CLSA-2025:1762454401

[CLSA-2025:1762454401] kernel: Fix of 6 CVEs

Type:

security

Severity:

Important

Release date:

2025-11-06 18:40:08 UTC

Description:

- fix: virtio-net: Add validation for used length {CVE-2021-47352}
- xen/netfront: don't use gnttab_query_foreign_access() for mapped status {CVE-2022-23037}
- net/sched: sch_qfq: Fix race condition on qfq_aggregate {CVE-2025-38477}
- net: fix information leakage in /proc/net/ptype {CVE-2022-48757}
- net: atm: fix use after free in lec_send() {CVE-2025-22004}
- ALSA: oss: Fix PCM OSS buffer allocation overflow {CVE-2022-49292}

Updated packages:

kernel-2.6.32-754.35.8.el6.tuxcare.els27.x86_64.rpm
sha:029fef0810a35978cb74db31a6aa40161d8662cefa849b7405191fe1e86ade56
kernel-abi-whitelists-2.6.32-754.35.8.el6.tuxcare.els27.noarch.rpm
sha:0f2b75396c6bfa7d8e2199da816834f7f4942b7c23cb129d0c75c029eca65bfe
kernel-debug-2.6.32-754.35.8.el6.tuxcare.els27.x86_64.rpm
sha:080d686badba80fd790bde7ec0338f6a236d536e4cca279b5ee8675475b5b34f
kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els27.i686.rpm
sha:1d2e56736ea9f4f60eb111e3645b12bfc4d73dbd866faf802a94536fb478ac3f
kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els27.x86_64.rpm
sha:d998e72227a921ae48164edb4eec16120fe4e9d909be2add68c182a26ecb8354
kernel-devel-2.6.32-754.35.8.el6.tuxcare.els27.x86_64.rpm
sha:077dd9719d4b9e901920b906d1cfedee327617fa124b868160eb3b3a012eba56
kernel-doc-2.6.32-754.35.8.el6.tuxcare.els27.noarch.rpm
sha:557cea261ec84f320467527789bc38a9cd88e1f330c8e71635849cdb0127f452
kernel-firmware-2.6.32-754.35.8.el6.tuxcare.els27.noarch.rpm
sha:ed24d57518f270d3e80e9dc50ef2b49439e0fa1e16b21d6c4bcef97264cffdc2
kernel-headers-2.6.32-754.35.8.el6.tuxcare.els27.x86_64.rpm
sha:28782347a435c008b6f32237450d75a468f23c6bcfa9976703eaadc6119c8ff5
perf-2.6.32-754.35.8.el6.tuxcare.els27.x86_64.rpm
sha:54c610c6e79f5c8716d4330dee779c4991e3d819df77733b418e8156f2990b29
python-perf-2.6.32-754.35.8.el6.tuxcare.els27.x86_64.rpm
sha:e59ad70016151421b8797e2512661d9aa6dca95b07026099036431ab33030fa2

Notes:

This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.