tipc_named_reinit(CVE-2022-49696)
arp: use RCU protection in arp_xmit().(CVE-2025-21762)
nfsd: clear acl_access/acl_default after releasing them(CVE-2025-21796)
ndisc: use RCU protection in ndisc_alloc_skb().(CVE-2025-21764)
neighbour: use RCU protection in __neigh_notify().(CVE-2025-21763)
scsi: hisi_sas: Free irq vectors in order for v3 HW(CVE-2022-49118)
drm/plane: Move range check for format_count earlier(CVE-2021-47659)
USB: hub: Ignore non-compliant devices with too many configs or interfaces(CVE-2025-21776)
MIPS: pgalloc: fix memory leak caused by pgd_free().(CVE-2022-49210)
bpf: avoid holding freeze_mutex during mmap operation(CVE-2025-21853)
ip: Fix data-races around sysctl_ip_fwd_use_pmtu.(CVE-2022-49604)
linux/dim: Fix divide by 0 in RDMA DIM(CVE-2022-49670)
HID: multitouch: Add NULL check in mt_input_configured(CVE-2024-58020)
nfp: bpf: Add check for nfp_app_ctrl_msg_alloc().(CVE-2025-21848)
net: tipc: fix possible refcount leak in tipc_sk_create()(CVE-2022-49620)
bpf, sockmap: Fix memleak in tcp_bpf_sendmsg while sk msg is full(CVE-2022-49209)
net: remove two BUG() from skb_checksum_help().(CVE-2022-49497)
usbnet: fix memory leak in error case(CVE-2022-49657)
usbnet: fix memory leak in error case(CVE-2022-49589)
ip: Fix a data-race around sysctl_ip_autobind_reuse.(CVE-2022-49600)
cipso: Fix data-races around sysctl.(CVE-2022-49639)
KVM: x86: Reject Hyper-V's SEND_IPI hypercalls if local APIC isn't in-kernel(CVE-2025-21779)
nexthop: Fix data-races around nexthop_compat_mode.(CVE-2022-49629)
tracing/histograms: Fix memory leak problem(CVE-2022-49648)
SUNRPC: Fix the svc_deferred_event trace class(CVE-2022-49065)
af_unix: Fix a data-race in unix_dgram_peer_wake_me().(CVE-2022-49344)
usb: xhci: Fix NULL pointer dereference on certain command aborts(CVE-2024-57981)
ceph: fix memory leak in ceph_readdir when note_last_dentry returns error(CVE-2022-49107)
NFSv4.2: fix reference count leaks in _nfs42_proc_copy_notify().(CVE-2022-49103)
io_uring: fix memory leak of uid in files registration(CVE-2022-49144)
RDMA/cm: Fix memory leak in ib_cm_insert_listen(CVE-2022-49671)
ip: Fix a data-race around sysctl_fwmark_reflect.(CVE-2022-49602)
hwrng: cavium - fix NULL but dereferenced coccicheck error(CVE-2022-49177)
mlxsw: spectrum: Guard against invalid local ports(CVE-2022-49134)
raw: Fix a data-race around sysctl_raw_l3mdev_accept.(CVE-2022-49631)
icmp: Fix data-races around sysctl.(CVE-2022-49638)
tty: synclink_gt: Fix null-pointer-dereference in slgt_clean().(CVE-2022-49307)
iommu/arm-smmu: fix possible null-ptr-deref in arm_smmu_device_probe().(CVE-2022-49323)
drm/virtio: fix NULL pointer dereference in virtio_gpu_conn_get_modes(CVE-2022-49532)
scsi: qla2xxx: Suppress a kernel complaint in qla_create_qpair().(CVE-2022-49155)
tipc: move bc link creation back to tipc_node_create(CVE-2022-49664)
NFSv4: Don't hold the layoutget locks across multiple RPC calls(CVE-2022-49316)
icmp: Fix a data-race around sysctl_icmp_errors_use_inbound_ifaddr.(CVE-2022-49632)
xprtrdma: treat all calls not a bcall when bc_serv is NULL(CVE-2022-49321)
net: phy: micrel: Allow probing without .driver_data(CVE-2022-49472)
tcp/dccp: Fix a data-race around sysctl_tcp_fwmark_accept.(CVE-2022-49601)
kernel/resource: fix kfree() of bootmem memory again(CVE-2022-49190)
vrf: use RCU protection in l3mdev_l3_out().(CVE-2025-21791)
tcp: Fix a data-race around sysctl_tcp_ecn_fallback.(CVE-2022-49630)
i2c: dev: check return value when calling dev_set_name().(CVE-2022-49046)
list: fix a data-race around ep-rdllist(CVE-2022-49443)
perf/core: Fix data race between perf_event_set_output() and perf_mmap_close()(CVE-2022-49607)
drm/amd/display: Fix memory leak(CVE-2022-49135)
ip: Fix data-races around sysctl_ip_fwd_update_priority.(CVE-2022-49603)
media: uvcvideo: Fix double free in error path(CVE-2024-57980)
io_uring: prevent opcode speculation(CVE-2025-21863)
geneve: Fix use-after-free in geneve_find_dev().(CVE-2025-21858)
arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array(CVE-2025-21785)
igb: fix a use-after-free issue in igb_clean_tx_ring(CVE-2022-49695)
rxrpc: Fix listen() setting the bar too high for the prealloc rings(CVE-2022-49450)
tty: fix deadlock caused by calling printk() under tty_port-lock(CVE-2022-49441)
media: pvrusb2: fix array-index-out-of-bounds in pvr2_i2c_core_init(CVE-2022-49478)
ima: Fix a potential integer overflow in ima_appraise_measurement(CVE-2022-49643)
scsi: qla2xxx: Fix scheduling while atomic(CVE-2022-49156)
scsi: lpfc: Fix SCSI I/O completion and abort handler deadlock(CVE-2022-49536)
mm/mempolicy: fix uninit-value in mpol_rebind_policy().(CVE-2022-49567)
KVM: VMX: Prevent RSB underflow before vmenter(CVE-2022-49610)
dm raid: fix KASAN warning in raid5_add_disks(CVE-2022-49673)
tpm: Change to kvalloc() in eventlog/acpi.c(CVE-2024-58005)
media: uvcvideo: Remove dangling pointers(CVE-2024-58002)
padata: avoid UAF for reorder_work(CVE-2025-21726)
ARM: hisi: Add missing of_node_put after of_find_compatible_node(CVE-2022-49447)
ptp: Ensure info-enable callback is always set(CVE-2025-21814)
bpf: Send signals asynchronously if !preemptible(CVE-2025-21728)
ext4: don't BUG if someone dirty pages without asking ext4 first(CVE-2022-49171)
ext4: fix ext4_mb_mark_bb() with flex_bg with fast_commit(CVE-2022-49174)
dax: make sure inodes are flushed before destroy cache(CVE-2022-49220)
ext4: avoid cycles in directory h-tree(CVE-2022-49343)
ext4: fix bug_on in ext4_writepages(CVE-2022-49347)
ext4: filter out EXT4_FC_REPLAY from on-disk superblock field s_state(CVE-2022-49348)
ext4: fix use-after-free in ext4_rename_dir_prepare(CVE-2022-49349)
ext4: fix warning in ext4_handle_inode_extension(CVE-2022-49352)
PCI: Avoid pci_dev_lock() AB/BA deadlock with sriov_numvfs_store().(CVE-2022-49434)
x86/MCE/AMD: Fix memory leak when threshold_create_bank() fails(CVE-2022-49549)
scsi: lpfc: Fix null pointer dereference after failing to issue FLOGI and PLOGI(CVE-2022-49535)
crypto: qat - add param check for RSA(CVE-2022-49563)
dmaengine: idxd: Fix the error handling path in idxd_cdev_register()(CVE-2022-49422)
RDMA/mlx5: Fix memory leak in error flow for subscribe event routine(CVE-2022-49206)
bpf, arm64: Clear prog-jited_len along prog-jited(CVE-2022-49341)
bpf: Fix UAF due to race between btf_try_get_module and load_module(CVE-2022-49236)
bpf: Fix potential array overflow in bpf_trampoline_get_progs().(CVE-2022-49548)
bpf: Fix insufficient bounds propagation from adjust_scalar_min_max_vals(CVE-2022-49658)
zsmalloc: fix races between asynchronous zspage free and page migration(CVE-2022-49554)
tpm: fix reference counting for struct tpm_chip(CVE-2022-49287)
netfilter: nf_tables: initialize registers in nft_do_chain().(CVE-2022-49293)
dm ioctl: prevent potential spectre v1 gadget(CVE-2022-49122)
scsi: sd: Fix potential NULL pointer dereference(CVE-2022-49376)
sysctl: Fix data races in proc_douintvec_minmax().(CVE-2022-49640)
sysctl: Fix data races in proc_douintvec().(CVE-2022-49641)
scsi: libfc: Fix use after free in fc_exch_abts_resp().(CVE-2022-49114)
nbd: don't allow reconnect after disconnect(CVE-2025-21731)
tpm: use try_get_ops() in tpm-space.c(CVE-2022-49286)
cifs: potential buffer overflow in handling symlinks(CVE-2022-49058)
extcon: Modify extcon device to be created after driver data is set(CVE-2022-49308)
bfq: Update cgroup information before merging bio(CVE-2022-49413)
cifs: prevent bad output lengths in smb2_ioctl_query_info().(CVE-2022-49271)
media: cx24116: prevent overflows on SNR calculus(CVE-2024-50290)
thermal/core: Fix memory leak in __thermal_cooling_device_register().(CVE-2022-49468)
nbd: call genl_unregister_family() first in nbd_cleanup().(CVE-2022-49295)
blk-mq: don't touch -tagset in blk_mq_get_sq_hctx(CVE-2022-49377)
bfq: Make sure bfqg for which we are queueing requests is online(CVE-2022-49411)
nvdimm: Fix firmware activation deadlock scenarios(CVE-2022-49446)
crypto: qat - add param check for DH(CVE-2022-49564)
nbd: fix race between nbd_alloc_config() and module removal(CVE-2022-49300)
nbd: fix io hung while disconnecting device(CVE-2022-49297)
net: usb: rtl8150: enable basic endpoint checking(CVE-2025-21708)
scsi: target: tcmu: Fix possible page UAF(CVE-2022-49053)
block: don't delete queue kobject before its children(CVE-2022-49259)
md/bitmap: don't set sb values if can't pass sanity check(CVE-2022-49526)
mm/slub: add missing TID updates on slab deactivation(CVE-2022-49700)
block: Fix handling of offline queues in blk_mq_alloc_request_hctx().(CVE-2022-49720)
ext4: fix race condition between ext4_write and ext4_convert_inline_data(CVE-2022-49414)
ext4: fix bug_on in __es_tree_search(CVE-2022-49409)
net: hns3: fix oops when unload drivers paralleling(CVE-2025-21802)
irqchip/gic-v3: Fix refcount leak in gic_populate_ppi_partitions(CVE-2022-49715)
mm/mempolicy: fix mpol_new leak in shared_policy_replace(CVE-2022-49080)
ext4: fix bug_on ext4_mb_use_inode_pa(CVE-2022-49708)
ext4: add reserved GDT blocks check(CVE-2022-49707)
irqchip/gic-v3: Fix error handling in gic_populate_ppi_partitions(CVE-2022-49716)
mm: fix unexpected zeroed page mapping with zram swap(CVE-2022-49052)
scsi: qla2xxx: Fix crash during module load unload test(CVE-2022-49160)
sctp: sysctl: rto_min/max: avoid using current-nsproxy(CVE-2025-21639)
crypto: qat - fix memory leak in RSA(CVE-2022-49566)
net/mlx5: Fix variable not being completed when function returns(CVE-2025-21662)
scsi: storvsc: Ratelimit warning logs to prevent VM denial of service(CVE-2025-21690)
vfio/platform: check the bounds of read/write syscalls(CVE-2025-21687)
USB: serial: quatech2: fix null-ptr-deref in qt2_process_read_urb().(CVE-2025-21689)
ipvs: fix UB due to uninitialized stack access in ip_vs_protocol_init().(CVE-2024-53680)
bpf: fix recursive lock when verdict program return SK_PASS(CVE-2024-56694)
mm: zswap: properly synchronize freeing resources during CPU hotunplug(CVE-2025-21693)
ovl: fix UAF in ovl_dentry_update_reval by moving dput() in ovl_link_up(CVE-2025-21887)
net: asix: add proper error handling of usb read errors(CVE-2022-49226)
mm/khugepaged: fix -anon_vma race(CVE-2023-52935)
HID: core: Fix assumption that Resolution Multipliers must be in Logical Collections(CVE-2024-57986)
proc: fix UAF in proc_get_inode().(CVE-2025-21999)
smb: client: Add check for next_buffer in receive_encrypted_standard().(CVE-2025-21844)
exec: don't WARN for racy path_noexec check(CVE-2024-50010)
kthread: unpark only parked kthread(CVE-2024-50019)
Tenable has extracted the preceding description block directly from the EulerOS kernel security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Update the affected kernel packages.See Also
Plugin Details
Severity: High
ID: 238183
File Name: EulerOS_SA-2025-1590.nasl
Version: 1.1
Type: local
Family: Huawei Local Security Checks
Published: 6/11/2025
Updated: 6/11/2025
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Critical
Score: 9.0
CVSS v2
Risk Factor: Medium
Base Score: 6.8
Temporal Score: 5.3
Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C
CVSS Score Source: CVE-2025-21863
CVSS v3
Risk Factor: High
Base Score: 7.8
Temporal Score: 7
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C
Vulnerability Information
CPE: p-cpe:/a:huawei:euleros:kernel-tools-libs, p-cpe:/a:huawei:euleros:bpftool, p-cpe:/a:huawei:euleros:kernel-tools, p-cpe:/a:huawei:euleros:kernel, p-cpe:/a:huawei:euleros:python3-perf, p-cpe:/a:huawei:euleros:kernel-abi-stablelists, cpe:/o:huawei:euleros:2.0
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/EulerOS/release, Host/EulerOS/rpm-list, Host/EulerOS/sp
Excluded KB Items: Host/EulerOS/uvp_version
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 6/9/2025
Vulnerability Publication Date: 4/7/2022
Reference Information
CVE: CVE-2021-47659, CVE-2022-49046, CVE-2022-49052, CVE-2022-49053, CVE-2022-49058, CVE-2022-49063, CVE-2022-49065, CVE-2022-49076, CVE-2022-49078, CVE-2022-49080, CVE-2022-49103, CVE-2022-49107, CVE-2022-49114, CVE-2022-49118, CVE-2022-49122, CVE-2022-49134, CVE-2022-49135, CVE-2022-49144, CVE-2022-49155, CVE-2022-49156, CVE-2022-49160, CVE-2022-49171, CVE-2022-49174, CVE-2022-49177, CVE-2022-49182, CVE-2022-49190, CVE-2022-49206, CVE-2022-49209, CVE-2022-49210, CVE-2022-49215, CVE-2022-49220, CVE-2022-49226, CVE-2022-49236, CVE-2022-49259, CVE-2022-49271, CVE-2022-49286, CVE-2022-49287, CVE-2022-49293, CVE-2022-49295, CVE-2022-49297, CVE-2022-49300, CVE-2022-49307, CVE-2022-49308, CVE-2022-49316, CVE-2022-49319, CVE-2022-49321, CVE-2022-49323, CVE-2022-49341, CVE-2022-49343, CVE-2022-49344, CVE-2022-49347, CVE-2022-49348, CVE-2022-49349, CVE-2022-49352, CVE-2022-49376, CVE-2022-49377, CVE-2022-49385, CVE-2022-49388, CVE-2022-49390, CVE-2022-49395, CVE-2022-49409, CVE-2022-49411, CVE-2022-49413, CVE-2022-49414, CVE-2022-49422, CVE-2022-49433, CVE-2022-49434, CVE-2022-49441, CVE-2022-49443, CVE-2022-49446, CVE-2022-49447, CVE-2022-49450, CVE-2022-49468, CVE-2022-49472, CVE-2022-49478, CVE-2022-49492, CVE-2022-49497, CVE-2022-49526, CVE-2022-49532, CVE-2022-49535, CVE-2022-49536, CVE-2022-49548, CVE-2022-49549, CVE-2022-49554, CVE-2022-49563, CVE-2022-49564, CVE-2022-49566, CVE-2022-49567, CVE-2022-49589, CVE-2022-49595, CVE-2022-49596, CVE-2022-49597, CVE-2022-49599, CVE-2022-49600, CVE-2022-49601, CVE-2022-49602, CVE-2022-49603, CVE-2022-49604, CVE-2022-49607, CVE-2022-49610, CVE-2022-49620, CVE-2022-49622, CVE-2022-49626, CVE-2022-49627, CVE-2022-49629, CVE-2022-49630, CVE-2022-49631, CVE-2022-49632, CVE-2022-49637, CVE-2022-49638, CVE-2022-49639, CVE-2022-49640, CVE-2022-49641, CVE-2022-49643, CVE-2022-49647, CVE-2022-49648, CVE-2022-49651, CVE-2022-49657, CVE-2022-49658, CVE-2022-49664, CVE-2022-49667, CVE-2022-49670, CVE-2022-49671, CVE-2022-49673, CVE-2022-49695, CVE-2022-49696, CVE-2022-49700, CVE-2022-49707, CVE-2022-49708, CVE-2022-49715, CVE-2022-49716, CVE-2022-49720, CVE-2023-52933, CVE-2023-52935, CVE-2023-53005, CVE-2023-53007, CVE-2024-50010, CVE-2024-50019, CVE-2024-50290, CVE-2024-53216, CVE-2024-53680, CVE-2024-56558, CVE-2024-56694, CVE-2024-57973, CVE-2024-57977, CVE-2024-57979, CVE-2024-57980, CVE-2024-57981, CVE-2024-57986, CVE-2024-58002, CVE-2024-58005, CVE-2024-58020, CVE-2024-58069, CVE-2024-58083, CVE-2025-21639, CVE-2025-21662, CVE-2025-21681, CVE-2025-21687, CVE-2025-21689, CVE-2025-21690, CVE-2025-21693, CVE-2025-21700, CVE-2025-21708, CVE-2025-21726, CVE-2025-21727, CVE-2025-21728, CVE-2025-21731, CVE-2025-21756, CVE-2025-21759, CVE-2025-21760, CVE-2025-21761, CVE-2025-21762, CVE-2025-21763, CVE-2025-21764, CVE-2025-21776, CVE-2025-21779, CVE-2025-21785, CVE-2025-21791, CVE-2025-21796, CVE-2025-21802, CVE-2025-21814, CVE-2025-21816, CVE-2025-21844, CVE-2025-21846, CVE-2025-21848, CVE-2025-21853, CVE-2025-21858, CVE-2025-21862, CVE-2025-21863, CVE-2025-21887, CVE-2025-21999