EulerOS 2.0 SP1 : kernel (EulerOS-SA-2016-1026)

High Nessus Plugin ID 99789


The remote EulerOS host is missing multiple security updates.


According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :

- It was found that the Linux kernel KVM subsystem's sysenter instruction emulation was not sufficient. An unprivileged guest user could use this flaw to escalate their privileges by tricking the hypervisor to emulate a SYSENTER instruction in 16-bit mode, if the guest OS did not initialize the SYSENTER model-specific registers (MSRs). (CVE-2015-0239)

- A flaw was found in the way the Linux kernel's perf subsystem retrieved userlevel stack traces on PowerPC systems. A local, unprivileged user could use this flaw to cause a denial of service on the system by creating a special stack layout that would force the perf_callchain_user_64() function into an infinite loop.(CVE-2015-6526)

- A flaw was found in the way the Linux kernel's ASN.1 DER decoder processed certain certificate files with tags of indefinite length. A local, unprivileged user could use a specially crafted X.509 certificate DER file to crash the system or, potentially, escalate their privileges on the system.(CVE-2016-0758)

Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.


Update the affected kernel packages.

See Also

Plugin Details

Severity: High

ID: 99789

File Name: EulerOS_SA-2016-1026.nasl

Version: $Revision: 1.3 $

Type: local

Published: 2017/05/02

Modified: 2017/05/04

Dependencies: 12634

Risk Information

Risk Factor: High


Base Score: 7.2

Temporal Score: 6

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:OF/RC:ND


Base Score: 7.8

Temporal Score: 7.2

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:X

Vulnerability Information

CPE: p-cpe:/a:huawei:euleros:kernel, p-cpe:/a:huawei:euleros:kernel-debug, p-cpe:/a:huawei:euleros:kernel-debuginfo, p-cpe:/a:huawei:euleros:kernel-debuginfo-common-x86_64, p-cpe:/a:huawei:euleros:kernel-devel, p-cpe:/a:huawei:euleros:kernel-headers, p-cpe:/a:huawei:euleros:kernel-tools, p-cpe:/a:huawei:euleros:kernel-tools-libs, p-cpe:/a:huawei:euleros:perf, p-cpe:/a:huawei:euleros:python-perf, cpe:/o:huawei:euleros:2.0

Required KB Items: Host/local_checks_enabled, Host/EulerOS/release, Host/EulerOS/rpm-list, Host/EulerOS/sp

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2016/07/08

Reference Information

CVE: CVE-2015-0239, CVE-2015-6526, CVE-2016-0758

BID: 72842

OSVDB: 117762, 126426, 138431