Detections
Analytics
EulerOS 2.0 SP12 : kernel (EulerOS-SA-2025-2361)
high Nessus Plugin ID 274972
Synopsis
The remote EulerOS host is missing multiple security updates.Description
According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :tracing: Add down_write(trace_event_sem) when adding trace event(CVE-2025-38539)
tipc: fix null-ptr-deref when acquiring remote ip of ethernet bearer(CVE-2025-38184)
pinmux: fix race causing mux_owner NULL with active mux_usecount(CVE-2025-38632)
openvswitch: Fix unsafe attribute parsing in output_userspace()(CVE-2025-37998)
perf: Revert to requiring CAP_SYS_ADMIN for uprobes(CVE-2025-38466)
fbdev: Fix fb_set_var to prevent null-ptr-deref in fb_videomode_to_var(CVE-2025-38214)
posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del()(CVE-2025-38352)
padata: do not leak refcount in reorder_work(CVE-2025-38031)
rseq: Fix segfault on registration when rseq_cs is non-zero(CVE-2025-38067)
dm: fix unconditional IO throttle caused by REQ_PREFLUSH(CVE-2025-38063)
RDMA/mlx5: Fix mlx5_poll_one() cur_qp update flow(CVE-2025-22086)
HID: core: ensure the allocated report buffer can contain the reserved report ID(CVE-2025-38495)
net_sched: sch_sfq: fix a potential crash on gso_skb handling(CVE-2025-38115)
pinctrl: qcom: msm: mark certain pins as invalid for interrupts(CVE-2025-38516)
fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass(CVE-2025-38396)
ata: libata-sff: Ensure that we cannot write outside the allocated buffer(CVE-2025-21738)
HID: intel-ish-hid: ipc: Fix potential use-after-free in work function(CVE-2023-53039)
sched/core: Do not requeue task on CPU excluded from cpus_mask(CVE-2022-50100)
netfilter: nft_set_pipapo: prevent overflow in lookup table allocation(CVE-2025-38162)
fbdev: core: fbcvt: avoid division by 0 in fb_cvt_hperiod()(CVE-2025-38312)
clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns(CVE-2025-38499)
crypto: algif_hash - fix double free in hash_accept(CVE-2025-38079)
pptp: ensure minimal skb length in pptp_xmit()(CVE-2025-38574)
net: ch9200: fix uninitialised access during mii_nway_restart(CVE-2025-38086)
arm64/ptrace: Fix stack-out-of-bounds read in regs_get_kernel_stack_nth()(CVE-2025-38320)
net: openvswitch: Fix the dead loop of MPLS parse(CVE-2025-38146)
scsi: qla2xxx: Fix crash due to stale SRB access around I/O timeouts(CVE-2022-50098)
scsi: target: Fix NULL pointer dereference in core_scsi3_decode_spec_i_port()(CVE-2025-38399)
i2c: qup: jump out of the loop in case of timeout(CVE-2025-38671)
x86/sgx: Prevent attempts to reclaim poisoned pages(CVE-2025-38334)
nvmet-tcp: don't restore null(CVE-2025-38035)
net: fix udp gso skb_segment after pull from frag_list(CVE-2025-38124)
net/mlx5e: Fix cleanup null-ptr deref on encap lock(CVE-2023-53105)
net: fix NULL pointer dereference in l3mdev_l3_rcv(CVE-2025-22103)
do_change_type(): refuse to operate on unmounted/not ours mounts(CVE-2025-38498)
ext4: inline: fix len overflow in ext4_prepare_inline_data(CVE-2025-38222)
bpf: check changes_pkt_data property for extension programs(CVE-2024-58100)
bpf: fix ktls panic with sockmap(CVE-2025-38166)
drm/gem: Acquire references on GEM handles for framebuffers(CVE-2025-38449)
ACPICA: Refuse to evaluate a method if arguments are missing(CVE-2025-38386)
rtnetlink: Allocate vfinfo size for VF GUIDs when supported(CVE-2025-22075)
ftrace: Fix UAF when lookup kallsym after ftrace disabled(CVE-2025-38346)
KVM: VMX: Do _all_ initialization before exposing /dev/kvm to userspace(CVE-2022-49932)
net/mdiobus: Fix potential out-of-bounds read/write access(CVE-2025-38111)
dmaengine: idxd: fix memory leak in error handling path of idxd_alloc(CVE-2025-38015)
tcp: add accessors to read/set tp-snd_cwnd(CVE-2022-49325)
perf: Fix sample vs do_exit()(CVE-2025-38424)
regulator: core: fix NULL dereference on unbind due to stale coupling data(CVE-2025-38668)
calipso: Don't call calipso functions for AF_INET sk.(CVE-2025-38147)
Fix do_register_framebuffer to prevent null-ptr-deref in fb_videomode_to_var If fb_add_videomode()(CVE-2025-38215)
usb: typec: altmodes/displayport: do not index invalid pin_assignments(CVE-2025-38391)
tipc: Fix use-after-free in tipc_conn_close().(CVE-2025-38464)
netdevsim: Fix memory leak of nsim_dev-fa_cookie(CVE-2022-49803)
HID: usbhid: Eliminate recurrent out-of-bounds bug in usbhid_parse()(CVE-2025-38103)
net/sched: Abort __tc_modify_qdisc if parent class does not exist(CVE-2025-38457)
netlink: Fix wraparounds of sk-sk_rmem_alloc(CVE-2025-38465)
EDAC/skx_common: Fix general protection fault(CVE-2025-38298)
drm/nouveau: prime: fix ttm_bo_delayed_delete oops(CVE-2025-37765)
libnvdimm/labels: Fix divide error in nd_label_data_init()(CVE-2025-38072)
net: tipc: fix refcount warning in tipc_aead_encrypt(CVE-2025-38273)
netfilter: nf_set_pipapo_avx2: fix initial map fill(CVE-2025-38120)
bpf, sockmap: Fix panic when calling skb_linearize(CVE-2025-38165)
nvme-tcp: sanitize request list handling(CVE-2025-38264)
bpf, sockmap: Avoid using sk_socket after free when sending(CVE-2025-38154)
bpf: consider that tail calls invalidate packet pointers(CVE-2024-58237)
RDMA/iwcm: Fix use-after-free of work objects after cm_id destruction(CVE-2025-38211)
NFSv4/pNFS: Fix a race to wake on NFS_LAYOUT_DRAIN(CVE-2025-38393)
ipc: fix to protect IPCS lookups using(CVE-2025-38212)
net_sched: Flush gso_skb list too during -change()(CVE-2025-37992)
netfilter: socket: Lookup orig tuple for IPv6 SNAT(CVE-2025-22021)
net: fix geneve_opt length integer overflow(CVE-2025-22055)
net: tls: explicitly disallow disconnect(CVE-2025-37756)
bpf: Scrub packet on bpf_redirect_peer(CVE-2025-37959)
netfilter: allow exp not to be removed in nf_ct_find_expectation(CVE-2023-52927)
net: ppp: Add bound checking for skb data on ppp_sync_txmung(CVE-2025-37749)
net: decrease cached dst counters in dst_release(CVE-2025-22057)
net: openvswitch: fix nested key length validation in the set() action(CVE-2025-37789)
netfilter: conntrack: revisit gc autotuning(CVE-2022-49110)
bpf, sockmap: Fix an infinite loop error when len is 0 in tcp_bpf_recvmsg_parser()(CVE-2023-53133)
blk-cgroup: Reinit blkg_iostat_set after clearing in blkcg_reset_stats()(CVE-2023-53421)
writeback: fix use-after-free in __mark_inode_dirty()(CVE-2025-39866)
scsi: lpfc: Check for hdwq null ptr when cleaning up lpfc_vport structure(CVE-2025-38695)
serial: mctrl_gpio: split disable_ms into sync and no_sync APIs(CVE-2025-38040)
A cross-privilege Spectre v2 vulnerability allows attackers to bypass all deployed mitigations, including the recent Fine(IBT), and to leak arbitrary Linux kernel memory on Intel systems.(CVE-2024-2201)
perf/core: Prevent VMA split of buffer mappings(CVE-2025-38563)
ipvs: fix uninit-value for saddr in do_output_route4(CVE-2025-37961)
net: phy: leds: fix memory leak(CVE-2025-37989)
seg6: Fix validation of nexthop addresses(CVE-2025-38310)
page_pool: avoid infinite loop to schedule delayed worker(CVE-2025-37859)
net: clear the dst when changing skb protocol(CVE-2025-38192)
perf/core: Exit early on perf_mmap() fail(CVE-2025-38565)
virtio-net: ensure the received length does not exceed allocated size(CVE-2025-38375)
Tenable has extracted the preceding description block directly from the EulerOS kernel security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Update the affected kernel packages.See Also
Plugin Details
Severity: High
ID: 274972
File Name: EulerOS_SA-2025-2361.nasl
Version: 1.1
Type: local
Family: Huawei Local Security Checks
Published: 11/12/2025
Updated: 11/12/2025
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: High
Score: 8.4
CVSS v2
Risk Factor: Medium
Base Score: 6.8
Temporal Score: 5.6
Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C
CVSS Score Source: CVE-2025-37789
CVSS v3
Risk Factor: High
Base Score: 7.8
Temporal Score: 7.2
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C
Vulnerability Information
CPE: cpe:/o:huawei:euleros:2.0, p-cpe:/a:huawei:euleros:kernel, p-cpe:/a:huawei:euleros:kernel-tools, p-cpe:/a:huawei:euleros:kernel-tools-libs, p-cpe:/a:huawei:euleros:bpftool, p-cpe:/a:huawei:euleros:python3-perf, p-cpe:/a:huawei:euleros:kernel-abi-stablelists
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/EulerOS/release, Host/EulerOS/rpm-list, Host/EulerOS/sp
Excluded KB Items: Host/EulerOS/uvp_version
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 11/11/2025
Vulnerability Publication Date: 7/15/2022
CISA Known Exploited Vulnerability Due Dates: 9/25/2025
Reference Information
CVE: CVE-2022-49110, CVE-2022-49325, CVE-2022-49803, CVE-2022-49932, CVE-2022-50098, CVE-2022-50100, CVE-2023-52927, CVE-2023-53039, CVE-2023-53105, CVE-2023-53133, CVE-2023-53421, CVE-2024-2201, CVE-2024-58100, CVE-2024-58237, CVE-2025-21738, CVE-2025-22021, CVE-2025-22055, CVE-2025-22057, CVE-2025-22075, CVE-2025-22086, CVE-2025-22103, CVE-2025-37749, CVE-2025-37756, CVE-2025-37765, CVE-2025-37789, CVE-2025-37859, CVE-2025-37959, CVE-2025-37961, CVE-2025-37989, CVE-2025-37992, CVE-2025-37998, CVE-2025-38015, CVE-2025-38031, CVE-2025-38035, CVE-2025-38040, CVE-2025-38063, CVE-2025-38067, CVE-2025-38072, CVE-2025-38079, CVE-2025-38086, CVE-2025-38103, CVE-2025-38111, CVE-2025-38115, CVE-2025-38120, CVE-2025-38124, CVE-2025-38146, CVE-2025-38147, CVE-2025-38154, CVE-2025-38162, CVE-2025-38165, CVE-2025-38166, CVE-2025-38184, CVE-2025-38192, CVE-2025-38211, CVE-2025-38212, CVE-2025-38214, CVE-2025-38215, CVE-2025-38222, CVE-2025-38264, CVE-2025-38273, CVE-2025-38298, CVE-2025-38310, CVE-2025-38312, CVE-2025-38320, CVE-2025-38334, CVE-2025-38346, CVE-2025-38352, CVE-2025-38375, CVE-2025-38386, CVE-2025-38391, CVE-2025-38393, CVE-2025-38396, CVE-2025-38399, CVE-2025-38424, CVE-2025-38449, CVE-2025-38457, CVE-2025-38464, CVE-2025-38465, CVE-2025-38466, CVE-2025-38495, CVE-2025-38498, CVE-2025-38499, CVE-2025-38516, CVE-2025-38539, CVE-2025-38563, CVE-2025-38565, CVE-2025-38574, CVE-2025-38632, CVE-2025-38668, CVE-2025-38671, CVE-2025-38695, CVE-2025-39866