Detections
Analytics

EulerOS 2.0 SP10 : kernel (EulerOS-SA-2025-1800)

high Nessus Plugin ID 241826

Synopsis

The remote EulerOS host is missing multiple security updates.

Description

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :

 usbnet: fix memory leak in error case(CVE-2022-49657)

 block: Fix handling of offline queues in blk_mq_alloc_request_hctx().(CVE-2022-49720)

 partitions: mac: fix handling of bogus partition table(CVE-2025-21772)

 icmp: Fix data-races around sysctl.(CVE-2022-49638)

 erspan: do not assume transport header is always set(CVE-2022-49691)

 net: mdio: unexport __init-annotated mdio_bus_init().(CVE-2022-49350)

 tipc: check attribute length for bearer name(CVE-2022-49374)

 RDMA/hfi1: Prevent panic when SDMA is disabled(CVE-2022-49429)

 tcp/dccp: Fix a data-race around sysctl_tcp_fwmark_accept.(CVE-2022-49601)

 ip: Fix data-races around sysctl_ip_fwd_use_pmtu.(CVE-2022-49604)

 ip: Fix a data-race around sysctl_fwmark_reflect.(CVE-2022-49602)

 igmp: Fix data-races around sysctl_igmp_llm_reports.(CVE-2022-49590)

 tcp: Fix a data-race around sysctl_tcp_probe_interval.(CVE-2022-49593)

 tcp: Fix a data-race around sysctl_tcp_probe_threshold.(CVE-2022-49595)

 tcp: Fix data-races around sysctl_tcp_mtu_probing.(CVE-2022-49598)

 usbnet: fix memory leak in error case(CVE-2022-49589)

 tcp: Fix data-races around sysctl_tcp_fastopen.(CVE-2022-49586)

 tcp: Fix data-races around sysctl_tcp_slow_start_after_idle.(CVE-2022-49572)

 tcp: Fix a data-race around sysctl_tcp_notsent_lowat.(CVE-2022-49587)

 tcp: Fix a data-race around sysctl_tcp_early_retrans.(CVE-2022-49573)

 tcp: Fix data-races around sysctl_tcp_recovery.(CVE-2022-49574)

 tcp: Fix data-races around sysctl_tcp_max_reordering.(CVE-2022-49571)

 net: openvswitch: fix leak of nested actions(CVE-2022-49086)

 bpf: Fix pointer-leak due to insufficient speculative store bypass mitigation(CVE-2023-53024)

 mm/khugepaged: fix -anon_vma race(CVE-2023-52935)

 ipv4: prevent potential spectre v1 gadget in ip_metrics_convert().(CVE-2023-52997)

 dmaengine: Fix double increment of client_count in dma_chan_get().(CVE-2022-49753)

 vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF(CVE-2023-52973)

 ipvlan: ensure network headers are in skb linear part(CVE-2025-21891)

 trace_events_hist: add check for return value of 'create_hist_field'(CVE-2023-53005)

 net: mdio: validate parameter addr in mdiobus_get_phy().(CVE-2023-53019)

 netfilter: ipset: Fix overflow before widen in the bitmap_ip_create() function.(CVE-2023-53032)

 proc: fix UAF in proc_get_inode().(CVE-2025-21999)

 ext4: fix OOB read when checking dotdot dir(CVE-2025-37785)

 md/raid1,raid10: don't ignore IO flags(CVE-2025-22125)

 net: fix geneve_opt length integer overflow(CVE-2025-22055)

 udp: Fix memory accounting leak.(CVE-2025-22058)

 mISDN: fix possible memory leak in mISDN_register_device().(CVE-2022-49915)

 capabilities: fix undefined behavior in bit shift for CAP_TO_MASK(CVE-2022-49870)

 bpf, sockmap: Fix an infinite loop error when len is 0 in tcp_bpf_recvmsg_parser().(CVE-2023-53133)

 mISDN: fix possible memory leak in mISDN_dsp_element_register().(CVE-2022-49821)

 jbd2: remove wrong sb-s_sequence check(CVE-2025-37839)

 net_sched: sch_sfq: move the limit validation(CVE-2025-37752)

 tracing: Make sure trace_printk() can output as soon as it can be used(CVE-2023-53007)

 iscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic().(CVE-2025-21993)

Tenable has extracted the preceding description block directly from the EulerOS kernel security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected kernel packages.

See Also

http://www.nessus.org/u?34968490

Plugin Details

Severity: High

ID: 241826

File Name: EulerOS_SA-2025-1800.nasl

Version: 1.1

Type: local

Published: 7/10/2025

Updated: 7/10/2025

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Critical

Score: 9.2

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2022-49720

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 6.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:huawei:euleros:kernel-tools-libs, p-cpe:/a:huawei:euleros:kernel-tools, p-cpe:/a:huawei:euleros:python3-perf, p-cpe:/a:huawei:euleros:kernel, p-cpe:/a:huawei:euleros:kernel-abi-stablelists, cpe:/o:huawei:euleros:2.0

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/EulerOS/release, Host/EulerOS/rpm-list, Host/EulerOS/sp

Excluded KB Items: Host/EulerOS/uvp_version

Exploit Ease: No known exploits are available

Patch Publication Date: 7/10/2025

Vulnerability Publication Date: 7/15/2022

Reference Information

CVE: CVE-2022-49086, CVE-2022-49350, CVE-2022-49374, CVE-2022-49429, CVE-2022-49571, CVE-2022-49572, CVE-2022-49573, CVE-2022-49574, CVE-2022-49586, CVE-2022-49587, CVE-2022-49589, CVE-2022-49590, CVE-2022-49593, CVE-2022-49595, CVE-2022-49598, CVE-2022-49601, CVE-2022-49602, CVE-2022-49604, CVE-2022-49638, CVE-2022-49657, CVE-2022-49691, CVE-2022-49720, CVE-2022-49753, CVE-2022-49821, CVE-2022-49870, CVE-2022-49915, CVE-2023-52935, CVE-2023-52973, CVE-2023-52997, CVE-2023-53005, CVE-2023-53007, CVE-2023-53019, CVE-2023-53024, CVE-2023-53032, CVE-2023-53133, CVE-2025-21772, CVE-2025-21891, CVE-2025-21993, CVE-2025-21999, CVE-2025-22055, CVE-2025-22058, CVE-2025-22125, CVE-2025-37752, CVE-2025-37785, CVE-2025-37839