Detections
Analytics

EulerOS 2.0 SP11 : kernel (EulerOS-SA-2025-2464)

high Nessus Plugin ID 278438

Synopsis

The remote EulerOS host is missing multiple security updates.

Description

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :

 scsi: qla2xxx: Fix warning message due to adisc being flushed(CVE-2022-49158)

 scsi: qla2xxx: Implement ref count for SRB(CVE-2022-49159)

 tcp: add accessors to read/set tp-snd_cwnd(CVE-2022-49325)

 KVM: VMX: Do _all_ initialization before exposing /dev/kvm to userspace(CVE-2022-49932)

 mmc: rtsx_pci: fix return value check of mmc_add_host()(CVE-2022-50267)

 ext4: fix potential out of bound read in ext4_fc_replay_scan()(CVE-2022-50306)

 net: do not sense pfmemalloc status in skb_append_pagefrags()(CVE-2022-50323)

 scsi: target: iscsi: Fix a race condition between login_work and the login thread(CVE-2022-50350)

 drm/ttm: fix undefined behavior in bit shift for TTM_TT_FLAG_PRIV_POPULATED(CVE-2022-50390)

 scsi: qla2xxx: Fix crash when I/O abort times out(CVE-2022-50493)

 vfio/type1: prevent underflow of locked_vm via exec()(CVE-2023-53171)

 mm: fix zswap writeback race condition(CVE-2023-53178)

 sched/fair: Don't balance task to its current running CPU(CVE-2023-53215)

 media: az6007: Fix null-ptr-deref in az6007_i2c_xfer()(CVE-2023-53220)

 bpf: Fix memleak due to fentry attach failure(CVE-2023-53221)

 firmware: dmi-sysfs: Fix null-ptr-deref in dmi_sysfs_register_handle(CVE-2023-53250)

 scsi: qla2xxx: Remove unused nvme_ls_waitq wait queue(CVE-2023-53280)

 ACPICA: Add AML_NO_OPERAND_RESOLVE flag to Timer(CVE-2023-53395)

 mm: kmem: fix a NULL pointer dereference in obj_stock_flush_required()(CVE-2023-53401)

 blk-cgroup: Reinit blkg_iostat_set after clearing in blkcg_reset_stats()(CVE-2023-53421)

 kobject: Add sanity check for kset-kobj.ktype in kset_register()(CVE-2023-53480)

 drm/dp_mst: Fix MST sideband message body length check(CVE-2024-56616)

 tls: stop recv() if initial process_rx_list gave us non-DATA(CVE-2024-58239)

 netfilter: nf_tables: reject mismatching sum of field_len with set key length(CVE-2025-21826)

 drm/nouveau: prime: fix ttm_bo_delayed_delete oops(CVE-2025-37765)

 dmaengine: idxd: fix memory leak in error handling path of idxd_alloc(CVE-2025-38015)

 nvmet-tcp: don't restore null sk_state_change(CVE-2025-38035)

 serial: mctrl_gpio: split disable_ms into sync and no_sync APIs(CVE-2025-38040)

 crypto: algif_hash - fix double free in hash_accept(CVE-2025-38079)

 HID: usbhid: Eliminate recurrent out-of-bounds bug in usbhid_parse()(CVE-2025-38103)

 net: Fix TOCTOU issue in sk_is_readable()(CVE-2025-38112)

 page_pool: Fix use-after-free in page_pool_recycle_in_ring(CVE-2025-38129)

 net: openvswitch: Fix the dead loop of MPLS parse(CVE-2025-38146)

 calipso: Don't call calipso functions for AF_INET sk.(CVE-2025-38147)

 thunderbolt: Do not double dequeue a configuration request(CVE-2025-38174)

 calipso: Fix null-ptr-deref in calipso_req_{set,del}attr().(CVE-2025-38181)

 mm: fix uprobe pte be overwritten when expanding vma(CVE-2025-38207)

 ipc: fix to protect IPCS lookups using RCU(CVE-2025-38212)

 nvme-tcp: sanitize request list handling(CVE-2025-38264)

 fbdev: core: fbcvt: avoid division by 0 in fb_cvt_hperiod()(CVE-2025-38312)

 scsi: lpfc: Use memcpy() for BIOS version(CVE-2025-38332)

 x86/sgx: Prevent attempts to reclaim poisoned pages(CVE-2025-38334)

 NFSv4/pNFS: Fix a race to wake on NFS_LAYOUT_DRAIN(CVE-2025-38393)

 perf: Fix sample vs do_exit()(CVE-2025-38424)

 netlink: Fix wraparounds of sk-sk_rmem_alloc.(CVE-2025-38465)

 clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns(CVE-2025-38499)

 drm/sched: Increment job count before swapping tail spsc queue(CVE-2025-38515)

 pinctrl: qcom: msm: mark certain pins as invalid for interrupts(CVE-2025-38516)

 tracing: Add down_write(trace_event_sem) when adding trace event(CVE-2025-38539)

 HID: quirks: Add quirk for 2 Chicony Electronics HP 5MP Cameras(CVE-2025-38540)

 net/sched: Restrict conditions for adding duplicating netems to qdisc tree(CVE-2025-38553)

 perf/core: Prevent VMA split of buffer mappings(CVE-2025-38563)

 perf/core: Exit early on perf_mmap() fail(CVE-2025-38565)

 pptp: ensure minimal skb length in pptp_xmit()(CVE-2025-38574)

 padata: Fix pd UAF once and for all(CVE-2025-38584)

 net: drop UFO packets in udp_rcv_segment()(CVE-2025-38622)

 pinmux: fix race causing mux_owner NULL with active mux_usecount(CVE-2025-38632)

 clk: davinci: Add NULL check in davinci_lpsc_clk_register()(CVE-2025-38635)

 regulator: core: fix NULL dereference on unbind due to stale coupling data(CVE-2025-38668)

 i2c: qup: jump out of the loop in case of timeout(CVE-2025-38671)

 media: uvcvideo: Fix 1-byte out-of-bounds read in uvc_parse_format()(CVE-2025-38680)

 fbdev: Fix vmalloc out-of-bounds write in fast_imageblit(CVE-2025-38685)

 media: dvb-frontends: w7090p: fix null-ptr-deref in w7090p_tuner_write_serpar and w7090p_tuner_read_serpar(CVE-2025-38693)

 scsi: lpfc: Check for hdwq null ptr when cleaning up lpfc_vport structure(CVE-2025-38695)

 ext4: do not BUG when INLINE_DATA_FL lacks system.data xattr(CVE-2025-38701)

 gfs2: Validate i_depth for exhash directories(CVE-2025-38710)

 x86/cpu/hygon: Add missing resctrl_cpu_detect() in bsp_init helper(CVE-2025-39681)

 tracing: Limit access to parser-buffer when trace_get_user failed(CVE-2025-39683)

 ftrace: Also allocate and copy hash for reading of filter files(CVE-2025-39689)

 fs/buffer: fix use-after-free when call bh_read() helper(CVE-2025-39691)

 RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask()(CVE-2025-39742)

 rcu: Fix rcu_read_unlock() deadloop due to IRQ work(CVE-2025-39744)

 rcu: Protect -defer_qs_iw_pending from data race(CVE-2025-39749)

 usb: core: config: Prevent OOB read in SS endpoint companion parsing(CVE-2025-39760)

 jbd2: prevent softlockup in jbd2_log_do_checkpoint()(CVE-2025-39782)

 ftrace: Fix potential warning in trace_printk_seq during ftrace_dump(CVE-2025-39813)

 trace/fgraph: Fix the warning caused by missing unregister notifier(CVE-2025-39829)

 tee: fix NULL pointer dereference in tee_shm_put(CVE-2025-39865)

 fs: writeback: fix use-after-free in __mark_inode_dirty()(CVE-2025-39866)

 qed: Don't collect too many protection override GRC elements(CVE-2025-39949)

 cgroup: split cgroup_destroy_wq into 3 workqueues(CVE-2025-39953)

 i40e: fix idx validation in config queues msg(CVE-2025-39971)

 i40e: add validation for ring_len param(CVE-2025-39973)

 media: rc: fix races with imon_disconnect()(CVE-2025-39993)

Tenable has extracted the preceding description block directly from the EulerOS kernel security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected kernel packages.

See Also

http://www.nessus.org/u?79297ee4

Plugin Details

Severity: High

ID: 278438

File Name: EulerOS_SA-2025-2464.nasl

Version: 1.1

Type: local

Published: 12/11/2025

Updated: 12/11/2025

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5.3

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2025-38584

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 7

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:huawei:euleros:kernel-tools, p-cpe:/a:huawei:euleros:kernel, p-cpe:/a:huawei:euleros:python3-perf, p-cpe:/a:huawei:euleros:kernel-abi-stablelists, cpe:/o:huawei:euleros:2.0, p-cpe:/a:huawei:euleros:kernel-tools-libs, p-cpe:/a:huawei:euleros:bpftool

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/EulerOS/release, Host/EulerOS/rpm-list, Host/EulerOS/sp

Excluded KB Items: Host/EulerOS/uvp_version

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 12/11/2025

Vulnerability Publication Date: 9/4/2021

Reference Information

CVE: CVE-2022-49158, CVE-2022-49159, CVE-2022-49325, CVE-2022-49932, CVE-2022-50267, CVE-2022-50306, CVE-2022-50323, CVE-2022-50350, CVE-2022-50390, CVE-2022-50493, CVE-2023-53171, CVE-2023-53178, CVE-2023-53215, CVE-2023-53220, CVE-2023-53221, CVE-2023-53250, CVE-2023-53280, CVE-2023-53395, CVE-2023-53401, CVE-2023-53421, CVE-2023-53480, CVE-2024-56616, CVE-2024-58239, CVE-2025-21826, CVE-2025-37765, CVE-2025-38015, CVE-2025-38035, CVE-2025-38040, CVE-2025-38079, CVE-2025-38103, CVE-2025-38112, CVE-2025-38129, CVE-2025-38146, CVE-2025-38147, CVE-2025-38174, CVE-2025-38181, CVE-2025-38207, CVE-2025-38212, CVE-2025-38264, CVE-2025-38312, CVE-2025-38332, CVE-2025-38334, CVE-2025-38393, CVE-2025-38424, CVE-2025-38465, CVE-2025-38499, CVE-2025-38515, CVE-2025-38516, CVE-2025-38539, CVE-2025-38540, CVE-2025-38553, CVE-2025-38563, CVE-2025-38565, CVE-2025-38574, CVE-2025-38584, CVE-2025-38622, CVE-2025-38632, CVE-2025-38635, CVE-2025-38668, CVE-2025-38671, CVE-2025-38680, CVE-2025-38685, CVE-2025-38693, CVE-2025-38695, CVE-2025-38701, CVE-2025-38710, CVE-2025-39681, CVE-2025-39683, CVE-2025-39689, CVE-2025-39691, CVE-2025-39742, CVE-2025-39744, CVE-2025-39749, CVE-2025-39760, CVE-2025-39782, CVE-2025-39813, CVE-2025-39829, CVE-2025-39865, CVE-2025-39866, CVE-2025-39949, CVE-2025-39953, CVE-2025-39971, CVE-2025-39973, CVE-2025-39993