Detections
Analytics

EulerOS 2.0 SP10 : kernel (EulerOS-SA-2025-2100)

high Nessus Plugin ID 261899

Synopsis

The remote EulerOS host is missing multiple security updates.

Description

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :

 KVM: SVM: Don't BUG if userspace injects an interrupt with GIF=0(CVE-2022-50228)

 md: call __md_stop_writes in md_stop(CVE-2022-49987)

 iommu/vt-d: avoid invalid memory access via node_online(NUMA_NO_NODE).(CVE-2022-50093)

 block: fix resource leak in blk_register_queue() error path.(CVE-2025-37980)

 media: dw2102: Fix null-ptr-deref in dw2102_i2c_transfer().(CVE-2023-53146)

 net: atlantic: fix aq_vec index out of range error(CVE-2022-50066)

 ext4: update s_journal_inum if it changes after journal replay(CVE-2023-53091)

 dm: fix unconditional IO throttle caused by REQ_PREFLUSH(CVE-2025-38063)

 openvswitch: use RCU protection in ovs_vport_cmd_fill_info().(CVE-2025-21761)

 nfs: handle failure of nfs_get_lock_context in unlock path(CVE-2025-38023)

 dm ioctl: fix misbehavior if list_versions races with module loading(CVE-2022-49771)

 arp: use RCU protection in arp_xmit().(CVE-2025-21762)

 ipv6: fix WARNING in ip6_route_net_exit_late().(CVE-2022-49903)

 fbdev: core: fbcvt: avoid division by 0 in fb_cvt_hperiod().(CVE-2025-38312)

 __legitimize_mnt(): check for MNT_SYNC_UMOUNT should be under mount_lock(CVE-2025-38058)

 crypto: algif_hash - fix double free in hash_accept(CVE-2025-38079)

 net: ch9200: fix uninitialised access during mii_nway_restart(CVE-2025-38086)

 mm/vmscan: don't try to reclaim hwpoison folio(CVE-2025-37834)

 udf: Fix a slab-out-of-bounds write bug in udf_find_entry().(CVE-2022-49846)

 scsi: qla2xxx: Fix crash due to stale SRB access around I/O timeouts(CVE-2022-50098)

 nvmet: avoid potential UAF in nvmet_req_complete().(CVE-2023-53116)

 media: pvrusb2: fix memory leak in pvr_probe(CVE-2022-49982)

 neighbour: use RCU protection in __neigh_notify().(CVE-2025-21763)

 net: usb: smsc95xx: Limit packet length to skb-len(CVE-2023-53062)

 nvmet-tcp: don't restore null sk_state_change(CVE-2025-38035)

 RDMA/rxe: Fix error unwind in rxe_create_qp().(CVE-2022-50127)

 ext4: fix off-by-one error in do_split(CVE-2025-23150)

 net: mdio: fix undefined behavior in bit shift for __mdiobus_register(CVE-2022-49907)

 jbd2: fix data-race and null-ptr-deref in jbd2_journal_dirty_metadata().(CVE-2025-38337)

 drivers:md:fix a potential use-after-free bug(CVE-2022-50022)

 PM: hibernate: defer device probing when resuming from hibernation(CVE-2022-50202)

 mmc: sdhci-pci: Fix possible memory leak caused by missing pci_dev_put().(CVE-2022-49787)

 gfs2: Check sb_bsize_shift after reading superblock(CVE-2022-49769)

 sch_htb: make htb_qlen_notify() idempotent(CVE-2025-37932)

 usbnet: Fix linkwatch use-after-free on disconnect(CVE-2022-50220)

 xfrm: state: fix out-of-bounds read during lookup(CVE-2024-57982)

 ndisc: extend RCU protection in ndisc_send_skb().(CVE-2025-21760)

 ndisc: use RCU protection in ndisc_alloc_skb().(CVE-2025-21764)

 sched, cpuset: Fix dl_cpu_busy() panic due to empty cs-cpus_allowed(CVE-2022-50103)

 tipc: fix the msg-req tlv len check in tipc_nl_compat_name_table_dump_header(CVE-2022-49862)

 ata: libata-transport: fix double ata_host_put() in ata_tport_add().(CVE-2022-49826)

 xen/privcmd: fix error exit of privcmd_ioctl_dm_op().(CVE-2022-49989)

 media: cxusb: no longer judge rbuf when the write fails(CVE-2025-38229)

 fbdev: Fix do_register_framebuffer to prevent null-ptr-deref in fb_videomode_to_var(CVE-2025-38215)

 ipv6: mcast: extend RCU protection in igmp6_send().(CVE-2025-21759)

 net: sched: Fix use after free in red_enqueue().(CVE-2022-49921)

 net: usb: smsc75xx: Limit packet length to skb-len(CVE-2023-53125)

 smb: client: Fix use-after-free in cifs_fill_dirent(CVE-2025-38051)

 HID: hyperv: fix possible memory leak in mousevsc_probe().(CVE-2022-49874)

 iavf: Fix reset error handling(CVE-2022-50053)

 module: ensure that kobject_put() is safe for module type kobjects(CVE-2025-37995)

 misc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram().(CVE-2022-49788)

 ipv6: addrlabel: fix infoleak when sending struct ifaddrlblmsg to network(CVE-2022-49865)

 scsi: storvsc: Remove WQ_MEM_RECLAIM from storvsc_error_wq(CVE-2022-49986)

 RDMA/rxe: Fix slab-use-after-free Read in rxe_queue_cleanup bug(CVE-2025-38024)

 md-raid10: fix KASAN warning(CVE-2022-50211)

 sfc: fix use after free when disabling sriov(CVE-2022-49626)

 ipc: fix to protect IPCS lookups using RCU(CVE-2025-38212)

 sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue().(CVE-2025-38000)

Tenable has extracted the preceding description block directly from the EulerOS kernel security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected kernel packages.

See Also

http://www.nessus.org/u?2f647125

Plugin Details

Severity: High

ID: 261899

File Name: EulerOS_SA-2025-2100.nasl

Version: 1.1

Type: local

Published: 9/10/2025

Updated: 9/10/2025

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2022-49921

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 6.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:huawei:euleros:2.0, p-cpe:/a:huawei:euleros:kernel, p-cpe:/a:huawei:euleros:kernel-tools, p-cpe:/a:huawei:euleros:kernel-tools-libs, p-cpe:/a:huawei:euleros:python3-perf, p-cpe:/a:huawei:euleros:kernel-abi-stablelists

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/EulerOS/release, Host/EulerOS/rpm-list, Host/EulerOS/sp

Excluded KB Items: Host/EulerOS/uvp_version

Exploit Ease: No known exploits are available

Patch Publication Date: 9/9/2025

Vulnerability Publication Date: 10/11/2022

Reference Information

CVE: CVE-2022-49626, CVE-2022-49769, CVE-2022-49771, CVE-2022-49787, CVE-2022-49788, CVE-2022-49826, CVE-2022-49846, CVE-2022-49862, CVE-2022-49865, CVE-2022-49874, CVE-2022-49903, CVE-2022-49907, CVE-2022-49921, CVE-2022-49982, CVE-2022-49986, CVE-2022-49987, CVE-2022-49989, CVE-2022-50022, CVE-2022-50053, CVE-2022-50066, CVE-2022-50093, CVE-2022-50098, CVE-2022-50103, CVE-2022-50127, CVE-2022-50202, CVE-2022-50211, CVE-2022-50220, CVE-2022-50228, CVE-2023-53062, CVE-2023-53091, CVE-2023-53116, CVE-2023-53125, CVE-2023-53146, CVE-2024-57982, CVE-2025-21759, CVE-2025-21760, CVE-2025-21761, CVE-2025-21762, CVE-2025-21763, CVE-2025-21764, CVE-2025-23150, CVE-2025-37834, CVE-2025-37932, CVE-2025-37980, CVE-2025-37995, CVE-2025-38000, CVE-2025-38023, CVE-2025-38024, CVE-2025-38035, CVE-2025-38051, CVE-2025-38058, CVE-2025-38063, CVE-2025-38079, CVE-2025-38086, CVE-2025-38212, CVE-2025-38215, CVE-2025-38229, CVE-2025-38312, CVE-2025-38337