Detections
Analytics

EulerOS 2.0 SP10 : kernel (EulerOS-SA-2025-2390)

high Nessus Plugin ID 274898

Synopsis

The remote EulerOS host is missing multiple security updates.

Description

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :

 net: xfrm: unexport __init-annotated xfrm4_protocol_init()(CVE-2022-49345)

 tcp: Fix a data-race around sysctl_tcp_thin_linear_timeouts.(CVE-2022-49575)

 x86/speculation: Fill RSB on vmexit for IBRS(CVE-2022-49611)

 ipv6: Fix signed integer overflow in l2tp_ip6_sendmsg(CVE-2022-49727)

 bpf, test_run: Fix alignment problem in bpf_prog_test_run_skb()(CVE-2022-49840)

 ipvs: fix WARNING in ip_vs_app_net_cleanup()(CVE-2022-49917)

 ipvs: fix WARNING in __ip_vs_cleanup_batch()(CVE-2022-49918)

 HID: hidraw: fix memory leak in hidraw_release()(CVE-2022-49981)

 dm raid: fix address sanitizer warning in raid_resume(CVE-2022-50085)

 RDMA/hfi1: fix potential memory leak in setup_base_ctxt()(CVE-2022-50134)

 KVM: x86/mmu: Treat NX as a valid SPTE bit for NPT(CVE-2022-50224)

 erspan: do not use skb_mac_header() in ndo_start_xmit()(CVE-2023-53053)

 qed/qed_sriov: guard against NULL derefs from qed_iov_get_vf_info(CVE-2023-53066)

 net: tunnels: annotate lockless accesses to dev-needed_headroom(CVE-2023-53109)

 tls: stop recv() if initial process_rx_list gave us non-DATA(CVE-2024-58239)

 ext4: inline: fix len overflow in ext4_prepare_inline_data(CVE-2025-38222)

 bpf: Fix WARN() in get_bpf_raw_tp_regs(CVE-2025-38285)

 Use rcu_dereference_rtnl() in mpls_route_input_rcu().(CVE-2025-38324)

 scsi: lpfc: Use memcpy() for BIOS version(CVE-2025-38332)

 ACPICA: Refuse to evaluate a method if arguments are missing(CVE-2025-38386)

 usb: typec: altmodes/displayport: do not index invalid pin_assignments(CVE-2025-38391)

 Squashfs: check return result of sb_min_blocksize(CVE-2025-38415)

 perf: Fix sample vs do_exit()(CVE-2025-38424)

 md/raid1: Fix stack memory use after return in raid1_reshape(CVE-2025-38445)

 drm/gem: Acquire references on GEM handles for framebuffers(CVE-2025-38449)

 usb: net: sierra: check for no status endpoint(CVE-2025-38474)

 net/sched: sch_qfq: Fix race condition on qfq_aggregate(CVE-2025-38477)

 HID: core: do not bypass hid_hw_raw_request(CVE-2025-38494)

 do_change_type(): refuse to operate on unmounted/not ours mounts(CVE-2025-38498)

 clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns(CVE-2025-38499)

 smb: client: fix use-after-free in cifs_oplock_break(CVE-2025-38527)

 net/packet: fix a race in packet_set_ring() and packet_notifier()(CVE-2025-38617)

 vsock: Do not allow binding to VMADDR_PORT_ANY(CVE-2025-38618)

 scsi: libiscsi: Initialize iscsi_conn-dd_data only if memory is allocated(CVE-2025-38700)

 gfs2: Validate i_depth for exhash directories(CVE-2025-38710)

 nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm()(CVE-2025-38724)

Tenable has extracted the preceding description block directly from the EulerOS kernel security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected kernel packages.

See Also

http://www.nessus.org/u?2ff7569b

Plugin Details

Severity: High

ID: 274898

File Name: EulerOS_SA-2025-2390.nasl

Version: 1.1

Type: local

Published: 11/12/2025

Updated: 11/12/2025

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2022-49840

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 6.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:huawei:euleros:kernel-tools-libs, p-cpe:/a:huawei:euleros:kernel-tools, p-cpe:/a:huawei:euleros:python3-perf, p-cpe:/a:huawei:euleros:kernel-abi-stablelists, p-cpe:/a:huawei:euleros:kernel, cpe:/o:huawei:euleros:2.0

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/EulerOS/release, Host/EulerOS/rpm-list, Host/EulerOS/sp

Excluded KB Items: Host/EulerOS/uvp_version

Exploit Ease: No known exploits are available

Patch Publication Date: 11/11/2025

Vulnerability Publication Date: 7/15/2022

Reference Information

CVE: CVE-2022-49345, CVE-2022-49575, CVE-2022-49611, CVE-2022-49727, CVE-2022-49840, CVE-2022-49917, CVE-2022-49918, CVE-2022-49981, CVE-2022-50085, CVE-2022-50134, CVE-2022-50224, CVE-2023-53053, CVE-2023-53066, CVE-2023-53109, CVE-2024-58239, CVE-2025-38222, CVE-2025-38285, CVE-2025-38324, CVE-2025-38332, CVE-2025-38386, CVE-2025-38391, CVE-2025-38415, CVE-2025-38424, CVE-2025-38445, CVE-2025-38449, CVE-2025-38474, CVE-2025-38477, CVE-2025-38494, CVE-2025-38498, CVE-2025-38499, CVE-2025-38527, CVE-2025-38617, CVE-2025-38618, CVE-2025-38700, CVE-2025-38710, CVE-2025-38724