CLSA-2025:1762455270

[CLSA-2025:1762455270] kernel: Fix of 6 CVEs

Type:

security

Severity:

Important

Release date:

2025-11-06 18:54:37 UTC

Description:

- fix: virtio-net: Add validation for used length {CVE-2021-47352}
- xen/netfront: don't use gnttab_query_foreign_access() for mapped status {CVE-2022-23037}
- net/sched: sch_qfq: Fix race condition on qfq_aggregate {CVE-2025-38477}
- net: fix information leakage in /proc/net/ptype {CVE-2022-48757}
- net: atm: fix use after free in lec_send() {CVE-2025-22004}
- ALSA: oss: Fix PCM OSS buffer allocation overflow {CVE-2022-49292}

Updated packages:

kernel-2.6.32-754.35.8.el6.tuxcare.els27.x86_64.rpm
sha:c1c082527c36c047c9aa5a797d0a3d4f7c31f87447fde57e0a10b4c17878da62
kernel-abi-whitelists-2.6.32-754.35.8.el6.tuxcare.els27.noarch.rpm
sha:27a55374c1a9cc5de6497b55283d2181c2e2e3af208e8f743cc48d5ab447ccc9
kernel-debug-2.6.32-754.35.8.el6.tuxcare.els27.x86_64.rpm
sha:674b07424eebec4222d970163a9421845fb449972dd8d6073e8ca3d04c8a3e43
kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els27.i686.rpm
sha:8823a064395cad766f25820e26c128bc7280707028ead8c32c3b7fce3988f247
kernel-debug-devel-2.6.32-754.35.8.el6.tuxcare.els27.x86_64.rpm
sha:ca7ac020575b59e0a35c5db82bb0bf39cac63cb61923c38c2acb59f8ea41b161
kernel-devel-2.6.32-754.35.8.el6.tuxcare.els27.x86_64.rpm
sha:be8b5dfcc258a40ab5f12a3e3050b3af59ba9fc702546bb48fd1193fe69ccf0a
kernel-doc-2.6.32-754.35.8.el6.tuxcare.els27.noarch.rpm
sha:d0097ce6a564474d4c17a2e9b72a14197300f01712b795e3f30bae90d6a23000
kernel-firmware-2.6.32-754.35.8.el6.tuxcare.els27.noarch.rpm
sha:7d74700332b5aac351224cc2b365d8b8fd8cfbac0ee807720092e230e9dd9f5f
kernel-headers-2.6.32-754.35.8.el6.tuxcare.els27.x86_64.rpm
sha:7d483997d79501559e8369a35e24d1a93a8bae3a2453af73be2cba605454b60c
perf-2.6.32-754.35.8.el6.tuxcare.els27.x86_64.rpm
sha:9bd8fa2d9bd2766aa9dd4b5a456efb5e79ba298f774d6e71ba1302d023b1d8b2
python-perf-2.6.32-754.35.8.el6.tuxcare.els27.x86_64.rpm
sha:2981258a4be9deb10b81e6e883d885d4282b3ba1febafa2e583c4bd3c2a617da

Notes:

This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.