[CLSA-2026:1782148320] kernel: Fix of 38 CVEs
Type:
security
Severity:
Important
Release date:
2026-07-09 10:01:03 UTC
Description:
- i40e: remove read access to debugfs files {CVE-2025-39901} - e1000: fix OOB in e1000_tbi_should_accept() {CVE-2025-71093} - ext4: fix bug_on in __es_tree_search caused by bad boot loader inode {CVE-2022-50638} - usbip: validate number_of_packets in usbip_pack_ret_submit() {CVE-2026-31607} - md: fix resync softlockup when bitmap size is less than array size {CVE-2023-53357} - media: ngene: Fix out-of-bounds bug in ngene_command_config_free_buf() {CVE-2021-47288} - md/raid10: check slab-out-of-bounds in md_bitmap_get_counter {CVE-2023-53357} - HID: wacom: fix out-of-bounds read in wacom_intuos_bt_irq {CVE-2026-43051} - netfilter: ip6t_eui64: reject invalid MAC header for all packets {CVE-2026-31685} - scsi: pm8001: Fix use-after-free for aborted TMF sas_task {CVE-2022-48791} - media: dvb-net: fix OOB access in ULE extension header tables {CVE-2026-31405} - wifi: brcmfmac: validate bsscfg indices in IF events {CVE-2026-43110} - powercap: intel_rapl: fix UBSAN shift-out-of-bounds issue {CVE-2022-50366} - netfilter: nf_conntrack_h323: check for zero length in DecodeQ931() {CVE-2026-23455} - netfilter: xt_tcpmss: check remaining length before reading optlen {CVE-2026-43190} - selinux: Add boundary check in put_entry() {CVE-2022-50200} - tracing: Only have rmmod clear buffers that its events were active in {CVE-2022-49006} - ASoC: core: Fix use-after-free in snd_soc_exit() {CVE-2022-49842} - nvme: fix a possible use-after-free in controller reset during load {CVE-2022-48790} - scsi: qla4xxx: Add length check when parsing nlattrs {CVE-2023-53456} - net: usb: cdc_ncm: add ndpoffset to NDP16 nframes bounds check {CVE-2026-23448} - xen/privcmd: fix double free via VMA splitting {CVE-2026-31787} - ext4: block range must be validated before use in ext4_mb_clear_bb() {CVE-2022-50021} - ext4: convert inline data to extents when truncate exceeds inline size {CVE-2026-31452} - igb: Fix igb_down hung on surprise removal {CVE-2023-53148} - dm raid: fix accesses beyond end of raid member array {CVE-2022-49674} - md: suspend array while updating raid_disks via sysfs {CVE-2025-71225} - usb: class: cdc-wdm: fix reordering issue in read code path {CVE-2026-43427} - atm: lec: fix use-after-free in sock_def_readable() {CVE-2026-43050} - cifs: Fix UAF in cifs_demultiplex_thread() {CVE-2023-52572} - drivers: base: Free devm resources when unregistering a device {CVE-2023-53596} - wifi: mac80211: check tdls flag in ieee80211_tdls_oper {CVE-2026-43052} - Bluetooth: MGMT: validate LTK enc_size on load {CVE-2026-43020} - usb: gadget: f_uac1_legacy: validate control request size {CVE-2026-31720} - iommu/vt-d: avoid invalid memory access via node_online(NUMA_NO_NODE) {CVE-2022-50093} - ext4: add bounds checking in get_max_inline_xattr_value_size() {CVE-2023-53285} - ACPICA: Add AML_NO_OPERAND_RESOLVE flag to Timer {CVE-2023-53395} - scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show() {CVE-2023-53676} - sysfs: Add sysfs_emit and sysfs_emit_at to format sysfs output {CVE-2023-53676} - mmc: vub300: fix warning - do not call blocking ops when !TASK_RUNNING {CVE-2022-50430}
Updated packages:
  • bpftool-3.10.0-1160.144.1.el7.tuxcare.els7.x86_64.rpm
    sha:573cec6b72195b9d526dabbdf5551cdf31b604a5b442adcb48ea60c7eb93e092
  • kernel-3.10.0-1160.144.1.el7.tuxcare.els7.x86_64.rpm
    sha:fc81b0fc36d6425538664e83cc02dee2374f004c1ad44b54975c42bfd42ff2f6
  • kernel-debug-3.10.0-1160.144.1.el7.tuxcare.els7.x86_64.rpm
    sha:ac54e383229823a431bb2473f7d2696714a0d7a9e6155853016fe4494168c419
  • kernel-debug-devel-3.10.0-1160.144.1.el7.tuxcare.els7.x86_64.rpm
    sha:db4b42877db71d6cc144afaa17495b3be88185468f0cbc783e48b8abae94e776
  • kernel-devel-3.10.0-1160.144.1.el7.tuxcare.els7.x86_64.rpm
    sha:8e202d856e830d6f4494a40f82b4fdeef8eadd08a057ea27f3c416e05ce5b5bd
  • kernel-headers-3.10.0-1160.144.1.el7.tuxcare.els7.x86_64.rpm
    sha:83fe4a86743ca99c2e20f719d5c52b3d1d391ecfafa5718dbcd4504a0cd9c704
  • kernel-tools-3.10.0-1160.144.1.el7.tuxcare.els7.x86_64.rpm
    sha:cd1fd7a949c7a5d750ea1f85737933f61828c086bd930ff96e675a5ceb607be5
  • kernel-tools-libs-3.10.0-1160.144.1.el7.tuxcare.els7.x86_64.rpm
    sha:fb8e6bd4d117701035d781f463c5a869c443f40971f500cac848eb199fd28c33
  • kernel-tools-libs-devel-3.10.0-1160.144.1.el7.tuxcare.els7.x86_64.rpm
    sha:d785f7f6aab32a02c60505e60eba6817313eb75825356f68b211ee4378cac02e
  • perf-3.10.0-1160.144.1.el7.tuxcare.els7.x86_64.rpm
    sha:e66bd53850cbd253f026cba911443924560d762b543cb4a4b94563116b7487d8
  • python-perf-3.10.0-1160.144.1.el7.tuxcare.els7.x86_64.rpm
    sha:5c60aadc38d03da585400335162dcaf52010c11364026b03b3ae6302af8cf1ce
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.