Detections
Analytics

EulerOS Virtualization 2.13.1 : kernel (EulerOS-SA-2025-2546)

high Nessus Plugin ID 279287

Synopsis

The remote EulerOS Virtualization host is missing multiple security updates.

Description

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :

 KVM: VMX: Do _all_ initialization before exposing /dev/kvm to userspace(CVE-2022-49932)

 drivers:md:fix a potential use-after-free bug(CVE-2022-50022)

 ceph: don't leak snap_rwsem in handle_cap_grant(CVE-2022-50059)

 posix-cpu-timers: Cleanup CPU timers before freeing them during exec(CVE-2022-50095)

 scsi: qla2xxx: Fix crash due to stale SRB access around I/O timeouts(CVE-2022-50098)

 sched/core: Do not requeue task on CPU excluded from cpus_mask(CVE-2022-50100)

 sched, cpuset: Fix dl_cpu_busy() panic due to empty cs-cpus_allowed(CVE-2022-50103)

 An issue was discovered in drivers/tty/n_gsm.c in the Linux kernel 6.2. There is a sleeping function called from an invalid context in gsmld_write, which will block the kernel. Note: This has been disputed by 3rd parties as not a valid vulnerability.(CVE-2023-31082)

 scsi: qla2xxx: Perform lockless command completion in abort path(CVE-2023-53041)

 drm/nouveau: prime: fix ttm_bo_delayed_delete oops(CVE-2025-37765)

 dmaengine: idxd: fix memory leak in error handling path of idxd_alloc(CVE-2025-38015)

 padata: do not leak refcount in reorder_work(CVE-2025-38031)

 nvmet-tcp: don't restore null sk_state_change(CVE-2025-38035)

 rseq: Fix segfault on registration when rseq_cs is non-zero(CVE-2025-38067)

 libnvdimm/labels: Fix divide error in nd_label_data_init()(CVE-2025-38072)

 HID: usbhid: Eliminate recurrent out-of-bounds bug in usbhid_parse()(CVE-2025-38103)

 net: openvswitch: Fix the dead loop of MPLS parse(CVE-2025-38146)

 calipso: Don't call calipso functions for AF_INET sk.(CVE-2025-38147)

 tipc: fix null-ptr-deref when acquiring remote ip of ethernet bearer(CVE-2025-38184)

 net: clear the dst when changing skb protocol(CVE-2025-38192)

 ipc: fix to protect IPCS lookups using RCU(CVE-2025-38212)

 fbdev: Fix do_register_framebuffer to prevent null-ptr-deref in fb_videomode_to_var(CVE-2025-38215)

 sched/rt: Fix race in push_rt_task(CVE-2025-38234)

 nvme-tcp: sanitize request list handling(CVE-2025-38264)

 net: tipc: fix refcount warning in tipc_aead_encrypt(CVE-2025-38273)

 fbdev: core: fbcvt: avoid division by 0 in fb_cvt_hperiod()(CVE-2025-38312)

 arm64/ptrace: Fix stack-out-of-bounds read in regs_get_kernel_stack_nth()(CVE-2025-38320)

 virtio-net: ensure the received length does not exceed allocated size(CVE-2025-38375)

 NFSv4/pNFS: Fix a race to wake on NFS_LAYOUT_DRAIN(CVE-2025-38393)

 perf: Fix sample vs do_exit()(CVE-2025-38424)

 net/sched: Abort __tc_modify_qdisc if parent class does not exist(CVE-2025-38457)

 tipc: Fix use-after-free in tipc_conn_close().(CVE-2025-38464)

 netlink: Fix wraparounds of sk-sk_rmem_alloc.(CVE-2025-38465)

 perf: Revert to requiring CAP_SYS_ADMIN for uprobes(CVE-2025-38466)

 do_change_type(): refuse to operate on unmounted/not ours mounts(CVE-2025-38498)

 tracing: Add down_write(trace_event_sem) when adding trace event(CVE-2025-38539)

 perf/core: Prevent VMA split of buffer mappings(CVE-2025-38563)

 perf/core: Exit early on perf_mmap() fail(CVE-2025-38565)

 pptp: ensure minimal skb length in pptp_xmit()(CVE-2025-38574)

 pinmux: fix race causing mux_owner NULL with active mux_usecount(CVE-2025-38632)

 i2c: qup: jump out of the loop in case of timeout(CVE-2025-38671)

 ipv6: fix panic when forwarding a pkt with no in6 dev(CVE-2022-49048)

 netfilter: conntrack: revisit gc autotuning(CVE-2022-49110)

 bpf, sockmap: Fix memleak in sk_psock_queue_msg(CVE-2022-49207)

 block: fix rq-qos breakage from skipping rq_qos_done_bio()(CVE-2022-49266)

 tcp: add accessors to read/set tp-snd_cwnd(CVE-2022-49325)

 ip_gre: test csum_start instead of transport header(CVE-2022-49340)

 netfilter: nf_tables: double hook unregistration in netns path(CVE-2022-49558)

 tcp: Fix data-races around sysctl_tcp_recovery.(CVE-2022-49574)

 igmp: Fix data-races around sysctl_igmp_llm_reports.(CVE-2022-49590)

 tcp: Fix a data-race around sysctl_tcp_probe_interval.(CVE-2022-49593)

 ALSA: usb-audio: Drop snd_BUG_ON() from snd_usbmidi_output_open()(CVE-2022-49772)

 macvlan: enforce a consistent minimal mtu(CVE-2022-49776)

 x86/sgx: Add overflow check in sgx_validate_offset_length()(CVE-2022-49785)

 mmc: sdhci-pci: Fix possible memory leak caused by missing pci_dev_put()(CVE-2022-49787)

 tracing: Fix memory leak in tracing_read_pipe()(CVE-2022-49801)

 netdevsim: Fix memory leak of nsim_dev-fa_cookie(CVE-2022-49803)

 bridge: switchdev: Fix memory leaks when changing VLAN protocol(CVE-2022-49812)

 net: ena: Fix error handling in ena_init()(CVE-2022-49813)

 sctp: clear out_curr if all frag chunks of current msg are pruned(CVE-2022-49838)

 ipv6: addrlabel: fix infoleak when sending struct ifaddrlblmsg to network(CVE-2022-49865)

 net: gso: fix panic on frag_list with mixed head alloc types(CVE-2022-49872)

 bpf, sockmap: Fix the sk-sk_forward_alloc warning of sk_stream_kill_queues(CVE-2022-49877)

 ipv6: fix WARNING in ip6_route_net_exit_late()(CVE-2022-49903)

 net, neigh: Fix null-ptr-deref in neigh_table_clear()(CVE-2022-49904)

 net: mdio: fix undefined behavior in bit shift for __mdiobus_register(CVE-2022-49907)

 ipvs: fix WARNING in ip_vs_app_net_cleanup()(CVE-2022-49917)

 ipvs: fix WARNING in __ip_vs_cleanup_batch()(CVE-2022-49918)

 netfilter: nf_tables: release flow rule object from commit path(CVE-2022-49919)

 tty: n_gsm: add sanity check for gsm-receive in gsm_receive_buf()(CVE-2022-49940)

 vt: Clear selection before changing the font(CVE-2022-49948)

 bpf: Do mark_chain_precision for ARG_CONST_ALLOC_SIZE_OR_ZERO(CVE-2022-49961)

 arm64: cacheinfo: Fix incorrect assignment of signed error value to unsigned fw_level(CVE-2022-49964)

 bpf: Fix a data-race around bpf_jit_limit.(CVE-2022-49967)

 ftrace: Fix NULL pointer dereference in is_ftrace_trampoline when ftrace is dead(CVE-2022-49977)

 net: fix refcount bug in sk_psock_get (2)(CVE-2022-49979)

 media: pvrusb2: fix memory leak in pvr_probe(CVE-2022-49982)

 bpf: Don't use tnum_range on array range checking for poke descriptors(CVE-2022-49985)

 ice: xsk: prohibit usage of non-balanced queue id(CVE-2022-50003)

 kprobes: don't call disarm_kprobe() for disabled kprobes(CVE-2022-50008)

 ext4: avoid resizing to a partial cluster size(CVE-2022-50020)

 x86/fpu: KVM: Set the base guest FPU uABI size to sizeof(struct kvm_xsave).(CVE-2022-49557)

 A cross-privilege Spectre v2 vulnerability allows attackers to bypass all deployed mitigations, including the recent Fine(IBT), and to leak arbitrary Linux kernel memory on Intel systems.(CVE-2024-2201)

 perf/x86/amd/uncore: Fix memory leak for events array(CVE-2022-49784)

 perf/x86/amd: Fix crash due to race between amd_pmu_enable_all, perf NMI and throttling(CVE-2022-49781)

 perf/x86/amd/core: Always clear status for idx(CVE-2023-53073)

 drm/drv: Fix potential memory leak in drm_dev_init().(CVE-2022-49830)

 drm/shmem-helper: Remove another errant put in error path(CVE-2023-53084)

 perf/core: Fix perf_output_begin parameter is incorrectly invoked in perf_event_bpf_output(CVE-2023-53065)

 arm64: bpf: Only mitigate cBPF programs loaded by unprivileged users(CVE-2025-37963)

 arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs(CVE-2025-37948)

 crypto: null - Use spin lock instead of mutex(CVE-2025-37808)

 tracing: Fix oob write in trace_seq_to_buffer().(CVE-2025-37923)

 media: dw2102: Fix null-ptr-deref in dw2102_i2c_transfer().(CVE-2023-53146)

 usb: ucsi: Fix NULL pointer deref in ucsi_connector_change().(CVE-2023-53049)

 iommu/amd: Fix potential buffer overflow in parse_ivrs_acpihid(CVE-2025-37927)

 drm ouveau: Fix WARN_ON in nouveau_fence_context_kill().(CVE-2025-37930)

 module: ensure that kobject_put() is safe for module type kobjects(CVE-2025-37995)

 bnxt_en: Fix out-of-bound memcpy() during ethtool -w(CVE-2025-37911)

 capabilities: fix undefined behavior in bit shift for CAP_TO_MASK(CVE-2022-49870)

 HID: intel-ish-hid: ipc: Fix potential use-after-free in work function(CVE-2023-53039)

 IB/hfi1: Correctly move list in sc_disable().(CVE-2022-49931)

 tpm: do not start chip while suspended(CVE-2025-23149)

 bpf: check changes_pkt_data property for extension programs(CVE-2024-58100)

 ext4: block range must be validated before use in ext4_mb_clear_bb()(CVE-2022-50021)

 iavf: Fix adminq error handling(CVE-2022-50055)

 virtio_net: fix memory leak inside XPD_TX with mergeable(CVE-2022-50065)

 net: atlantic: fix aq_vec index out of range error(CVE-2022-50066)

 BPF: Fix potential bad pointer dereference in bpf_sys_bpf()(CVE-2022-50069)

 net: tap: NULL pointer derefence in dev_parse_header_protocol when skb-dev is null(CVE-2022-50073)

 apparmor: Fix memleak in aa_simple_write_to_buffer()(CVE-2022-50074)

 resolved: apparmor: fix reference count leak in aa_pivotroot() (CVE-2022-50077)

 ext4: fix warning in ext4_iomap_begin as race between bmap and write(CVE-2022-50082)

 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.(CVE-2022-50083)

 block: don't allow the same type rq_qos add more than once(CVE-2022-50086)

 jbd2: fix assertion 'jh-b_frozen_data == NULL' failure when journal aborted(CVE-2022-50126)

 RDMA/srpt: Fix a use-after-free(CVE-2022-50129)

 RDMA/hfi1: fix potential memory leak in setup_base_ctxt()(CVE-2022-50134)

 RDMA/qedr: Fix potential memory leak in __qedr_alloc_mr()(CVE-2022-50138)

 bpf: fix potential 32-bit overflow when accessing ARRAY map element(CVE-2022-50167)

 virtio-gpu: fix a missing check to avoid NULL dereference(CVE-2022-50181)

 selinux: Add boundary check in put_entry()(CVE-2022-50200)

 PM: hibernate: defer device probing when resuming from hibernation(CVE-2022-50202)

 arm64: fix oops in concurrently setting insn_emulation sysctls(CVE-2022-50206)

 netfilter: nf_tables: do not allow SET_ID to refer to another table(CVE-2022-50213)

 scsi: sg: Allow waiting for commands to complete on removed device(CVE-2022-50215)

 bpf: Fix KASAN use-after-free Read in compute_effective_progs(CVE-2022-50219)

 usbnet: Fix linkwatch use-after-free on disconnect(CVE-2022-50220)

 tty: vt: initialize unicode screen buffer(CVE-2022-50222)

 KVM: SVM: Don't BUG if userspace injects an interrupt with GIF=0(CVE-2022-50228)

 arm64: set UXN on swapper page tables(CVE-2022-50230)

 crypto: arm64/poly1305 - fix a read out-of-bound(CVE-2022-50231)

 arm64: set UXN on swapper page tables(CVE-2022-50232)

 netfilter: nf_tables: don't fail inserts if duplicate has expired(CVE-2023-52925)

 netfilter: allow exp not to be removed in nf_ct_find_expectation(CVE-2023-52927)

 dm crypt: add cond_resched() to dmcrypt_write()(CVE-2023-53051)

 erspan: do not use skb_mac_header() in ndo_start_xmit()(CVE-2023-53053)

 net/mlx5: E-Switch, Fix an Oops in error handling code(CVE-2023-53058)

 net: usb: smsc95xx: Limit packet length to skb-len(CVE-2023-53062)

 qed/qed_sriov: guard against NULL derefs from qed_iov_get_vf_info(CVE-2023-53066)

 net: usb: lan78xx: Limit packet length to skb-len(CVE-2023-53068)

 net/mlx5: Fix steering rules cleanup(CVE-2023-53079)

 xsk: Add missing overflow check in xdp_umem_reg(CVE-2023-53080)

 ice: xsk: disable txq irq before flushing hw(CVE-2023-53102)

 bonding: restore bond's IFF_SLAVE flag if a non-eth dev enslave fails(CVE-2023-53103)

 net: tunnels: annotate lockless accesses to dev-needed_headroom(CVE-2023-53109)

 i40e: Fix kernel crash during reboot when adapter is in recovery mode(CVE-2023-53114)

 tcp: tcp_make_synack() can be called from process context(CVE-2023-53121)

 net: usb: smsc75xx: Limit packet length to skb-len(CVE-2023-53125)

 SUNRPC: Fix a server shutdown leak(CVE-2023-53131)

 bpf, sockmap: Fix an infinite loop error when len is 0 in tcp_bpf_recvmsg_parser()(CVE-2023-53133)

 bpf: consider that tail calls invalidate packet pointers(CVE-2024-58237)

 net: avoid race between device unregistration and ethnl ops(CVE-2025-21701)

 ata: libata-sff: Ensure that we cannot write outside the allocated buffer(CVE-2025-21738)

 block: mark GFP_NOIO around sysfs -store()(CVE-2025-21817)

 netfilter: nf_tables: reject mismatching sum of field_len with set key length(CVE-2025-21826)

 netfilter: socket: Lookup orig tuple for IPv6 SNAT(CVE-2025-22021)

 net: fix geneve_opt length integer overflow(CVE-2025-22055)

 net: decrease cached dst counters in dst_release(CVE-2025-22057)

 rtnetlink: Allocate vfinfo size for VF GUIDs when supported(CVE-2025-22075)

 RDMA/mlx5: Fix mlx5_poll_one() cur_qp update flow(CVE-2025-22086)

 net: fix NULL pointer dereference in l3mdev_l3_rcv(CVE-2025-22103)

 sctp: detect and prevent references to a freed transport in sendmsg(CVE-2025-23142)

 net: ppp: Add bound checking for skb data on ppp_sync_txmung Ensure we have enough data in linear buffer from skb before accessing initial bytes.(CVE-2025-37749)

 net: tls: explicitly disallow disconnect(CVE-2025-37756)

 tipc: fix memory leak in tipc_link_xmit(CVE-2025-37757)

 cxgb4: fix memory leak in cxgb4_init_ethtool_filters() error path(CVE-2025-37788)

 net: openvswitch: fix nested key length validation in the set() action(CVE-2025-37789)

 net_sched: hfsc: Fix a UAF vulnerability in class handling(CVE-2025-37797)

 codel: remove sch-q.qlen check before qdisc_tree_reduce_backlog()(CVE-2025-37798)

 net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too(CVE-2025-37823)

 tipc: fix NULL pointer dereference in tipc_mon_reinit_self()(CVE-2025-37824)

 page_pool: avoid infinite loop to schedule delayed worker(CVE-2025-37859)

 HID: pidff: Fix null pointer dereference in pidff_find_fields(CVE-2025-37862)

 net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc(CVE-2025-37890)

 net_sched: qfq: Fix double list add in class with netem as child qdisc(CVE-2025-37913)

 net_sched: drr: Fix double list add in class with netem as child qdisc(CVE-2025-37915)

 xsk: Fix race condition in AF_XDP generic RX path(CVE-2025-37920)

 sch_htb: make htb_qlen_notify() idempotent(CVE-2025-37932)

 bpf: Scrub packet on bpf_redirect_peer(CVE-2025-37959)

 ipvs: fix uninit-value for saddr in do_output_route4(CVE-2025-37961)

 net: phy: leds: fix memory leak(CVE-2025-37989)

 net_sched: Flush gso_skb list too during -change()(CVE-2025-37992)

 netfilter: ipset: fix region locking in hash types(CVE-2025-37997)

 openvswitch: Fix unsafe attribute parsing in output_userspace()(CVE-2025-37998)

 sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue()(CVE-2025-38000)

 net_sched: hfsc: Address reentrant enqueue adding class to eltree twice(CVE-2025-38001)

 dmaengine: idxd: Refactor remove call with idxd_cleanup() helper(CVE-2025-38014)

 serial: mctrl_gpio: split disable_ms into sync and no_sync APIs(CVE-2025-38040)

 media: cx231xx: set device_caps for 417(CVE-2025-38044)

 net/tipc: fix slab-use-after-free Read in tipc_aead_encrypt_done(CVE-2025-38052)

 net: pktgen: fix access outside of user given buffer in pktgen_thread_write()(CVE-2025-38061)

 dm: fix unconditional IO throttle caused by REQ_PREFLUSH(CVE-2025-38063)

 dm cache: prevent BUG_ON by blocking retries on failed device resumes(CVE-2025-38066)

 crypto: lzo - Fix compression buffer overrun(CVE-2025-38068)

 vhost-scsi: protect vq-log_used with vq-mutex(CVE-2025-38074)

 scsi: target: iscsi: Fix timeout on deleted connection(CVE-2025-38075)

 net_sched: prio: fix a race in prio_tune()(CVE-2025-38083)

 mm/hugetlb: unshare page tables during VMA split, not before(CVE-2025-38084)

 net: ch9200: fix uninitialised access during mii_nway_restart(CVE-2025-38086)

 x86/iopl: Cure TIF_IO_BITMAP inconsistencies(CVE-2025-38100)

 VMCI: fix race between vmci_host_setup_notify and vmci_ctx_unset_notify(CVE-2025-38102)

 net_sched: red: fix a race in __red_change()(CVE-2025-38108)

 net/mdiobus: Fix potential out-of-bounds read/write access(CVE-2025-38111)

 net: Fix TOCTOU issue in sk_is_readable()(CVE-2025-38112)

 net_sched: sch_sfq: fix a potential crash on gso_skb handling(CVE-2025-38115)

 netfilter: nf_set_pipapo_avx2: fix initial map fill(CVE-2025-38120)

 net: fix udp gso skb_segment after pull from frag_list(CVE-2025-38124)

 ice: fix Tx scheduler error handling in XDP callback(CVE-2025-38127)

 page_pool: Fix use-after-free in page_pool_recycle_in_ring(CVE-2025-38129)

 bpf, sockmap: Avoid using sk_socket after free when sending(CVE-2025-38154)

 netfilter: nft_set_pipapo: prevent overflow in lookup table allocation(CVE-2025-38162)

 bpf, sockmap: Fix panic when calling skb_linearize(CVE-2025-38165)

 bpf: fix ktls panic with sockmap(CVE-2025-38166)

 RDMA/iwcm: Fix use-after-free of work objects after cm_id destruction(CVE-2025-38211)

 fbdev: Fix fb_set_var to prevent null-ptr-deref in fb_videomode_to_var(CVE-2025-38214)

 ext4: inline: fix len overflow in ext4_prepare_inline_data(CVE-2025-38222)

 media: cxusb: no longer judge rbuf when the write fails(CVE-2025-38229)

 bpf: Avoid __bpf_prog_ret0_warn when jit fails(CVE-2025-38280)

 bpf: Fix WARN() in get_bpf_raw_tp_regs(CVE-2025-38285)

 EDAC/skx_common: Fix general protection fault(CVE-2025-38298)

 mpls: Use rcu_dereference_rtnl() in mpls_route_input_rcu().(CVE-2025-38324)

 jbd2: fix data-race and null-ptr-deref in jbd2_journal_dirty_metadata()(CVE-2025-38337)

 ACPICA: fix acpi operand cache leak in dswstate.c(CVE-2025-38345)

 ftrace: Fix UAF when lookup kallsym after ftrace disabled(CVE-2025-38346)

 posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del()(CVE-2025-38352)

 ACPICA: Refuse to evaluate a method if arguments are missing(CVE-2025-38386)

 usb: typec: altmodes/displayport: do not index invalid pin_assignments(CVE-2025-38391)

 fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass(CVE-2025-38396)

 scsi: target: Fix NULL pointer dereference in core_scsi3_decode_spec_i_port()(CVE-2025-38399)

 drm/gem: Acquire references on GEM handles for framebuffers(CVE-2025-38449)

 HID: core: ensure the allocated report buffer can contain the reserved report ID(CVE-2025-38495)

Tenable has extracted the preceding description block directly from the EulerOS Virtualization kernel security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected kernel packages.

See Also

http://www.nessus.org/u?268e56e3

Plugin Details

Severity: High

ID: 279287

File Name: EulerOS_SA-2025-2546.nasl

Version: 1.1

Type: local

Published: 12/18/2025

Updated: 12/18/2025

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Critical

Score: 9.4

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5.6

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2025-38375

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 7.2

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:huawei:euleros:kernel, p-cpe:/a:huawei:euleros:kernel-tools, p-cpe:/a:huawei:euleros:kernel-tools-libs, p-cpe:/a:huawei:euleros:bpftool, p-cpe:/a:huawei:euleros:python3-perf, p-cpe:/a:huawei:euleros:kernel-abi-stablelists, cpe:/o:huawei:euleros:uvp:2.13.1

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/EulerOS/release, Host/EulerOS/rpm-list, Host/EulerOS/uvp_version

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 12/18/2025

Vulnerability Publication Date: 9/4/2021

CISA Known Exploited Vulnerability Due Dates: 9/25/2025

Reference Information

CVE: CVE-2022-49048, CVE-2022-49110, CVE-2022-49207, CVE-2022-49266, CVE-2022-49325, CVE-2022-49340, CVE-2022-49557, CVE-2022-49558, CVE-2022-49574, CVE-2022-49590, CVE-2022-49593, CVE-2022-49772, CVE-2022-49776, CVE-2022-49781, CVE-2022-49784, CVE-2022-49785, CVE-2022-49787, CVE-2022-49801, CVE-2022-49803, CVE-2022-49812, CVE-2022-49813, CVE-2022-49830, CVE-2022-49838, CVE-2022-49865, CVE-2022-49870, CVE-2022-49872, CVE-2022-49877, CVE-2022-49903, CVE-2022-49904, CVE-2022-49907, CVE-2022-49917, CVE-2022-49918, CVE-2022-49919, CVE-2022-49931, CVE-2022-49932, CVE-2022-49940, CVE-2022-49948, CVE-2022-49961, CVE-2022-49964, CVE-2022-49967, CVE-2022-49977, CVE-2022-49979, CVE-2022-49982, CVE-2022-49985, CVE-2022-50003, CVE-2022-50008, CVE-2022-50020, CVE-2022-50021, CVE-2022-50022, CVE-2022-50055, CVE-2022-50059, CVE-2022-50065, CVE-2022-50066, CVE-2022-50069, CVE-2022-50073, CVE-2022-50074, CVE-2022-50077, CVE-2022-50082, CVE-2022-50086, CVE-2022-50095, CVE-2022-50098, CVE-2022-50100, CVE-2022-50103, CVE-2022-50126, CVE-2022-50129, CVE-2022-50134, CVE-2022-50138, CVE-2022-50167, CVE-2022-50181, CVE-2022-50200, CVE-2022-50202, CVE-2022-50206, CVE-2022-50213, CVE-2022-50215, CVE-2022-50219, CVE-2022-50220, CVE-2022-50222, CVE-2022-50228, CVE-2022-50230, CVE-2022-50231, CVE-2022-50232, CVE-2023-31082, CVE-2023-52925, CVE-2023-52927, CVE-2023-53039, CVE-2023-53041, CVE-2023-53049, CVE-2023-53051, CVE-2023-53053, CVE-2023-53058, CVE-2023-53062, CVE-2023-53065, CVE-2023-53066, CVE-2023-53068, CVE-2023-53073, CVE-2023-53079, CVE-2023-53080, CVE-2023-53084, CVE-2023-53102, CVE-2023-53103, CVE-2023-53109, CVE-2023-53114, CVE-2023-53121, CVE-2023-53125, CVE-2023-53131, CVE-2023-53133, CVE-2023-53146, CVE-2024-2201, CVE-2024-58100, CVE-2024-58237, CVE-2025-21701, CVE-2025-21738, CVE-2025-21817, CVE-2025-21826, CVE-2025-22021, CVE-2025-22055, CVE-2025-22057, CVE-2025-22075, CVE-2025-22086, CVE-2025-22103, CVE-2025-23142, CVE-2025-23149, CVE-2025-37749, CVE-2025-37756, CVE-2025-37757, CVE-2025-37765, CVE-2025-37788, CVE-2025-37789, CVE-2025-37797, CVE-2025-37798, CVE-2025-37808, CVE-2025-37823, CVE-2025-37824, CVE-2025-37859, CVE-2025-37862, CVE-2025-37890, CVE-2025-37911, CVE-2025-37913, CVE-2025-37915, CVE-2025-37920, CVE-2025-37923, CVE-2025-37927, CVE-2025-37930, CVE-2025-37932, CVE-2025-37948, CVE-2025-37959, CVE-2025-37961, CVE-2025-37963, CVE-2025-37989, CVE-2025-37992, CVE-2025-37995, CVE-2025-37997, CVE-2025-37998, CVE-2025-38000, CVE-2025-38001, CVE-2025-38014, CVE-2025-38015, CVE-2025-38031, CVE-2025-38035, CVE-2025-38040, CVE-2025-38044, CVE-2025-38052, CVE-2025-38061, CVE-2025-38063, CVE-2025-38066, CVE-2025-38067, CVE-2025-38068, CVE-2025-38072, CVE-2025-38074, CVE-2025-38075, CVE-2025-38083, CVE-2025-38084, CVE-2025-38086, CVE-2025-38100, CVE-2025-38102, CVE-2025-38103, CVE-2025-38108, CVE-2025-38111, CVE-2025-38112, CVE-2025-38115, CVE-2025-38120, CVE-2025-38124, CVE-2025-38127, CVE-2025-38129, CVE-2025-38146, CVE-2025-38147, CVE-2025-38154, CVE-2025-38162, CVE-2025-38165, CVE-2025-38166, CVE-2025-38184, CVE-2025-38192, CVE-2025-38211, CVE-2025-38212, CVE-2025-38214, CVE-2025-38215, CVE-2025-38222, CVE-2025-38229, CVE-2025-38234, CVE-2025-38264, CVE-2025-38273, CVE-2025-38280, CVE-2025-38285, CVE-2025-38298, CVE-2025-38312, CVE-2025-38320, CVE-2025-38324, CVE-2025-38337, CVE-2025-38346, CVE-2025-38352, CVE-2025-38375, CVE-2025-38386, CVE-2025-38391, CVE-2025-38393, CVE-2025-38396, CVE-2025-38399, CVE-2025-38424, CVE-2025-38449, CVE-2025-38457, CVE-2025-38464, CVE-2025-38465, CVE-2025-38466, CVE-2025-38495, CVE-2025-38498, CVE-2025-38539, CVE-2025-38563, CVE-2025-38565, CVE-2025-38574, CVE-2025-38632, CVE-2025-38671