Detections
Analytics

EulerOS Virtualization 2.10.0 : kernel (EulerOS-SA-2026-1172)

high Nessus Plugin ID 297384

Synopsis

The remote EulerOS Virtualization host is missing multiple security updates.

Description

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :

 cifs: Fix UAF in cifs_demultiplex_thread()(CVE-2023-52572)

 xsk: fix OOB map writes when deleting elements(CVE-2024-56614)

 net: defer final 'struct net' free in netns dismantle(CVE-2024-56658)

 af_packet: avoid erroring out after sock_init_data() in packet_create()(CVE-2024-56606)

 quota: flush quota_release_work upon quota writeback(CVE-2024-56780)

 mm: hugetlb: independent PMD page table shared count(CVE-2024-57883)

 selinux: ignore unknown extended permissions(CVE-2024-57931)

 netfilter: conntrack: clamp maximum hashtable size to INT_MAX(CVE-2025-21648)

 net: sched: Disallow replacing of child qdisc from one parent to another(CVE-2025-21700)

 pfifo_tail_enqueue: Drop new packet when sch-limit == 0(CVE-2025-21702)

 ubi: Fix race condition between ctrl_cdev_ioctl and ubi_cdev_ioctl(CVE-2021-47634)

 crypto: qat - add param check for DH(CVE-2022-49564)

 nfsd: clear acl_access/acl_default after releasing them(CVE-2025-21796)

 media: uvcvideo: Fix double free in error path(CVE-2024-57980)

 ata: libata-core: fix NULL pointer deref in ata_host_alloc_pinfo()(CVE-2022-49731)

 dm raid: fix accesses beyond end of raid member array(CVE-2022-49674)

 scsi: lpfc: Fix null pointer dereference after failing to issue FLOGI and PLOGI(CVE-2022-49535)

 md/bitmap: don't set sb values if can't pass sanity check(CVE-2022-49526)

 drm/virtio: fix NULL pointer dereference in virtio_gpu_conn_get_modes(CVE-2022-49532)

 ext4: fix race condition between ext4_write and ext4_convert_inline_data(CVE-2022-49414)

 media: pvrusb2: fix array-index-out-of-bounds in pvr2_i2c_core_init(CVE-2022-49478)

 dlm: fix plock invalid read(CVE-2022-49407)

 NFSD: prevent underflow in nfssvc_decode_writeargs()(CVE-2022-49280)

 NFSv4: Don't hold the layoutget locks across multiple RPC calls(CVE-2022-49316)

 firmware: dmi-sysfs: Fix memory leak in dmi_sysfs_register_handle(CVE-2022-49370)

 ARM: hisi: Add missing of_node_put after of_find_compatible_node(CVE-2022-49447)

 scsi: target: tcmu: Fix possible page UAF(CVE-2022-49053)

 drm/plane: Move range check for format_count earlier(CVE-2021-47659)

 tty: fix deadlock caused by calling printk() under tty_port-lock(CVE-2022-49441)

 bpf, arm64: Clear prog-jited_len along prog-jited(CVE-2022-49341)

 RDMA/hfi1: Fix potential integer multiplication overflow errors(CVE-2022-49404)

 scsi: libfc: Fix use after free in fc_exch_abts_resp()(CVE-2022-49114)

 scsi: qla2xxx: Suppress a kernel complaint in qla_create_qpair()(CVE-2022-49155)

 mm: fix unexpected zeroed page mapping with zram swap(CVE-2022-49052)

 sch_hfsc: make hfsc_qlen_notify() idempotent hfsc_qlen_notify() is not idempotent either and not friendly to its callers, like fq_codel_dequeue().(CVE-2025-38177)

 ftrace: Fix UAF when lookup kallsym after ftrace disabled(CVE-2025-38346)

 net/sched: Abort __tc_modify_qdisc if parent class does not exist(CVE-2025-38457)

 net/sched: Always pass notifications when child class becomes empty(CVE-2025-38350)

 loop: Check for overflow while configuring loop(CVE-2022-49993)

 NFSv4/pnfs: Fix a use-after-free bug in open(CVE-2022-50072)

 net: tipc: fix possible refcount leak in tipc_sk_create()(CVE-2022-49620)

 RDMA/hfi1: Prevent use of lock before it is initialized(CVE-2022-49433)

 memcg: fix soft lockup in the OOM process(CVE-2024-57977)

 block: don't delete queue kobject before its children(CVE-2022-49259)

 exec: Force single empty string when argv is empty(CVE-2022-49264)

 um: Fix out-of-bounds read in LDT setup(CVE-2022-49395)

 cgroup: Use separate src/dst nodes when preloading css_sets for migration(CVE-2022-49647)

 driver: base: fix UAF when driver_attach failed(CVE-2022-49385)

 nbd: don't allow reconnect after disconnect(CVE-2025-21731)

 vrf: use RCU protection in l3mdev_l3_out()(CVE-2025-21791)

 net_sched: sch_sfq: don't allow 1 packet limit(CVE-2024-57996)

 net: let net.core.dev_weight always be non-zero(CVE-2025-21806)

 tty: synclink_gt: Fix null-pointer-dereference in slgt_clean()(CVE-2022-49307)

 virtio_net: fix xdp_rxq_info bug after suspend/resume(CVE-2022-49687)

 be2net: Fix buffer overflow in be_get_module_eeprom(CVE-2022-49581)

 ubi: ubi_create_volume: Fix use-after-free when volume creation failed(CVE-2022-49388)

 ipmr: do not call mr_mfc_uses_dev() for unres entries(CVE-2025-21719)

 ALSA: jack: Access input_dev under mutex(CVE-2022-49538)

 geneve: Fix use-after-free in geneve_find_dev().(CVE-2025-21858)

 rxrpc: Fix listen() setting the bar too high for the prealloc rings(CVE-2022-49450)

 usbnet: fix memory leak in error case(CVE-2022-49657)

 block: Fix handling of offline queues in blk_mq_alloc_request_hctx()(CVE-2022-49720)

 partitions: mac: fix handling of bogus partition table(CVE-2025-21772)

 icmp: Fix data-races around sysctl.(CVE-2022-49638)

 erspan: do not assume transport header is always set(CVE-2022-49691)

 net: mdio: unexport __init-annotated mdio_bus_init()(CVE-2022-49350)

 tipc: check attribute length for bearer name(CVE-2022-49374)

 RDMA/hfi1: Prevent panic when SDMA is disabled(CVE-2022-49429)

 tcp/dccp: Fix a data-race around sysctl_tcp_fwmark_accept.(CVE-2022-49601)

 ip: Fix data-races around sysctl_ip_fwd_use_pmtu.(CVE-2022-49604)

 ip: Fix a data-race around sysctl_fwmark_reflect.(CVE-2022-49602)

 igmp: Fix data-races around sysctl_igmp_llm_reports.(CVE-2022-49590)

 tcp: Fix a data-race around sysctl_tcp_probe_interval.(CVE-2022-49593)

 tcp: Fix a data-race around sysctl_tcp_probe_threshold.(CVE-2022-49595)

 tcp: Fix data-races around sysctl_tcp_mtu_probing.(CVE-2022-49598)

 igmp: Fix data-races around sysctl_igmp_qrv.(CVE-2022-49589)

 tcp: Fix data-races around sysctl_tcp_fastopen.(CVE-2022-49586)

 tcp: Fix data-races around sysctl_tcp_slow_start_after_idle.(CVE-2022-49572)

 tcp: Fix a data-race around sysctl_tcp_notsent_lowat.(CVE-2022-49587)

 tcp: Fix a data-race around sysctl_tcp_early_retrans.(CVE-2022-49573)

 tcp: Fix data-races around sysctl_tcp_recovery.(CVE-2022-49574)

 tcp: Fix data-races around sysctl_tcp_max_reordering.(CVE-2022-49571)

 net: openvswitch: fix leak of nested actions(CVE-2022-49086)

 bpf: Fix pointer-leak due to insufficient speculative store bypass mitigation(CVE-2023-53024)

 mm/khugepaged: fix -anon_vma race(CVE-2023-52935)

 ipv4: prevent potential spectre v1 gadget in ip_metrics_convert()(CVE-2023-52997)

 dmaengine: Fix double increment of client_count in dma_chan_get()(CVE-2022-49753)

 vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF(CVE-2023-52973)

 ipvlan: ensure network headers are in skb linear part(CVE-2025-21891)

 trace_events_hist: add check for return value of 'create_hist_field'(CVE-2023-53005)

 net: mdio: validate parameter addr in mdiobus_get_phy()(CVE-2023-53019)

 netfilter: ipset: Fix overflow before widen in the bitmap_ip_create() function.(CVE-2023-53032)

 proc: fix UAF in proc_get_inode()(CVE-2025-21999)

 ext4: fix OOB read when checking dotdot dir(CVE-2025-37785)

 md/raid1,raid10: don't ignore IO flags(CVE-2025-22125)

 net: fix geneve_opt length integer overflow(CVE-2025-22055)

 udp: Fix memory accounting leak.(CVE-2025-22058)

 mISDN: fix possible memory leak in mISDN_register_device()(CVE-2022-49915)

 capabilities: fix undefined behavior in bit shift for CAP_TO_MASK(CVE-2022-49870)

 bpf, sockmap: Fix an infinite loop error when len is 0 in tcp_bpf_recvmsg_parser()(CVE-2023-53133)

 mISDN: fix possible memory leak in mISDN_dsp_element_register()(CVE-2022-49821)

 jbd2: remove wrong sb-s_sequence check(CVE-2025-37839)

 net_sched: sch_sfq: move the limit validation(CVE-2025-37752)

 tracing: Make sure trace_printk() can output as soon as it can be used(CVE-2023-53007)

 iscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic()(CVE-2025-21993)

 KVM: SVM: Don't BUG if userspace injects an interrupt with GIF=0(CVE-2022-50228)

 md: call __md_stop_writes in md_stop(CVE-2022-49987)

 iommu/vt-d: avoid invalid memory access via node_online(NUMA_NO_NODE)(CVE-2022-50093)

 block: fix resource leak in blk_register_queue() error path(CVE-2025-37980)

 media: dw2102: Fix null-ptr-deref in dw2102_i2c_transfer()(CVE-2023-53146)

 net: atlantic: fix aq_vec index out of range error(CVE-2022-50066)

 ext4: update s_journal_inum if it changes after journal replay(CVE-2023-53091)

 dm: fix unconditional IO throttle caused by REQ_PREFLUSH(CVE-2025-38063)

 openvswitch: use RCU protection in ovs_vport_cmd_fill_info()(CVE-2025-21761)

 nfs: handle failure of nfs_get_lock_context in unlock path(CVE-2025-38023)

 dm ioctl: fix misbehavior if list_versions races with module loading(CVE-2022-49771)

 arp: use RCU protection in arp_xmit()(CVE-2025-21762)

 ipv6: fix WARNING in ip6_route_net_exit_late()(CVE-2022-49903)

 fbdev: core: fbcvt: avoid division by 0 in fb_cvt_hperiod()(CVE-2025-38312)

 __legitimize_mnt(): check for MNT_SYNC_UMOUNT should be under mount_lock(CVE-2025-38058)

 crypto: algif_hash - fix double free in hash_accept(CVE-2025-38079)

 net: ch9200: fix uninitialised access during mii_nway_restart(CVE-2025-38086)

 mm/vmscan: don't try to reclaim hwpoison folio(CVE-2025-37834)

 udf: Fix a slab-out-of-bounds write bug in udf_find_entry()(CVE-2022-49846)

 scsi: qla2xxx: Fix crash due to stale SRB access around I/O timeouts(CVE-2022-50098)

 nvmet: avoid potential UAF in nvmet_req_complete()(CVE-2023-53116)

 media: pvrusb2: fix memory leak in pvr_probe(CVE-2022-49982)

 neighbour: use RCU protection in __neigh_notify()(CVE-2025-21763)

 net: usb: smsc95xx: Limit packet length to skb-len(CVE-2023-53062)

 nvmet-tcp: don't restore null sk_state_change(CVE-2025-38035)

 RDMA/rxe: Fix error unwind in rxe_create_qp()(CVE-2022-50127)

 ext4: fix off-by-one error in do_split(CVE-2025-23150)

 net: mdio: fix undefined behavior in bit shift for __mdiobus_register(CVE-2022-49907)

 jbd2: fix data-race and null-ptr-deref in jbd2_journal_dirty_metadata()(CVE-2025-38337)

 drivers:md:fix a potential use-after-free bug(CVE-2022-50022)

 PM: hibernate: defer device probing when resuming from hibernation(CVE-2022-50202)

 mmc: sdhci-pci: Fix possible memory leak caused by missing pci_dev_put()(CVE-2022-49787)

 gfs2: Check sb_bsize_shift after reading superblock(CVE-2022-49769)

 sch_htb: make htb_qlen_notify() idempotent(CVE-2025-37932)

 usbnet: Fix linkwatch use-after-free on disconnect(CVE-2022-50220)

 xfrm: state: fix out-of-bounds read during lookup(CVE-2024-57982)

 ndisc: extend RCU protection in ndisc_send_skb()(CVE-2025-21760)

 ndisc: use RCU protection in ndisc_alloc_skb()(CVE-2025-21764)

 sched, cpuset: Fix dl_cpu_busy() panic due to empty cs-cpus_allowed(CVE-2022-50103)

 tipc: fix the msg-req tlv len check in tipc_nl_compat_name_table_dump_header(CVE-2022-49862)

 ata: libata-transport: fix double ata_host_put() in ata_tport_add()(CVE-2022-49826)

 xen/privcmd: fix error exit of privcmd_ioctl_dm_op()(CVE-2022-49989)

 media: cxusb: no longer judge rbuf when the write fails(CVE-2025-38229)

 fbdev: Fix do_register_framebuffer to prevent null-ptr-deref in fb_videomode_to_var(CVE-2025-38215)

 ipv6: mcast: extend RCU protection in igmp6_send()(CVE-2025-21759)

 net: sched: Fix use after free in red_enqueue()(CVE-2022-49921)

 net: usb: smsc75xx: Limit packet length to skb-len(CVE-2023-53125)

 smb: client: Fix use-after-free in cifs_fill_dirent(CVE-2025-38051)

 HID: hyperv: fix possible memory leak in mousevsc_probe()(CVE-2022-49874)

 iavf: Fix reset error handling(CVE-2022-50053)

 module: ensure that kobject_put() is safe for module type kobjects(CVE-2025-37995)

 misc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram()(CVE-2022-49788)

 ipv6: addrlabel: fix infoleak when sending struct ifaddrlblmsg to network(CVE-2022-49865)

 scsi: storvsc: Remove WQ_MEM_RECLAIM from storvsc_error_wq(CVE-2022-49986)

 RDMA/rxe: Fix slab-use-after-free Read in rxe_queue_cleanup bug(CVE-2025-38024)

 md-raid10: fix KASAN warning(CVE-2022-50211)

 sfc: fix use after free when disabling sriov(CVE-2022-49626)

 ipc: fix to protect IPCS lookups using RCU(CVE-2025-38212)

 sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue()(CVE-2025-38000)

 net: xfrm: unexport __init-annotated xfrm4_protocol_init()(CVE-2022-49345)

 tcp: Fix a data-race around sysctl_tcp_thin_linear_timeouts.(CVE-2022-49575)

 x86/speculation: Fill RSB on vmexit for IBRS(CVE-2022-49611)

 ipv6: Fix signed integer overflow in l2tp_ip6_sendmsg(CVE-2022-49727)

 bpf, test_run: Fix alignment problem in bpf_prog_test_run_skb()(CVE-2022-49840)

 ipvs: fix WARNING in ip_vs_app_net_cleanup()(CVE-2022-49917)

 ipvs: fix WARNING in __ip_vs_cleanup_batch()(CVE-2022-49918)

 HID: hidraw: fix memory leak in hidraw_release() (CVE-2022-49981)

 dm raid: fix address sanitizer warning in raid_resume(CVE-2022-50085)

 RDMA/hfi1: fix potential memory leak in setup_base_ctxt()(CVE-2022-50134)

 KVM: x86/mmu: Treat NX as a valid SPTE bit for NPT(CVE-2022-50224)

 erspan: do not use skb_mac_header() in ndo_start_xmit()(CVE-2023-53053)

 qed/qed_sriov: guard against NULL derefs from qed_iov_get_vf_info(CVE-2023-53066)

 net: tunnels: annotate lockless accesses to dev-needed_headroom(CVE-2023-53109)

 tls: stop recv() if initial process_rx_list gave us non-DATA(CVE-2024-58239)

 ext4: inline: fix len overflow in ext4_prepare_inline_data(CVE-2025-38222)

 bpf: Fix WARN() in get_bpf_raw_tp_regs(CVE-2025-38285)

 mpls: Use rcu_dereference_rtnl() in mpls_route_input_rcu().(CVE-2025-38324)

 scsi: lpfc: Use memcpy() for BIOS version(CVE-2025-38332)

 ACPICA: Refuse to evaluate a method if arguments are missing(CVE-2025-38386)

 usb: typec: altmodes/displayport: do not index invalid pin_assignments(CVE-2025-38391)

 Squashfs: check return result of sb_min_blocksize(CVE-2025-38415)

 perf: Fix sample vs do_exit()(CVE-2025-38424)

 md/raid1: Fix stack memory use after return in raid1_reshape(CVE-2025-38445)

 drm/gem: Acquire references on GEM handles for framebuffers(CVE-2025-38449)

 usb: net: sierra: check for no status endpoint(CVE-2025-38474)

 net/sched: sch_qfq: Fix race condition on qfq_aggregate(CVE-2025-38477)

 HID: core: do not bypass hid_hw_raw_request(CVE-2025-38494)

 do_change_type(): refuse to operate on unmounted/not ours mounts(CVE-2025-38498)

 clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns(CVE-2025-38499)

 smb: client: fix use-after-free in cifs_oplock_break(CVE-2025-38527)

 net/packet: fix a race in packet_set_ring() and packet_notifier()(CVE-2025-38617)

 vsock: Do not allow binding to VMADDR_PORT_ANY(CVE-2025-38618)

 scsi: libiscsi: Initialize iscsi_conn-dd_data only if memory is allocated(CVE-2025-38700)

 gfs2: Validate i_depth for exhash directories(CVE-2025-38710)

 nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm()(CVE-2025-38724)

 tracing: Fix race issue between cpu buffer write and swap(CVE-2023-53368)

 NFS: Fix a race when updating an existing write(CVE-2025-39697)

 tipc: fix a null-ptr-deref in tipc_topsrv_accept(CVE-2022-50555)

 igb: Fix igb_down hung on surprise removal(CVE-2023-53148)

 ata: ahci: Match EM_MAX_SLOTS with SATA_PMP_MAX_PORTS(CVE-2022-50315)

 udf: Do not update file length for failed writes to inline files(CVE-2023-53295)

 usb: host: xhci: Fix potential memory leak in xhci_alloc_stream_info()(CVE-2022-50544)

 cacheinfo: Fix shared_cpu_map to handle shared caches at different levels(CVE-2023-53254)

 ACPICA: Add AML_NO_OPERAND_RESOLVE flag to Timer(CVE-2023-53395)

 net/tunnel: wait until all sk_user_data reader finish before releasing the sock(CVE-2022-50405)

 mtd: Fix device name leak when register device failed in add_mtd_device()(CVE-2022-50566)

 ext4: add bounds checking in get_max_inline_xattr_value_size()(CVE-2023-53285)

 x86/MCE: Always save CS register on AMD Zen IF Poison errors(CVE-2023-53438)

 drm/mipi-dsi: Detach devices when removing the host(CVE-2022-50489)

 ipv6: Fix out-of-bounds access in ipv6_find_tlv()(CVE-2023-53705)

 md/raid10: check slab-out-of-bounds in md_bitmap_get_counter(CVE-2023-53357)

 mmc: vub300: fix return value check of mmc_add_host()(CVE-2022-50251)

 xfrm: fix slab-use-after-free in decode_session6(CVE-2023-53500)

 md: fix a crash in mempool_free(CVE-2022-50381)

 posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del()(CVE-2025-38352)

 tpm: tpm_crb: Add the missed acpi_put_table() to fix memory leak(CVE-2022-50389)

 i40e: add validation for ring_len param(CVE-2025-39973)

 scsi: qla2xxx: Wait for io return on terminate rport(CVE-2023-53322)

 scsi: qla4xxx: Add length check when parsing nlattrs(CVE-2023-53456)

 ext4: avoid deadlock in fs reclaim with page writeback(CVE-2023-53149)

 kobject: Add sanity check for kset-kobj.ktype in kset_register()(CVE-2023-53480)

 PCI/ASPM: Disable ASPM on MFD function removal to avoid use-after-free(CVE-2023-53446)

 scsi: ses: Fix possible desc_ptr out-of-bounds accesses(CVE-2023-53675)

 scsi: ses: Fix slab-out-of-bounds in ses_intf_remove()(CVE-2023-53521)

 firewire: net: fix use after free in fwnet_finish_incoming_packet()(CVE-2023-53432)

 binfmt_misc: fix shift-out-of-bounds in check_special_flags(CVE-2022-50497)

 NFSD: Protect against send buffer overflow in NFSv2 READ(CVE-2022-50410)

 scsi: lpfc: Fix buffer free/clear order in deferred receive path(CVE-2025-39841)

 sctp: check send stream number after wait_for_sndbuf(CVE-2023-53296)

 mm/memory-failure: fix VM_BUG_ON_PAGE(PagePoisoned(page)) when unpoison memory(CVE-2025-39883)

 scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show()(CVE-2023-53676)

 drivers/md/md-bitmap: check the return value of md_bitmap_get_counter()(CVE-2022-50402)

 udf: Fix uninitialized array access for some pathnames(CVE-2023-53165)

 net: sched: cls_u32: Undo tcf_bind_filter if u32_replace_hw_knode(CVE-2023-53733)

 ext4: avoid crash when inline data creation follows DIO write(CVE-2022-50435)

 cifs: Fix warning and UAF when destroy the MR list(CVE-2023-53427)

 md: Replace snprintf with scnprintf (CVE-2022-50299)

 rbd: avoid use-after-free in do_rbd_add() when rbd_dev_create() fails(CVE-2023-53307)

 drivers: serial: jsm: fix some leaks in probe(CVE-2022-50312)

 md/raid10: fix null-ptr-deref of mreplace in raid10_sync_request(CVE-2023-53380)

 udf: Do not bother merging very long extents(CVE-2023-53506)

 fbdev: fix potential buffer overflow in do_register_framebuffer()(CVE-2025-38702)

 crypto: af_alg - Disallow concurrent writes in af_alg_sendmsg(CVE-2025-39964)

 ubi: ensure that VID header offset + VID header size = alloc, size(CVE-2023-53265)

 udf: Detect system inodes linked into directory hierarchy(CVE-2023-53695)

 mm/slub: avoid accessing metadata when pointer is invalid in object_err()(CVE-2025-39902)

 skbuff: Account for tail adjustment during pull operations(CVE-2022-50365)

 mmc: vub300: fix warning - do not call blocking ops when !TASK_RUNNING(CVE-2022-50430)

 icmp6: Fix null-ptr-deref of ip6_null_entry-rt6i_idev in icmp6_dev().(CVE-2023-53343)

 calipso: Fix null-ptr-deref in calipso_req_{set,del}attr().(CVE-2025-38181)

 scsi: qla2xxx: Pointer may be dereferenced(CVE-2023-53150)

 ftrace: Also allocate and copy hash for reading of filter files(CVE-2025-39689)

 firewire: fix memory leak for payload of request subaction to IEC 61883-1 FCP region(CVE-2023-52989)

 xhci: Remove device endpoints from bandwidth list when freeing the device(CVE-2022-50470)

 skbuff: skb_segment, Call zero copy functions before using skbuff frags(CVE-2023-53354)

 HID: multitouch: Correct devm device reference for hidinput input_dev name(CVE-2023-53454)

 tracing/histograms: Add histograms to hist_vars if they have referenced variables(CVE-2023-53560)

 fs: writeback: fix use-after-free in __mark_inode_dirty()(CVE-2025-39866)

 sched/fair: Don't balance task to its current running CPU(CVE-2023-53215)

 net: fix skb leak in __skb_tstamp_tx()(CVE-2023-53716)

 media: az6007: Fix null-ptr-deref in az6007_i2c_xfer()(CVE-2023-53220)

 dm integrity: call kmem_cache_destroy() in dm_integrity_init() error path(CVE-2023-53604)

 qede: confirm skb is allocated before using(CVE-2022-49084)

 serial: arc_uart: fix of_iomap leak in `arc_serial_probe`(CVE-2023-53719)

 fs: udf: fix OOB read in lengthAllocDescs handling(CVE-2025-40044)

 sctp: linearize cloned gso packets in sctp_rcv(CVE-2025-38718)

 ipvs: Defer ip_vs_ftp unregister during netns cleanup(CVE-2025-40018)

 scsi: target: iscsi: Fix a race condition between login_work and the login thread(CVE-2022-50350)

 af_unix: Fix data-races around user-unix_inflight.(CVE-2023-53204)

 scsi: target: target_core_configfs: Add length check to avoid buffer overflow(CVE-2025-39998)

 efivarfs: Fix slab-out-of-bounds in efivarfs_d_compare(CVE-2025-39817)

 scsi: qla2xxx: Remove unused nvme_ls_waitq wait queue(CVE-2023-53280)

 ubi: ubi_wl_put_peb: Fix infinite loop when wear-leveling work failed(CVE-2023-53481)

 md/raid10: fix leak of 'r10bio-remaining' for recovery(CVE-2023-53299)

 igb: Do not free q_vector unless new one was allocated(CVE-2022-50252)

 recordmcount: Fix memory leaks in the uwrite function(CVE-2023-53318)

 blk-mq: use quiesced elevator switch when reinitializing queues(CVE-2022-50552)

 cifs: fix oops during encryption(CVE-2022-50341)

 iommu/vt-d: Clean up si_domain in the init_dmars() error path(CVE-2022-50482)

 VMCI: check context-notify_page after call to get_user_pages_fast() to avoid GPF(CVE-2023-53259)

 thermal: intel_powerclamp: Use get_cpu() instead of smp_processor_id() to avoid crash(CVE-2022-50494)

 mm/swap: fix swap_info_struct race between swapoff and get_swap_pages()(CVE-2023-53623)

 pnode: terminate at peers of source(CVE-2022-50280)

 ext4: fix WARNING in mb_find_extent(CVE-2023-53317)

 ip_vti: fix potential slab-use-after-free in decode_session6(CVE-2023-53559)

 nfsd: call op_release, even when op_func returns an error(CVE-2023-53241)

 fs: dlm: fix invalid derefence of sb_lvbptr(CVE-2022-50516)

 uio_hv_generic: Let userspace take care of interrupt mask(CVE-2025-40048)

 netfilter: conntrack: Avoid nf_ct_helper_hash uses after free(CVE-2023-53619)

 posix-timers: Ensure timer ID search-loop limit is valid(CVE-2023-53728)

 Input: MT - limit max slots(CVE-2024-45008)

Tenable has extracted the preceding description block directly from the EulerOS Virtualization kernel security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected kernel packages.

See Also

http://www.nessus.org/u?ea23c01b

Plugin Details

Severity: High

ID: 297384

File Name: EulerOS_SA-2026-1172.nasl

Version: 1.1

Type: local

Published: 1/31/2026

Updated: 1/31/2026

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Critical

Score: 9.4

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5.6

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2025-39866

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 7.2

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:huawei:euleros:uvp:2.10.0, p-cpe:/a:huawei:euleros:kernel-tools-libs, p-cpe:/a:huawei:euleros:kernel-tools, p-cpe:/a:huawei:euleros:python3-perf, p-cpe:/a:huawei:euleros:kernel, p-cpe:/a:huawei:euleros:kernel-abi-stablelists

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/EulerOS/release, Host/EulerOS/rpm-list, Host/EulerOS/uvp_version

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 1/30/2026

Vulnerability Publication Date: 9/4/2021

CISA Known Exploited Vulnerability Due Dates: 9/25/2025

Reference Information

CVE: CVE-2021-47634, CVE-2021-47659, CVE-2022-49052, CVE-2022-49053, CVE-2022-49084, CVE-2022-49086, CVE-2022-49114, CVE-2022-49155, CVE-2022-49259, CVE-2022-49264, CVE-2022-49280, CVE-2022-49307, CVE-2022-49316, CVE-2022-49341, CVE-2022-49345, CVE-2022-49350, CVE-2022-49370, CVE-2022-49374, CVE-2022-49385, CVE-2022-49388, CVE-2022-49395, CVE-2022-49404, CVE-2022-49407, CVE-2022-49414, CVE-2022-49429, CVE-2022-49433, CVE-2022-49441, CVE-2022-49447, CVE-2022-49450, CVE-2022-49478, CVE-2022-49526, CVE-2022-49532, CVE-2022-49535, CVE-2022-49538, CVE-2022-49564, CVE-2022-49571, CVE-2022-49572, CVE-2022-49573, CVE-2022-49574, CVE-2022-49575, CVE-2022-49581, CVE-2022-49586, CVE-2022-49587, CVE-2022-49589, CVE-2022-49590, CVE-2022-49593, CVE-2022-49595, CVE-2022-49598, CVE-2022-49601, CVE-2022-49602, CVE-2022-49604, CVE-2022-49611, CVE-2022-49620, CVE-2022-49626, CVE-2022-49638, CVE-2022-49647, CVE-2022-49657, CVE-2022-49674, CVE-2022-49687, CVE-2022-49691, CVE-2022-49720, CVE-2022-49727, CVE-2022-49731, CVE-2022-49753, CVE-2022-49769, CVE-2022-49771, CVE-2022-49787, CVE-2022-49788, CVE-2022-49821, CVE-2022-49826, CVE-2022-49840, CVE-2022-49846, CVE-2022-49862, CVE-2022-49865, CVE-2022-49870, CVE-2022-49874, CVE-2022-49903, CVE-2022-49907, CVE-2022-49915, CVE-2022-49917, CVE-2022-49918, CVE-2022-49921, CVE-2022-49981, CVE-2022-49982, CVE-2022-49986, CVE-2022-49987, CVE-2022-49989, CVE-2022-49993, CVE-2022-50022, CVE-2022-50053, CVE-2022-50066, CVE-2022-50072, CVE-2022-50085, CVE-2022-50093, CVE-2022-50098, CVE-2022-50103, CVE-2022-50127, CVE-2022-50134, CVE-2022-50202, CVE-2022-50211, CVE-2022-50220, CVE-2022-50224, CVE-2022-50228, CVE-2022-50251, CVE-2022-50252, CVE-2022-50280, CVE-2022-50299, CVE-2022-50312, CVE-2022-50315, CVE-2022-50341, CVE-2022-50350, CVE-2022-50365, CVE-2022-50381, CVE-2022-50389, CVE-2022-50402, CVE-2022-50405, CVE-2022-50410, CVE-2022-50430, CVE-2022-50435, CVE-2022-50470, CVE-2022-50482, CVE-2022-50489, CVE-2022-50494, CVE-2022-50497, CVE-2022-50516, CVE-2022-50544, CVE-2022-50552, CVE-2022-50555, CVE-2022-50566, CVE-2023-52572, CVE-2023-52935, CVE-2023-52973, CVE-2023-52989, CVE-2023-52997, CVE-2023-53005, CVE-2023-53007, CVE-2023-53019, CVE-2023-53024, CVE-2023-53032, CVE-2023-53053, CVE-2023-53062, CVE-2023-53066, CVE-2023-53091, CVE-2023-53109, CVE-2023-53116, CVE-2023-53125, CVE-2023-53133, CVE-2023-53146, CVE-2023-53148, CVE-2023-53149, CVE-2023-53150, CVE-2023-53165, CVE-2023-53204, CVE-2023-53215, CVE-2023-53220, CVE-2023-53241, CVE-2023-53254, CVE-2023-53259, CVE-2023-53265, CVE-2023-53280, CVE-2023-53285, CVE-2023-53295, CVE-2023-53296, CVE-2023-53299, CVE-2023-53307, CVE-2023-53317, CVE-2023-53318, CVE-2023-53322, CVE-2023-53343, CVE-2023-53354, CVE-2023-53357, CVE-2023-53368, CVE-2023-53380, CVE-2023-53395, CVE-2023-53427, CVE-2023-53432, CVE-2023-53438, CVE-2023-53446, CVE-2023-53454, CVE-2023-53456, CVE-2023-53480, CVE-2023-53481, CVE-2023-53500, CVE-2023-53506, CVE-2023-53521, CVE-2023-53559, CVE-2023-53560, CVE-2023-53604, CVE-2023-53619, CVE-2023-53623, CVE-2023-53675, CVE-2023-53676, CVE-2023-53695, CVE-2023-53705, CVE-2023-53716, CVE-2023-53719, CVE-2023-53728, CVE-2023-53733, CVE-2024-45008, CVE-2024-56606, CVE-2024-56614, CVE-2024-56658, CVE-2024-56780, CVE-2024-57883, CVE-2024-57931, CVE-2024-57977, CVE-2024-57980, CVE-2024-57982, CVE-2024-57996, CVE-2024-58239, CVE-2025-21648, CVE-2025-21700, CVE-2025-21702, CVE-2025-21719, CVE-2025-21731, CVE-2025-21759, CVE-2025-21760, CVE-2025-21761, CVE-2025-21762, CVE-2025-21763, CVE-2025-21764, CVE-2025-21772, CVE-2025-21791, CVE-2025-21796, CVE-2025-21806, CVE-2025-21858, CVE-2025-21891, CVE-2025-21993, CVE-2025-21999, CVE-2025-22055, CVE-2025-22058, CVE-2025-22125, CVE-2025-23150, CVE-2025-37752, CVE-2025-37785, CVE-2025-37834, CVE-2025-37839, CVE-2025-37932, CVE-2025-37980, CVE-2025-37995, CVE-2025-38000, CVE-2025-38023, CVE-2025-38024, CVE-2025-38035, CVE-2025-38051, CVE-2025-38058, CVE-2025-38063, CVE-2025-38079, CVE-2025-38086, CVE-2025-38177, CVE-2025-38181, CVE-2025-38212, CVE-2025-38215, CVE-2025-38222, CVE-2025-38229, CVE-2025-38285, CVE-2025-38312, CVE-2025-38324, CVE-2025-38332, CVE-2025-38337, CVE-2025-38346, CVE-2025-38350, CVE-2025-38352, CVE-2025-38386, CVE-2025-38391, CVE-2025-38415, CVE-2025-38424, CVE-2025-38445, CVE-2025-38449, CVE-2025-38457, CVE-2025-38474, CVE-2025-38477, CVE-2025-38494, CVE-2025-38498, CVE-2025-38499, CVE-2025-38527, CVE-2025-38617, CVE-2025-38618, CVE-2025-38700, CVE-2025-38702, CVE-2025-38710, CVE-2025-38718, CVE-2025-38724, CVE-2025-39689, CVE-2025-39697, CVE-2025-39817, CVE-2025-39841, CVE-2025-39866, CVE-2025-39883, CVE-2025-39902, CVE-2025-39964, CVE-2025-39973, CVE-2025-39998, CVE-2025-40018, CVE-2025-40044, CVE-2025-40048