Detections
Analytics

EulerOS 2.0 SP13 : kernel (EulerOS-SA-2026-1244)

high Nessus Plugin ID 301595

Synopsis

The remote EulerOS host is missing multiple security updates.

Description

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :

 nvme: nvme-fc: Ensure -ioerr_work is cancelled in nvme_fc_delete_ctrl()(CVE-2025-40261)

 cifs: fix session state check in reconnect to avoid use-after-free issue(CVE-2023-53794)

 x86/apic: Don't disable x2APIC if locked(CVE-2022-50720)

 nbd: defer config unlock in nbd_genl_connect(CVE-2025-68366)

 futex: Don't leak robust_list pointer on exec race(CVE-2025-40341)

 ksm: use range-walk function to jump over holes in scan_get_next_rmap_item(CVE-2025-68211)

 binfmt_misc: restore write access before closing files opened by open_exec()(CVE-2025-68239)

 mlxsw: spectrum_mr: Fix use-after-free when updating multicast route stats(CVE-2025-68800)

 ceph: fix potential use-after-free bug when trimming caps(CVE-2023-53867)

 usb: early: xhci-dbc: Fix a potential out-of-bound memory access(CVE-2023-53840)

 nvmet-fc: avoid scheduling association deletion twice(CVE-2025-40343)

 mlxsw: spectrum_router: Fix neighbour use-after-free(CVE-2025-68801)

 crypto: safexcel - Cleanup ring IRQ workqueues on load failure(CVE-2023-54126)

 usb: uas: fix urb unmapping issue when the uas device is remove during ongoing data transfer(CVE-2025-68331)

 keys: Fix linking a duplicate key to a keyring's assoc_array(CVE-2023-54170)

 media: imon: make send_packet() more robust(CVE-2025-68194)

 scsi: qla2xxx: Clear cmds after chip reset(CVE-2025-68745)

 NFSv4/pNFS: Clear NFS_INO_LAYOUTCOMMIT in pnfs_mark_layout_stateid_invalid(CVE-2025-68349)

 nvme-multipath: fix lockdep WARN due to partition scan work(CVE-2025-68218)

 PCI/AER: Fix NULL pointer access by aer_info(CVE-2025-68309)

 fuse: fix livelock in synchronous file put from fuseblk workers(CVE-2025-40220)

 ext4: refresh inline data size before write operations(CVE-2025-68264)

 scsi: target: tcm_loop: Fix segfault in tcm_loop_tpg_address_show()(CVE-2025-68229)

 drm/vmwgfx: Validate command header size against SVGA_CMD_MAX_DATASIZE(CVE-2025-40277)

 md/raid0, raid10: Don't set discard sectors for request queue(CVE-2022-50583)

 tracing: Fix memory leak of iter-temp when reading trace_pipe(CVE-2023-54171)

 bpf: Fix invalid prog-stats access when update_effective_progs fails(CVE-2025-68742)

 vsock: Ignore signal/timeout on connect() if already established(CVE-2025-40248)

 x86/CPU/AMD: Add RDSEED fix for Zen5(CVE-2025-68313)

 of: overlay: Call of_changeset_init() early(CVE-2023-53856)

 macintosh/mac_hid: fix race condition in mac_hid_toggle_emumouse(CVE-2025-68367)

 fs/proc: fix uaf in proc_readdir_de()(CVE-2025-40271)

 ipv6/sit: use DEV_STATS_INC() to avoid data-races(CVE-2022-50764)

 timers: Fix NULL function pointer race in timer_shutdown_sync()(CVE-2025-68214)

 SUNRPC: Don't leak netobj memory when gss_read_proxy_verf() fails(CVE-2022-50821)

 x86/fpu: Ensure XFD state on signal delivery(CVE-2025-68171)

 crypto: akcipher - default implementation for setting a private key(CVE-2022-50731)

 NFSD: free copynotify stateid in nfs4_free_ol_stateid()(CVE-2025-40273)

 ima: don't clear IMA_DIGSIG flag when setting or removing non-IMA xattr(CVE-2025-68183)

 bpf: Add preempt_count_{sub,add} into btf id deny list(CVE-2023-54086)

 erofs: validate the extent length for uncompressed pclusters(CVE-2022-50746)

 smb: client: fix memory leak in cifs_construct_tcon()(CVE-2025-68295)

 bpf: Fix stackmap overflow check in __bpf_get_stackid()(CVE-2025-68378)

 arch_topology: Fix incorrect error check in topology_parse_cpu_capacity()(CVE-2025-40346)

 apparmor: fix a memleak in multi_transaction_new()(CVE-2022-50754)

 tcp: use dst_dev_rcu() in tcp_fastopen_active_disable_ofo_check()(CVE-2025-68188)

 jbd2: avoid bug_on in jbd2_journal_get_create_access() when file system corrupted(CVE-2025-68337)

 KVM: Destroy target device if coalesced MMIO unregistration fails(CVE-2023-54024)

 RDMA/rxe: Fix null deref on srq-rq.queue after resize failure(CVE-2025-68379)

 netdevsim: fix memory leak in nsim_bus_dev_new()(CVE-2022-50772)

 nvme-fc: use lock accessing port_state and rport state(CVE-2025-40342)

 bpf: Fix issue in verifying allow_ptr_leaks(CVE-2023-54181)

 RDMA/bnxt_re: Prevent handling any completions after qp destroy HW may generate completions that indicates QP is destroyed.(CVE-2023-54048)

 bpf: drop unnecessary user-triggerable WARN_ONCE in verifierl log(CVE-2023-54145)

 net/mlx5e: Move representor neigh cleanup to profile cleanup_tx(CVE-2023-54148)

 bpf: Do not let BPF test infra emit invalid GSO types to stack(CVE-2025-68725)

 tracing: Fix warning in trace_buffered_event_disable()(CVE-2023-54211)

 ext4: add i_data_sem protection in ext4_destroy_inline_data_nolock()(CVE-2025-68261)

 scsi: sg: Do not sleep in atomic context(CVE-2025-40259)

 usb: storage: Fix memory leak in USB bulk transport(CVE-2025-68288)

 NFSD: Fix crash in nfsd4_read_release()(CVE-2025-40324)

 md: fix rcu protection in md_wakeup_thread(CVE-2025-68374)

 net: atlantic: fix fragment overflow handling in RX path(CVE-2025-68301)

 net: ipv6: fix field-spanning memcpy warning in AH output(CVE-2025-40363)

 libceph: fix potential use-after-free in have_mon_and_osd_map()(CVE-2025-68285)

 sctp: prevent possible shift-out-of-bounds in sctp_transport_update_rto(CVE-2025-40281)

 bpf: Fix metadata_dst leak __bpf_redirect_neigh_v{4,6}(CVE-2025-40183)

 acct: fix potential integer overflow in encode_comp_t()(CVE-2022-50749)

 bpf: Sync pending IRQ work before freeing ring buffer(CVE-2025-40319)

 sctp: Prevent TOCTOU out-of-bounds write(CVE-2025-40331)

 page_pool: always add GFP_NOWARN for ATOMIC allocations(CVE-2025-68321)

 net: openvswitch: remove never-working support for setting nsh fields(CVE-2025-40254)

 tipc: Fix use-after-free in tipc_mon_reinit_self().(CVE-2025-40280)

 crypto: qat - fix DMA transfer direction(CVE-2022-50774)

 net: qlogic/qede: fix potential out-of-bounds read in qede_tpa_cont() and qede_tpa_end()(CVE-2025-40252)

 crypto: api - Use work queue in crypto_destroy_instance(CVE-2023-53799)

 crypto: hisilicon/hpre - fix resource leak in remove process(CVE-2022-50420)

 usb: storage: sddr55: Reject out-of-bound new_pba(CVE-2025-40345)

 audit: fix possible soft lockup in __audit_inode_child()(CVE-2023-54045)

 crypto: asymmetric_keys - prevent overflow in asymmetric_key_generate_id(CVE-2025-68724)

 crypto: hisilicon/qm - increase the memory of local variables(CVE-2022-50407)

 sctp: avoid NULL dereference when chunk data buffer is missing(CVE-2025-40240)

 usbnet: Prevents free active kevent(CVE-2025-68312)

 xfrm: delete x-tunnel as we delete x(CVE-2025-40215)

 be2net: pass wrb_params in case of OS2BMC be_insert_vlan_in_pkt() is called with the wrb_params argument being NULL at be_send_pkt_to_bmc() call site(CVE-2025-40264)

 net: netpoll: fix incorrect refcount handling causing incorrect cleanup(CVE-2025-68245)

 bpf: Explicitly check accesses to bpf_sock_addr(CVE-2025-40078)

 apparmor: Fix memleak in alloc_ns()(CVE-2022-50860)

 net: usb: qmi_wwan: initialize MAC header offset in qmimux_rx_fixup(CVE-2025-68192)

 udp_tunnel: use netdev_warn() instead of netdev_WARN()(CVE-2025-68191)

 ima: Handle error code returned by ima_filter_rule_match()(CVE-2025-68740)

 iavf: use internal state to free traffic IRQs(CVE-2023-53850)

 libceph: replace BUG_ON with bounds check for map-max_osd(CVE-2025-68283)

 ipv4: route: Prevent rt_bind_exception() from rebinding stale fnhe(CVE-2025-68241)

 KVM: x86: Fix VM hard lockup after prolonged inactivity with periodic HV timer(CVE-2025-71104)

 HID: uclogic: Correct devm device reference for hidinput input_dev name(CVE-2023-54207)

 fbcon: Set fb_display[i]-mode to NULL when the mode is released(CVE-2025-40323)

 regulator: core: Protect regulator_supply_alias_list with regulator_list_mutex(CVE-2025-68354)

 mm/smaps: fix race between smaps_hugetlb_range and migration(CVE-2025-39754)

 mm/vmscan: fix hwpoisoned large folio handling in shrink_folio_list(CVE-2025-39725)

 xsk: check IFF_UP earlier in Tx path(CVE-2023-53240)

 x86/kexec: Fix double-free of elf header buffer(CVE-2023-54146)

 netfilter: nft_ct: add seqadj extension for natted connections(CVE-2025-68206)

 skmsg: Fix wrong last sg check in sk_msg_recvmsg()(CVE-2022-49973)

 NFSD: Finish converting the NFSv2 GETACL result encoder(CVE-2022-50861)

 Drivers: hv: vmbus: Don't dereference ACPI root object handle(CVE-2023-53647)

 scsi: qla4xxx: Prevent a potential error pointer dereference(CVE-2025-39676)

 vc_screen: reload load of struct vc_data pointer in vcs_write() to avoid UAF(CVE-2023-53747)

 EDAC/i10nm: fix refcount leak in pci_get_dev_wrapper()(CVE-2022-50645)

 x86/xen: Fix memory leak in xen_init_lock_cpu()(CVE-2022-50761)

 fbdev: Add bounds checking in bit_putcs to fix vmalloc-out-of-bounds(CVE-2025-40304)

 scsi: lpfc: Prevent lpfc_debugfs_lockstat_write() buffer overflow(CVE-2023-54102)

 quota: fix warning in dqgrab()(CVE-2023-54177)

 powerpc/kprobes: Fix null pointer reference in arch_prepare_kprobe()(CVE-2022-50635)

 usb: idmouse: fix an uninit-value in idmouse_open(CVE-2022-50733)

 loop: loop_set_status_from_info() check before assignment(CVE-2023-53820)

 fbdev: bitblit: bound-check glyph index in bit_putcs*(CVE-2025-40322)

 KVM: VMX: Fix crash due to uninitialized current_vmcs(CVE-2023-53756)

 net: nsh: Use correct mac_offset to unwind gso skb in nsh_gso_segment()(CVE-2023-54114)

 netlink: annotate lockless accesses to nlk-max_recvmsg_len(CVE-2023-53824)

 exfat: use kvmalloc_array/kvfree instead of kmalloc_array/kfree(CVE-2023-54194)

 wifi: cfg80211: ocb: don't leave if not joined(CVE-2023-53992)

 media: dvb-frontends: fix leak of memory fw(CVE-2022-50664)

 wifi: ath9k: hif_usb: fix memory leak of urbs in ath9k_hif_usb_dealloc_tx_urbs()(CVE-2022-50740)

 dm flakey: fix a crash with invalid table line(CVE-2023-53786)

 net: fix stack overflow when LRO is disabled for virtual interfaces(CVE-2023-54012)

 RDMA/mlx4: Prevent shift wrapping in set_user_sq_size()(CVE-2023-54168)

 mm: /proc/pid/smaps_rollup: fix no vma's null-deref(CVE-2022-50380)

 cifs: Fix lost destroy smbd connection when MR allocate failed(CVE-2023-54260)

 wifi: mwifiex: fix memory leak in mwifiex_histogram_read()(CVE-2023-53808)

 crypto: lib/mpi - avoid null pointer deref in mpi_cmp_ui()(CVE-2023-53817)

 PCI: Fix pci_device_is_present() for VFs by checking PF(CVE-2022-50636)

 regulator: core: fix resource leak in regulator_register()(CVE-2022-50724)

 cifs: Fix xid leak in cifs_copy_file_range()(CVE-2022-50643)

 hwrng: virtio - Fix race on data_avail and actual data(CVE-2023-53998)

 scsi: hpsa: Fix possible memory leak in hpsa_init_one()(CVE-2022-50646)

 media: anysee: fix null-ptr-deref in anysee_master_xfer(CVE-2023-54093)

 skbuff: fix coalescing for page_pool fragment recycling(CVE-2022-49093)

 selinux: enable use of both GFP_KERNEL and GFP_ATOMIC in convert_context()(CVE-2022-50699)

 ipv6: ensure sane device mtu in tunnels(CVE-2022-50816)

 mmc: core: Fix kernel panic when remove non-standard SDIO card(CVE-2022-50640)

 ext4: set goal start correctly in ext4_mb_normalize_request(CVE-2023-54021)

 ubi: Fix UAF wear-leveling entry in eraseblk_count_seq_show()(CVE-2023-53826)

 scsi: qedf: Fix NULL dereference in error handling(CVE-2023-54289)

 ALSA: pcm: Fix potential data race at PCM memory allocation helpers(CVE-2023-54072)

 erofs: stop parsing non-compact HEAD index if clusterofs is invalid(CVE-2023-54132)

 RDMA/rxe: Fix ''''kernel NULL pointer dereference'''' error(CVE-2022-50671)

 netlink: annotate accesses to nlk-cb_running(CVE-2023-53853)

 net/ieee802154: don't warn zero-sized raw_sendmsg()(CVE-2022-50706)

 net/net_failover: fix txq exceeding warning(CVE-2023-54236)

 skbuff: Fix a race between coalescing and releasing SKBs(CVE-2023-53186)

 udf: Avoid double brelse() in udf_rename()(CVE-2022-50755)

 mmc: toshsd: fix return value check of mmc_add_host()(CVE-2022-50886)

 ipmi:ssif: Fix a memory leak when scanning for an adapter(CVE-2023-54064)

 btrfs: don't free qgroup space unless specified(CVE-2023-54158)

 tcp: Fix a data-race around sysctl_tcp_mtu_probe_floor.(CVE-2022-49594)

 mtd: spi-nor: Fix shift-out-of-bounds in spi_nor_set_erase_type(CVE-2023-54295)

 RDMA/hns: fix memory leak in hns_roce_alloc_mr()(CVE-2022-50662)

 tpm: tpm_tis: Add the missed acpi_put_table() to fix memory leak(CVE-2022-50824)

 pcmcia: rsrc_nonstatic: Fix memory leak in nonstatic_release_resource_db()(CVE-2023-54115)

 wifi: ath9k: hif_usb: Fix use-after-free in ath9k_hif_usb_reg_in_cb()(CVE-2022-50829)

 drm/client: Fix memory leak in drm_client_target_cloned(CVE-2023-54091)

 wifi: ath10k: add peer map clean up for peer delete in ath10k_sta_state()(CVE-2022-50880)

 ppp: associate skb with a device at tx(CVE-2022-50655)

 net/mlx5: Fix possible use-after-free in async command interface(CVE-2022-50726)

 pstore/ram: Add check for kstrdup(CVE-2023-54189)

 md/raid10: fix memleak for 'conf-bio_split'(CVE-2023-54123)

 drm/amd: Fix an out of bounds error in BIOS parser(CVE-2023-54150)

 leds: led-core: Fix refcount leak in of_led_get()(CVE-2023-54190)

 Bluetooth: L2CAP: Fix potential user-after-free(CVE-2023-54214)

 ip6_vti: fix slab-use-after-free in decode_session6(CVE-2023-53821)

 jbd2: fix potential buffer head reference count leak(CVE-2022-50839)

 ext4: fix deadlock when converting an inline directory in nojournal mode(CVE-2023-54311)

 io_uring/rw: defer fsnotify calls to task context(CVE-2022-50705)

 amba: bus: fix refcount leak(CVE-2023-54230)

 nvme-pci: fix mempool alloc size(CVE-2022-50756)

 scsi: qla2xxx: Fix DMA-API call trace on NVMe LS requests(CVE-2023-54108)

 ovl: fix null pointer dereference in ovl_get_acl_rcu()(CVE-2023-54313)

 samples/bpf: Fix fout leak in hbm's run_bpf_prog(CVE-2023-53290)

 ipmi: fix use after free in _ipmi_destroy_user()(CVE-2022-50677)

 drm: Prevent drm_copy_field() to attempt copying a NULL pointer(CVE-2022-50884)

 net/mlx5: Devcom, fix error flow in mlx5_devcom_register_device(CVE-2023-54015)

 scsi: ipr: Fix WARNING in ipr_init()(CVE-2022-50850)

 wifi: ath9k: avoid uninit memory read in ath9k_htc_rx_msg()(CVE-2022-50709)

 ext4: fix inode leak in ext4_xattr_inode_create() on an error path(CVE-2022-50845)

 shmem: use ramfs_kill_sb() for kill_sb method of ramfs-based tmpfs(CVE-2023-53391)

 arm64: mm: fix VA-range sanity check(CVE-2023-53989)

 Revert ''''Bluetooth: btsdio: fix use after free bug in btsdio_remove due to unfinished work''''(CVE-2023-54197)

 media: dvb-usb-v2: gl861: Fix null-ptr-deref in gl861_i2c_master_xfer(CVE-2023-54066)

 posix-timers: Prevent RT livelock in itimer_delete()(CVE-2023-53815)

 jbd2: add miss release buffer head in fc_do_one_pass()(CVE-2022-50835)

 regulator: core: fix unbalanced of node refcount in regulator_dev_lookup()(CVE-2022-50887)

 scsi: ses: Fix slab-out-of-bounds in ses_enclosure_data_process()(CVE-2023-53803)

 ext4: fix potential memory leak in ext4_fc_record_modified_inode()(CVE-2022-50622)

 scsi: target: iscsit: Free cmds before session free(CVE-2023-54184)

 net: fix UAF issue in nfqnl_nf_hook_drop() when ops_init() failed(CVE-2022-50780)

 net: read sk-sk_family once in sk_mc_loop()(CVE-2023-53831)

 sfc: fix crash when reading stats while NIC is resetting(CVE-2023-54156)

 usb: musb: Fix musb_gadget.c rxstate overflow bug(CVE-2022-50876)

 fbdev: fbcon: release buffer when fbcon_do_set_font() failed(CVE-2022-50404)

 iommu/amd: Fix pci device refcount leak in ppr_notifier()(CVE-2022-50505)

 net: dcb: choose correct policy to parse DCB_ATTR_BCN(CVE-2023-53369)

 inotify: Avoid reporting event with invalid wd(CVE-2023-54119)

 USB: sisusbvga: Add endpoint checks(CVE-2023-54213)

 fs: Protect reconfiguration of sb read-write from racing writes(CVE-2023-54099)

 tcp: fix a signed-integer-overflow bug in tcp_add_backlog()(CVE-2022-50865)

 cifs: Fix xid leak in cifs_ses_add_channel()(CVE-2022-50856)

 media: af9005: Fix null-ptr-deref in af9005_i2c_xfer(CVE-2023-54314)

 ext4: fix bug_on in __es_tree_search caused by bad boot loader inode(CVE-2022-50638)

 ext4: refuse to create ea block when umounted(CVE-2023-54305)

 iommu/amd: Add a length limitation for the ivrs_acpihid command-line parameter(CVE-2023-54057)

 af_unix: Fix data races around sk-sk_shutdown.(CVE-2023-54226)

 i40e: Fix DMA mappings leak(CVE-2022-50679)

 net: fix UaF in netns ops registration error path(CVE-2023-52999)

 udplite: Fix NULL pointer dereference in __sk_mem_raise_allocated().(CVE-2023-54004)

 arm64: set __exception_irq_entry with __irq_entry as a default(CVE-2023-54322)

 dm: fix a race condition in retrieve_deps(CVE-2023-54324)

 scsi: lpfc: Fix ioremap issues in lpfc_sli4_pci_mem_setup()(CVE-2023-53754)

 serial: amba-pl011: avoid SBSA UART accessing DMACR register(CVE-2022-50625)

 ext4: fix deadlock due to mbcache entry corruption(CVE-2022-50668)

 md/raid10: fix memleak of md thread(CVE-2023-54294)

 usb: rndis_host: Secure rndis_query check against int overflow(CVE-2023-54110)

 ext4: correct grp validation in ext4_mb_good_group(CVE-2023-53861)

 net: macb: fix a memory corruption in extended buffer descriptor mode(CVE-2023-54257)

 mm: hugetlb: fix UAF in hugetlb_handle_userfault(CVE-2022-50630)

 wifi: iwlwifi: pcie: fix possible NULL pointer dereference(CVE-2023-54053)

 mmc: via-sdmmc: fix return value check of mmc_add_host()(CVE-2022-50846)

 nvmet-tcp: add bounds check on Transfer Tag(CVE-2022-50717)

 blk-iocost: fix divide by 0 error in calc_lcoefs()(CVE-2023-53783)

 md/raid10: fix null-ptr-deref in raid10_sync_request(CVE-2023-53832)

 RDMA/srpt: Add a check for valid 'mad_agent' pointer(CVE-2023-54274)

 scsi: qla2xxx: Check valid rport returned by fc_bsg_to_rport()(CVE-2023-54014)

 net: Fix load-tearing on sk-sk_stamp in sock_recv_cmsgs().(CVE-2023-54218)

 devlink: report devlink_port_type_warn source device(CVE-2023-53841)

 md/raid1: stop mdx_raid1 thread when raid1 array run failed(CVE-2022-50715)

 ext4: fix invalid free tracking in ext4_xattr_move_to_block()(CVE-2023-54062)

 configfs: fix possible memory leak in configfs_create_dir()(CVE-2022-50751)

 media: tuners: qt1010: replace BUG_ON with a regular error(CVE-2023-54282)

 scsi: qedi: Fix use after free bug in qedi_remove()(CVE-2023-54100)

 ext4: turn quotas off if mount failed after enabling quotas(CVE-2023-54153)

 usb-storage: alauda: Fix uninit-value in alauda_check_media()(CVE-2023-53847)

 USB: usbtmc: Fix direction for 0-length ioctl control messages(CVE-2023-53761)

 perf/x86/intel/uncore: Fix reference count leak in snr_uncore_mmio_map()(CVE-2022-50615)

 mrp: introduce active flags to prevent UAF when applicant uninit(CVE-2022-50697)

 tty: fix out-of-bounds access in tty_driver_lookup_tty()(CVE-2023-54198)

 hwrng: amd - Fix PCI device refcount leak(CVE-2022-50868)

 netlink: do not hard code device address lenth in fdb dumps(CVE-2023-53863)

 scsi: qla2xxx: Array index may go out of bound(CVE-2023-54179)

 autofs: fix memory leak of waitqueues in autofs_catatonic_mode(CVE-2023-54134)

 net: phy: xgmiitorgmii: Fix refcount leak in xgmiitorgmii_probe(CVE-2022-50777)

 ext4: fix use-after-free in ext4_orphan_cleanup(CVE-2022-50673)

 ocfs2: fix memory leak in ocfs2_mount_volume()(CVE-2022-50770)

 Bluetooth: Fix race condition in hidp_session_thread(CVE-2023-54120)

 ext4: fix bug_on in __es_tree_search caused by bad quota inode(CVE-2022-50782)

 net: ipv4: fix one memleak in __inet_del_ifa()(CVE-2023-53995)

 ipv6: Fix an uninit variable access bug in __ip6_make_skb()(CVE-2023-54265)

 wifi: rtl8xxxu: Fix memory leaks with RTL8723BU, RTL8192EU(CVE-2023-54036)

 af_unix: Fix data-race around unix_tot_inflight.(CVE-2023-54006)

 dm flakey: don't corrupt the zero page(CVE-2023-54317)

 bcache: fixup btree_cache_wait list damage(CVE-2023-54293)

 bpf: Address KCSAN report on bpf_lru_list(CVE-2023-54283)

 vmci_host: fix a race condition in vmci_host_poll() causing GPF(CVE-2023-54007)

 cifs: Fix the error length of VALIDATE_NEGOTIATE_INFO message(CVE-2022-50859)

 net: do not allow gso_size to be set to GSO_BY_FRAGS(CVE-2023-54051)

 ubi: Fix possible null-ptr-deref in ubi_free_volume()(CVE-2023-54087)

 media: dvb-usb: fix memory leak in dvb_usb_adapter_init()(CVE-2022-50626)

 RDMA/core: Fix GID entry ref leak when create_ah fails(CVE-2023-54003)

 dm integrity: Fix UAF in dm_integrity_dtr()(CVE-2022-50889)

 net: stream: purge sk_error_queue in sk_stream_kill_queues()(CVE-2022-50838)

 power: supply: fix null pointer dereferencing in power_supply_get_battery_info(CVE-2022-50276)

 tcp_bpf: Call sk_msg_free() when tcp_bpf_send_verdict() fails to allocate psock-cork.(CVE-2025-39913)

 fs/ntfs3: Validate data run offset(CVE-2022-50507)

 drm/i915: Make intel_get_crtc_new_encoder() less oopsy(CVE-2023-53571)

 mm/compaction: fix UBSAN shift-out-of-bounds warning(CVE-2025-21815)

 netfilter: xt_nfacct: don't assume acct name is null-terminated(CVE-2025-38639)

 ACPICA: Fix use-after-free in acpi_ut_copy_ipackage_to_ipackage()(CVE-2022-50423)

 scsi: core: Fix possible memory leak if device_add() fails(CVE-2023-53174)

 NFSD: Fix potential use-after-free in nfsd_file_put()(CVE-2022-49362)

 netfilter: nf_reject: don't leak dst refcount for loopback packets(CVE-2025-38732)

 NFSD: fix leaked reference count of nfsd4_ssc_umount_item(CVE-2023-53381)

 NFSv4.2 fix problems with __nfs42_ssc_open(CVE-2022-50006)

 tcp/udp: Fix memleaks of sk and zerocopy skbs with TX timestamp.(CVE-2023-53489)

 Squashfs: fix uninit-value in squashfs_get_parent(CVE-2025-40049)

 ACPI: CPPC: Make rmw_lock a raw_spin_lock(CVE-2024-50249)

 tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request().(CVE-2025-40186)

 bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls(CVE-2025-38608)

 netfilter: conntrack: dccp: copy entire header to stack buffer, not just basic one(CVE-2023-53333)

 ACPI: video: Fix use-after-free in acpi_video_switch_brightness()(CVE-2025-40211)

 media: b2c2: Fix use-after-free causing by irq_check_work in flexcop_pci_remove(CVE-2025-39996)

 scsi: ses: Handle enclosure with just a primary component gracefully(CVE-2023-53431)

 sctp: fix a potential overflow in sctp_ifwdtsn_skip(CVE-2023-53372)

 watchdog: Fix kmemleak in watchdog_cdev_register(CVE-2023-53234)

 pstore/ram: Check start of empty przs during init(CVE-2023-53331)

 eventpoll: Fix semi-unbounded recursion(CVE-2025-38614)

 ext4: fix potential memory leak in ext4_fc_record_regions()(CVE-2022-50512)

 jbd2: check 'jh-b_transaction' before removing it from checkpoint(CVE-2023-53526)

 ipv6: use RCU in ip6_xmit()(CVE-2025-40135)

 netfilter: ctnetlink: remove refcounting in expectation dumpers(CVE-2025-39764)

 io_uring/af_unix: defer registered files gc to io_uring release(CVE-2022-50234)

 netfilter: nft_objref: validate objref and objrefmap expressions(CVE-2025-40206)

 netfilter: nft_set_rbtree: fix null deref on element insertion(CVE-2023-53566)

 cifs: parse_dfs_referrals: prevent oob on malformed input(CVE-2025-40099)

 iommu: Fix error unwind in iommu_group_alloc()(CVE-2023-53482)

 net: phy: mscc: Fix memory leak when using one step timestamping(CVE-2025-38148)

 vxlan: Fix nexthop hash size(CVE-2023-53192)

 RDMA/hns: Fix double destruction of rsv_qp(CVE-2025-38582)

 nbd: fix uaf in nbd_open(CVE-2023-52837)

 nfsd: fix RELEASE_LOCKOWNER(CVE-2024-26629)

 nfs: Clean up /proc/net/rpc/nfs when nfs_fs_proc_net_init() fails.(CVE-2025-38400)

 netfilter: nft_set_rbtree: fix overlap expiration walk(CVE-2023-53304)

 net: dlink: handle copy_thresh allocation failure(CVE-2025-40053)

 net: rfkill: gpio: Fix crash due to dereferencering uninitialized pointer(CVE-2025-39937)

 bpf: Reject narrower access to pointer ctx fields(CVE-2025-38591)

 netfilter: nf_tables: do not ignore genmask when looking up chain by id(CVE-2023-53492)

 Squashfs: reject negative file sizes in squashfs_read_inode()(CVE-2025-40200)

 netfilter: ctnetlink: fix refcount leak on table dump(CVE-2025-38721)

 tipc: do not update mtu if msg_max is too small in mtu negotiation(CVE-2023-53517)

 NFS: Fix a potential data corruption(CVE-2023-53711)

 net: openvswitch: fix race on port output(CVE-2023-53188)

 netfilter: br_netfilter: do not check confirmed bit in br_nf_local_in() after confirm(CVE-2025-39894)

 net: gso: Forbid IPv6 TSO with extensions on devices with only IPV6_CSUM(CVE-2025-39770)

 block, bfq: fix uaf for bfqq in bfq_exit_icq_bfqq(CVE-2022-50329)

 nfsd: Initialize ssc before laundromat_work to prevent NULL dereference(CVE-2025-38231)

 iommu/amd: Avoid stack buffer overflow from kernel cmdline(CVE-2025-38676)

 regulator: core: Prevent integer underflow(CVE-2022-50582)

 cifs: fix DFS traversal oops without CONFIG_CIFS_DFS_UPCALL(CVE-2023-53246)

 Revert ''''smb: client: fix TCP timers deadlock after rmmod''''(CVE-2025-22077)

 lwt: Fix return values of BPF xmit ops(CVE-2023-53338)

 MIPS: cpuinfo: Fix a warning for CONFIG_CPUMASK_OFFSTACK(CVE-2022-50210)

 PNP: fix name memory leak in pnp_alloc_dev()(CVE-2022-50278)

 scsi: storvsc: Fix handling of virtual Fibre Channel timeouts(CVE-2023-53245)

 block: avoid possible overflow for chunk_sectors check in blk_stack_limits()(CVE-2025-39795)

 clk: samsung: Fix memory leak in _samsung_clk_register_pll()(CVE-2022-50449)

 md/raid10: prevent soft lockup while flush writes(CVE-2023-53151)

 ipv6: fix possible infinite loop in fib6_info_uses_dev()(CVE-2025-38587)

 crypto: hisilicon/qm - request reserved interrupt for virtual function(CVE-2025-40136)

 net: usb: Remove disruptive netif_wake_queue in rtl8150_set_multicast(CVE-2025-40140)

 blk-throttle: prevent overflow while calculating wait time(CVE-2022-50580)

 net: vlan: fix VLAN 0 refcount imbalance of toggling filtering during runtime(CVE-2025-38470)

 Drivers: vmbus: Check for channel allocation before looking up relids(CVE-2023-53273)

 bpf: make sure skb-len != 0 when redirecting to a tunneling device(CVE-2022-50253)

 blk-iocost: use spin_lock_irqsave in adjust_inuse_and_calc_cost(CVE-2023-53730)

 media: v4l2-mem2mem: add lock to protect parameter num_rdy(CVE-2023-53519)

 mmc: rtsx_usb_sdmmc: fix return value check of mmc_add_host()(CVE-2022-50347)

 net/ip6_tunnel: Prevent perpetual tunnel growth(CVE-2025-40173)

 scsi: iscsi_tcp: Check that sock is valid before iscsi_set_param()(CVE-2023-53464)

 tipc: fix an information leak in tipc_topsrv_kern_subscr(CVE-2022-50531)

 mm: zswap: fix crypto_free_acomp() deadlock in zswap_cpu_comp_dead()(CVE-2025-22030)

 netlink: avoid infinite retry looping in netlink_unicast()(CVE-2025-38727)

 xfs: do not propagate ENODATA disk errors into xattr code(CVE-2025-39835)

 blk-mq: fix possible memleak when register 'hctx' failed(CVE-2022-50434)

 dma-buf: insert memory barrier before updating num_fences(CVE-2025-38095)

 md/raid10: fix wrong setting of max_corr_read_errors(CVE-2023-53313)

 netfilter: nf_tables: do not allow CHAIN_ID to refer to another table(CVE ...

 Please note that the description has been truncated due to length. Please refer to vendor advisory for the full description.

Tenable has extracted the preceding description block directly from the EulerOS kernel security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected kernel packages.

See Also

http://www.nessus.org/u?8205cb37

Plugin Details

Severity: High

ID: 301595

File Name: EulerOS_SA-2026-1244.nasl

Version: 1.1

Type: local

Published: 3/10/2026

Updated: 3/10/2026

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5.3

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2025-40149

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 7

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:huawei:euleros:kernel-tools-libs, p-cpe:/a:huawei:euleros:bpftool, p-cpe:/a:huawei:euleros:kernel-tools, p-cpe:/a:huawei:euleros:kernel, p-cpe:/a:huawei:euleros:python3-perf, p-cpe:/a:huawei:euleros:kernel-abi-stablelists, cpe:/o:huawei:euleros:2.0

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/EulerOS/release, Host/EulerOS/rpm-list, Host/EulerOS/sp

Excluded KB Items: Host/EulerOS/uvp_version

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 3/10/2026

Vulnerability Publication Date: 7/21/2021

Reference Information

CVE: CVE-2022-49093, CVE-2022-49362, CVE-2022-49594, CVE-2022-49634, CVE-2022-49777, CVE-2022-49970, CVE-2022-49973, CVE-2022-50006, CVE-2022-50091, CVE-2022-50159, CVE-2022-50191, CVE-2022-50210, CVE-2022-50212, CVE-2022-50226, CVE-2022-50234, CVE-2022-50253, CVE-2022-50259, CVE-2022-50276, CVE-2022-50278, CVE-2022-50302, CVE-2022-50329, CVE-2022-50347, CVE-2022-50380, CVE-2022-50404, CVE-2022-50407, CVE-2022-50409, CVE-2022-50420, CVE-2022-50423, CVE-2022-50434, CVE-2022-50449, CVE-2022-50453, CVE-2022-50460, CVE-2022-50505, CVE-2022-50507, CVE-2022-50512, CVE-2022-50531, CVE-2022-50580, CVE-2022-50582, CVE-2022-50583, CVE-2022-50615, CVE-2022-50622, CVE-2022-50625, CVE-2022-50626, CVE-2022-50630, CVE-2022-50635, CVE-2022-50636, CVE-2022-50638, CVE-2022-50640, CVE-2022-50643, CVE-2022-50645, CVE-2022-50646, CVE-2022-50655, CVE-2022-50662, CVE-2022-50664, CVE-2022-50668, CVE-2022-50671, CVE-2022-50673, CVE-2022-50677, CVE-2022-50679, CVE-2022-50697, CVE-2022-50699, CVE-2022-50705, CVE-2022-50706, CVE-2022-50709, CVE-2022-50715, CVE-2022-50717, CVE-2022-50720, CVE-2022-50724, CVE-2022-50726, CVE-2022-50731, CVE-2022-50733, CVE-2022-50740, CVE-2022-50746, CVE-2022-50749, CVE-2022-50751, CVE-2022-50754, CVE-2022-50755, CVE-2022-50756, CVE-2022-50761, CVE-2022-50764, CVE-2022-50770, CVE-2022-50772, CVE-2022-50774, CVE-2022-50777, CVE-2022-50780, CVE-2022-50782, CVE-2022-50816, CVE-2022-50821, CVE-2022-50824, CVE-2022-50829, CVE-2022-50835, CVE-2022-50838, CVE-2022-50839, CVE-2022-50845, CVE-2022-50846, CVE-2022-50850, CVE-2022-50856, CVE-2022-50859, CVE-2022-50860, CVE-2022-50861, CVE-2022-50865, CVE-2022-50868, CVE-2022-50876, CVE-2022-50880, CVE-2022-50884, CVE-2022-50886, CVE-2022-50887, CVE-2022-50889, CVE-2023-52837, CVE-2023-52999, CVE-2023-53083, CVE-2023-53151, CVE-2023-53174, CVE-2023-53186, CVE-2023-53188, CVE-2023-53192, CVE-2023-53217, CVE-2023-53234, CVE-2023-53240, CVE-2023-53245, CVE-2023-53246, CVE-2023-53273, CVE-2023-53290, CVE-2023-53304, CVE-2023-53313, CVE-2023-53331, CVE-2023-53333, CVE-2023-53338, CVE-2023-53369, CVE-2023-53372, CVE-2023-53381, CVE-2023-53391, CVE-2023-53431, CVE-2023-53461, CVE-2023-53464, CVE-2023-53482, CVE-2023-53489, CVE-2023-53492, CVE-2023-53517, CVE-2023-53519, CVE-2023-53525, CVE-2023-53526, CVE-2023-53566, CVE-2023-53571, CVE-2023-53593, CVE-2023-53596, CVE-2023-53597, CVE-2023-53606, CVE-2023-53615, CVE-2023-53623, CVE-2023-53647, CVE-2023-53711, CVE-2023-53712, CVE-2023-53730, CVE-2023-53731, CVE-2023-53747, CVE-2023-53754, CVE-2023-53756, CVE-2023-53761, CVE-2023-53783, CVE-2023-53786, CVE-2023-53794, CVE-2023-53799, CVE-2023-53803, CVE-2023-53808, CVE-2023-53815, CVE-2023-53817, CVE-2023-53820, CVE-2023-53821, CVE-2023-53824, CVE-2023-53826, CVE-2023-53831, CVE-2023-53832, CVE-2023-53840, CVE-2023-53841, CVE-2023-53847, CVE-2023-53850, CVE-2023-53853, CVE-2023-53856, CVE-2023-53861, CVE-2023-53863, CVE-2023-53867, CVE-2023-53989, CVE-2023-53992, CVE-2023-53995, CVE-2023-53998, CVE-2023-54003, CVE-2023-54004, CVE-2023-54006, CVE-2023-54007, CVE-2023-54012, CVE-2023-54014, CVE-2023-54015, CVE-2023-54021, CVE-2023-54024, CVE-2023-54036, CVE-2023-54045, CVE-2023-54048, CVE-2023-54051, CVE-2023-54053, CVE-2023-54057, CVE-2023-54062, CVE-2023-54064, CVE-2023-54066, CVE-2023-54072, CVE-2023-54086, CVE-2023-54087, CVE-2023-54091, CVE-2023-54093, CVE-2023-54099, CVE-2023-54100, CVE-2023-54102, CVE-2023-54108, CVE-2023-54110, CVE-2023-54114, CVE-2023-54115, CVE-2023-54119, CVE-2023-54120, CVE-2023-54123, CVE-2023-54126, CVE-2023-54132, CVE-2023-54134, CVE-2023-54145, CVE-2023-54146, CVE-2023-54148, CVE-2023-54150, CVE-2023-54153, CVE-2023-54156, CVE-2023-54158, CVE-2023-54168, CVE-2023-54170, CVE-2023-54171, CVE-2023-54177, CVE-2023-54179, CVE-2023-54181, CVE-2023-54184, CVE-2023-54189, CVE-2023-54190, CVE-2023-54194, CVE-2023-54197, CVE-2023-54198, CVE-2023-54207, CVE-2023-54211, CVE-2023-54213, CVE-2023-54214, CVE-2023-54218, CVE-2023-54226, CVE-2023-54230, CVE-2023-54236, CVE-2023-54257, CVE-2023-54260, CVE-2023-54265, CVE-2023-54274, CVE-2023-54282, CVE-2023-54283, CVE-2023-54289, CVE-2023-54293, CVE-2023-54294, CVE-2023-54295, CVE-2023-54305, CVE-2023-54311, CVE-2023-54313, CVE-2023-54314, CVE-2023-54317, CVE-2023-54322, CVE-2023-54324, CVE-2024-26629, CVE-2024-50121, CVE-2024-50249, CVE-2024-53136, CVE-2025-21795, CVE-2025-21815, CVE-2025-21924, CVE-2025-22030, CVE-2025-22077, CVE-2025-37871, CVE-2025-38037, CVE-2025-38095, CVE-2025-38148, CVE-2025-38231, CVE-2025-38400, CVE-2025-38470, CVE-2025-38488, CVE-2025-38572, CVE-2025-38582, CVE-2025-38587, CVE-2025-38588, CVE-2025-38591, CVE-2025-38608, CVE-2025-38614, CVE-2025-38639, CVE-2025-38676, CVE-2025-38721, CVE-2025-38727, CVE-2025-38732, CVE-2025-39676, CVE-2025-39713, CVE-2025-39725, CVE-2025-39754, CVE-2025-39763, CVE-2025-39764, CVE-2025-39770, CVE-2025-39795, CVE-2025-39808, CVE-2025-39812, CVE-2025-39823, CVE-2025-39835, CVE-2025-39894, CVE-2025-39913, CVE-2025-39937, CVE-2025-39965, CVE-2025-39972, CVE-2025-39996, CVE-2025-40006, CVE-2025-40049, CVE-2025-40053, CVE-2025-40062, CVE-2025-40078, CVE-2025-40099, CVE-2025-40103, CVE-2025-40111, CVE-2025-40125, CVE-2025-40135, CVE-2025-40136, CVE-2025-40140, CVE-2025-40149, CVE-2025-40158, CVE-2025-40170, CVE-2025-40171, CVE-2025-40173, CVE-2025-40183, CVE-2025-40186, CVE-2025-40187, CVE-2025-40190, CVE-2025-40200, CVE-2025-40204, CVE-2025-40206, CVE-2025-40211, CVE-2025-40215, CVE-2025-40220, CVE-2025-40240, CVE-2025-40248, CVE-2025-40252, CVE-2025-40254, CVE-2025-40259, CVE-2025-40261, CVE-2025-40264, CVE-2025-40271, CVE-2025-40273, CVE-2025-40277, CVE-2025-40280, CVE-2025-40281, CVE-2025-40304, CVE-2025-40319, CVE-2025-40322, CVE-2025-40323, CVE-2025-40324, CVE-2025-40331, CVE-2025-40341, CVE-2025-40342, CVE-2025-40343, CVE-2025-40345, CVE-2025-40346, CVE-2025-40363, CVE-2025-68171, CVE-2025-68183, CVE-2025-68188, CVE-2025-68191, CVE-2025-68192, CVE-2025-68194, CVE-2025-68206, CVE-2025-68211, CVE-2025-68214, CVE-2025-68218, CVE-2025-68229, CVE-2025-68239, CVE-2025-68241, CVE-2025-68245, CVE-2025-68261, CVE-2025-68264, CVE-2025-68283, CVE-2025-68285, CVE-2025-68288, CVE-2025-68295, CVE-2025-68301, CVE-2025-68309, CVE-2025-68312, CVE-2025-68313, CVE-2025-68321, CVE-2025-68331, CVE-2025-68337, CVE-2025-68349, CVE-2025-68354, CVE-2025-68366, CVE-2025-68367, CVE-2025-68374, CVE-2025-68378, CVE-2025-68379, CVE-2025-68724, CVE-2025-68725, CVE-2025-68740, CVE-2025-68742, CVE-2025-68745, CVE-2025-68800, CVE-2025-68801, CVE-2025-71104