Detections
Analytics

EulerOS 2.0 SP12 : kernel (EulerOS-SA-2025-1826)

high Nessus Plugin ID 242467

Synopsis

The remote EulerOS host is missing multiple security updates.

Description

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :

 ovl: Use 'buf' flexible array for memcpy() destination(CVE-2022-49743)

 cifs: fix potential memory leaks in session setup(CVE-2023-53008)

 bnxt: Do not read past the end of test names(CVE-2023-53010)

 uprobes: Reject the shared zeropage in uprobe_write_opcode().(CVE-2025-21881)

 ftrace: Avoid potential division by zero in function_stat_show().(CVE-2025-21898)

 igb: Fix potential invalid memory access in igb_init_module().(CVE-2024-52332)

 bpf: Skip invalid kfunc call in backtrack_insn(CVE-2023-52928)

 HID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove().(CVE-2025-21928)

 efi: Don't map the entire mokvar table to determine its size(CVE-2025-21872)

 mm/migrate_device: don't add folio to be freed to LRU in migrate_device_finalize().(CVE-2025-21861)

 net_sched: sch_sfq: don't allow 1 packet limit(CVE-2024-57996)

 scsi: hisi_sas: Add cond_resched() for no forced preemption model(CVE-2024-56589)

 ipmr: do not call mr_mfc_uses_dev() for unres entries(CVE-2025-21719)

 dm thin: make get_first_thin use rcu-safe list first function(CVE-2025-21664)

 ipvlan: ensure network headers are in skb linear part(CVE-2025-21891)

 net/mlx5: handle errors in mlx5_chains_create_table().(CVE-2025-21975)

 ppp: Fix KMSAN uninit-value warning with bpf(CVE-2025-21922)

 udp: Deal with race between UDP socket address change and rehash(CVE-2024-57974)

 net: let net.core.dev_weight always be non-zero(CVE-2025-21806)

 RDMA/bnxt_re: Fix the page details for the srq created by kernel consumers(CVE-2025-21885)

 tracing: Fix bad hist from corrupting named_triggers list(CVE-2025-21899)

 ipv6: use RCU protection in ip6_default_advmss().(CVE-2025-21765)

 x86/kexec: fix memory leak of elf header buffer(CVE-2022-49546)

 regulator: check that dummy regulator has been probed before using it(CVE-2025-22008)

 iscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic().(CVE-2025-21993)

 ipv6: Fix memleak of nhc_pcpu_rth_output in fib_check_nh_v6_gw().(CVE-2025-22005)

 drm/drm_vma_manager: Add drm_vma_node_allow_once().(CVE-2023-53001)

 ext4: avoid journaling sb update on error if journal is destroying(CVE-2025-22113)

 ext4: fix out-of-bound read in ext4_xattr_inode_dec_ref_all().(CVE-2025-22121)

 nfsd: don't ignore the return code of svc_proc_register().(CVE-2025-22026)

 ipv4: Fix data-races around sysctl_fib_multipath_hash_policy.(CVE-2022-49579)

 thermal: int340x: Add NULL check for adev(CVE-2025-23136)

 dlm: prevent NPD when writing a positive value to event_done(CVE-2025-23131)

 ext4: fix OOB read when checking dotdot dir(CVE-2025-37785)

 mmc: core: use sysfs_emit() instead of sprintf().(CVE-2022-49267)

 wifi: brcmfmac: Check the return value of of_property_read_string_index().(CVE-2025-21750)

 media: streamzap: fix race between device disconnection and urb callback(CVE-2025-22027)

 hrtimers: Handle CPU state correctly on hotplug(CVE-2024-57951)

 x86/mm/pat: Fix VM_PAT handling when fork() fails in copy_page_range().(CVE-2025-22090)

 clk: samsung: Fix UBSAN panic in samsung_clk_init().(CVE-2025-39728)

 netlabel: Fix NULL pointer exception caused by CALIPSO on IPv4 sockets.(CVE-2025-22063)

 bpf: Fix kmemleak warning for percpu hashmap(CVE-2025-37807)

 xfrm: state: fix out-of-bounds read during lookup(CVE-2024-57982)

 ext4: fix off-by-one error in do_split(CVE-2025-23150)

 net_sched: sch_sfq: move the limit validation(CVE-2025-37752)

 cpufreq: governor: Use kobject release() method to free dbs_data(CVE-2022-49513)

 hwpoison, memory_hotplug: lock folio before unmap hwpoisoned folio(CVE-2025-21931)

 netfilter: nf_conncount: Fully initialize struct nf_conncount_tuple in insert_tree().(CVE-2025-21959)

 ice: Fix memory corruption in VF driver(CVE-2022-49722)

 PCI: Avoid putting some root ports into D3 on TUXEDO Sirius Gen1(CVE-2025-21831)

 usb: cdc-acm: Check control transfer buffer size before access(CVE-2025-21704)

 ipv6: mcast: add RCU protection to mld_newpack().(CVE-2025-21758)

 vlan: enforce underlying device type(CVE-2025-21920)

 fbdev: hyperv_fb: Allow graceful removal of framebuffer(CVE-2025-21976)

 dm array: fix releasing a faulty array block twice in dm_array_cursor_end(CVE-2024-57929)

 ipv4: use RCU protection in __ip_rt_update_pmtu().(CVE-2025-21766)

 ice: fix memory leak in aRFS after reset(CVE-2025-21981)

 nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu().(CVE-2025-21927)

 net_sched: Prevent creation of classes with TC_H_ROOT(CVE-2025-21971)

 net: sched: Disallow replacing of child qdisc from one parent to another(CVE-2025-21702)

 net: gso: fix ownership in __udp_gso_segment(CVE-2025-21926)

 usbnet: gl620a: fix endpoint checking in genelink_bind().(CVE-2025-21877)

Tenable has extracted the preceding description block directly from the EulerOS kernel security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected kernel packages.

See Also

http://www.nessus.org/u?10b1cbf6

Plugin Details

Severity: High

ID: 242467

File Name: EulerOS_SA-2025-1826.nasl

Version: 1.1

Type: local

Published: 7/21/2025

Updated: 7/21/2025

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Critical

Score: 9.2

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2025-21928

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 6.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:huawei:euleros:2.0, p-cpe:/a:huawei:euleros:kernel, p-cpe:/a:huawei:euleros:kernel-tools, p-cpe:/a:huawei:euleros:kernel-tools-libs, p-cpe:/a:huawei:euleros:bpftool, p-cpe:/a:huawei:euleros:python3-perf, p-cpe:/a:huawei:euleros:kernel-abi-stablelists

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/EulerOS/release, Host/EulerOS/rpm-list, Host/EulerOS/sp

Excluded KB Items: Host/EulerOS/uvp_version

Exploit Ease: No known exploits are available

Patch Publication Date: 7/18/2025

Vulnerability Publication Date: 9/12/2022

Reference Information

CVE: CVE-2022-49267, CVE-2022-49513, CVE-2022-49546, CVE-2022-49579, CVE-2022-49722, CVE-2022-49743, CVE-2023-52928, CVE-2023-53001, CVE-2023-53008, CVE-2023-53010, CVE-2024-52332, CVE-2024-56589, CVE-2024-57929, CVE-2024-57951, CVE-2024-57974, CVE-2024-57982, CVE-2024-57996, CVE-2025-21664, CVE-2025-21702, CVE-2025-21704, CVE-2025-21719, CVE-2025-21750, CVE-2025-21758, CVE-2025-21765, CVE-2025-21766, CVE-2025-21806, CVE-2025-21831, CVE-2025-21861, CVE-2025-21872, CVE-2025-21877, CVE-2025-21881, CVE-2025-21885, CVE-2025-21891, CVE-2025-21898, CVE-2025-21899, CVE-2025-21920, CVE-2025-21922, CVE-2025-21926, CVE-2025-21927, CVE-2025-21928, CVE-2025-21931, CVE-2025-21959, CVE-2025-21971, CVE-2025-21975, CVE-2025-21976, CVE-2025-21981, CVE-2025-21993, CVE-2025-22005, CVE-2025-22008, CVE-2025-22026, CVE-2025-22027, CVE-2025-22063, CVE-2025-22090, CVE-2025-22113, CVE-2025-22121, CVE-2025-23131, CVE-2025-23136, CVE-2025-23150, CVE-2025-37752, CVE-2025-37785, CVE-2025-37807, CVE-2025-39728