Detections
Analytics

EulerOS 2.0 SP10 : kernel (EulerOS-SA-2025-2072)

high Nessus Plugin ID 261888

Synopsis

The remote EulerOS host is missing multiple security updates.

Description

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :

 ext4: update s_journal_inum if it changes after journal replay(CVE-2023-53091)

 arp: use RCU protection in arp_xmit().(CVE-2025-21762)

 io_uring: prevent opcode speculation(CVE-2025-21863)

 jbd2: remove wrong sb-s_sequence check(CVE-2025-37839)

 udf: Fix a slab-out-of-bounds write bug in udf_find_entry().(CVE-2022-49846)

 udp: Fix memory accounting leak.(CVE-2025-22058)

 nvmet: avoid potential UAF in nvmet_req_complete().(CVE-2023-53116)

 ext4: fix off-by-one error in do_split(CVE-2025-23150)

 cgroup: Use separate src/dst nodes when preloading css_sets for migration(CVE-2022-49647)

 PM: hibernate: defer device probing when resuming from hibernation(CVE-2022-50202)

 video: fbdev: amba-clcd: Fix refcount leak bugs(CVE-2022-50109)

 mmc: sdhci-pci: Fix possible memory leak caused by missing pci_dev_put().(CVE-2022-49787)

 capabilities: fix undefined behavior in bit shift for CAP_TO_MASK(CVE-2022-49870)

 tty: vt: initialize unicode screen buffer(CVE-2022-50222)

 ndisc: extend RCU protection in ndisc_send_skb().(CVE-2025-21760)

 ndisc: use RCU protection in ndisc_alloc_skb().(CVE-2025-21764)

 ata: libata-transport: fix double ata_host_put() in ata_tport_add().(CVE-2022-49826)

 proc: fix UAF in proc_get_inode().(CVE-2025-21999)

 vt: Clear selection before changing the font(CVE-2022-49948)

 module: ensure that kobject_put() is safe for module type kobjects(CVE-2025-37995)

 openvswitch: use RCU protection in ovs_vport_cmd_fill_info().(CVE-2025-21761)

 arm64: cacheinfo: Fix incorrect assignment of signed error value to unsigned fw_level(CVE-2022-49964)

 neighbour: use RCU protection in __neigh_notify().(CVE-2025-21763)

 ipv6: mcast: extend RCU protection in igmp6_send().(CVE-2025-21759)

Tenable has extracted the preceding description block directly from the EulerOS kernel security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected kernel packages.

See Also

http://www.nessus.org/u?3ffb3675

Plugin Details

Severity: High

ID: 261888

File Name: EulerOS_SA-2025-2072.nasl

Version: 1.1

Type: local

Published: 9/10/2025

Updated: 9/10/2025

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2025-21863

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 6.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:huawei:euleros:kernel-tools-libs, p-cpe:/a:huawei:euleros:kernel-tools, p-cpe:/a:huawei:euleros:python3-perf, p-cpe:/a:huawei:euleros:kernel, p-cpe:/a:huawei:euleros:kernel-abi-stablelists, cpe:/o:huawei:euleros:2.0

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/EulerOS/release, Host/EulerOS/rpm-list, Host/EulerOS/sp

Excluded KB Items: Host/EulerOS/uvp_version

Exploit Ease: No known exploits are available

Patch Publication Date: 9/9/2025

Vulnerability Publication Date: 10/11/2022

Reference Information

CVE: CVE-2022-49647, CVE-2022-49787, CVE-2022-49826, CVE-2022-49846, CVE-2022-49870, CVE-2022-49948, CVE-2022-49964, CVE-2022-50109, CVE-2022-50202, CVE-2022-50222, CVE-2023-53091, CVE-2023-53116, CVE-2025-21759, CVE-2025-21760, CVE-2025-21761, CVE-2025-21762, CVE-2025-21763, CVE-2025-21764, CVE-2025-21863, CVE-2025-21999, CVE-2025-22058, CVE-2025-23150, CVE-2025-37839, CVE-2025-37995