Detections
Analytics

EulerOS 2.0 SP13 : kernel (EulerOS-SA-2025-1618)

high Nessus Plugin ID 238210

Synopsis

The remote EulerOS host is missing multiple security updates.

Description

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :

 ipv4: Fix a data-race around sysctl_fib_sync_mem.(CVE-2022-49637)

 ima: Fix potential memory leak in ima_init_crypto().(CVE-2022-49627)

 MIPS: pgalloc: fix memory leak caused by pgd_free().(CVE-2022-49210)

 ip: Fix data-races around sysctl_ip_fwd_use_pmtu.(CVE-2022-49604)

 net: tipc: fix possible refcount leak in tipc_sk_create()(CVE-2022-49620)

 bpf, sockmap: Fix memleak in tcp_bpf_sendmsg while sk msg is full(CVE-2022-49209)

 net: remove two BUG() from skb_checksum_help().(CVE-2022-49497)

 usbnet: fix memory leak in error case(CVE-2022-49657)

 ip: Fix a data-race around sysctl_ip_autobind_reuse.(CVE-2022-49600)

 cipso: Fix data-races around sysctl.(CVE-2022-49639)

 nexthop: Fix data-races around nexthop_compat_mode.(CVE-2022-49629)

 tracing/histograms: Fix memory leak problem(CVE-2022-49648)

 SUNRPC: Fix the svc_deferred_event trace class(CVE-2022-49065)

 af_unix: Fix a data-race in unix_dgram_peer_wake_me().(CVE-2022-49344)

 RDMA/cm: Fix memory leak in ib_cm_insert_listen(CVE-2022-49671)

 ip: Fix a data-race around sysctl_fwmark_reflect.(CVE-2022-49602)

 raw: Fix a data-race around sysctl_raw_l3mdev_accept.(CVE-2022-49631)

 icmp: Fix data-races around sysctl.(CVE-2022-49638)

 tty: synclink_gt: Fix null-pointer-dereference in slgt_clean().(CVE-2022-49307)

 tipc: move bc link creation back to tipc_node_create(CVE-2022-49664)

 icmp: Fix a data-race around sysctl_icmp_errors_use_inbound_ifaddr.(CVE-2022-49632)

 xprtrdma: treat all calls not a bcall when bc_serv is NULL(CVE-2022-49321)

 net: phy: micrel: Allow probing without .driver_data(CVE-2022-49472)

 tcp/dccp: Fix a data-race around sysctl_tcp_fwmark_accept.(CVE-2022-49601)

 ip: Fix data-races around sysctl_ip_fwd_update_priority.(CVE-2022-49603)

 igb: fix a use-after-free issue in igb_clean_tx_ring(CVE-2022-49695)

 rxrpc: Fix listen() setting the bar too high for the prealloc rings(CVE-2022-49450)

 tty: fix deadlock caused by calling printk() under tty_port-lock(CVE-2022-49441)

 media: pvrusb2: fix array-index-out-of-bounds in pvr2_i2c_core_init(CVE-2022-49478)

 ima: Fix a potential integer overflow in ima_appraise_measurement(CVE-2022-49643)

 scsi: qla2xxx: Fix scheduling while atomic(CVE-2022-49156)

 mm/mempolicy: fix uninit-value in mpol_rebind_policy().(CVE-2022-49567)

 dm raid: fix KASAN warning in raid5_add_disks(CVE-2022-49673)

 padata: avoid UAF for reorder_work(CVE-2025-21726)

 ARM: hisi: Add missing of_node_put after of_find_compatible_node(CVE-2022-49447)

 ptp: Ensure info-enable callback is always set(CVE-2025-21814)

 bpf: Send signals asynchronously if !preemptible(CVE-2025-21728)

 ext4: don't BUG if someone dirty pages without asking ext4 first(CVE-2022-49171)

 ext4: fix ext4_mb_mark_bb() with flex_bg with fast_commit(CVE-2022-49174)

 dax: make sure inodes are flushed before destroy cache(CVE-2022-49220)

 ext4: avoid cycles in directory h-tree(CVE-2022-49343)

 ext4: fix bug_on in ext4_writepages(CVE-2022-49347)

 ext4: filter out EXT4_FC_REPLAY from on-disk superblock field s_state(CVE-2022-49348)

 ext4: fix use-after-free in ext4_rename_dir_prepare(CVE-2022-49349)

 ext4: fix warning in ext4_handle_inode_extension(CVE-2022-49352)

 PCI: Avoid pci_dev_lock() AB/BA deadlock with sriov_numvfs_store().(CVE-2022-49434)

 x86/MCE/AMD: Fix memory leak when threshold_create_bank() fails(CVE-2022-49549)

 scsi: lpfc: Fix null pointer dereference after failing to issue FLOGI and PLOGI(CVE-2022-49535)

 crypto: qat - add param check for RSA(CVE-2022-49563)

 dmaengine: idxd: Fix the error handling path in idxd_cdev_register()(CVE-2022-49422)

 RDMA/mlx5: Fix memory leak in error flow for subscribe event routine(CVE-2022-49206)

 bpf, arm64: Clear prog-jited_len along prog-jited(CVE-2022-49341)

 bpf: Fix UAF due to race between btf_try_get_module and load_module(CVE-2022-49236)

 bpf: Fix potential array overflow in bpf_trampoline_get_progs().(CVE-2022-49548)

 bpf: Fix insufficient bounds propagation from adjust_scalar_min_max_vals(CVE-2022-49658)

 zsmalloc: fix races between asynchronous zspage free and page migration(CVE-2022-49554)

 tpm: fix reference counting for struct tpm_chip(CVE-2022-49287)

 netfilter: nf_tables: initialize registers in nft_do_chain().(CVE-2022-49293)

 dm ioctl: prevent potential spectre v1 gadget(CVE-2022-49122)

 scsi: sd: Fix potential NULL pointer dereference(CVE-2022-49376)

 sysctl: Fix data races in proc_douintvec_minmax().(CVE-2022-49640)

 sysctl: Fix data races in proc_douintvec().(CVE-2022-49641)

 scsi: libfc: Fix use after free in fc_exch_abts_resp().(CVE-2022-49114)

 nbd: don't allow reconnect after disconnect(CVE-2025-21731)

 tpm: use try_get_ops() in tpm-space.c(CVE-2022-49286)

 cifs: potential buffer overflow in handling symlinks(CVE-2022-49058)

 extcon: Modify extcon device to be created after driver data is set(CVE-2022-49308)

 bfq: Update cgroup information before merging bio(CVE-2022-49413)

 cifs: prevent bad output lengths in smb2_ioctl_query_info().(CVE-2022-49271)

 media: cx24116: prevent overflows on SNR calculus(CVE-2024-50290)

 thermal/core: Fix memory leak in __thermal_cooling_device_register().(CVE-2022-49468)

 nbd: call genl_unregister_family() first in nbd_cleanup().(CVE-2022-49295)

 blk-mq: don't touch -tagset in blk_mq_get_sq_hctx(CVE-2022-49377)

 bfq: Make sure bfqg for which we are queueing requests is online(CVE-2022-49411)

 nvdimm: Fix firmware activation deadlock scenarios(CVE-2022-49446)

 nbd: fix io hung while disconnecting device(CVE-2022-49297)

 crypto: qat - add param check for DH(CVE-2022-49564)

 nbd: fix race between nbd_alloc_config() and module removal(CVE-2022-49300)

 net: usb: rtl8150: enable basic endpoint checking(CVE-2025-21708)

 scsi: target: tcmu: Fix possible page UAF(CVE-2022-49053)

 block: don't delete queue kobject before its children(CVE-2022-49259)

 md/bitmap: don't set sb values if can't pass sanity check(CVE-2022-49526)

 mm/slub: add missing TID updates on slab deactivation(CVE-2022-49700)

 block: Fix handling of offline queues in blk_mq_alloc_request_hctx().(CVE-2022-49720)

 ext4: fix race condition between ext4_write and ext4_convert_inline_data(CVE-2022-49414)

 ext4: fix bug_on in __es_tree_search(CVE-2022-49409)

 net: hns3: fix oops when unload drivers paralleling(CVE-2025-21802)

 irqchip/gic-v3: Fix refcount leak in gic_populate_ppi_partitions(CVE-2022-49715)

 mm/mempolicy: fix mpol_new leak in shared_policy_replace(CVE-2022-49080)

 ext4: fix bug_on ext4_mb_use_inode_pa(CVE-2022-49708)

 ext4: add reserved GDT blocks check(CVE-2022-49707)

 irqchip/gic-v3: Fix error handling in gic_populate_ppi_partitions(CVE-2022-49716)

 mm: fix unexpected zeroed page mapping with zram swap(CVE-2022-49052)

 scsi: qla2xxx: Fix crash during module load unload test(CVE-2022-49160)

 sctp: sysctl: rto_min/max: avoid using current-nsproxy(CVE-2025-21639)

 crypto: qat - fix memory leak in RSA(CVE-2022-49566)

 net/mlx5: Fix variable not being completed when function returns(CVE-2025-21662)

 scsi: storvsc: Ratelimit warning logs to prevent VM denial of service(CVE-2025-21690)

 vfio/platform: check the bounds of read/write syscalls(CVE-2025-21687)

 USB: serial: quatech2: fix null-ptr-deref in qt2_process_read_urb().(CVE-2025-21689)

 ipvs: fix UB due to uninitialized stack access in ip_vs_protocol_init().(CVE-2024-53680)

 bpf: fix recursive lock when verdict program return SK_PASS(CVE-2024-56694)

 mm: zswap: properly synchronize freeing resources during CPU hotunplug(CVE-2025-21693)

 filemap: avoid truncating 64-bit offset to 32 bits(CVE-2025-21665)

 iomap: avoid avoid truncating 64-bit offset to 32 bits(CVE-2025-21667)

 fs/proc: fix softlockup in __read_vmcore (part 2).(CVE-2025-21694)

 net: hns3: don't auto enable misc vector(CVE-2025-21651)

 netfilter: conntrack: clamp maximum hashtable size to INT_MAX(CVE-2025-21648)

 net_sched: cls_flow: validate TCA_FLOW_RSHIFT attribute(CVE-2025-21653)

 netfilter: ipset: Hold module reference while requesting a module(CVE-2024-56637)

 sctp: sysctl: auth_enable: avoid using current-nsproxy(CVE-2025-21638)

 sctp: sysctl: cookie_hmac_alg: avoid using current-nsproxy(CVE-2025-21640)

 af_packet: fix vlan_get_protocol_dgram() vs MSG_PEEK(CVE-2024-57901)

 net: sched: fix ordering of qlen adjustment(CVE-2024-53164)

 af_packet: fix vlan_get_tci() vs MSG_PEEK(CVE-2024-57902)

 geneve: do not assume mac header is set in geneve_xmit_skb().(CVE-2024-56636)

 RDMA/rxe: Remove the direct link to net_device(CVE-2024-57795)

 net/ipv6: release expired exception dst cached in socket(CVE-2024-56644)

 NFSD: Prevent NULL dereference in nfsd4_process_cb_update()(CVE-2024-53217)

 iommu/arm-smmu: Defer probe of clients after smmu device bound(CVE-2024-56568)

 net/sctp: Prevent autoclose integer overflow in sctp_association_init().(CVE-2024-57938)

 dlm: fix possible lkb_resource null dereference(CVE-2024-47809)

 vsock/virtio: discard packets if the transport changes(CVE-2025-21669)

 vsock: prevent null-ptr-deref in vsock_*[has_data|has_space](CVE-2025-21666)

 netfilter: nf_tables: adapt set backend to use GC transaction API(CVE-2023-52923)

 RDMA/uverbs: Prevent integer overflow issue(CVE-2024-57890)

 pinmux: Use sequential access to access desc-pinmux data(CVE-2024-47141)

 drm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req().(CVE-2024-57798)

 selinux: ignore unknown extended permissions(CVE-2024-57931)

 eth: bnxt: always recalculate features after XDP clearing, fix null-deref(CVE-2025-21682)

 net: restrict SO_REUSEPORT to inet sockets(CVE-2024-57903)

 bpf: Fix bpf_sk_select_reuseport() memory leak(CVE-2025-21683)

 sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket(CVE-2024-53168)

 net: macsec: Fix offload support for NETDEV_UNREGISTER event(CVE-2022-48720)

 netfilter: nf_set_pipapo: fix initial map fill(CVE-2024-57947)

 RDMA/hfi1: Fix use-after-free bug for mm struct(CVE-2022-49076)

 tipc: fix use-after-free Read in tipc_named_reinit(CVE-2022-49696)

 net: bonding: fix use-after-free after 802.3ad slave unbind(CVE-2022-49667)

 usbnet: fix memory leak in error case(CVE-2022-49589)

 sfc: fix use after free when disabling sriov(CVE-2022-49626)

Tenable has extracted the preceding description block directly from the EulerOS kernel security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected kernel packages.

See Also

http://www.nessus.org/u?64690a9e

Plugin Details

Severity: High

ID: 238210

File Name: EulerOS_SA-2025-1618.nasl

Version: 1.1

Type: local

Published: 6/11/2025

Updated: 6/11/2025

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.3

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2025-21687

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 6.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:huawei:euleros:kernel-tools-libs, p-cpe:/a:huawei:euleros:bpftool, p-cpe:/a:huawei:euleros:kernel-tools, p-cpe:/a:huawei:euleros:kernel, p-cpe:/a:huawei:euleros:python3-perf, p-cpe:/a:huawei:euleros:kernel-abi-stablelists, cpe:/o:huawei:euleros:2.0

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/EulerOS/release, Host/EulerOS/rpm-list, Host/EulerOS/sp

Excluded KB Items: Host/EulerOS/uvp_version

Exploit Ease: No known exploits are available

Patch Publication Date: 6/9/2025

Vulnerability Publication Date: 3/7/2022

Reference Information

CVE: CVE-2022-48720, CVE-2022-49052, CVE-2022-49053, CVE-2022-49058, CVE-2022-49065, CVE-2022-49076, CVE-2022-49080, CVE-2022-49114, CVE-2022-49122, CVE-2022-49156, CVE-2022-49160, CVE-2022-49171, CVE-2022-49174, CVE-2022-49206, CVE-2022-49209, CVE-2022-49210, CVE-2022-49220, CVE-2022-49236, CVE-2022-49259, CVE-2022-49271, CVE-2022-49286, CVE-2022-49287, CVE-2022-49293, CVE-2022-49295, CVE-2022-49297, CVE-2022-49300, CVE-2022-49307, CVE-2022-49308, CVE-2022-49321, CVE-2022-49341, CVE-2022-49343, CVE-2022-49344, CVE-2022-49347, CVE-2022-49348, CVE-2022-49349, CVE-2022-49352, CVE-2022-49376, CVE-2022-49377, CVE-2022-49409, CVE-2022-49411, CVE-2022-49413, CVE-2022-49414, CVE-2022-49422, CVE-2022-49434, CVE-2022-49441, CVE-2022-49446, CVE-2022-49447, CVE-2022-49450, CVE-2022-49468, CVE-2022-49472, CVE-2022-49478, CVE-2022-49497, CVE-2022-49526, CVE-2022-49535, CVE-2022-49548, CVE-2022-49549, CVE-2022-49554, CVE-2022-49563, CVE-2022-49564, CVE-2022-49566, CVE-2022-49567, CVE-2022-49589, CVE-2022-49600, CVE-2022-49601, CVE-2022-49602, CVE-2022-49603, CVE-2022-49604, CVE-2022-49620, CVE-2022-49626, CVE-2022-49627, CVE-2022-49629, CVE-2022-49631, CVE-2022-49632, CVE-2022-49637, CVE-2022-49638, CVE-2022-49639, CVE-2022-49640, CVE-2022-49641, CVE-2022-49643, CVE-2022-49648, CVE-2022-49657, CVE-2022-49658, CVE-2022-49664, CVE-2022-49667, CVE-2022-49671, CVE-2022-49673, CVE-2022-49695, CVE-2022-49696, CVE-2022-49700, CVE-2022-49707, CVE-2022-49708, CVE-2022-49715, CVE-2022-49716, CVE-2022-49720, CVE-2023-52923, CVE-2024-47141, CVE-2024-47809, CVE-2024-50290, CVE-2024-53164, CVE-2024-53168, CVE-2024-53217, CVE-2024-53680, CVE-2024-56568, CVE-2024-56636, CVE-2024-56637, CVE-2024-56644, CVE-2024-56694, CVE-2024-57795, CVE-2024-57798, CVE-2024-57890, CVE-2024-57901, CVE-2024-57902, CVE-2024-57903, CVE-2024-57931, CVE-2024-57938, CVE-2024-57947, CVE-2025-21638, CVE-2025-21639, CVE-2025-21640, CVE-2025-21648, CVE-2025-21651, CVE-2025-21653, CVE-2025-21662, CVE-2025-21665, CVE-2025-21666, CVE-2025-21667, CVE-2025-21669, CVE-2025-21682, CVE-2025-21683, CVE-2025-21687, CVE-2025-21689, CVE-2025-21690, CVE-2025-21693, CVE-2025-21694, CVE-2025-21708, CVE-2025-21726, CVE-2025-21728, CVE-2025-21731, CVE-2025-21802, CVE-2025-21814