[CLSA-2025:1763731262] kernel: Fix of 63 CVEs
Type:
security
Severity:
Important
Release date:
2025-11-21 19:16:22 UTC
Description:
- media: bttv: fix use after free error due to btv->timeout timer {CVE-2023-52847} {CVE-2023-52847} - firmware: arm_scpi: Ensure scpi_info is not assigned if the probe fails {CVE-2022-50087} {CVE-2022-50087} - wifi: mwifiex: Fix OOB and integer underflow when rx packets {CVE-2023-53226} {CVE-2023-53226} - vsock: Fix transport_* TOCTOU {CVE-2025-38461} {CVE-2025-38461} - ALSA: usb-audio: Validate UAC3 cluster segment descriptors {CVE-2025-39757} {CVE-2025-39757} - locking/ww_mutex/test: Fix potential workqueue corruption {CVE-2023-52836} {CVE-2023-52836} - media: stk1160: fix bounds checking in stk1160_copy_video() {CVE-2024-38621} {CVE-2024-38621} - ath10k: skip ath10k_halt during suspend for driver state RESTARTING {CVE-2022-49519} {CVE-2022-49519} - ASoC: ops: Reject out of bounds values in snd_soc_put_volsw() {CVE-2022-48738} {CVE-2022-48738} - partitions: mac: fix handling of bogus partition table {CVE-2025-21772} {CVE-2025-21772} - ALSA: oss: Fix PCM OSS buffer allocation overflow {CVE-2022-49292} {CVE-2022-49292} - usb: cdc-acm: Check control transfer buffer size before access {CVE-2025-21704} {CVE-2025-21704} - vfio/pci: Properly hide first-in-list PCIe extended capability {CVE-2024-53214} {CVE-2024-53214} - ppdev: Add an error check in register_device {CVE-2024-36015} {CVE-2024-36015} - scsi: ses: Fix possible desc_ptr out-of-bounds accesses {CVE-2023-53675} {CVE-2023-53675} - enic: Validate length of nl attributes in enic_set_vf_port {CVE-2024-38659} {CVE-2024-38659} - dm array: fix releasing a faulty array block twice in dm_array_cursor_end {CVE-2024-57929} {CVE-2024-57929} - dlm: fix plock invalid read {CVE-2022-49407} {CVE-2022-49407} - rpmsg: char: Fix race between the release of rpmsg_ctrldev and cdev {CVE-2022-48759} {CVE-2022-48759} - bpf: Don't use tnum_range on array range checking for poke descriptors {CVE-2022-49985} {CVE-2022-49985} - net_sched: hfsc: Address reentrant enqueue adding class to eltree twice {CVE-2025-38001} {CVE-2025-38001} - wifi: ath9k: don't allow to overwrite ENDPOINT0 attributes {CVE-2023-53185} {CVE-2023-53185} - dm integrity: fix memory corruption when tag_size is less than digest size {CVE-2022-49044} {CVE-2022-49044} - drm/radeon: possible buffer overflow {CVE-2023-52867} {CVE-2023-52867} - ata: sata_dwc_460ex: Fix crash due to OOB write {CVE-2022-49073} {CVE-2022-49073} - fs/jfs: Add validity check for db_maxag and db_agpref {CVE-2023-52804} {CVE-2023-52804} - net/mlx5e: Check for NOT_READY flag state after locking {CVE-2023-53581} {CVE-2023-53581} - thermal: core: prevent potential string overflow {CVE-2023-52868} {CVE-2023-52868} - ACPI: CPPC: Avoid out of bounds access when parsing _CPC data {CVE-2022-49145} {CVE-2022-49145} - efivarfs: Fix slab-out-of-bounds in efivarfs_d_compare {CVE-2025-39817} {CVE-2025-39817} - igb: Fix potential invalid memory access in igb_init_module() {CVE-2024-52332} {CVE-2024-52332} - do_change_type(): refuse to operate on unmounted/not ours mounts {CVE-2025-38498} {CVE-2025-38498} - drm/amd/display: Skip finding free audio for unknown engine_id {CVE-2024-42119} {CVE-2024-42119} - wifi: brcmfmac: fix use-after-free bug in brcmf_netdev_start_xmit() {CVE-2022-50408} {CVE-2022-50408} - wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy() {CVE-2024-58014} {CVE-2024-58014} - wifi: mac80211: fix invalid drv_sta_pre_rcu_remove calls for non-uploaded sta {CVE-2023-53229} {CVE-2023-53229} - ovl: Filter invalid inodes with missing lookup function {CVE-2024-56570} {CVE-2024-56570} - net: usb: smsc75xx: Limit packet length to skb->len {CVE-2023-53125} {CVE-2023-53125} - net: stmmac: fix dma queue left shift overflow issue {CVE-2022-49592} {CVE-2022-49592} - iio: adc: at91: call input_free_device() on allocated iio_dev {CVE-2024-57904} {CVE-2024-57904} - crypto: seqiv - Handle EBUSY correctly {CVE-2023-53373} {CVE-2023-53373} - sctp: linearize cloned gso packets in sctp_rcv {CVE-2025-38718} {CVE-2025-38718} - KVM: SVM: Don't BUG if userspace injects an interrupt with GIF=0 {CVE-2022-50228} {CVE-2022-50228} - soundwire: cadence: fix invalid PDI offset {CVE-2024-38635} {CVE-2024-38635} - ip6mr: Fix skb_under_panic in ip6mr_cache_report() {CVE-2023-53365} {CVE-2023-53365} - ntb_hw_switchtec: Fix shift-out-of-bounds in switchtec_ntb_mw_set_trans {CVE-2023-53034} {CVE-2023-53034} - Bluetooth: L2CAP: fix "bad unlock balance" in l2cap_disconnect_rsp {CVE-2023-53297} {CVE-2023-53297} - scsi: mpt3sas: Fix use-after-free warning {CVE-2022-48695} {CVE-2022-48695} - smb: client: fix use-after-free in cifs_oplock_break {CVE-2025-38527} {CVE-2025-38527} - NFS: Fix filehandle bounds checking in nfs_fh_to_dentry() {CVE-2025-39730} {CVE-2025-39730} - scsi: lpfc: Fix buffer free/clear order in deferred receive path {CVE-2025-39841} {CVE-2025-39841} - Bluetooth: Fix potential use-after-free when clear keys {CVE-2023-53386} {CVE-2023-53386} - scsi: qla2xxx: Wait for io return on terminate rport {CVE-2023-53322} {CVE-2023-53322} - ipv6: Fix out-of-bounds access in ipv6_find_tlv() {CVE-2023-53705} {CVE-2023-53705} - dma-buf/dma-resv: check if the new fence is really later {CVE-2022-49935} {CVE-2022-49935} - wifi: rtlwifi: remove unused check_buddy_priv {CVE-2024-58072} {CVE-2024-58072} - wifi: rtlwifi: remove unused dualmac control leftovers {CVE-2024-58072} {CVE-2024-58072} - wifi: rtlwifi: remove unused timer and related code {CVE-2024-58072} {CVE-2024-58072} - net: mdio: validate parameter addr in mdiobus_get_phy() {CVE-2023-53019} {CVE-2023-53019} - wifi: cfg80211: fix use-after-free in cmp_bss() {CVE-2025-39864} {CVE-2025-39864} - wifi: at76c50x: fix use after free access in at76_disconnect {CVE-2025-37796} {CVE-2025-37796} - ext4: fix out-of-bound read in ext4_xattr_inode_dec_ref_all() {CVE-2025-22121} {CVE-2025-22121} - ext4: move where set the MAY_INLINE_DATA flag is set {CVE-2025-22121} {CVE-2025-22121} - ext4: introduce ITAIL helper {CVE-2025-22121} {CVE-2025-22121} - ext4: improve xattr consistency checking and error reporting {CVE-2025-22121} {CVE-2025-22121} - net: openvswitch: fix nested key length validation in the set() action {CVE-2025-37789} {CVE-2025-37789} - mm: fix zswap writeback race condition {CVE-2023-53178} {CVE-2023-53178} - fs: fix UAF/GPF bug in nilfs_mdt_destroy {CVE-2022-50367} {CVE-2022-50367}
Updated packages:
  • bpftool-4.18.0-305.25.1.el8_4.tuxcare.els32.x86_64.rpm
    sha:07cb5bf31b2f84d1e847043de2fbe9a35d9628d283c3b8f51ff4e40496753e51
  • kernel-4.18.0-305.25.1.el8_4.tuxcare.els32.x86_64.rpm
    sha:95c4ca8844782a6e722a53a4b5b3e9ac1b1f6206559e2bcdb12ea628189c475f
  • kernel-core-4.18.0-305.25.1.el8_4.tuxcare.els32.x86_64.rpm
    sha:ffa88a7e48cb09ba3052c26cc083be34ba8098a880cf2ac449c3fcd438d727e1
  • kernel-cross-headers-4.18.0-305.25.1.el8_4.tuxcare.els32.x86_64.rpm
    sha:50eec96e3ff0ad529a9cd631ba2e5d4842e1d22a43e3050d59109f7fd47f9f76
  • kernel-debug-4.18.0-305.25.1.el8_4.tuxcare.els32.x86_64.rpm
    sha:70d80018b4ae9a33d745f6176bd7ad6ac2501f0cd5c7452323d14bbeadf2076f
  • kernel-debug-core-4.18.0-305.25.1.el8_4.tuxcare.els32.x86_64.rpm
    sha:43a092cad3d4c82bfd90355678138e35e3ba36ca07b203275397e0023b739701
  • kernel-debug-devel-4.18.0-305.25.1.el8_4.tuxcare.els32.x86_64.rpm
    sha:9570a16e0e31483f08e9f6d2cb2fe18fe54ea1c687e5047faa68f290f67e890f
  • kernel-debug-modules-4.18.0-305.25.1.el8_4.tuxcare.els32.x86_64.rpm
    sha:7bc62268388a6b8c8e507e02dd27860493cd424f63275f9b8927b3b9ef61b41f
  • kernel-debug-modules-extra-4.18.0-305.25.1.el8_4.tuxcare.els32.x86_64.rpm
    sha:7bd8a0771fc820dfa155bf5e84edd9d13b4ef102f320fb5bfbcde4dcf4ff59b1
  • kernel-debug-modules-internal-4.18.0-305.25.1.el8_4.tuxcare.els32.x86_64.rpm
    sha:a401ab7793b81a553671ed48ac3f68d769f5b59a6c38512adbcced89e631518f
  • kernel-devel-4.18.0-305.25.1.el8_4.tuxcare.els32.x86_64.rpm
    sha:fd7b7b759fed23feaf50fd0c357bc584463afbb855374c0ab04a1a3f5bdc7555
  • kernel-headers-4.18.0-305.25.1.el8_4.tuxcare.els32.x86_64.rpm
    sha:c8f51004ee4887380d054979b0395070a4e203da75c3a3fb646eb3c5a57805cb
  • kernel-ipaclones-internal-4.18.0-305.25.1.el8_4.tuxcare.els32.x86_64.rpm
    sha:a98435d834337283503dca745575fd3b373ed415f038e6f2fe626377dc9230aa
  • kernel-modules-4.18.0-305.25.1.el8_4.tuxcare.els32.x86_64.rpm
    sha:676fdea9c9ae5cdbe24a46a5cfd86e8fa6edf7f476a7fccb228c8b722bdc68dc
  • kernel-modules-extra-4.18.0-305.25.1.el8_4.tuxcare.els32.x86_64.rpm
    sha:88fb8f7287e8c265c164590fe0235121ddb130eb9643b7f2337ee2535ac07c2e
  • kernel-modules-internal-4.18.0-305.25.1.el8_4.tuxcare.els32.x86_64.rpm
    sha:2ef256515b9705aa1a6c3ac1b6c85654f93d0834d6c17d44a3ae430c2bd541ae
  • kernel-selftests-internal-4.18.0-305.25.1.el8_4.tuxcare.els32.x86_64.rpm
    sha:461bf276456859d025cceab22de1e89166acfe73ce075e476ebe7cdecd352e24
  • kernel-tools-4.18.0-305.25.1.el8_4.tuxcare.els32.x86_64.rpm
    sha:3617ecf845e0b7a8a22f8654f7e511afb43e10f562bd5732914f564f68a0700c
  • kernel-tools-libs-4.18.0-305.25.1.el8_4.tuxcare.els32.x86_64.rpm
    sha:674bedb68c0c4163d5353c623ec892b35369814cfad6245fc6853ef364514266
  • kernel-tools-libs-devel-4.18.0-305.25.1.el8_4.tuxcare.els32.x86_64.rpm
    sha:5b47702a12c23daa7d9b64c581e22b3ecda4c8336b7b0c2eab04c7230a2c03ad
  • perf-4.18.0-305.25.1.el8_4.tuxcare.els32.x86_64.rpm
    sha:6dee360e3fb4d5570745ac5f134afeda48d1f6b324c7d9a53a9ad10adda97fbe
  • python3-perf-4.18.0-305.25.1.el8_4.tuxcare.els32.x86_64.rpm
    sha:280a7aa00092745d20bb49cb79300ac5393c01299a13e15d36121d1e19092e2e
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.