Detections
Analytics

EulerOS 2.0 SP12 : kernel (EulerOS-SA-2025-2043)

medium Nessus Plugin ID 261882

Synopsis

The remote EulerOS host is missing multiple security updates.

Description

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :

 net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc(CVE-2025-37890)

 crypto: lzo - Fix compression buffer overrun(CVE-2025-38068)

 net: pktgen: fix access outside of user given buffer in pktgen_thread_write().(CVE-2025-38061)

 net_sched: drr: Fix double list add in class with netem as child qdisc(CVE-2025-37915)

 page_pool: Fix use-after-free in page_pool_recycle_in_ring(CVE-2025-38129)

 net_sched: qfq: Fix double list add in class with netem as child qdisc(CVE-2025-37913)

 net: avoid race between device unregistration and ethnl ops(CVE-2025-21701)

 sctp: detect and prevent references to a freed transport in sendmsg(CVE-2025-23142)

 codel: remove sch-q.qlen check before qdisc_tree_reduce_backlog().(CVE-2025-37798)

 net: Fix TOCTOU issue in sk_is_readable().(CVE-2025-38112)

 mpls: Use rcu_dereference_rtnl() in mpls_route_input_rcu().(CVE-2025-38324)

 vhost-scsi: protect vq-log_used with vq-mutex(CVE-2025-38074)

 ftrace: Add cond_resched() to ftrace_graph_set_hash().(CVE-2025-37940)

 crypto: null - Use spin lock instead of mutex(CVE-2025-37808)

 tipc: fix memory leak in tipc_link_xmit(CVE-2025-37757)

 ice: fix Tx scheduler error handling in XDP callback(CVE-2025-38127)

 dmaengine: idxd: Refactor remove call with idxd_cleanup() helper(CVE-2025-38014)

 arm64: set UXN on swapper page tables(CVE-2022-50232)

 tipc: fix NULL pointer dereference in tipc_mon_reinit_self().(CVE-2025-37824)

 ext4: update s_journal_inum if it changes after journal replay(CVE-2023-53091)

 media: cx231xx: set device_caps for 417(CVE-2025-38044)

 net/tipc: fix slab-use-after-free Read in tipc_aead_encrypt_done(CVE-2025-38052)

 RDMA/core: Silence oversized kvmalloc() warning(CVE-2025-37867)

 tracing: Fix oob write in trace_seq_to_buffer().(CVE-2025-37923)

 arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs(CVE-2025-37948)

 HID: pidff: Fix null pointer dereference in pidff_find_fields(CVE-2025-37862)

 bpf: track changes_pkt_data property for global functions(CVE-2024-58098)

 jbd2: remove wrong sb-s_sequence check(CVE-2025-37839)

 udp: Fix memory accounting leak.(CVE-2025-22058)

 tpm: do not start chip while suspended(CVE-2025-23149)

 tracing: Do not let histogram values have some modifiers(CVE-2023-53093)

 dm cache: prevent BUG_ON by blocking retries on failed device resumes(CVE-2025-38066)

 netfilter: ipset: fix region locking in hash types(CVE-2025-37997)

 bpf: Fix WARN() in get_bpf_raw_tp_regs(CVE-2025-38285)

 block: fix rq-qos breakage from skipping rq_qos_done_bio().(CVE-2022-49266)

 bnxt_en: Fix out-of-bound memcpy() during ethtool -w(CVE-2025-37911)

 VMCI: fix race between vmci_host_setup_notify and vmci_ctx_unset_notify(CVE-2025-38102)

 scsi: target: iscsi: Fix timeout on deleted connection(CVE-2025-38075)

 iommu/amd: Fix potential buffer overflow in parse_ivrs_acpihid(CVE-2025-37927)

 net: fix memory leak in tcp_conn_request().(CVE-2024-57841)

 jbd2: fix data-race and null-ptr-deref in jbd2_journal_dirty_metadata().(CVE-2025-38337)

 drm/ nouveau: Fix WARN_ON in nouveau_fence_context_kill().(CVE-2025-37930)

 arm64: set UXN on swapper page tables(CVE-2022-50230)

 cxgb4: fix memory leak in cxgb4_init_ethtool_filters() error path(CVE-2025-37788)

 x86/fpu: KVM: Set the base guest FPU uABI size to sizeof(struct kvm_xsave).(CVE-2022-49557)

 sch_htb: make htb_qlen_notify() idempotent(CVE-2025-37932)

 net: usb: lan78xx: Limit packet length to skb-len(CVE-2023-53068)

 x86/iopl: Cure TIF_IO_BITMAP inconsistencies(CVE-2025-38100)

 net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too(CVE-2025-37823)

 net_sched: prio: fix a race in prio_tune().(CVE-2025-38083)

 net_sched: red: fix a race in __red_change().(CVE-2025-38108)

 media: cxusb: no longer judge rbuf when the write fails(CVE-2025-38229)

 xsk: Fix race condition in AF_XDP generic RX path(CVE-2025-37920)

 mm/hugetlb: unshare page tables during VMA split, not before(CVE-2025-38084)

 net_sched: hfsc: Fix a UAF vulnerability in class handling(CVE-2025-37797)

 block: mark GFP_NOIO around sysfs -store().(CVE-2025-21817)

 module: ensure that kobject_put() is safe for module type kobjects(CVE-2025-37995)

 bpf: Fix a data-race around bpf_jit_limit.(CVE-2022-49967)

 ext4: ignore xattrs past end(CVE-2025-37738)

 net_sched: hfsc: Address reentrant enqueue adding class to eltree twice(CVE-2025-38001)

 sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue().(CVE-2025-38000)

 arm64: bpf: Only mitigate cBPF programs loaded by unprivileged users(CVE-2025-37963)

Tenable has extracted the preceding description block directly from the EulerOS kernel security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected kernel packages.

See Also

http://www.nessus.org/u?e74387ed

Plugin Details

Severity: Medium

ID: 261882

File Name: EulerOS_SA-2025-2043.nasl

Version: 1.1

Type: local

Published: 9/10/2025

Updated: 9/10/2025

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: High

Score: 8.4

CVSS v2

Risk Factor: Medium

Base Score: 4.6

Temporal Score: 3.6

Vector: CVSS2#AV:L/AC:L/Au:S/C:N/I:N/A:C

CVSS Score Source: CVE-2024-57841

CVSS v3

Risk Factor: Medium

Base Score: 5.5

Temporal Score: 5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:huawei:euleros:kernel-tools-libs, p-cpe:/a:huawei:euleros:kernel-tools, p-cpe:/a:huawei:euleros:bpftool, p-cpe:/a:huawei:euleros:kernel, cpe:/o:huawei:euleros:2.0, p-cpe:/a:huawei:euleros:python3-perf, p-cpe:/a:huawei:euleros:kernel-abi-stablelists

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/EulerOS/release, Host/EulerOS/rpm-list, Host/EulerOS/sp

Excluded KB Items: Host/EulerOS/uvp_version

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 9/9/2025

Vulnerability Publication Date: 7/21/2022

Reference Information

CVE: CVE-2022-49266, CVE-2022-49557, CVE-2022-49967, CVE-2022-50230, CVE-2022-50232, CVE-2023-53068, CVE-2023-53091, CVE-2023-53093, CVE-2024-57841, CVE-2024-58098, CVE-2025-21701, CVE-2025-21817, CVE-2025-22058, CVE-2025-23142, CVE-2025-23149, CVE-2025-37738, CVE-2025-37757, CVE-2025-37788, CVE-2025-37797, CVE-2025-37798, CVE-2025-37808, CVE-2025-37823, CVE-2025-37824, CVE-2025-37839, CVE-2025-37862, CVE-2025-37867, CVE-2025-37890, CVE-2025-37911, CVE-2025-37913, CVE-2025-37915, CVE-2025-37920, CVE-2025-37923, CVE-2025-37927, CVE-2025-37930, CVE-2025-37932, CVE-2025-37940, CVE-2025-37948, CVE-2025-37963, CVE-2025-37995, CVE-2025-37997, CVE-2025-38000, CVE-2025-38001, CVE-2025-38014, CVE-2025-38044, CVE-2025-38052, CVE-2025-38061, CVE-2025-38066, CVE-2025-38068, CVE-2025-38074, CVE-2025-38075, CVE-2025-38083, CVE-2025-38084, CVE-2025-38100, CVE-2025-38102, CVE-2025-38108, CVE-2025-38112, CVE-2025-38127, CVE-2025-38129, CVE-2025-38229, CVE-2025-38285, CVE-2025-38324, CVE-2025-38337