EulerOS Virtualization 2.13.1 : kernel (EulerOS-SA-2025-2623)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : x86/mce: Work around an erratum on fast string copy instructionsCVE-2022-49124 net: preserve skbendoffset in...

EUVD-2023-60528

In the Linux kernel, the following vulnerability has been resolved: nfsd: move init of percpu replycachestats counters back to nfsdinitnet Commit f5f9d4a314da "nfsd: move reply cache initialization into nfsd startup" moved the initialization of the reply cache into nfsd startup, but didn't accoun...

EUVD-2023-60433

In the Linux kernel, the following vulnerability has been resolved: media: ov5675: Fix memleak in ov5675initcontrols There is a kmemleak when testing the media/i2c/ov5675.c with bpf mock device: AssertionError: unreferenced object 0xffff888107362160 size 16: comm "python3", pid 277, jiffies...

EUVD-2023-60438

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slab-out-of-bounds in initsmb2rsphdr When smb1 mount fails, KASAN detect slab-out-of-bounds in initsmb2rsphdr like the following one. For smb1 negotiate56bytes , initsmb2rsphdr for smb2 is called. The issue occurs whil...

EUVD-2022-55826

In the Linux kernel, the following vulnerability has been resolved: ARM: OMAP2+: Fix memory leak in realtimecounterinit The "sysclk" resource is malloced by clkget, it is not released when the function return...

EUVD-2022-55918

In the Linux kernel, the following vulnerability has been resolved: gpu: lontium-lt9611: Fix NULL pointer dereference in lt9611connectorinit A NULL check for bridge-encoder shows that it may be NULL, but it already been dereferenced on all paths leading to the check. 812 if !bridge-encoder...

EUVD-2022-55850

In the Linux kernel, the following vulnerability has been resolved: drivers: dio: fix possible memory leak in dioinit If deviceregister returns error, the 'dev' and name needs be freed. Add a release function, and then call putdevice in the error path, so the name is freed in kobjectcleanup and t...

EUVD-2022-55878

In the Linux kernel, the following vulnerability has been resolved: perf/armdmc620: Fix hotplug callback leak in dmc620pmuinit dmc620pmuinit won't remove the callback added by cpuhpsetupstatemulti when platformdriverregister failed. Remove the callback by cpuhpremovemultistate in fail path. Simil...

CVE-2023-54316

In the Linux kernel, the following vulnerability has been resolved: refscale: Fix uninitalized use of waitqueueheadt Running the refscale test occasionally crashes the kernel with the following error: 8569.952896 BUG: unable to handle page fault for address: ffffffffffffffe8 8569.952900 PF:...

CVE-2023-54203

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slab-out-of-bounds in initsmb2rsphdr When smb1 mount fails, KASAN detect slab-out-of-bounds in initsmb2rsphdr like the following one. For smb1 negotiate56bytes , initsmb2rsphdr for smb2 is called. The issue occurs whil...

CVE-2023-54167

In the Linux kernel, the following vulnerability has been resolved: m68k: mm: Move initrd phystovirt handling after paginginit When booting with an initial ramdisk on platforms where physical memory does not start at address zero e.g. on Amiga: initrd: 0ef0602c - 0f800000 Zone ranges: DMA mem...

CVE-2022-50888

In the Linux kernel, the following vulnerability has been resolved: remoteproc: qcom: q6v5: Fix potential null-ptr-deref in q6v5wcssinitmmio q6v5wcssinitmmio will call platformgetresourcebyname that may fail and return NULL. devmioremap will use res-start as input, which may causes null-ptr-deref...

CVE-2022-50872

In the Linux kernel, the following vulnerability has been resolved: ARM: OMAP2+: Fix memory leak in realtimecounterinit The "sysclk" resource is malloced by clkget, it is not released when the function return...

CVE-2022-50878

In the Linux kernel, the following vulnerability has been resolved: gpu: lontium-lt9611: Fix NULL pointer dereference in lt9611connectorinit A NULL check for bridge-encoder shows that it may be NULL, but it already been dereferenced on all paths leading to the check. 812 if !bridge-encoder...

CVE-2022-50878

In the Linux kernel, the following vulnerability has been resolved: gpu: lontium-lt9611: Fix NULL pointer dereference in lt9611connectorinit A NULL check for bridge-encoder shows that it may be NULL, but it already been dereferenced on all paths leading to the check. 812 if !bridge-encoder...

CVE-2022-50872

In the Linux kernel, the following vulnerability has been resolved: ARM: OMAP2+: Fix memory leak in realtimecounterinit The "sysclk" resource is malloced by clkget, it is not released when the function return...

CVE-2022-50823

In the Linux kernel, the following vulnerability has been resolved: clk: tegra: Fix refcount leak in tegra114clockinit offindmatchingnode returns a node pointer with refcount incremented, we should use ofnodeput on it when not need anymore. Add missing ofnodeput to avoid refcount leak...

CVE-2022-50848

In the Linux kernel, the following vulnerability has been resolved: drivers: dio: fix possible memory leak in dioinit If deviceregister returns error, the 'dev' and name needs be freed. Add a release function, and then call putdevice in the error path, so the name is freed in kobjectcleanup and t...

UBUNTU-CVE-2022-50825

In the Linux kernel, the following vulnerability has been resolved: usb: typec: wusb3801: fix fwnode refcount leak in wusb3801probe I got the following report while doing fault injection test: OF: ERROR: memory leak, expected refcount 1 instead of 4, ofnodeget/ofnodeput unbalanced - destroy cset...

CVE-2022-50850

In the Linux kernel, the following vulnerability has been resolved: scsi: ipr: Fix WARNING in iprinit iprinit will not call unregisterrebootnotifier when pciregisterdriver fails, which causes a WARNING. Call unregisterrebootnotifier when pciregisterdriver fails. notifier callback iprhalt ipr...