EULEROS-SA-2026-1224

Summary:

An update for kernel is now available for EulerOS V2.0SP13

EulerOS Security has rated this update as having a security impact of Moderate.A Common Vunlnerability Scoring System(CVSS)base score, which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.General:

The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc.

Security Fix(es):

tipc: fix a null-ptr-deref in tipc_topsrv_accept (CVE-2022-50555)

integrity: Fix memory leakage in keyring allocation error path (CVE-2022-50395)

objtool: Fix memory leak in create_static_call_sections() (CVE-2023-53423)

scsi: qla2xxx: Fix memory leak in qla2x00_probe_one() (CVE-2023-53696)

ext4: improve error handling from ext4_dirhash() (CVE-2023-53473)

fs: dlm: fix invalid derefence of sb_lvbptr (CVE-2022-50516)

scsi: mpt3sas: Fix a memory leak (CVE-2023-53512)

scsi: storvsc: Remove WQ_MEM_RECLAIM from storvsc_error_wq (CVE-2022-49986)

net: sched: sfb: fix null pointer access issue when sfb_init() fails (CVE-2022-50356)

dm stats: check for and propagate alloc_percpu failure (CVE-2023-53044)

vsock: Fix transport_{g2h,h2g} TOCTOU (CVE-2025-38462)

dm thin: fix use-after-free crash in dm_sm_register_threshold_callback (CVE-2022-50092)

ppp: fix memory leak in pad_compress_skb (CVE-2025-39847)

NFSD: fix use-after-free on source server when doing inter-server copy (CVE-2022-50241)

md: fix a crash in mempool_free (CVE-2022-50381)

KVM: arm64: Prevent access to vCPU events before init (CVE-2025-40102)

mm/slub: avoid accessing metadata when pointer is invalid in object_err() (CVE-2025-39902)

nfsd: put dl_stid if fail to queue dl_recall (CVE-2025-22025)

vsock: Do not allow binding to VMADDR_PORT_ANY (CVE-2025-38618)

usb: typec: ucsi:...