Detections
Analytics

EulerOS 2.0 SP10 : kernel (EulerOS-SA-2025-1024)

critical Nessus Plugin ID 214041

Synopsis

The remote EulerOS host is missing multiple security updates.

Description

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :

 RDMA/cma: Fix rdma_resolve_route() memory leak(CVE-2021-47345)

 HID: usbhid: free raw_report buffers in usbhid_stop(CVE-2021-47405)

 net: fix information leakage in /proc/ net/ptype(CVE-2022-48757)

 USB: core: Fix hang in usb_kill_urb by adding memory barriers(CVE-2022-48760)

 udf: Fix preallocation discarding at indirect extent boundary(CVE-2022-48946)

 igb: Initialize mailbox message for VF reset(CVE-2022-48949)

 HID: core: fix shift-out-of-bounds in hid_report_raw_event(CVE-2022-48978)

 memcg: fix possible use-after-free in memcg_write_event_control().(CVE-2022-48988)

 ipvlan: Dont Use skb-sk in ipvlan_process_v{4,6}_outbound(CVE-2024-33621)

 netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get().(CVE-2024-35898)

 rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation(CVE-2024-36017)

 nsh: Restore skb-{protocol,data,mac_header} for outer header in nsh_gso_segment().(CVE-2024-36933)

 scsi: mpt3sas: Avoid test/set_bit() operating in non-allocated memory(CVE-2024-40901)

 drm/ nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_hd_modes(CVE-2024-41089)

 memcg_write_event_control(): fix a user-triggerable oops(CVE-2024-45021)

 fix bitmap corruption on close_range() with CLOSE_RANGE_UNSHARE(CVE-2024-45025)

 scsi: aacraid: Fix double-free on probe failure(CVE-2024-46673)

 pinctrl: single: fix potential NULL dereference in pcs_get_function().(CVE-2024-46685)

 of/irq: Prevent device address out-of-bounds read in interrupt map walk(CVE-2024-46743)

 Squashfs: sanity check symbolic link size(CVE-2024-46744)

 PCI: Add missing bridge lock to pci_bus_lock().(CVE-2024-46750)

 udf: Avoid excessive partition lengths(CVE-2024-46777)

 drm/amd/display: Stop amdgpu_dm initialize when link nums greater than max_links(CVE-2024-46816)

 ELF: fix kernel.randomize_va_space double read(CVE-2024-46826)

 rtmutex: Drop rt_mutex::wait_lock before scheduling(CVE-2024-46829)

 netfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put().(CVE-2024-47685)

 RDMA/iwcm: Fix WARNING:at_kernel/workqueue.c:#check_flush_dependency(CVE-2024-47696)

 ext4: avoid OOB when system.data xattr changes underneath the filesystem(CVE-2024-47701)

 firmware_loader: Block path traversal(CVE-2024-47742)

 mm: call the security_mmap_file() LSM hook in remap_file_pages().(CVE-2024-47745)

 nbd: fix race between timeout and normal completion(CVE-2024-49855)

 ACPI: sysfs: validate return type of _STR method(CVE-2024-49860)

 ext4: update orig_path in ext4_find_extent().(CVE-2024-49881)

 ext4: fix double brelse() the buffer of the extents path(CVE-2024-49882)

 ext4: aovid use-after-free in ext4_ext_insert_extent().(CVE-2024-49883)

 ext4: fix slab-use-after-free in ext4_split_extent_at().(CVE-2024-49884)

 ext4: avoid use-after-free in ext4_ext_show_leaf().(CVE-2024-49889)

 jbd2: stop waiting for space when jbd2_cleanup_journal_tail() returns error(CVE-2024-49959)

 slip: make slhc_remember() more robust against malicious packets(CVE-2024-50033)

 ppp: fix ppp_async_encode() illegal access(CVE-2024-50035)

 net: do not delay dst_entries_add() in dst_release().(CVE-2024-50036)

 tty: n_gsm: Fix use-after-free in gsm_cleanup_mux(CVE-2024-50073)

 tcp/dccp: Don't use timer_pending() in reqsk_queue_unlink().(CVE-2024-50154)

 ceph: remove the incorrect Fw reference check when dirtying pages(CVE-2024-50179)

 posix-clock: Fix missing timespec64 check in pc_clock_settime().(CVE-2024-50195)

 mm/swapfile: skip HugeTLB pages for unuse_vma(CVE-2024-50199)

 bpf: Fix out-of-bounds write in trie_get_next_key().(CVE-2024-50262)

 security/keys: fix slab-out-of-bounds in key_task_permission(CVE-2024-50301)

Tenable has extracted the preceding description block directly from the EulerOS kernel security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected kernel packages.

See Also

http://www.nessus.org/u?d80ed291

Plugin Details

Severity: Critical

ID: 214041

File Name: EulerOS_SA-2025-1024.nasl

Version: 1.1

Type: local

Published: 1/13/2025

Updated: 1/13/2025

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: High

Base Score: 9.4

Temporal Score: 7

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:C

CVSS Score Source: CVE-2024-47685

CVSS v3

Risk Factor: Critical

Base Score: 9.1

Temporal Score: 7.9

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:huawei:euleros:2.0, p-cpe:/a:huawei:euleros:kernel, p-cpe:/a:huawei:euleros:kernel-tools, p-cpe:/a:huawei:euleros:kernel-tools-libs, p-cpe:/a:huawei:euleros:python3-perf, p-cpe:/a:huawei:euleros:kernel-abi-stablelists

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/EulerOS/release, Host/EulerOS/rpm-list, Host/EulerOS/sp

Excluded KB Items: Host/EulerOS/uvp_version

Exploit Ease: No known exploits are available

Patch Publication Date: 1/13/2025

Vulnerability Publication Date: 5/21/2024

Reference Information

CVE: CVE-2021-47344, CVE-2021-47345, CVE-2022-48946, CVE-2022-48949, CVE-2022-48969, CVE-2022-48978, CVE-2022-48988, CVE-2022-49000, CVE-2022-49002, CVE-2024-44958, CVE-2024-45021, CVE-2024-45025, CVE-2024-46673, CVE-2024-46739, CVE-2024-46744, CVE-2024-46750, CVE-2024-46777, CVE-2024-46826, CVE-2024-46829, CVE-2024-46859, CVE-2024-47685, CVE-2024-47696, CVE-2024-47697, CVE-2024-47698, CVE-2024-47701, CVE-2024-47742, CVE-2024-47745, CVE-2024-49855, CVE-2024-49860, CVE-2024-49881, CVE-2024-49882, CVE-2024-49883, CVE-2024-49884, CVE-2024-49889, CVE-2024-49894, CVE-2024-49959, CVE-2024-49995, CVE-2024-50033, CVE-2024-50035, CVE-2024-50036, CVE-2024-50058, CVE-2024-50073, CVE-2024-50115, CVE-2024-50154, CVE-2024-50179, CVE-2024-50195, CVE-2024-50199, CVE-2024-50258, CVE-2024-50262, CVE-2024-50278, CVE-2024-50279, CVE-2024-50301