Detections
Analytics

EulerOS 2.0 SP13 : kernel (EulerOS-SA-2025-1993)

high Nessus Plugin ID 249192

Synopsis

The remote EulerOS host is missing multiple security updates.

Description

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :

 RDMA/core: Silence oversized kvmalloc() warning(CVE-2025-37867)

 igb: revert rtnl_lock() that causes deadlock(CVE-2023-53060)

 bnxt_en: Avoid order-5 memory allocation for TPA data(CVE-2023-53134)

 net_sched: sch_sfq: move the limit validation(CVE-2025-37752)

 ftrace: Add cond_resched() to ftrace_graph_set_hash().(CVE-2025-37940)

 net: annotate races around sk-sk_bound_dev_if(CVE-2022-49420)

 ext4: fix off-by-one error in do_split(CVE-2025-23150)

 jbd2: remove wrong sb-s_sequence check(CVE-2025-37839)

 ext4: update s_journal_inum if it changes after journal replay(CVE-2023-53091)

 udp: Fix memory accounting leak.(CVE-2025-22058)

 netem: Update sch-q.qlen before qdisc_tree_reduce_backlog().(CVE-2025-21703)

 net: fix memory leak in tcp_conn_request().(CVE-2024-57841)

 xfrm: state: fix out-of-bounds read during lookup(CVE-2024-57982)

 Insufficient control flow management for the Intel(R) 82599 Ethernet Controllers and Adapters may allow an authenticated user to potentially enable denial of service via local access.(CVE-2021-33061)

 udf: Fix a slab-out-of-bounds write bug in udf_find_entry().(CVE-2022-49846)

 nvmet: avoid potential UAF in nvmet_req_complete().(CVE-2023-53116)

 ata: libata-transport: fix error handling in ata_tport_add().(CVE-2022-49825)

 ata: libata-transport: fix double ata_host_put() in ata_tport_add().(CVE-2022-49826)

 bpf: track changes_pkt_data property for global functions(CVE-2024-58098)

 pinctrl: devicetree: fix null pointer dereferencing in pinctrl_dt_to_map(CVE-2022-49832)

 scsi: core: Fix a procfs host directory removal regression(CVE-2023-53118)

 bpf, verifier: Fix memory leak in array reallocation for stack state(CVE-2022-49878)

 kprobes: Skip clearing aggrprobe's post_handler in kprobe-on-ftrace case(CVE-2022-49779)

 i2c: piix4: Fix adapter not be removed in piix4_remove().(CVE-2022-49900)

 bpf: Fix kmemleak warning for percpu hashmap(CVE-2025-37807)

 drm: Fix potential null-ptr-deref in drm_vblank_destroy_worker().(CVE-2022-49827)

 RDMA/core: Fix null-ptr-deref in ib_core_cleanup().(CVE-2022-49925)

 net: tun: Fix memory leaks of napi_get_frags(CVE-2022-49871)

 net: sched: Fix use after free in red_enqueue().(CVE-2022-49921)

 bnxt_en: Fix possible crash in bnxt_hwrm_set_coal().(CVE-2022-49869)

 tipc: fix the msg-req tlv len check in tipc_nl_compat_name_table_dump_header(CVE-2022-49862)

 bpf, test_run: Fix alignment problem in bpf_prog_test_run_skb().(CVE-2022-49840)

 net: macvlan: fix memory leaks of macvlan_common_newlink(CVE-2022-49853)

 HID: hyperv: fix possible memory leak in mousevsc_probe().(CVE-2022-49874)

 bpftool: Fix NULL pointer dereference when pin {PROG, MAP, LINK} without FILE(CVE-2022-49875)

 ftrace: Fix null pointer dereference in ftrace_add_mod().(CVE-2022-49802)

 tracing: Do not let histogram values have some modifiers(CVE-2023-53093)

 ftrace: Fix invalid address access in lookup_rec() when index is 0(CVE-2023-53075)

 iavf: Fix handling of dummy receive descriptors(CVE-2022-49583)

 ftrace: Fix use-after-free for dynamic ftrace_ops(CVE-2022-49892)

 fscrypt: stop using keyrings subsystem for fscrypt_master_key(CVE-2022-49899)

 bpf: Fix wrong reg type conversion in release_reference().(CVE-2022-49873)

 capabilities: fix potential memleak on error path from vfs_getxattr_alloc().(CVE-2022-49890)

 nfs4: Fix kmemleak when allocate slot failed(CVE-2022-49927)

 scsi: scsi_transport_sas: Fix error handling in sas_phy_add().(CVE-2022-49839)

 ACPI: APEI: Fix integer overflow in ghes_estatus_pool_init().(CVE-2022-49885)

 blk-mq: Fix kmemleak in blk_mq_init_allocated_queue(CVE-2022-49901)

 bpf: Fix memory leaks in __check_func_call(CVE-2022-49837)

 ext4: ignore xattrs past end(CVE-2025-37738)

 ext4: fix another off-by-one fsmap error on 1k block filesystems(CVE-2023-53143)

 ext4: fix WARNING in ext4_update_inline_data(CVE-2023-53100)

 ext4: Fix possible corruption when moving a directory(CVE-2023-53137)

 ext4: zero i_disksize when initializing the bootloader inode(CVE-2023-53101)

 ata: libata-transport: fix error handling in ata_tdev_add().(CVE-2022-49823)

 ext4: fix BUG_ON() when directory entry has invalid rec_len(CVE-2022-49879)

 ext4: fix task hung in ext4_xattr_delete_inode(CVE-2023-53089)

 scsi: target: tcm_loop: Fix possible name leak in tcm_loop_setup_hba_bus().(CVE-2022-49780)

 ext4: fix warning in 'ext4_da_release_space'(CVE-2022-49880)

 ring-buffer: Check for NULL cpu_buffer in ring_buffer_wake_waiters().(CVE-2022-49889)

 netlabel: Fix NULL pointer exception caused by CALIPSO on IPv4 sockets.(CVE-2025-22063)

 clk: samsung: Fix UBSAN panic in samsung_clk_init().(CVE-2025-39728)

 x86/mm/pat: Fix VM_PAT handling when fork() fails in copy_page_range().(CVE-2025-22090)

 misc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram().(CVE-2022-49788)

 scsi: mpt3sas: Fix NULL pointer access in mpt3sas_transport_port_add().(CVE-2023-53124)

 tracing: Fix wild-memory-access in register_synth_event().(CVE-2022-49799)

 hrtimers: Handle CPU state correctly on hotplug(CVE-2024-57951)

 block, bfq: fix uaf for bfqq in bic_set_bfqq().(CVE-2023-52983)

 tcp: Fix data-races around sysctl_tcp_max_reordering.(CVE-2022-49571)

 tcp: Fix data-races around sysctl_tcp_slow_start_after_idle.(CVE-2022-49572)

 tcp: Fix a data-race around sysctl_tcp_early_retrans.(CVE-2022-49573)

 kthread: unpark only parked kthread(CVE-2024-50019)

 media: streamzap: fix race between device disconnection and urb callback(CVE-2025-22027)

 net: openvswitch: fix flow memory leak in ovs_flow_cmd_new(CVE-2023-52977)

 efi: Do not import certificates from UEFI Secure Boot for T2 Macs(CVE-2022-49357)

 Bluetooth: fix dangling sco_conn and use-after-free in sco_sock_timeout(CVE-2022-49474)

 mmc: core: use sysfs_emit() instead of sprintf().(CVE-2022-49267)

 ext4: fix OOB read when checking dotdot dir(CVE-2025-37785)

 tcp: Fix data-races around sysctl_tcp_fastopen.(CVE-2022-49586)

 tcp: Fix a data-race around sysctl_tcp_thin_linear_timeouts.(CVE-2022-49575)

 ipv6: Fix signed integer overflow in l2tp_ip6_sendmsg(CVE-2022-49727)

 tcp: Fix a data-race around sysctl_tcp_notsent_lowat.(CVE-2022-49587)

 dlm: prevent NPD when writing a positive value to event_done(CVE-2025-23131)

 thermal: int340x: Add NULL check for adev(CVE-2025-23136)

 nfsd: don't ignore the return code of svc_proc_register().(CVE-2025-22026)

 ext4: fix out-of-bound read in ext4_xattr_inode_dec_ref_all().(CVE-2025-22121)

 ext4: avoid journaling sb update on error if journal is destroying(CVE-2025-22113)

Tenable has extracted the preceding description block directly from the EulerOS kernel security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected kernel packages.

See Also

http://www.nessus.org/u?6bf21325

Plugin Details

Severity: High

ID: 249192

File Name: EulerOS_SA-2025-1993.nasl

Version: 1.1

Type: local

Published: 8/13/2025

Updated: 8/13/2025

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Critical

Score: 9.2

CVSS v2

Risk Factor: Low

Base Score: 2.1

Temporal Score: 1.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P

CVSS Score Source: CVE-2021-33061

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 6.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

CVSS Score Source: CVE-2024-57951

Vulnerability Information

CPE: p-cpe:/a:huawei:euleros:kernel-tools-libs, p-cpe:/a:huawei:euleros:bpftool, p-cpe:/a:huawei:euleros:kernel-tools, p-cpe:/a:huawei:euleros:kernel, p-cpe:/a:huawei:euleros:python3-perf, p-cpe:/a:huawei:euleros:kernel-abi-stablelists, cpe:/o:huawei:euleros:2.0

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/EulerOS/release, Host/EulerOS/rpm-list, Host/EulerOS/sp

Excluded KB Items: Host/EulerOS/uvp_version

Exploit Ease: No known exploits are available

Patch Publication Date: 8/9/2025

Vulnerability Publication Date: 2/9/2022

Reference Information

CVE: CVE-2021-33061, CVE-2022-49267, CVE-2022-49357, CVE-2022-49420, CVE-2022-49474, CVE-2022-49571, CVE-2022-49572, CVE-2022-49573, CVE-2022-49575, CVE-2022-49583, CVE-2022-49586, CVE-2022-49587, CVE-2022-49727, CVE-2022-49779, CVE-2022-49780, CVE-2022-49788, CVE-2022-49799, CVE-2022-49802, CVE-2022-49823, CVE-2022-49825, CVE-2022-49826, CVE-2022-49827, CVE-2022-49832, CVE-2022-49837, CVE-2022-49839, CVE-2022-49840, CVE-2022-49846, CVE-2022-49853, CVE-2022-49862, CVE-2022-49869, CVE-2022-49871, CVE-2022-49873, CVE-2022-49874, CVE-2022-49875, CVE-2022-49878, CVE-2022-49879, CVE-2022-49880, CVE-2022-49885, CVE-2022-49889, CVE-2022-49890, CVE-2022-49892, CVE-2022-49899, CVE-2022-49900, CVE-2022-49901, CVE-2022-49921, CVE-2022-49925, CVE-2022-49927, CVE-2023-52977, CVE-2023-52983, CVE-2023-53060, CVE-2023-53075, CVE-2023-53089, CVE-2023-53091, CVE-2023-53093, CVE-2023-53100, CVE-2023-53101, CVE-2023-53116, CVE-2023-53118, CVE-2023-53124, CVE-2023-53134, CVE-2023-53137, CVE-2023-53143, CVE-2024-50019, CVE-2024-57841, CVE-2024-57951, CVE-2024-57982, CVE-2024-58098, CVE-2025-21703, CVE-2025-22026, CVE-2025-22027, CVE-2025-22058, CVE-2025-22063, CVE-2025-22090, CVE-2025-22113, CVE-2025-22121, CVE-2025-23131, CVE-2025-23136, CVE-2025-23150, CVE-2025-37738, CVE-2025-37752, CVE-2025-37785, CVE-2025-37807, CVE-2025-37839, CVE-2025-37867, CVE-2025-37940, CVE-2025-39728