[CLSA-2026:1773139548] kernel: Fix of 78 CVEs
Type:
security
Severity:
Important
Release date:
2026-03-10 10:45:51 UTC
Description:
- fix: fbdev: fix potential buffer overflow in do_register_framebuffer() - qed: Don't collect too many protection override GRC elements {CVE-2025-39949} - drm/amd/display: Avoid a NULL pointer dereference {CVE-2025-39693} - pNFS: Fix uninited ptr deref in block/scsi layout {CVE-2025-38691} - netfilter: nf_reject: don't leak dst refcount for loopback packets {CVE-2025-38732} - ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() {CVE-2025-71085} - fs: dlm: fix use after free in midcomms commit {CVE-2023-53629} - svcrdma: use rc_pageoff for memcpy byte offset {CVE-2025-68811} - bpf: Disable preemption in bpf_perf_event_output {CVE-2023-54303} - scsi: target: iscsit: Free cmds before session free {CVE-2023-54184} - fbdev: bitblit: bound-check glyph index in bit_putcs* {CVE-2025-40322} - scsi: libsas: Fix use-after-free bug in smp_execute_task_sg() {CVE-2022-50422} - RDMA/core: Fix "KASAN: slab-use-after-free Read in ib_register_device" problem {CVE-2025-38022} - memcg: protect concurrent access to mem_cgroup_idr {CVE-2024-43892} - ACPI: EC: Fix oops when removing custom query handlers {CVE-2023-54244} - KVM: SVM: Get source vCPUs from source VM for SEV-ES intrahost migration {CVE-2023-54296} - net: nsh: Use correct mac_offset to unwind gso skb in nsh_gso_segment() {CVE-2023-54114} - net: tls: avoid hanging tasks on the tx_lock {CVE-2023-54306} - usb: typec: bus: verify partner exists in typec_altmode_attention {CVE-2023-54299} - scsi: mpi3mr: Fix missing mrioc->evtack_cmds initialization {CVE-2023-54234} - rxrpc: Fix timeout of a call that hasn't yet been granted a channel {CVE-2023-54195} - block, bfq: Fix division by zero error on zero wsum {CVE-2023-54242} - wifi: cfg80211: reject auth/assoc to AP with our address {CVE-2023-53540} - wifi: iwlwifi: mvm: don't trust firmware n_channels {CVE-2023-53589} - wifi: mac80211: check for station first in client probe {CVE-2023-53588} - bonding: do not assume skb mac_header is set {CVE-2023-53601} - drm/i915: Make intel_get_crtc_new_encoder() less oopsy {CVE-2023-53571} - wifi: rtw88: delete timer and free skb queue when unloading {CVE-2023-53574} - net: bcmgenet: Add a check for oversized packets {CVE-2023-53535} - media: uvcvideo: Fix memory leak in uvc_gpio_parse {CVE-2022-50882} - md/raid10: fix memleak of md thread {CVE-2023-54294} - usb: typec: altmodes/displayport: fix pin_assignment_show {CVE-2023-54186} - scsi: qedf: Fix NULL dereference in error handling {CVE-2023-54289} - HID: multitouch: Add NULL check in mt_input_configured {CVE-2024-58020} - driver core: fix potential null-ptr-deref in device_add() {CVE-2023-54321} - net: usb: smsc75xx: Move packet length check to prevent kernel panic in skb_pull {CVE-2023-53125} - rcuscale: Move rcu_scale_writer() schedule_timeout_uninterruptible() to _idle() {CVE-2023-54246} - bpf: Address KCSAN report on bpf_lru_list {CVE-2023-54283} - usb: core: config: Prevent OOB read in SS endpoint companion parsing {CVE-2025-39760} - nvme-tcp: fix NULL pointer dereferences in nvmet_tcp_build_pdu_iovec {CVE-2026-22998} - drm/i915: fix race condition UAF in i915_perf_add_config_ioctl {CVE-2023-54202} - mmc: via-sdmmc: fix return value check of mmc_add_host() {CVE-2022-50846} - bpf: Disable preemption in bpf_event_output {CVE-2023-54173} - net/mlx5e: Move representor neigh cleanup to profile cleanup_tx {CVE-2023-54148} - net/mlx5: Handle pairing of E-switch via uplink un/load APIs {CVE-2023-53347} - net/mlx5e: Fix cleanup null-ptr deref on encap lock {CVE-2023-53105} - smb3: fix for slab out of bounds on mount to ksmbd {CVE-2025-38728} - perf/core: Exit early on perf_mmap() fail {CVE-2025-38565} - HID: core: do not bypass hid_hw_raw_request {CVE-2025-38494} - HID: core: ensure __hid_request reserves the report ID as the first byte - HID: core: ensure the allocated report buffer can contain the reserved report ID {CVE-2025-38495} - HID: intel-ish-hid: Fix kernel panic during warm reset {CVE-2023-53392} - xfs: do not propagate ENODATA disk errors into xattr code {CVE-2025-39835} - phy: tegra: xusb: Fix unbalanced regulator disable in UTMI PHY mode {CVE-2025-38535} - wifi: iwlwifi: pcie: Fix integer overflow in iwl_write_to_user_buf {CVE-2023-53524} - netfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAX {CVE-2025-38201} - xfrm: fix slab-use-after-free in decode_session6 {CVE-2023-53500} - drm/amdgpu/gfx: disable gfx9 cp_ecc_error_irq only when enabling legacy gfx ras {CVE-2023-53471} - drm/edid: fix info leak when failing to get panel id {CVE-2023-53085} - xhci: Remove device endpoints from bandwidth list when freeing the device {CVE-2022-50470} - vdpa: Add features attr to vdpa_nl_policy for nlattr length check {CVE-2023-53652} - virtio-mmio: don't break lifecycle of vm_dev {CVE-2023-53515} - virtio_net: fix xdp_rxq_info bug after suspend/resume {CVE-2022-49687} - drivers: net: prevent tun_build_skb() to exceed the packet size limit - fbdev: Add bounds checking in bit_putcs to fix vmalloc-out-of-bounds {CVE-2025-40304} - devlink: rate: Unset parent pointer in devl_rate_nodes_destroy {CVE-2025-40251} - tracing: Limit access to parser->buffer when trace_get_user failed {CVE-2025-39683} - NFSv4/pNFS: Clear NFS_INO_LAYOUTCOMMIT in pnfs_mark_layout_stateid_invalid {CVE-2025-68349} - HID: multitouch: Correct devm device reference for hidinput input_dev name {CVE-2023-53454} - HID: asus: fix UAF via HID_CLAIMED_INPUT validation {CVE-2025-39824} - udf: Do not bother merging very long extents {CVE-2023-53506} - cnic: Fix use-after-free bugs in cnic_delete_task {CVE-2025-39945} - fs: writeback: fix use-after-free in __mark_inode_dirty() {CVE-2025-39866} - tcp_bpf: Call sk_msg_free() when tcp_bpf_send_verdict() fails to allocate psock->cork. {CVE-2025-39913} - ring-buffer: Sync IRQ works before buffer destruction {CVE-2023-53587} - tunnels: fix kasan splat when generating ipv4 pmtu error {CVE-2023-53600} - dm integrity: call kmem_cache_destroy() in dm_integrity_init() error path {CVE-2023-53604} - tracing/histograms: Add histograms to hist_vars if they have referenced variables {CVE-2023-53560} - netfilter: conntrack: Avoid nf_ct_helper_hash uses after free {CVE-2023-53619} - gfs2: Fix possible data races in gfs2_show_options() {CVE-2023-53622} - iavf: Fix use-after-free in free_netdev {CVE-2023-53556}
Updated packages:
  • bpftool-7.0.0-284.1101.el9_2.tuxcare.7.els29.x86_64.rpm
    sha:ff59ca9a12ef857d84bfd06f93162c0bca456aabe03b413898101d81fb09021c
  • kernel-5.14.0-284.1101.el9_2.tuxcare.7.els29.x86_64.rpm
    sha:108bf0ba07a7f398230c0e1af19a9c359afe32f5c0142eab3c5915e92173b572
  • kernel-abi-stablelists-5.14.0-284.1101.el9_2.tuxcare.7.els29.noarch.rpm
    sha:4ea89424a29c597277f0ef1d6d805e8dc2dfeec0e5c3cf91632ad664f917a0fd
  • kernel-core-5.14.0-284.1101.el9_2.tuxcare.7.els29.x86_64.rpm
    sha:aba2b6e0bfd2d01ea39722a6658700aacbc2376596ae253ff6c54e4dff1a046a
  • kernel-cross-headers-5.14.0-284.1101.el9_2.tuxcare.7.els29.x86_64.rpm
    sha:8403f7c4afb2dda7e2ba5ce91803a21bad609fab575351fc2e4cbb944905ad0b
  • kernel-debug-5.14.0-284.1101.el9_2.tuxcare.7.els29.x86_64.rpm
    sha:5ecf77c53bb5c4afaf9747662c3c026ecf3929ee7ea50bfc535f45b0b89a98a9
  • kernel-debug-core-5.14.0-284.1101.el9_2.tuxcare.7.els29.x86_64.rpm
    sha:6429b01f41de1e0abf18f17572014f8d838c781c13bfd1ddf7001f93634bc4aa
  • kernel-debug-devel-5.14.0-284.1101.el9_2.tuxcare.7.els29.x86_64.rpm
    sha:940f0ec0285cbd7401c8008889429e1232bf4fe0a1b5731bde30351cc91ba566
  • kernel-debug-devel-matched-5.14.0-284.1101.el9_2.tuxcare.7.els29.x86_64.rpm
    sha:75da25ee53eb84341da3a5dbe15e611f187323c561b4b0427a9e759024f0614d
  • kernel-debug-modules-5.14.0-284.1101.el9_2.tuxcare.7.els29.x86_64.rpm
    sha:def7312b4e60ba4839de2a176008647c29f0533115405d8f4b53d00a5c927015
  • kernel-debug-modules-core-5.14.0-284.1101.el9_2.tuxcare.7.els29.x86_64.rpm
    sha:01c06b7a28e0fd5f25c3002404a0431d1f83340d0786e3732415bc9d6d2c903d
  • kernel-debug-modules-extra-5.14.0-284.1101.el9_2.tuxcare.7.els29.x86_64.rpm
    sha:e8c85fce7c8fc57beaf4e33c98789187d0f28f7a5bfd43805cffa2a0db8208f5
  • kernel-debug-modules-internal-5.14.0-284.1101.el9_2.tuxcare.7.els29.x86_64.rpm
    sha:1632428300c401658d4eeeef2f1d329a54ba053d7c50906523d95c6a63e1704e
  • kernel-debug-modules-partner-5.14.0-284.1101.el9_2.tuxcare.7.els29.x86_64.rpm
    sha:c346d51c58077ff782ebdc3f34e4389d5dbab301074c10fddaff81bc84855efd
  • kernel-debug-uki-virt-5.14.0-284.1101.el9_2.tuxcare.7.els29.x86_64.rpm
    sha:93206b77bb5b46b8c8f25d01efa90af00bd17e3c0867359400924207a80efed8
  • kernel-devel-5.14.0-284.1101.el9_2.tuxcare.7.els29.x86_64.rpm
    sha:46f78ed6527c9f256d154cd8aa6ac4d8d5f3e02d26809fc1ddc69c65a531d98b
  • kernel-devel-matched-5.14.0-284.1101.el9_2.tuxcare.7.els29.x86_64.rpm
    sha:f7555fdc0abd0a15d8beb766aebd4e9e3c8f5872b53f32b6b255697a90af0d2a
  • kernel-doc-5.14.0-284.1101.el9_2.tuxcare.7.els29.noarch.rpm
    sha:bc7af6065e699b04ffa41b3f98cd5b18f2a639c0663f53dc421379ef47008539
  • kernel-headers-5.14.0-284.1101.el9_2.tuxcare.7.els29.x86_64.rpm
    sha:97da50f2f8140aebe8f768a897f8162bd57c8b3665bb6c9df5e8a6fbb2ce565d
  • kernel-ipaclones-internal-5.14.0-284.1101.el9_2.tuxcare.7.els29.x86_64.rpm
    sha:b99b4b8b0d8a9d2faf415b15398bf4c3696633221a9ca3626a7d8ea582e1d34a
  • kernel-modules-5.14.0-284.1101.el9_2.tuxcare.7.els29.x86_64.rpm
    sha:3a29251ea0db6e0ee3cb0a47ff9d869dcea0cd466c68fc6020e44e4e686f1386
  • kernel-modules-core-5.14.0-284.1101.el9_2.tuxcare.7.els29.x86_64.rpm
    sha:3773a0a1df337c33d487b1acaf26f19638951142a1778c654142f87bc2e1584c
  • kernel-modules-extra-5.14.0-284.1101.el9_2.tuxcare.7.els29.x86_64.rpm
    sha:a76f9eec964ea8d5888750c8bdfe6f229e918fef5c01de92ac9129aef0b221fd
  • kernel-modules-internal-5.14.0-284.1101.el9_2.tuxcare.7.els29.x86_64.rpm
    sha:8d644e5d4e72a001fb2033a3d9b9057e7965be5008cb8093daea63ce1f6b0aeb
  • kernel-modules-partner-5.14.0-284.1101.el9_2.tuxcare.7.els29.x86_64.rpm
    sha:829f1c0ec04d5022f8b3e522988654d97b1938354a8b56beccb917ac3925bbcf
  • kernel-selftests-internal-5.14.0-284.1101.el9_2.tuxcare.7.els29.x86_64.rpm
    sha:526f0e401b60b17497c299527a35e0ceed048f33c9287b560a17381798332468
  • kernel-tools-5.14.0-284.1101.el9_2.tuxcare.7.els29.x86_64.rpm
    sha:84f7a3fc5bce1c23e92ce563a18b91abc0dd0a069e827ed88bf48ceff76ee9d6
  • kernel-tools-libs-5.14.0-284.1101.el9_2.tuxcare.7.els29.x86_64.rpm
    sha:b6f91ddfd1e6b51570695c3940e75924c44917d837a130f6e32350aad1c326a4
  • kernel-tools-libs-devel-5.14.0-284.1101.el9_2.tuxcare.7.els29.x86_64.rpm
    sha:898e71b5b42cb0c2c6ec1384ec51865598c57566cedbd8a27af6712ebcdaf3c9
  • kernel-uki-virt-5.14.0-284.1101.el9_2.tuxcare.7.els29.x86_64.rpm
    sha:d9ef0b41ef0d4410feffc5ff09b2cb0b68938d57314241677d24a9371ed5393e
  • libbpf-1.0.0-2.el9_2.tuxcare.7.els29.i686.rpm
    sha:be2b1a84a2cea8d48cff0067a2c1c7a842706c43f209fb20a90356217ad56874
  • libbpf-1.0.0-2.el9_2.tuxcare.7.els29.x86_64.rpm
    sha:f541d6a9144b902e56d974789b7660088544b91bce44c37064c1e2e8d8eb9956
  • libbpf-devel-1.0.0-2.el9_2.tuxcare.7.els29.i686.rpm
    sha:dd5ed0c130ab7367dff30587b4d96efa82f2fa0ba04039353deb8b7ff4102baa
  • libbpf-devel-1.0.0-2.el9_2.tuxcare.7.els29.x86_64.rpm
    sha:6f78daf4bd69b2cfd34f31a7cce2bc993d37801335eab1af532223e0cc7d23e2
  • libbpf-static-1.0.0-2.el9_2.tuxcare.7.els29.i686.rpm
    sha:5b2b81b7c89553f60152eb2a4168208d7a4f33b5b5ea40e7f828d515e6299bd6
  • libbpf-static-1.0.0-2.el9_2.tuxcare.7.els29.x86_64.rpm
    sha:16d00169e3abbd64edd41f879fda4d8fdce0128572389250fd2c31ba9b0bcf7a
  • perf-5.14.0-284.1101.el9_2.tuxcare.7.els29.x86_64.rpm
    sha:1205e5c73bd0a84e3e944f2fae00733de3ba37b040ee8e36c7baf0dcc14cc41f
  • python3-perf-5.14.0-284.1101.el9_2.tuxcare.7.els29.x86_64.rpm
    sha:afb928ae4cea58198d8920c52221fd0c45ed0552204d3b620a2cc7486fb70ed6
  • rtla-5.14.0-284.1101.el9_2.tuxcare.7.els29.x86_64.rpm
    sha:dc2a81972ea1493bcd262192473a93922c3d1d815bd60a45e8beee31734e23ec
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.