Detections
Analytics
EulerOS 2.0 SP10 : kernel (EulerOS-SA-2024-2888)
high Nessus Plugin ID 210643
Synopsis
The remote EulerOS host is missing multiple security updates.Description
According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :scsi: qedi: Fix crash while reading debugfs attribute(CVE-2024-40978)
drm/ nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_ld_modes(CVE-2024-41095)
drm/ nouveau/debugfs: fix file release memory leak(CVE-2021-47423)
USB: serial: mos7840: fix crash on resume(CVE-2024-42244)
NFSD: Fix ia_size underflow(CVE-2022-48828)
xhci: Fix command ring pointer corruption while aborting a command(CVE-2021-47434)
ata: libata-core: Fix double free on error(CVE-2024-41087)
xfs: add bounds checking to xlog_recover_process_data(CVE-2024-41014)
ftruncate: pass a signed offset(CVE-2024-42084)
ext4: check dot and dotdot of dx_root before making dir indexed(CVE-2024-42305)
ext4: make sure the first directory block is not a hole(CVE-2024-42304)
leds: trigger: Unregister sysfs attributes before calling deactivate()(CVE-2024-43830)
Revert 'mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again'(CVE-2024-42102)
filelock: Remove locks reliably when fcntl/close race is detected(CVE-2024-41012)
filelock: Fix fcntl/close race recovery compat path(CVE-2024-41020)
protect the fetch of -fd[fd] in do_dup2() from mispredictions(CVE-2024-42265)
scsi: qla2xxx: During vport delete send async logout explicitly(CVE-2024-42289)
exec: Fix ToCToU between perm check and set-uid/gid usage(CVE-2024-43882)
tracing: Fix overflow in get_free_elt()(CVE-2024-43890)
USB: core: Fix duplicate endpoint bug by clearing reserved bits in the descriptor(CVE-2024-41035)
xhci: Fix null pointer dereference when host dies(CVE-2023-52898)
mm: avoid overflows in dirty throttling logic(CVE-2024-42131)
kobject_uevent: Fix OOB access within zap_modalias_env()(CVE-2024-42292)
sysctl: always initialize i_uid/i_gid(CVE-2024-42312)
scsi: qla2xxx: validate nvme_local_port correctly(CVE-2024-42286)
serial: core: check uartclk for zero to avoid divide by zero(CVE-2024-43893)
tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc(CVE-2023-52880)
memcg: protect concurrent access to mem_cgroup_idr(CVE-2024-43892)
dma: fix call order in dmam_free_coherent(CVE-2024-43856)
drm/ nouveau: fix off by one in BIOS boundary checking(CVE-2022-48732)
IB/core: Implement a limit on UMAD receive List(CVE-2024-42145)
drm/virtio: Fix GEM handle creation UAF(CVE-2022-48899)
cgroup/cpuset: Prevent UAF in proc_cpuset_show()(CVE-2024-43853)
net: usb: qmi_wwan: fix memory leak for not ip packets(CVE-2024-43861)
md/raid5: avoid BUG_ON() while continue reshape after reassembling(CVE-2024-43914)
netfilter: ctnetlink: use helper function to calculate expect ID(CVE-2024-44944)
RDMA/iwcm: Fix a use-after-free related to destroying CM IDs(CVE-2024-42285)
KVM: x86/mmu: make apf token non-zero to fix bug(CVE-2022-48943)
efi: fix NULL-deref in init error path(CVE-2022-48879)
nvme-rdma: fix possible use-after-free in transport error_recovery work(CVE-2022-48788)
devres: Fix memory leakage caused by driver API devm_free_percpu()(CVE-2024-43871)
netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers(CVE-2024-42070)
xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr()(CVE-2024-40959)
xhci: Fix Panther point NULL pointer deref at full-speed re-enumeration(CVE-2024-45006)
tcp_metrics: validate source addr length(CVE-2024-42154)
inet: inet_defrag: prevent sk release while still in use(CVE-2024-26921)
net: hns3: do not allow call hns3_nic_net_open repeatedly(CVE-2021-47400)
net/ipv6: avoid possible UAF in ip6_route_mpath_notify()(CVE-2024-26852)
ipv6: prevent UAF in ip6_send_skb()(CVE-2024-44987)
sch/ netem: fix use after free in netem_dequeue(CVE-2024-46800)
Tenable has extracted the preceding description block directly from the EulerOS kernel security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Update the affected kernel packages.See Also
Plugin Details
Severity: High
ID: 210643
File Name: EulerOS_SA-2024-2888.nasl
Version: 1.1
Type: local
Family: Huawei Local Security Checks
Published: 11/8/2024
Updated: 11/8/2024
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: High
Score: 7.4
CVSS v2
Risk Factor: Medium
Base Score: 6.8
Temporal Score: 5.3
Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C
CVSS Score Source: CVE-2024-46800
CVSS v3
Risk Factor: High
Base Score: 7.8
Temporal Score: 7
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C
Vulnerability Information
CPE: p-cpe:/a:huawei:euleros:kernel-tools-libs, p-cpe:/a:huawei:euleros:kernel-tools, p-cpe:/a:huawei:euleros:python3-perf, p-cpe:/a:huawei:euleros:kernel, p-cpe:/a:huawei:euleros:kernel-abi-stablelists, cpe:/o:huawei:euleros:2.0
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/EulerOS/release, Host/EulerOS/rpm-list, Host/EulerOS/sp
Excluded KB Items: Host/EulerOS/uvp_version
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 11/8/2024
Vulnerability Publication Date: 3/7/2022
Reference Information
CVE: CVE-2021-47400, CVE-2021-47423, CVE-2021-47434, CVE-2022-48732, CVE-2022-48788, CVE-2022-48828, CVE-2022-48879, CVE-2022-48899, CVE-2022-48943, CVE-2023-52880, CVE-2023-52898, CVE-2024-26852, CVE-2024-26921, CVE-2024-40959, CVE-2024-40978, CVE-2024-41012, CVE-2024-41014, CVE-2024-41020, CVE-2024-41035, CVE-2024-41087, CVE-2024-41095, CVE-2024-42070, CVE-2024-42084, CVE-2024-42102, CVE-2024-42131, CVE-2024-42145, CVE-2024-42154, CVE-2024-42244, CVE-2024-42265, CVE-2024-42285, CVE-2024-42286, CVE-2024-42289, CVE-2024-42292, CVE-2024-42304, CVE-2024-42305, CVE-2024-42312, CVE-2024-43830, CVE-2024-43853, CVE-2024-43856, CVE-2024-43861, CVE-2024-43871, CVE-2024-43882, CVE-2024-43890, CVE-2024-43892, CVE-2024-43893, CVE-2024-43914, CVE-2024-44944, CVE-2024-44987, CVE-2024-45006, CVE-2024-46800