[CLSA-2025:1753083608] Fix of 17 CVEs

Type:

security

Severity:

Important

Release date:

2025-07-21 07:40:12 UTC

Description:

   * Focal update: v5.4.292 upstream stable release (LP: #2109357) // CVE-url:
     https://ubuntu.com/security/CVE-2025-37937
     - objtool, media: dib8000: Prevent divide-by-zero in dib8000_set_dds()
   * Focal update: v5.4.287 upstream stable release (LP: #2095145) // CVE-url:
     https://ubuntu.com/security/CVE-2024-53197
     - ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox
       devices
   * CVE-url: https://ubuntu.com/security/CVE-2024-46787
     - userfaultfd: fix checks for huge PMDs
   * CVE-url: https://ubuntu.com/security/CVE-2025-37798
     - sch_drr: make drr_qlen_notify() idempotent
     - sch_hfsc: make hfsc_qlen_notify() idempotent
     - sch_qfq: make qfq_qlen_notify() idempotent
     - codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog()
   * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
     CVE-2024-50116 // CVE-url: https://ubuntu.com/security/CVE-2024-50116
     - nilfs2: fix kernel bug due to missing clearing of buffer delay flag
   * Focal update: v5.4.285 upstream stable release (LP: #2089233) //
     CVE-2024-49958 // CVE-url: https://ubuntu.com/security/CVE-2024-49958
     - ocfs2: reserve space for inline xattr before attaching reflink tree
   * Focal update: v5.4.286 upstream stable release (LP: #2089558) // CVE-url:
     https://ubuntu.com/security/CVE-2021-47195
     - spi: fix use-after-free of the add_lock mutex
   * CVE-url: https://ubuntu.com/security/CVE-2021-47469
     - spi: Fix deadlock when adding SPI controllers on SPI buses
   * CVE-url: https://ubuntu.com/security/CVE-2025-39735
     - jfs: fix slab-out-of-bounds read in ea_get()
   * CVE-url: https://ubuntu.com/security/CVE-2025-22020
     - memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove
   * CVE-url: https://ubuntu.com/security/CVE-2025-22004
     - net: atm: fix use after free in lec_send()
   * CVE-url: https://ubuntu.com/security/CVE-2025-39688
     - nfsd: allow SC_STATUS_FREEABLE when searching via nfs4_lookup_stateid()
   * CVE-url: https://ubuntu.com/security/CVE-2022-49892
     - ftrace: Fix use-after-free for dynamic ftrace_ops
   * CVE-url: https://ubuntu.com/security/CVE-2021-47293
     - net/sched: act_skbmod: Skip non-Ethernet packets
   * CVE-url: https://ubuntu.com/security/CVE-2024-50106
     - nfsd: simplify nfs4_put_deleg_lease calls
     - nfsd: factor out common delegation-destruction code
     - nfsd: Fix race to FREE_STATEID and cl_revoked
     - nfsd: don't call functions with side-effecting inside WARN_ON()
     - nfsd: remove fault injection code
     - nfsd: avoid race after unhash_delegation_locked()
     - nfsd4: don't set lock stateid's sc_type to CLOSED
     - nfsd: split sc_status out of sc_type
     - nfsd: fix race between laundromat and free_stateid
   * CVE-url: https://ubuntu.com/security/CVE-2024-57982
     - xfrm: state: fix out-of-bounds read during lookup
   * CVE-url: https://ubuntu.com/security/CVE-2023-52588
     - f2fs: fix to tag gcing flag on page during block migration
   * Miscellaneous Ubuntu changes
     - [Config] updateconfigs for NFSD_FAULT_INJECTION

Updated packages:

linux-buildinfo-4.15.0-249-tuxcare.els37-generic_4.15.0-249.260_amd64.deb
sha:a3362c31fed8314d99c15ed99c7177e40c6be01a
linux-buildinfo-4.15.0-249-tuxcare.els37-lowlatency_4.15.0-249.260_amd64.deb
sha:7eaa18ac5aa6d8796e47ec2a9dbf9f0301b04b72
linux-cloud-tools-4.15.0-249-tuxcare.els37_4.15.0-249.260_amd64.deb
sha:88659c4108886faadd8c3e81f247450ebe684a9c
linux-cloud-tools-4.15.0-249-tuxcare.els37-generic_4.15.0-249.260_amd64.deb
sha:badf58fcaff887d45b026502c4016442bece102f
linux-cloud-tools-4.15.0-249-tuxcare.els37-lowlatency_4.15.0-249.260_amd64.deb
sha:c20ff499265ec40fe1eaf68eb0ca3b934cb64826
linux-cloud-tools-common_4.15.0-249.260_all.deb
sha:08cfecd22179f9511655d466b4627867239e920c
linux-doc_4.15.0-249.260_all.deb
sha:c92a92eb9346436b0746b9ed4d39310d23566e26
linux-headers-4.15.0-249-tuxcare.els37_4.15.0-249.260_all.deb
sha:0fb81205726f01813781fb30dbcee792c0c9c519
linux-headers-4.15.0-249-tuxcare.els37-generic_4.15.0-249.260_amd64.deb
sha:87e93e7a2f4df0b0cf7bb0d68ecd1ab66990d34d
linux-headers-4.15.0-249-tuxcare.els37-lowlatency_4.15.0-249.260_amd64.deb
sha:66e6015e927239d07e976cc853490fbe7e03240f
linux-image-unsigned-4.15.0-249-tuxcare.els37-generic_4.15.0-249.260_amd64.deb
sha:4a23574ecc416622a8fb7134697bd7fd30d44d4f
linux-image-unsigned-4.15.0-249-tuxcare.els37-lowlatency_4.15.0-249.260_amd64.deb
sha:f69d3bb9974ba07eb8532f47c592934bdfeaf0ca
linux-libc-dev_4.15.0-249.260_amd64.deb
sha:85177df1976e8e40c6c51d62b6f1a64ebe219d53
linux-modules-4.15.0-249-tuxcare.els37-generic_4.15.0-249.260_amd64.deb
sha:3de4b0d8221418eed36058c5712c9a04528c8d53
linux-modules-4.15.0-249-tuxcare.els37-lowlatency_4.15.0-249.260_amd64.deb
sha:868fefb658f5076291e3cdb784bcfdd9df521641
linux-modules-extra-4.15.0-249-tuxcare.els37-generic_4.15.0-249.260_amd64.deb
sha:b97ba5a303d6e1ae5767a015b392ccb09f112473
linux-source-4.15.0_4.15.0-249.260_all.deb
sha:e150859204c64d33bb4329e40a4182f40f2bce81
linux-tools-4.15.0-249-tuxcare.els37_4.15.0-249.260_amd64.deb
sha:0b92621308df84265bf527e482c034a89f490ed5
linux-tools-4.15.0-249-tuxcare.els37-generic_4.15.0-249.260_amd64.deb
sha:bafb873d0d0c88ab1c65b4b29f1c3d43aed56abe
linux-tools-4.15.0-249-tuxcare.els37-lowlatency_4.15.0-249.260_amd64.deb
sha:3539c3cd508536a04c2674d756d2335edb2950ec
linux-tools-common_4.15.0-249.260_all.deb
sha:b1b6538d32c3f7c6dfdadafc76493edff54bad12
linux-tools-host_4.15.0-249.260_all.deb
sha:95ea88ecd4b652b5b419bdbdacc4c63dd70d8169

Notes:

This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.