[CLSA-2026:1773048865] kernel: Fix of 53 CVEs
Type:
security
Severity:
Important
Release date:
2026-03-09 09:34:28 UTC
Description:
- xhci: Remove device endpoints from bandwidth list when freeing the device {CVE-2022-50470} - HID: multitouch: Add NULL check in mt_input_configured {CVE-2024-58020} - netfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAX {CVE-2025-38201} - fs: writeback: fix use-after-free in __mark_inode_dirty() {CVE-2025-39866} - tracing/histograms: Add histograms to hist_vars if they have referenced variables {CVE-2023-53560} - netfilter: conntrack: Avoid nf_ct_helper_hash uses after free {CVE-2023-53619} - scsi: ses: Fix slab-out-of-bounds in ses_intf_remove() {CVE-2023-53521} - dm cache: Fix UAF in destroy() {CVE-2022-50496} - Bluetooth: L2CAP: Fix user-after-free {CVE-2022-50386} - VMCI: fix race between vmci_host_setup_notify and vmci_ctx_unset_notify {CVE-2025-38102} - sctp: avoid NULL dereference when chunk data buffer is missing {CVE-2025-40240} - wifi: iwlwifi: pcie: Fix integer overflow in iwl_write_to_user_buf {CVE-2023-53524} - xfrm: fix slab-use-after-free in decode_session6 {CVE-2023-53500} - ring-buffer: Sync IRQ works before buffer destruction {CVE-2023-53587} - Bluetooth: RFCOMM: Fix not validating setsockopt user input {CVE-2024-35966} - Bluetooth: L2CAP: Fix not validating setsockopt user input {CVE-2024-35965} - Bluetooth: SCO: Fix not validating setsockopt user input {CVE-2024-35967} - NFSD: Fix the behavior of READ near OFFSET_MAX {CVE-2022-48827} - NFSD: Avoid calling OPDESC() with ops->opnum == OP_ILLEGAL {CVE-2023-53680} - mm/memory-failure: fix VM_BUG_ON_PAGE(PagePoisoned(page)) when unpoison memory {CVE-2025-39883} - fbdev: Fix vmalloc out-of-bounds write in fast_imageblit {CVE-2025-38685} - erspan: do not use skb_mac_header() in ndo_start_xmit() {CVE-2023-53053} - net/mlx5e: Avoid field-overflowing memcpy() {CVE-2022-48744} - usb: core: config: Prevent OOB read in SS endpoint companion parsing {CVE-2025-39760} - i40e: fix IRQ freeing in i40e_vsi_request_irq_msix error path {CVE-2025-39911} - scsi: libsas: Fix use-after-free bug in smp_execute_task_sg() {CVE-2022-50422} - i40e: remove read access to debugfs files {CVE-2025-39901} - Bluetooth: hci_sock: Prevent race in socket write iter and sock bind {CVE-2025-68305} - RDMA/core: Fix "KASAN: slab-use-after-free Read in ib_register_device" problem {CVE-2025-38022} - usb: xhci: Apply the link chain quirk on NEC isoc endpoints {CVE-2025-22022} - netfilter: allow exp not to be removed in nf_ct_find_expectation {CVE-2023-52927} - dm-bufio: don't schedule in atomic context {CVE-2025-37928} - ACPI: EC: Fix oops when removing custom query handlers {CVE-2023-54244} - mlxsw: spectrum_mr: Fix use-after-free when updating multicast route stats {CVE-2025-68800} - net/sched: Enforce that teql can only be used as root qdisc {CVE-2026-23074} - net: nsh: Use correct mac_offset to unwind gso skb in nsh_gso_segment() {CVE-2023-54114} - igb: Do not bring the device up after non-fatal error {CVE-2024-50040} - HID: core: do not bypass hid_hw_raw_request {CVE-2025-38494} - drm/amdgpu/gfx: disable gfx9 cp_ecc_error_irq only when enabling legacy gfx ras {CVE-2023-53471} - wifi: mwifiex: Initialize the chan_stats array to zero {CVE-2025-39891} - HID: asus: fix UAF via HID_CLAIMED_INPUT validation {CVE-2025-39824} - fbdev: Add bounds checking in bit_putcs to fix vmalloc-out-of-bounds {CVE-2025-40304} - HID: multitouch: Correct devm device reference for hidinput input_dev name {CVE-2023-53454} - udf: Do not bother merging very long extents {CVE-2023-53506} - wifi: brcmfmac: Fix potential shift-out-of-bounds in brcmf_fw_alloc_request() {CVE-2022-50551} - dm integrity: call kmem_cache_destroy() in dm_integrity_init() error path {CVE-2023-53604} - gfs2: Fix possible data races in gfs2_show_options() {CVE-2023-53622} - iavf: Fix use-after-free in free_netdev {CVE-2023-53556} - cnic: Fix use-after-free bugs in cnic_delete_task {CVE-2025-39945} - kernfs: fix use-after-free in __kernfs_remove {CVE-2022-50432} - net/sched: act_mirred: don't override retval if we already lost the skb {CVE-2024-26739} - tcp_bpf: Call sk_msg_free() when tcp_bpf_send_verdict() fails to allocate psock->cork. {CVE-2025-39913} - igb: Fix igb_down hung on surprise removal {CVE-2023-53148}
Updated packages:
  • bpftool-4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64.rpm
    sha:83ed0b290a33a19b662665ea1c1141d108b2d60331776eed0629c6c6e917c738
  • kernel-4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64.rpm
    sha:be4ec9897a73d5ec41f90ce455a7050ed09e73c5be27f17eeed8c95afb25d375
  • kernel-core-4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64.rpm
    sha:0fabc00682f0da10516108228ce4725febb8fda1ff706a1b63c1f4379a1496e1
  • kernel-cross-headers-4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64.rpm
    sha:dfeaf2e6285818673de24f7139d6d16e1f28765478b43859e129e15f0a69252c
  • kernel-debug-4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64.rpm
    sha:ec366ade4f23a1e67394e8d873eeca26842f74f8d94660e76b85fba10b71bc00
  • kernel-debug-core-4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64.rpm
    sha:5d79bff7ab4a05caae2b98473b66a00b05dc9f363a38044c359777bfc431be93
  • kernel-debug-devel-4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64.rpm
    sha:289e777c81a528685b5e006cde4829c7af1dc69c684c8ffb1fb6ac2d8918adff
  • kernel-debug-modules-4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64.rpm
    sha:fbdae26fc13a5f0a4acc96152b9166984571f0203b94e111055d3fd4f630194d
  • kernel-debug-modules-extra-4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64.rpm
    sha:232f2233c7724da3bd5226111e52ecaf52713321e1a34dbe476964d4dd13b00b
  • kernel-debug-modules-internal-4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64.rpm
    sha:5ecf90fb1f33826d0cd81b851e8db5bc83710b4a3d264ebe660ec778dc2dd8ab
  • kernel-devel-4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64.rpm
    sha:68b53db8d24a08d7ac1d3648fd0206383695248563ba10833032442e87ff725a
  • kernel-headers-4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64.rpm
    sha:d41f51e7aae99eb2a83dc9a71b637ac4e687bb911d00532737bcc97dde89382d
  • kernel-ipaclones-internal-4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64.rpm
    sha:16be1ad146055da77fa649d8c9d0f2abcd455b2b3ef27d35db8857f190e4df8e
  • kernel-modules-4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64.rpm
    sha:87d36dbd6257f4941d240a9a789ececc6ef32405c55df320f3ebfb24744a598f
  • kernel-modules-extra-4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64.rpm
    sha:d3da86dde561e262b58f1f470294b736f5fcadfd46b58ac0db4349dcfc339e4f
  • kernel-modules-internal-4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64.rpm
    sha:bda66d7a83a3d8e336a0964122537990ac3bd118a3704a11b58e748f4b57353c
  • kernel-selftests-internal-4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64.rpm
    sha:a668f4c534e06923ec6f58428dabf1e108ac05fe90e972cd6bebb9fce3ec79c4
  • kernel-tools-4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64.rpm
    sha:3f540f830065fabcef0fb96cfdf38d1ad9436a9cecd5d150e6ef9b57a27365a6
  • kernel-tools-libs-4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64.rpm
    sha:20417018087e50edbfb1bc079bb60bbbab8844e8583c69c6b31bfdc5eab86c63
  • kernel-tools-libs-devel-4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64.rpm
    sha:c472330d663d47f2d7be0a906bf9f3144d77f2fc16aaad13a5d9c2400ab73402
  • perf-4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64.rpm
    sha:c832c6392b6f0566165c6780a45d34dc6e4e8816c74e461e559d5c8b4d560a14
  • python3-perf-4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64.rpm
    sha:b39ffef8c29365bac030024b1340d662080cf7e0a0db58fec2e3674630b6ba1c
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.