Detections
Analytics

EulerOS 2.0 SP10 : kernel (EulerOS-SA-2026-1339)

high Nessus Plugin ID 302380

Synopsis

The remote EulerOS host is missing multiple security updates.

Description

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :

 media: v4l2-mem2mem: add lock to protect parameter num_rdy(CVE-2023-53519)

 md: Replace snprintf with scnprintf(CVE-2022-50299)

 mm/vmscan: don't try to reclaim hwpoison folio(CVE-2025-37834)

 ubi: Fix unreferenced object reported by kmemleak in ubi_resize_volume()(CVE-2023-53271)

 md/raid10: fix wrong setting of max_corr_read_errors(CVE-2023-53313)

 scsi: target: target_core_configfs: Add length check to avoid buffer overflow(CVE-2025-39998)

 loop: Avoid updating block size under exclusive owner(CVE-2025-38709)

 mm/memory-failure: fix VM_BUG_ON_PAGE(PagePoisoned(page)) when unpoison memory(CVE-2025-39883)

 scsi: qla4xxx: Prevent a potential error pointer dereference(CVE-2025-39676)

 NFS: Fix a race when updating an existing write(CVE-2025-39697)

 scsi: ses: Fix possible addl_desc_ptr out-of-bounds accesses(CVE-2023-7324)

 efivarfs: Fix slab-out-of-bounds in efivarfs_d_compare(CVE-2025-39817)

 dm raid: fix address sanitizer warning in raid_resume(CVE-2022-50085)

 usb-storage: alauda: Fix uninit-value in alauda_check_media()(CVE-2023-53847)

 mm/vmscan: fix hwpoisoned large folio handling in shrink_folio_list(CVE-2025-39725)

 md/raid10: fix null-ptr-deref of mreplace in raid10_sync_request(CVE-2023-53380)

 md/raid10: check slab-out-of-bounds in md_bitmap_get_counter(CVE-2023-53357)

 net: sched: cls_u32: Undo tcf_bind_filter if u32_replace_hw_knode(CVE-2023-53733)

 fs: quota: create dedicated workqueue for quota_release_work(CVE-2025-40196)

 partitions: mac: fix handling of bogus partition table(CVE-2025-21772)

 HID: hidraw: fix memory leak in hidraw_release()(CVE-2022-49981)

 pid: Add a judgment for ns null in pid_nr_ns(CVE-2025-40178)

 libceph: fix potential use-after-free in have_mon_and_osd_map()(CVE-2025-68285)

 watchdog: Fix kmemleak in watchdog_cdev_register(CVE-2023-53234)

 drivers/md/md-bitmap: check the return value of md_bitmap_get_counter()(CVE-2022-50402)

 PNP: fix name memory leak in pnp_alloc_dev()(CVE-2022-50278)

 ipvs: Defer ip_vs_ftp unregister during netns cleanup(CVE-2025-40018)

 nbd: Fix hung when signal interrupts nbd_start_device_ioctl()(CVE-2022-50314)

 igb: Do not free q_vector unless new one was allocated(CVE-2022-50252)

 ubi: ubi_wl_put_peb: Fix infinite loop when wear-leveling work failed(CVE-2023-53481)

 cacheinfo: Fix shared_cpu_map to handle shared caches at different levels(CVE-2023-53254)

 scsi: mpt3sas: Fix crash in transport port remove by using ioc_info()(CVE-2025-40115)

 scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show()(CVE-2023-53676)

 NFSv4/pNFS: Clear NFS_INO_LAYOUTCOMMIT in pnfs_mark_layout_stateid_invalid(CVE-2025-68349)

 net: hns: fix possible memory leak in hnae_ae_register()(CVE-2022-50352)

 md: call __md_stop_writes in md_stop(CVE-2022-49987)

 net/packet: fix a race in packet_set_ring() and packet_notifier()(CVE-2025-38617)

 regulator: of: Fix refcount leak bug in of_get_regulation_constraints()(CVE-2022-50191)

 ubi: Fix use-after-free when volume resizing failed(CVE-2023-53800)

 HID: multitouch: Correct devm device reference for hidinput input_dev name(CVE-2023-53454)

 ipv6: reject malicious packets in ipv6_gso_segment()(CVE-2025-38572)

 md/raid10: fix leak of 'r10bio-remaining' for recovery(CVE-2023-53299)

 scsi: qla2xxx: Wait for io return on terminate rport(CVE-2023-53322)

 udf: Detect system inodes linked into directory hierarchy(CVE-2023-53695)

 igb: Fix igb_down hung on surprise removal(CVE-2023-53148)

 cifs: Fix warning and UAF when destroy the MR list(CVE-2023-53427)

 scsi: ses: Fix slab-out-of-bounds in ses_enclosure_data_process()(CVE-2023-53803)

 ubi: ensure that VID header offset + VID header size = alloc, size(CVE-2023-53265)

 fs/proc: fix uaf in proc_readdir_de()(CVE-2025-40271)

 firmware: arm_scpi: Ensure scpi_info is not assigned if the probe fails(CVE-2022-50087)

 md-raid10: fix KASAN warning(CVE-2022-50211)

 scsi: ses: Fix possible desc_ptr out-of-bounds accesses(CVE-2023-53675)

 mmc: core: Fix kernel panic when remove non-standard SDIO card(CVE-2022-50640)

 nfs: handle failure of nfs_get_lock_context in unlock path(CVE-2025-38023)

 udf: Do not update file length for failed writes to inline files(CVE-2023-53295)

 RDMA/rxe: Fix slab-use-after-free Read in rxe_queue_cleanup bug(CVE-2025-38024)

 sctp: check send stream number after wait_for_sndbuf(CVE-2023-53296)

 net/sched: sch_qfq: Fix race condition on qfq_aggregate(CVE-2025-38477)

 RDMA/rxe: Fix 'kernel NULL pointer dereference' error(CVE-2022-50671)

 i40e: add validation for ring_len param(CVE-2025-39973)

 md/raid1: Fix stack memory use after return in raid1_reshape(CVE-2025-38445)

 Squashfs: check return result of sb_min_blocksize(CVE-2025-38415)

 net/tunnel: wait until all sk_user_data reader finish before releasing the sock(CVE-2022-50405)

 ip6_vti: fix slab-use-after-free in decode_session6(CVE-2023-53821)

 af_unix: Fix data-races around user-unix_inflight.(CVE-2023-53204)

 RDMA/rxe: Fix error unwind in rxe_create_qp()(CVE-2022-50127)

 __legitimize_mnt(): check for MNT_SYNC_UMOUNT should be under mount_lock(CVE-2025-38058)

 NFSD: Protect against send buffer overflow in NFSv2 READ(CVE-2022-50410)

 scsi: hpsa: Fix possible memory leak in hpsa_init_one()(CVE-2022-50646)

 sctp: handle the error returned from sctp_auth_asoc_init_active_key(CVE-2022-50243)

 vsock: Do not allow binding to VMADDR_PORT_ANY(CVE-2025-38618)

 smb: client: Fix use-after-free in cifs_fill_dirent(CVE-2025-38051)

 scsi: libiscsi: Initialize iscsi_conn-dd_data only if memory is allocated(CVE-2025-38700)

 sctp: fix a potential overflow in sctp_ifwdtsn_skip(CVE-2023-53372)

 pstore/ram: Check start of empty przs during init(CVE-2023-53331)

 clk: samsung: Fix memory leak in _samsung_clk_register_pll()(CVE-2022-50449)

 md/raid10: prevent soft lockup while flush writes(CVE-2023-53151)

 nfsd: call op_release, even when op_func returns an error(CVE-2023-53241)

 cifs: Release folio lock on fscache read hit.(CVE-2023-53593)

 net: bridge: fix soft lockup in br_multicast_query_expired()(CVE-2025-39773)

 cifs: fix small mempool leak in SMB2_negotiate()(CVE-2022-49938)

 dm raid: fix address sanitizer warning in raid_status(CVE-2022-50084)

 nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm()(CVE-2025-38724)

 scsi: qla2xxx: Check valid rport returned by fc_bsg_to_rport()(CVE-2023-54014)

 block: fix resource leak in blk_register_queue() error path(CVE-2025-37980)

 drm/client: Fix memory leak in drm_client_target_cloned(CVE-2023-54091)

 dm flakey: fix a crash with invalid table line(CVE-2023-53786)

 crypto: lib/mpi - avoid null pointer deref in mpi_cmp_ui()(CVE-2023-53817)

 hwrng: virtio - Fix race on data_avail and actual data(CVE-2023-53998)

 sched/fair: Don't balance task to its current running CPU(CVE-2023-53215)

 ppp: associate skb with a device at tx(CVE-2022-50655)

 fbdev: bitblit: bound-check glyph index in bit_putcs*(CVE-2025-40322)

 acct: fix potential integer overflow in encode_comp_t()(CVE-2022-50749)

 udf: Avoid double brelse() in udf_rename()(CVE-2022-50755)

 tee: add overflow check in register_shm_helper()(CVE-2022-50080)

 drm: Prevent drm_copy_field() to attempt copying a NULL pointer(CVE-2022-50884)

 crypto: api - Use work queue in crypto_destroy_instance(CVE-2023-53799)

 mm/swap: fix swap_info_struct race between swapoff and get_swap_pages()(CVE-2023-53623)

Tenable has extracted the preceding description block directly from the EulerOS kernel security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected kernel packages.

See Also

http://www.nessus.org/u?92a421a4

Plugin Details

Severity: High

ID: 302380

File Name: EulerOS_SA-2026-1339.nasl

Version: 1.1

Type: local

Published: 3/16/2026

Updated: 3/16/2026

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2025-38724

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 6.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:huawei:euleros:kernel-tools-libs, p-cpe:/a:huawei:euleros:kernel-tools, p-cpe:/a:huawei:euleros:python3-perf, p-cpe:/a:huawei:euleros:kernel, p-cpe:/a:huawei:euleros:kernel-abi-stablelists, cpe:/o:huawei:euleros:2.0

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/EulerOS/release, Host/EulerOS/rpm-list, Host/EulerOS/sp

Excluded KB Items: Host/EulerOS/uvp_version

Exploit Ease: No known exploits are available

Patch Publication Date: 3/16/2026

Vulnerability Publication Date: 7/21/2021

Reference Information

CVE: CVE-2022-49938, CVE-2022-49981, CVE-2022-49987, CVE-2022-50080, CVE-2022-50084, CVE-2022-50085, CVE-2022-50087, CVE-2022-50127, CVE-2022-50191, CVE-2022-50211, CVE-2022-50243, CVE-2022-50252, CVE-2022-50278, CVE-2022-50299, CVE-2022-50314, CVE-2022-50352, CVE-2022-50402, CVE-2022-50405, CVE-2022-50410, CVE-2022-50449, CVE-2022-50640, CVE-2022-50646, CVE-2022-50655, CVE-2022-50671, CVE-2022-50749, CVE-2022-50755, CVE-2022-50884, CVE-2023-53148, CVE-2023-53151, CVE-2023-53204, CVE-2023-53215, CVE-2023-53234, CVE-2023-53241, CVE-2023-53254, CVE-2023-53265, CVE-2023-53271, CVE-2023-53295, CVE-2023-53296, CVE-2023-53299, CVE-2023-53313, CVE-2023-53322, CVE-2023-53331, CVE-2023-53357, CVE-2023-53372, CVE-2023-53380, CVE-2023-53427, CVE-2023-53454, CVE-2023-53481, CVE-2023-53519, CVE-2023-53593, CVE-2023-53623, CVE-2023-53675, CVE-2023-53676, CVE-2023-53695, CVE-2023-53733, CVE-2023-53786, CVE-2023-53799, CVE-2023-53800, CVE-2023-53803, CVE-2023-53817, CVE-2023-53821, CVE-2023-53847, CVE-2023-53998, CVE-2023-54014, CVE-2023-54091, CVE-2023-7324, CVE-2025-21772, CVE-2025-37834, CVE-2025-37980, CVE-2025-38023, CVE-2025-38024, CVE-2025-38051, CVE-2025-38058, CVE-2025-38415, CVE-2025-38445, CVE-2025-38477, CVE-2025-38572, CVE-2025-38617, CVE-2025-38618, CVE-2025-38700, CVE-2025-38709, CVE-2025-38724, CVE-2025-39676, CVE-2025-39697, CVE-2025-39725, CVE-2025-39773, CVE-2025-39817, CVE-2025-39883, CVE-2025-39973, CVE-2025-39998, CVE-2025-40018, CVE-2025-40115, CVE-2025-40178, CVE-2025-40196, CVE-2025-40271, CVE-2025-40322, CVE-2025-68285, CVE-2025-68349