EulerOS 2.0 SP13 : kernel (EulerOS-SA-2025-1689)

high Nessus Plugin ID 241015

Synopsis

The remote EulerOS host is missing multiple security updates.

Description

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :

usbnet: gl620a: fix endpoint checking in genelink_bind().(CVE-2025-21877)

ASoC: soc-compress: prevent the potentially use of null pointer(CVE-2021-47650)

net: gso: fix ownership in __udp_gso_segment(CVE-2025-21926)

exec: Force single empty string when argv is empty(CVE-2022-49264)

IB/rdmavt: add lock to call to rvt_error_qp to prevent a race condition(CVE-2022-49089)

netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits(CVE-2023-53033)

erspan: do not assume transport header is always set(CVE-2022-49691)

tipc: check attribute length for bearer name(CVE-2022-49374)

qede: confirm skb is allocated before using(CVE-2022-49084)

nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu().(CVE-2025-21927)

ice: fix memory leak in aRFS after reset(CVE-2025-21981)

arm64: compat: Do not treat syscall number as ESR_ELx for a bad syscall(CVE-2022-49520)

NFSD: prevent underflow in nfssvc_decode_writeargs().(CVE-2022-49280)

tcp: fix tcp_mtup_probe_success vs wrong snd_cwnd(CVE-2022-49330)

net: sched: Disallow replacing of child qdisc from one parent to another(CVE-2025-21702)

net: ipv4: fix route with nexthop object delete warning(CVE-2022-49092)

x86/i8259: Mark legacy PIC interrupts with IRQ_LEVEL(CVE-2023-52993)

firewire: fix memory leak for payload of request subaction to IEC 61883-1 FCP region(CVE-2023-52989)

netfilter: nf_tables: don't skip expired elements during walk(CVE-2023-52924)

net: openvswitch: fix leak of nested actions(CVE-2022-49086)

drm/nouveau: prime: fix refcount underflow(CVE-2024-43867)

net_sched: Prevent creation of classes with TC_H_ROOT(CVE-2025-21971)

netfilter: nf_tables: memleak flow rule from commit path(CVE-2022-49358)

rcu-tasks: Fix race in schedule and flush work(CVE-2022-49540)

netfilter: use get_random_u32 instead of prandom(CVE-2022-49698)

fbdev: hyperv_fb: Allow graceful removal of framebuffer(CVE-2025-21976)

nvme-pci: add missing condition check for existence of mapped data(CVE-2024-42276)

cifs: Fix oops due to uncleared server-smbd_conn in reconnect(CVE-2023-53006)

ipv6: mcast: add RCU protection to mld_newpack().(CVE-2025-21758)

ftrace: Clean up hash direct_functions on register failures(CVE-2022-49402)

clocksource: hyper-v: unexport __init-annotated hv_init_clocksource().(CVE-2022-49726)

usb: cdc-acm: Check control transfer buffer size before access(CVE-2025-21704)

PCI: Avoid putting some root ports into D3 on TUXEDO Sirius Gen1(CVE-2025-21831)

ixgbe: Add locking to prevent panic when setting sriov_numvfs to zero(CVE-2022-49584)

gpio: Restrict usage of GPIO chip irq members before initialization(CVE-2022-49072)

i40e: Fix call trace in setup_tx_descriptors(CVE-2022-49725)

RDMA/hfi1: Fix potential integer multiplication overflow errors(CVE-2022-49404)

ice: Fix memory corruption in VF driver(CVE-2022-49722)

ipv4: prevent potential spectre v1 gadget in fib_metrics_match().(CVE-2023-52996)

ACPI: CPPC: Avoid out of bounds access when parsing _CPC data(CVE-2022-49145)

KVM: SVM: fix panic on out-of-bounds guest IRQ(CVE-2022-49154)

ipv4: prevent potential spectre v1 gadget in ip_metrics_convert().(CVE-2023-52997)

net: fix NULL pointer in skb_segment_list(CVE-2023-52991)

dlm: fix plock invalid read(CVE-2022-49407)

netfilter: nf_conncount: Fully initialize struct nf_conncount_tuple in insert_tree().(CVE-2025-21959)

tee: optee: Fix supplicant wait loop(CVE-2025-21871)

dm raid: fix accesses beyond end of raid member array(CVE-2022-49674)

ipv4: use RCU protection in __ip_rt_update_pmtu().(CVE-2025-21766)

dm array: fix releasing a faulty array block twice in dm_array_cursor_end(CVE-2024-57929)

netlink: prevent potential spectre v1 gadgets(CVE-2023-53000)

net: phy: dp83822: Fix null pointer access on DP83825/DP83826 devices(CVE-2023-52984)

net: xfrm: unexport __init-annotated xfrm4_protocol_init().(CVE-2022-49345)

tunnels: do not assume mac header is set in skb_tunnel_check_pmtu().(CVE-2022-49663)

cpufreq: governor: Use kobject release() method to free dbs_data(CVE-2022-49513)

brcmfmac: pcie: Release firmwares in the brcmf_pcie_setup error path(CVE-2022-49263)

HID: core: Fix assumption that Resolution Multipliers must be in Logical Collections(CVE-2024-57986)

ovl: fix UAF in ovl_dentry_update_reval by moving dput() in ovl_link_up(CVE-2025-21887)

xsk: Fix race at socket teardown(CVE-2022-49215)

acct: perform last write from workqueue(CVE-2025-21846)

nvme-pci: fix a NULL pointer dereference in nvme_alloc_admin_tags(CVE-2022-49492)

drop_monitor: fix incorrect initialization order(CVE-2025-21862)

udp: Fix a data-race around sysctl_udp_l3mdev_accept.(CVE-2022-49577)

ip: Fix data-races around sysctl_ip_prot_sock.(CVE-2022-49578)

ipv4: Fix data-races around sysctl_fib_multipath_hash_policy.(CVE-2022-49579)

ipv4: Fix a data-race around sysctl_fib_multipath_use_neigh.(CVE-2022-49580)

tcp: Fix data-races around sysctl_tcp_fastopen_blackhole_timeout.(CVE-2022-49585)

drm/drm_vma_manager: Add drm_vma_node_allow_once().(CVE-2023-53001)

x86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes(CVE-2025-21991)

ipv6: Fix signed integer overflow in __ip6_append_data(CVE-2022-49728)

ipv6: Fix memleak of nhc_pcpu_rth_output in fib_check_nh_v6_gw().(CVE-2025-22005)

exec: don't WARN for racy path_noexec check(CVE-2024-50010)

iscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic().(CVE-2025-21993)

RDMA/hns: Fix soft lockup during bt pages loop(CVE-2025-22010)

tracing: Fix use-after-free in print_graph_function_flags during tracer switching(CVE-2025-22035)

regulator: check that dummy regulator has been probed before using it(CVE-2025-22008)

smb: client: Add check for next_buffer in receive_encrypted_standard().(CVE-2025-21844)

vlan: enforce underlying device type(CVE-2025-21920)

tcp: Fix data-races around sysctl_tcp_mtu_probing.(CVE-2022-49598)

mm/swapfile: add cond_resched() in get_swap_pages().(CVE-2023-52932)

proc: fix UAF in proc_get_inode().(CVE-2025-21999)

driver core: Fix wait_for_device_probe() deferred_probe_timeout interaction(CVE-2022-49379)

NFSD: prevent integer overflow on 32 bit systems(CVE-2022-49279)

x86/kexec: fix memory leak of elf header buffer(CVE-2022-49546)

PM: core: keep irq flags in device_pm_check_callbacks().(CVE-2022-49175)

KVM: SVM: Use kzalloc for sev ioctl interfaces to prevent kernel data leak(CVE-2022-49556)

tracing: Fix bad hist from corrupting named_triggers list(CVE-2025-21899)

drivers/base/node.c: fix compaction sysfs file leak(CVE-2022-49442)

hwpoison, memory_hotplug: lock folio before unmap hwpoisoned folio(CVE-2025-21931)

s390/cpum_sf: Handle CPU hotplug remove during sampling(CVE-2024-57849)

bpf, sockmap: Fix double uncharge the mem of sk_msg(CVE-2022-49205)

perf/x86/amd: fix potential integer overflow on shift of a int(CVE-2022-49748)

firmware: dmi-sysfs: Fix memory leak in dmi_sysfs_register_handle(CVE-2022-49370)

driver core: fix deadlock in __device_attach(CVE-2022-49371)

RDMA/bnxt_re: Fix the page details for the srq created by kernel consumers(CVE-2025-21885)

RDMA/core: Fix ib block iterator counter overflow(CVE-2023-53026)

net: let net.core.dev_weight always be non-zero(CVE-2025-21806)

irqchip/gic-v3: Fix GICR_CTLR.RWP polling(CVE-2022-49074)

x86/speculation: Fill RSB on vmexit for IBRS(CVE-2022-49611)

netfilter: ipset: Fix overflow before widen in the bitmap_ip_create() function.(CVE-2023-53032)

arm64: asm-bug: Add .align 2 to the end of __BUG_ENTRY(CVE-2024-39488)

udp: Deal with race between UDP socket address change and rehash(CVE-2024-57974)

net: mdio: validate parameter addr in mdiobus_get_phy().(CVE-2023-53019)

ppp: Fix KMSAN uninit-value warning with bpf(CVE-2025-21922)

KVM: x86: Use __try_cmpxchg_user() to update guest PTE A/D bits(CVE-2022-49562)

NFS: Avoid writeback threads getting stuck in mempool_alloc().(CVE-2022-49097)

virtio_net: fix xdp_rxq_info bug after suspend/resume(CVE-2022-49687)

LSM: general protection fault in legacy_parse_param(CVE-2022-49180)

net/mlx5: handle errors in mlx5_chains_create_table().(CVE-2025-21975)

net: mdio: unexport __init-annotated mdio_bus_init().(CVE-2022-49350)

be2net: Fix buffer overflow in be_get_module_eeprom(CVE-2022-49581)

l2tp: close all race conditions in l2tp_tunnel_register().(CVE-2023-53020)

ipvlan: ensure network headers are in skb linear part(CVE-2025-21891)

serial: 8250: Fix PM usage_count for console handover(CVE-2022-49613)

scsi: iscsi_tcp: Fix UAF during logout when accessing the shost ipaddress(CVE-2023-52975)

NFSD: Fix the behavior of READ near OFFSET_MAX(CVE-2022-48827)

af_netlink: Fix shift out of bounds in group mask calculation(CVE-2022-49197)

dm thin: make get_first_thin use rcu-safe list first function(CVE-2025-21664)

netfilter: conntrack: re-fetch conntrack after insertion(CVE-2022-49561)

mm: memcg: fix NULL pointer in mem_cgroup_track_foreign_dirty_slowpath().(CVE-2023-52939)

tick/nohz: unexport __init-annotated tick_nohz_full_setup().(CVE-2022-49675)

ipv6: use RCU protection in ip6_default_advmss().(CVE-2025-21765)

virtio_console: eliminate anonymous module_init module_exit(CVE-2022-49100)

net: tun: unlink NAPI from device on destruction(CVE-2022-49672)

Drivers: hv: vmbus: Fix potential crash on module unload(CVE-2022-49098)

net/tls: fix slab-out-of-bounds bug in decrypt_internal(CVE-2022-49094)

keys: Fix UAF in key_put().(CVE-2025-21893)

bpf, sockmap: Check for any of tcp_bpf_prots when cloning a listener(CVE-2023-52986)

RDMA/hfi1: Prevent panic when SDMA is disabled(CVE-2022-49429)

xhci: Handle TD clearing for multiple streams case(CVE-2024-40927)

ipmr: do not call mr_mfc_uses_dev() for unres entries(CVE-2025-21719)

scsi: hisi_sas: Add cond_resched() for no forced preemption model(CVE-2024-56589)

veth: Ensure eth header is in skb's linear part(CVE-2022-49066)

tracing: Fix potential double free in create_var_ref().(CVE-2022-49410)

dmaengine: Fix double increment of client_count in dma_chan_get().(CVE-2022-49753)

scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress(CVE-2023-52974)

net_sched: sch_sfq: don't allow 1 packet limit(CVE-2024-57996)

vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF(CVE-2023-52973)

dm mirror log: round up region bitmap size to BITS_PER_LONG(CVE-2022-49710)

x86/xen: don't do PV iret hypercall through hypercall page(CVE-2024-53241)

bpf, sockmap: Fix more uncharged while msg has more_data(CVE-2022-49204)

mm/khugepaged: fix -anon_vma race(CVE-2023-52935)

dm integrity: fix memory corruption when tag_size is less than digest size(CVE-2022-49044)

scsi: lpfc: Fix resource leak in lpfc_sli4_send_seq_to_ulp().(CVE-2022-49521)

bpf: Fix request_sock leak in sk lookup helpers(CVE-2022-49697)

mm/migrate_device: don't add folio to be freed to LRU in migrate_device_finalize().(CVE-2025-21861)

efi: Don't map the entire mokvar table to determine its size(CVE-2025-21872)

net: asix: add proper error handling of usb read errors(CVE-2022-49226)

HID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove().(CVE-2025-21928)

bpf: Skip task with pid=1 in send_signal_common().(CVE-2023-52992)

bpf: Skip invalid kfunc call in backtrack_insn(CVE-2023-52928)

bpf: Fix pointer-leak due to insufficient speculative store bypass mitigation(CVE-2023-53024)

igb: Fix potential invalid memory access in igb_init_module().(CVE-2024-52332)

ftrace: Avoid potential division by zero in function_stat_show().(CVE-2025-21898)

efi: fix potential NULL deref in efi_mem_reserve_persistent(CVE-2023-52976)

uprobes: Reject the shared zeropage in uprobe_write_opcode().(CVE-2025-21881)

bnxt: Do not read past the end of test names(CVE-2023-53010)

trace_events_hist: add check for return value of 'create_hist_field'(CVE-2023-53005)

tracing: Make sure trace_printk() can output as soon as it can be used(CVE-2023-53007)

Squashfs: fix handling and sanity checking of xattr_ids count(CVE-2023-52933)

tcp: Fix a data-race around sysctl_tcp_probe_threshold.(CVE-2022-49595)

tcp: Fix data-races around sysctl_tcp_min_snd_mss.(CVE-2022-49596)

tcp: Fix data-races around sysctl_tcp_base_mss.(CVE-2022-49597)

tcp: Fix data-races around sysctl_tcp_l3mdev_accept.(CVE-2022-49599)

hrtimers: Force migrate away hrtimers queued after CPUHP_AP_HRTIMERS_DYING(CVE-2025-21816)

RDMA/hfi1: Prevent use of lock before it is initialized(CVE-2022-49433)

cifs: fix potential memory leaks in session setup(CVE-2023-53008)

ovl: Use 'buf' flexible array for memcpy() destination(CVE-2022-49743)

openvswitch: fix lockup on tx to unregistering netdev with carrier(CVE-2025-21681)

net: hns3: add vlan list lock to protect vlan list(CVE-2022-49182)

driver: base: fix UAF when driver_attach failed(CVE-2022-49385)

ubi: ubi_create_volume: Fix use-after-free when volume creation failed(CVE-2022-49388)

rtc: pcf85063: fix potential OOB write in PCF85063 NVMEM read(CVE-2024-58069)

lz4: fix LZ4_decompress_safe_partial read out of bound(CVE-2022-49078)

um: Fix out-of-bounds read in LDT setup(CVE-2022-49395)

KVM: Explicitly verify target vCPU is online in kvm_get_vcpu().(CVE-2024-58083)

ipv6: mcast: extend RCU protection in igmp6_send().(CVE-2025-21759)

vsock: Keep the binding until socket destruction(CVE-2025-21756)

pps: Fix a use-after-free(CVE-2024-57979)

padata: fix UAF in padata_reorder(CVE-2025-21727)

netfilter: nf_tables: avoid skb access on nf_stolen(CVE-2022-49622)

srcu: Tighten cleanup_srcu_struct() GP checks(CVE-2022-49651)

openvswitch: use RCU protection in ovs_vport_cmd_fill_info().(CVE-2025-21761)

cgroup: Use separate src/dst nodes when preloading css_sets for migration(CVE-2022-49647)

ice: arfs: fix use-after-free when freeing @rx_cpu_rmap(CVE-2022-49063)

macsec: fix UAF bug for real_dev(CVE-2022-49390)

ndisc: extend RCU protection in ndisc_send_skb().(CVE-2025-21760)

nfsd: release svc_expkey(CVE-2024-53216)

nfsd: make sure exp active before svc_export_show(CVE-2024-56558)

net: sched: Disallow replacing of child qdisc from one parent to another(CVE-2025-21700)

neighbour: use RCU protection in __neigh_notify().(CVE-2025-21763)

nfsd: clear acl_access/acl_default after releasing them(CVE-2025-21796)

ndisc: use RCU protection in ndisc_alloc_skb().(CVE-2025-21764)

arp: use RCU protection in arp_xmit().(CVE-2025-21762)

iommu/arm-smmu-v3: check return value after calling platform_get_resource().(CVE-2022-49319)

memcg: fix soft lockup in the OOM process(CVE-2024-57977)

rdma/cxgb4: Prevent potential integer overflow on 32bit(CVE-2024-57973)

scsi: hisi_sas: Free irq vectors in order for v3 HW(CVE-2022-49118)

drm/plane: Move range check for format_count earlier(CVE-2021-47659)

USB: hub: Ignore non-compliant devices with too many configs or interfaces(CVE-2025-21776)

bpf: avoid holding freeze_mutex during mmap operation(CVE-2025-21853)

linux/dim: Fix divide by 0 in RDMA DIM(CVE-2022-49670)

HID: multitouch: Add NULL check in mt_input_configured(CVE-2024-58020)

nfp: bpf: Add check for nfp_app_ctrl_msg_alloc().(CVE-2025-21848)

KVM: x86: Reject Hyper-V's SEND_IPI hypercalls if local APIC isn't in-kernel(CVE-2025-21779)

usb: xhci: Fix NULL pointer dereference on certain command aborts(CVE-2024-57981)

ceph: fix memory leak in ceph_readdir when note_last_dentry returns error(CVE-2022-49107)

NFSv4.2: fix reference count leaks in _nfs42_proc_copy_notify().(CVE-2022-49103)

io_uring: fix memory leak of uid in files registration(CVE-2022-49144)

hwrng: cavium - fix NULL but dereferenced coccicheck error(CVE-2022-49177)

mlxsw: spectrum: Guard against invalid local ports(CVE-2022-49134)

iommu/arm-smmu: fix possible null-ptr-deref in arm_smmu_device_probe().(CVE-2022-49323)

drm/virtio: fix NULL pointer dereference in virtio_gpu_conn_get_modes(CVE-2022-49532)

scsi: qla2xxx: Suppress a kernel complaint in qla_create_qpair().(CVE-2022-49155)

NFSv4: Don't hold the layoutget locks across multiple RPC calls(CVE-2022-49316)

kernel/resource: fix kfree() of bootmem memory again(CVE-2022-49190)

vrf: use RCU protection in l3mdev_l3_out().(CVE-2025-21791)

tcp: Fix a data-race around sysctl_tcp_ecn_fallback.(CVE-2022-49630)

i2c: dev: check return value when calling dev_set_name().(CVE-2022-49046)

list: fix a data-race around ep-rdllist(CVE-2022-49443)

perf/core: Fix data race between perf_event_set_output() and perf_mmap_close()(CVE-2022-49607)

drm/amd/display: Fix memory leak(CVE-2022-49135)

media: uvcvideo: Fix double free in error path(CVE-2024-57980)

io_uring: prevent opcode speculation(CVE-2025-21863)

geneve: Fix use-after-free in geneve_find_dev().(CVE-2025-21858)

arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array(CVE-2025-21785)

scsi: lpfc: Fix SCSI I/O completion and abort handler deadlock(CVE-2022-49536)

KVM: VMX: Prevent RSB underflow before vmenter(CVE-2022-49610)

tpm: Change to kvalloc() in eventlog/acpi.c(CVE-2024-58005)

Tenable has extracted the preceding description block directly from the EulerOS kernel security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected kernel packages.

See Also

http://www.nessus.org/u?e1afef06

Plugin Details

Severity: High

ID: 241015

File Name: EulerOS_SA-2025-1689.nasl

Version: 1.1

Type: local

Published: 6/30/2025

Updated: 6/30/2025

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Critical

Score: 9.0

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5.3

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2025-21991

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 7

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:huawei:euleros:kernel-tools-libs, p-cpe:/a:huawei:euleros:bpftool, p-cpe:/a:huawei:euleros:kernel-tools, p-cpe:/a:huawei:euleros:kernel, p-cpe:/a:huawei:euleros:python3-perf, p-cpe:/a:huawei:euleros:kernel-abi-stablelists, cpe:/o:huawei:euleros:2.0

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/EulerOS/release, Host/EulerOS/rpm-list, Host/EulerOS/sp

Excluded KB Items: Host/EulerOS/uvp_version

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 6/30/2025

Vulnerability Publication Date: 7/15/2022

Reference Information

CVE: CVE-2021-47650, CVE-2021-47659, CVE-2022-48827, CVE-2022-49044, CVE-2022-49046, CVE-2022-49063, CVE-2022-49066, CVE-2022-49072, CVE-2022-49074, CVE-2022-49078, CVE-2022-49084, CVE-2022-49086, CVE-2022-49089, CVE-2022-49092, CVE-2022-49094, CVE-2022-49097, CVE-2022-49098, CVE-2022-49100, CVE-2022-49103, CVE-2022-49107, CVE-2022-49118, CVE-2022-49134, CVE-2022-49135, CVE-2022-49144, CVE-2022-49145, CVE-2022-49154, CVE-2022-49155, CVE-2022-49175, CVE-2022-49177, CVE-2022-49180, CVE-2022-49182, CVE-2022-49190, CVE-2022-49197, CVE-2022-49204, CVE-2022-49205, CVE-2022-49215, CVE-2022-49226, CVE-2022-49263, CVE-2022-49264, CVE-2022-49279, CVE-2022-49280, CVE-2022-49316, CVE-2022-49319, CVE-2022-49323, CVE-2022-49330, CVE-2022-49345, CVE-2022-49350, CVE-2022-49358, CVE-2022-49370, CVE-2022-49371, CVE-2022-49374, CVE-2022-49379, CVE-2022-49385, CVE-2022-49388, CVE-2022-49390, CVE-2022-49395, CVE-2022-49402, CVE-2022-49404, CVE-2022-49407, CVE-2022-49410, CVE-2022-49429, CVE-2022-49433, CVE-2022-49442, CVE-2022-49443, CVE-2022-49492, CVE-2022-49513, CVE-2022-49520, CVE-2022-49521, CVE-2022-49532, CVE-2022-49536, CVE-2022-49540, CVE-2022-49546, CVE-2022-49556, CVE-2022-49561, CVE-2022-49562, CVE-2022-49577, CVE-2022-49578, CVE-2022-49579, CVE-2022-49580, CVE-2022-49581, CVE-2022-49584, CVE-2022-49585, CVE-2022-49595, CVE-2022-49596, CVE-2022-49597, CVE-2022-49598, CVE-2022-49599, CVE-2022-49607, CVE-2022-49610, CVE-2022-49611, CVE-2022-49613, CVE-2022-49622, CVE-2022-49630, CVE-2022-49647, CVE-2022-49651, CVE-2022-49663, CVE-2022-49670, CVE-2022-49672, CVE-2022-49674, CVE-2022-49675, CVE-2022-49687, CVE-2022-49691, CVE-2022-49697, CVE-2022-49698, CVE-2022-49710, CVE-2022-49722, CVE-2022-49725, CVE-2022-49726, CVE-2022-49728, CVE-2022-49743, CVE-2022-49748, CVE-2022-49753, CVE-2023-52924, CVE-2023-52928, CVE-2023-52932, CVE-2023-52933, CVE-2023-52935, CVE-2023-52939, CVE-2023-52973, CVE-2023-52974, CVE-2023-52975, CVE-2023-52976, CVE-2023-52984, CVE-2023-52986, CVE-2023-52989, CVE-2023-52991, CVE-2023-52992, CVE-2023-52993, CVE-2023-52996, CVE-2023-52997, CVE-2023-53000, CVE-2023-53001, CVE-2023-53005, CVE-2023-53006, CVE-2023-53007, CVE-2023-53008, CVE-2023-53010, CVE-2023-53019, CVE-2023-53020, CVE-2023-53024, CVE-2023-53026, CVE-2023-53032, CVE-2023-53033, CVE-2024-39488, CVE-2024-40927, CVE-2024-42276, CVE-2024-43867, CVE-2024-50010, CVE-2024-52332, CVE-2024-53216, CVE-2024-53241, CVE-2024-56558, CVE-2024-56589, CVE-2024-57849, CVE-2024-57929, CVE-2024-57973, CVE-2024-57974, CVE-2024-57977, CVE-2024-57979, CVE-2024-57980, CVE-2024-57981, CVE-2024-57986, CVE-2024-57996, CVE-2024-58005, CVE-2024-58020, CVE-2024-58069, CVE-2024-58083, CVE-2025-21664, CVE-2025-21681, CVE-2025-21700, CVE-2025-21702, CVE-2025-21704, CVE-2025-21719, CVE-2025-21727, CVE-2025-21756, CVE-2025-21758, CVE-2025-21759, CVE-2025-21760, CVE-2025-21761, CVE-2025-21762, CVE-2025-21763, CVE-2025-21764, CVE-2025-21765, CVE-2025-21766, CVE-2025-21776, CVE-2025-21779, CVE-2025-21785, CVE-2025-21791, CVE-2025-21796, CVE-2025-21806, CVE-2025-21816, CVE-2025-21831, CVE-2025-21844, CVE-2025-21846, CVE-2025-21848, CVE-2025-21853, CVE-2025-21858, CVE-2025-21861, CVE-2025-21862, CVE-2025-21863, CVE-2025-21871, CVE-2025-21872, CVE-2025-21877, CVE-2025-21881, CVE-2025-21885, CVE-2025-21887, CVE-2025-21891, CVE-2025-21893, CVE-2025-21898, CVE-2025-21899, CVE-2025-21920, CVE-2025-21922, CVE-2025-21926, CVE-2025-21927, CVE-2025-21928, CVE-2025-21931, CVE-2025-21959, CVE-2025-21971, CVE-2025-21975, CVE-2025-21976, CVE-2025-21981, CVE-2025-21991, CVE-2025-21993, CVE-2025-21999, CVE-2025-22005, CVE-2025-22008, CVE-2025-22010, CVE-2025-22035