EULEROS-SA-2026-1123

Summary:

An update for kernel is now available for EulerOS Virtualization release 2.10.1

EulerOS Security has rated this update as having a security impact of Moderate.A Common Vunlnerability Scoring System(CVSS)base score, which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.General:

The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc.

Security Fix(es):

cifs: Fix UAF in cifs_demultiplex_thread()(CVE-2023-52572)

net: fix data-races around sk-＞sk_forward_alloc(CVE-2024-53124)

quota: flush quota_release_work upon quota writeback(CVE-2024-56780)

af_packet: avoid erroring out after sock_init_data() in packet_create()(CVE-2024-56606)

net: defer final 'struct net' free in netns dismantle(CVE-2024-56658)

netfilter: x_tables: fix LED ID check in led_tg_check()(CVE-2024-56650)

mm: hugetlb: independent PMD page table shared count(CVE-2024-57883)

NFSv4.0: Fix a use-after-free problem in the asynchronous open()(CVE-2024-53173)

NFSD: Prevent NULL dereference in nfsd4_process_cb_update()(CVE-2024-53217)

netfilter: conntrack: clamp maximum hashtable size to INT_MAX(CVE-2025-21648)

vfio/platform: check the bounds of read/write syscalls(CVE-2025-21687)

mm: fix unexpected zeroed page mapping with zram swap(CVE-2022-49052)

ext4: fix race condition between ext4_write and ext4_convert_inline_data(CVE-2022-49414)

block: Fix handling of offline queues in blk_mq_alloc_request_hctx()(CVE-2022-49720)

scsi: libfc: Fix use after free in fc_exch_abts_resp()(CVE-2022-49114)

nbd: don't allow reconnect after disconnect(CVE-2025-21731)

md/bitmap: don't set sb values if can't pass sanity check(CVE-2022-49526)

ARM: hisi: Add missing of_node_put after of_find_compatible_node(CVE-2022-49447)

bpf,...