Detections
Analytics

EulerOS Virtualization 2.10.1 : kernel (EulerOS-SA-2026-2022)

high Nessus Plugin ID 319480

Synopsis

The remote EulerOS Virtualization host is missing multiple security updates.

Description

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :

 bpf, cpumap: Make sure kthread is running before map update returns(CVE-2023-53577)

 macvlan: fix error recovery in macvlan_common_newlink()(CVE-2026-23209)

 tpm: tpm_tis: Add the missed acpi_put_table() to fix memory leak(CVE-2022-50824)

 bpf: make sure skb-len != 0 when redirecting to a tunneling device(CVE-2022-50253)

 irqchip/gic-v3-its: Avoid truncating memory addresses(CVE-2026-23085)

 net: read sk-sk_family once in sk_mc_loop()(CVE-2023-53831)

 dm flakey: don't corrupt the zero page(CVE-2023-54317)

 pstore: Avoid kcore oops by vmap()ing with VM_IOREMAP(CVE-2022-50849)

 autofs: fix memory leak of waitqueues in autofs_catatonic_mode(CVE-2023-54134)

 RDMA/rxe: Fix NULL-ptr-deref in rxe_qp_do_cleanup() when socket create failed(CVE-2022-50885)

 tracing: Fix warning in trace_buffered_event_disable()(CVE-2023-54211)

 usb: rndis_host: Secure rndis_query check against int overflow(CVE-2023-54110)

 net: Fix load-tearing on sk-sk_stamp in sock_recv_cmsgs().(CVE-2023-54218)

 ipv4: route: Prevent rt_bind_exception() from rebinding stale fnhe(CVE-2025-68241)

 ip6_tunnel: use skb_vlan_inet_prepare() in __ip6_tnl_rcv()(CVE-2026-23003)

 mmc: via-sdmmc: fix return value check of mmc_add_host()(CVE-2022-50846)

 md/raid10: fix memleak for 'conf-bio_split'(CVE-2023-54123)

 md/raid10: fix memleak of md thread(CVE-2023-54294)

 ubi: Fix possible null-ptr-deref in ubi_free_volume()(CVE-2023-54087)

 net: stream: purge sk_error_queue in sk_stream_kill_queues()(CVE-2022-50838)

 af_unix: Fix data-race around unix_tot_inflight.(CVE-2023-54006)

 bpf: Address KCSAN report on bpf_lru_list(CVE-2023-54283)

 scsi: qla2xxx: Array index may go out of bound(CVE-2023-54179)

 RDMA/mlx4: Prevent shift wrapping in set_user_sq_size()(CVE-2023-54168)

 scsi: ipr: Fix WARNING in ipr_init()(CVE-2022-50850)

 scsi: libsas: Fix use-after-free bug in smp_execute_task_sg()(CVE-2022-50422)

 usb: idmouse: fix an uninit-value in idmouse_open(CVE-2022-50733)

 usb: host: ohci-ppc-of: Fix refcount leak bug(CVE-2022-50033)

 e1000: fix OOB in e1000_tbi_should_accept()(CVE-2025-71093)

 scsi: target: iscsi: Fix use-after-free in iscsit_dec_conn_usage_count()(CVE-2026-23216)

 ubi: Fix UAF wear-leveling entry in eraseblk_count_seq_show()(CVE-2023-53826)

Tenable has extracted the preceding description block directly from the EulerOS Virtualization kernel security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected kernel packages.

See Also

http://www.nessus.org/u?7b1da4f8

Plugin Details

Severity: High

ID: 319480

File Name: EulerOS_SA-2026-2022.nasl

Version: 1.1

Type: Local

Published: 6/6/2026

Updated: 6/6/2026

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2026-23216

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 6.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:huawei:euleros:kernel-tools-libs, cpe:/o:huawei:euleros:uvp:2.10.1, p-cpe:/a:huawei:euleros:kernel-tools, p-cpe:/a:huawei:euleros:python3-perf, p-cpe:/a:huawei:euleros:kernel, p-cpe:/a:huawei:euleros:kernel-abi-stablelists

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/EulerOS/release, Host/EulerOS/rpm-list, Host/EulerOS/uvp_version

Exploit Ease: No known exploits are available

Patch Publication Date: 6/1/2026

Vulnerability Publication Date: 7/21/2021

Reference Information

CVE: CVE-2022-50033, CVE-2022-50253, CVE-2022-50422, CVE-2022-50733, CVE-2022-50824, CVE-2022-50838, CVE-2022-50846, CVE-2022-50849, CVE-2022-50850, CVE-2022-50885, CVE-2023-53577, CVE-2023-53826, CVE-2023-53831, CVE-2023-54006, CVE-2023-54087, CVE-2023-54110, CVE-2023-54123, CVE-2023-54134, CVE-2023-54168, CVE-2023-54179, CVE-2023-54211, CVE-2023-54218, CVE-2023-54283, CVE-2023-54294, CVE-2023-54317, CVE-2025-68241, CVE-2025-71093, CVE-2026-23003, CVE-2026-23085, CVE-2026-23209, CVE-2026-23216