[CLSA-2025:1763991095] Fix of 25 CVEs
Type:
security
Severity:
Important
Release date:
2025-11-24 13:31:39 UTC
Description:
* Focal update: v5.4.291 upstream stable release (LP: #2106002) // CVE-2025-21772 - partitions: mac: fix handling of bogus partition table * CVE-url: https://ubuntu.com/security/CVE-2025-22079 - ocfs2: validate l_tree_depth to avoid out-of-bounds access * CVE-url: https://ubuntu.com/security/CVE-2024-58014 - wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy() * CVE-url: https://ubuntu.com/security/CVE-2024-41042 - netfilter: nf_tables: prefer nft_chain_validate * CVE-url: https://ubuntu.com/security/CVE-2024-46713 - perf/aux: Fix AUX buffer serialization * CVE-url: https://ubuntu.com/security/CVE-2025-38352 - posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() * CVE-url: https://ubuntu.com/security/CVE-2025-38477 - net/sched: sch_qfq: Fix race condition on qfq_aggregate * Focal update: v5.4.262 upstream stable release (LP: #2049069) // CVE-url: https://ubuntu.com/security/CVE-2023-52804 - fs/jfs: Add check for negative db_l2nbperpage - fs/jfs: Add validity check for db_maxag and db_agpref * Focal update: v5.4.251 upstream stable release (LP: #2034918) // CVE-url: https://ubuntu.com/security/CVE-2023-52804 - jfs: jfs_dmap: Validate db_l2nbperpage while mounting * Bionic update: upstream stable patchset 2023-02-06 (LP: #2006403) // CVE- url: https://ubuntu.com/security/CVE-2023-52804 - fs: jfs: fix shift-out-of-bounds in dbAllocAG * CVE-url: https://ubuntu.com/security/CVE-2022-25265 - x86/elf: Add table to document READ_IMPLIES_EXEC - x86/elf: Split READ_IMPLIES_EXEC from executable PT_GNU_STACK - x86/elf: Disable automatic READ_IMPLIES_EXEC on 64-bit * Bionic update: upstream stable patchset 2021-06-11 (LP: #1931740) // CVE- url: https://ubuntu.com/security/CVE-2021-47153 - i2c: i801: Don't generate an interrupt on bus reset * Bionic update: upstream stable patchset 2022-03-04 (LP: #1963717) // CVE- url: https://ubuntu.com/security/CVE-2022-48757 - net: fix information leakage in /proc/net/ptype * Focal update: v5.4.279 upstream stable release (LP: #2073621) // CVE-url: https://ubuntu.com/security/CVE-2024-37078 - nilfs2: fix potential kernel bug due to lack of writeback flag waiting * Bionic update: upstream stable patchset 2022-03-04 (LP: #1963717) // CVE- url: https://ubuntu.com/security/CVE-2022-48760 - USB: core: Fix hang in usb_kill_urb by adding memory barriers * Bionic update: upstream stable patchset 2021-11-02 (LP: #1949512) // CVE- url: https://ubuntu.com/security/CVE-2021-47383 - tty: Fix out-of-bound vmalloc access in imageblit * Bionic update: upstream stable patchset 2022-05-17 (LP: #1973831) // CVE- url: https://ubuntu.com/security/CVE-2022-49145 - ACPI: CPPC: Avoid out of bounds access when parsing _CPC data * Bionic update: upstream stable patchset 2021-11-23 (LP: #1951997) // CVE- url: https://ubuntu.com/security/CVE-2021-47458 - ocfs2: mount fails with buffer overflow in strlen * CVE-url: https://ubuntu.com/security/CVE-2022-49170 - f2fs: fix to do sanity check on curseg->alloc_type * CVE-url: https://ubuntu.com/security/CVE-2021-47479 - staging: rtl8712: fix use-after-free in rtl8712_dl_fw * Bionic update: upstream stable patchset 2021-12-03 (LP: #1953202) // CVE- url: https://ubuntu.com/security/CVE-2021-47477 - comedi: dt9812: fix DMA buffers on stack * Bionic update: upstream stable patchset 2022-05-17 (LP: #1973831) // CVE- url: https://ubuntu.com/security/CVE-2021-47642 - video: fbdev: nvidiafb: Use strscpy() to prevent buffer overflow * Bionic update: upstream stable patchset 2022-01-06 (LP: #1956614) // CVE- url: https://ubuntu.com/security/CVE-2021-47565 - scsi: mpt3sas: Fix kernel panic during drive powercycle test * Bionic update: upstream stable patchset 2022-01-06 (LP: #1956614) // CVE- url: https://ubuntu.com/security/CVE-2021-47566 - proc/vmcore: fix clearing user buffer by properly using clear_user() * Focal update: v5.4.279 upstream stable release (LP: #2073621) // CVE-url: https://ubuntu.com/security/CVE-2024-39469 - nilfs2: fix nilfs_empty_dir() misjudgment and long loop on I/O errors * CVE-url: https://ubuntu.com/security/CVE-2022-49519 - ath10k: skip ath10k_halt during suspend for driver state RESTARTING * CVE-url: https://ubuntu.com/security/CVE-2024-36880 - Bluetooth: qca: add missing firmware sanity checks * Miscellaneous upstream changes - net: openvswitch: fix nested key length validation in the set() action - isofs: Prevent the use of too small fid - net: ppp: Add bound checking for skb data on ppp_sync_txmung - wifi: at76c50x: fix use after free access in at76_disconnect
Updated packages:
  • linux-buildinfo-4.4.0-280-tuxcare.els51-generic_4.4.0-280.314_amd64.deb
    sha:cbff734c0a62fec09d8cfe0fc9a59ddb1a86b0ef
  • linux-buildinfo-4.4.0-280-tuxcare.els51-lowlatency_4.4.0-280.314_amd64.deb
    sha:43e595e88946f50ee6165046ecdd49401d8e137b
  • linux-cloud-tools-4.4.0-280-tuxcare.els51_4.4.0-280.314_amd64.deb
    sha:90eeeb84fcdda11c9199d5fd5c1d91725b7ecc45
  • linux-cloud-tools-4.4.0-280-tuxcare.els51-generic_4.4.0-280.314_amd64.deb
    sha:9ec4b9ce9a17be13d54813bae537e94ecfa10757
  • linux-cloud-tools-4.4.0-280-tuxcare.els51-lowlatency_4.4.0-280.314_amd64.deb
    sha:453f1c2ee003fd6490c45c795fe84fb6d0ff52f2
  • linux-cloud-tools-common_4.4.0-280.314_all.deb
    sha:220a49c124c67da13db24657e792b9eba6a1b114
  • linux-doc_4.4.0-280.314_all.deb
    sha:f3ae828861561c50e90a8f04f21cc84fa0ac8c21
  • linux-headers-4.4.0-280-tuxcare.els51_4.4.0-280.314_all.deb
    sha:38ec9758eb484d8fc28a9ac9ee8dad7f1eef86c6
  • linux-headers-4.4.0-280-tuxcare.els51-generic_4.4.0-280.314_amd64.deb
    sha:f26b1151361b42e48632f143bad42157461f1d0f
  • linux-headers-4.4.0-280-tuxcare.els51-lowlatency_4.4.0-280.314_amd64.deb
    sha:c8442a2571b8d1799fefe4cda53bbe74218788f0
  • linux-image-unsigned-4.4.0-280-tuxcare.els51-generic_4.4.0-280.314_amd64.deb
    sha:abcc9bbaa622d7c6d4496b5502f1ad76ccd20e7f
  • linux-image-unsigned-4.4.0-280-tuxcare.els51-lowlatency_4.4.0-280.314_amd64.deb
    sha:3e9373e358ff368df5c49506c66dc84c6788ec54
  • linux-libc-dev_4.4.0-280.314_amd64.deb
    sha:d5d13e63c4bc2db89db41b27de21ddfb96faa8ed
  • linux-modules-4.4.0-280-tuxcare.els51-generic_4.4.0-280.314_amd64.deb
    sha:a3c5e7c69dfc66c504ce0556af40f5498305da25
  • linux-modules-4.4.0-280-tuxcare.els51-lowlatency_4.4.0-280.314_amd64.deb
    sha:d5187aa9719e00302155867713c136d33a46854f
  • linux-modules-extra-4.4.0-280-tuxcare.els51-generic_4.4.0-280.314_amd64.deb
    sha:2a41080256fceb1c1dee143efa42bec72dd2a42d
  • linux-source-4.4.0_4.4.0-280.314_all.deb
    sha:222d3d13c4f5ea0f4c2bb0a6cd0a78b8fbf73a38
  • linux-tools-4.4.0-280-tuxcare.els51_4.4.0-280.314_amd64.deb
    sha:cc0e352619d34ccccbdc88c77fdce7c79ab35a9d
  • linux-tools-4.4.0-280-tuxcare.els51-generic_4.4.0-280.314_amd64.deb
    sha:3a613300566e8ceb407513cb30aae900a67baecb
  • linux-tools-4.4.0-280-tuxcare.els51-lowlatency_4.4.0-280.314_amd64.deb
    sha:64ea38e55ce81dec6e0e6cea6ccefeab91c442af
  • linux-tools-common_4.4.0-280.314_all.deb
    sha:0a457b80da4f16db59dafaa08aece9fbecf28976
  • linux-tools-host_4.4.0-280.314_all.deb
    sha:00338dc40070a7f28a57b1248fe64893d0e5d5f8
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.