EulerOS 2.0 SP10 : kernel (EulerOS-SA-2025-2072)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : ext4: update sjournalinum if it changes after journal replayCVE-2023-53091 arp: use RCU protection in arpxmit.CVE-2025-21762 iouring: prevent opco...

CVE-2025-38405

In CVE-2025-38405, the Linux kernel nvmet subsystem was vulnerable to a memory leak in bio integrity (bio->bi_integrity) when commands carried metadata. The root cause was that after bio_init, some users (including nvmet inline bios) did not call bio_uninit, preventing proper deallocation. The...

kernel: nvmet: Don't overflow subsysnqn

In the Linux kernel, the following vulnerability has been resolved: nvmet: Don't overflow subsysnqn nvmetrootdiscoverynqnstore treats the subsysnqn string like a fixed size buffer, even though it is dynamically allocated to the size of the string. Create a new string with kstrndup instead of usin...

SUSE CVE-2025-37825

In the Linux kernel, the following vulnerability has been resolved: nvmet: fix out-of-bounds access in nvmetenableport When trying to enable a port that has no transport configured yet, nvmetenableport uses NVMFTRTYPEMAX 255 to query the transports array, causing an out-of-bounds access: 106.0586...

CVE-2025-21850

In the Linux kernel, the following vulnerability has been resolved: nvmet: Fix crash when a namespace is disabled The namespace percpu counter protects pending I/O, and we can only safely diable the namespace once the counter drop to zero. Otherwise we end up with a crash when running...