[CLSA-2026:1780132171] Fix of 25 CVEs

Type:

security

Severity:

Important

Release date:

2026-05-30 09:09:36 UTC

Description:

   * CVE-2025-68724
     - crypto: asymmetric_keys - prevent overflow in asymmetric_key_generate_id
       {CVE-2025-68724}
   * CVE-2025-71196
     - phy: stm32-usphyc: Fix off by one in probe() {CVE-2025-71196}
   * CVE-2026-23033
     - dmaengine: omap-dma: fix dma_pool resource leak in error paths
       {CVE-2026-23033}
   * CVE-2026-23049
     - drm/panel-simple: fix connector type for DataImage SCF0700C48GGU18 panel
       {CVE-2026-23049}
   * CVE-2026-23318
     - ALSA: usb-audio: Use correct version for UAC3 header validation
       {CVE-2026-23318}
   * CVE-2026-23372
     - nfc: rawsock: cancel tx_work before socket teardown {CVE-2026-23372}
   * CVE-2026-23397
     - nfnetlink_osf: validate individual option lengths in fingerprints
       {CVE-2026-23397}
   * CVE-2026-23406
     - apparmor: fix side-effect bug in match_char() macro usage {CVE-2026-23406}
   * CVE-2026-23407
     - apparmor: fix missing bounds check on DEFAULT table in verify_dfa()
       {CVE-2026-23407}
   * CVE-2026-31494
     - net: macb: use the current queue number for stats {CVE-2026-31494}
   * CVE-2026-31504
     - net: fix fanout UAF in packet_release() via NETDEV_UP race
       {CVE-2026-31504}
   * CVE-2026-31576
     - media: hackrf: fix to not free memory after the device is registered in
       hackrf_probe() {CVE-2026-31576}
   * CVE-2026-31583
     - media: em28xx: fix use-after-free in em28xx_v4l2_open() {CVE-2026-31583}
   * CVE-2026-31622
     - NFC: digital: Bounds check NFC-A cascade depth in SDD response handler
       {CVE-2026-31622}
   * CVE-2026-31629
     - nfc: llcp: add missing return after LLCP_CLOSED checks {CVE-2026-31629}
   * CVE-2026-31659
     - batman-adv: reject oversized global TT response buffers {CVE-2026-31659}
   * CVE-2026-31720
     - usb: gadget: f_uac1_legacy: validate control request size {CVE-2026-31720}
   * CVE-2026-43236
     - drm/atmel-hlcdc: fix use-after-free of drm_crtc_commit after release
       {CVE-2026-43236}
   * CVE-2026-43283
     - net: ethernet: ec_bhf: Fix dma_free_coherent() dma handle {CVE-2026-43283}
   * CVE-2026-43373
     - net: ncsi: fix skb leak in error paths {CVE-2026-43373}
   * CVE-2026-43206
     - drm/amdkfd: Fix out-of-bounds write in kfd_event_page_set()
       {CVE-2026-43206}
   * CVE-2026-31778
     - ALSA: caiaq: fix stack out-of-bounds read in init_card {CVE-2026-31778}
   * CVE-2026-43040
     - net: ipv6: ndisc: fix ndisc_ra_useropt to initialize nduseropt_padX fields
       to zero to prevent an info-leak {CVE-2026-43040}
   * CVE-2026-43141
     - ntb: ntb_hw_switchtec: Fix shift-out-of-bounds for 0 mw lut
       {CVE-2026-43141}
   * CVE-2026-23388
     - Squashfs: check metadata block offset is within range {CVE-2026-23388}
   * Miscellaneous upstream changes
     - UBUNTU: adjust changelog history to match cranky format
     - smb: client: reject userspace cifs.spnego descriptions
   * Bump ABI 5.4.0-231

Updated packages:

linux-buildinfo-5.4.0-231-generic_5.4.0-231.251+tuxcare.els1_amd64.deb
sha:265515a32dc1967a6da5708616441702447b13e2
linux-buildinfo-5.4.0-231-lowlatency_5.4.0-231.251+tuxcare.els1_amd64.deb
sha:f087eb3dbf16d5c96e99af162ce5668b325893d9
linux-cloud-tools-5.4.0-231_5.4.0-231.251+tuxcare.els1_amd64.deb
sha:4d1ed67db58bed9aedde6b6ff4756d86ac239d3e
linux-cloud-tools-5.4.0-231-generic_5.4.0-231.251+tuxcare.els1_amd64.deb
sha:60245aa79b53f9862a9b5b61a81bae2f0f456a78
linux-cloud-tools-5.4.0-231-lowlatency_5.4.0-231.251+tuxcare.els1_amd64.deb
sha:ee8b47c7be10206261e0c930a6e25b69c7846907
linux-cloud-tools-common_5.4.0-231.251+tuxcare.els1_all.deb
sha:12d10f5f56b9f577e5b4ef9656472b9c5918c128
linux-doc_5.4.0-231.251+tuxcare.els1_all.deb
sha:77a43f266f02f6db946d12b3c5d218ba6108e259
linux-headers-5.4.0-231_5.4.0-231.251+tuxcare.els1_all.deb
sha:9bd5639d6b57e7ba4ceb0c1f4a5d256d03c77b7b
linux-headers-5.4.0-231-generic_5.4.0-231.251+tuxcare.els1_amd64.deb
sha:ab8ce702a7fce9e8cb167b4628f3740b1ab397ce
linux-headers-5.4.0-231-lowlatency_5.4.0-231.251+tuxcare.els1_amd64.deb
sha:a34f4df7fde33f76a0b11dc7ffc7cea28eaaeada
linux-image-unsigned-5.4.0-231-generic_5.4.0-231.251+tuxcare.els1_amd64.deb
sha:43012f22abe45c8838455ceabd4b5c40f7ecbe16
linux-image-unsigned-5.4.0-231-lowlatency_5.4.0-231.251+tuxcare.els1_amd64.deb
sha:33374a355c2db136b370d9693f522a4cd43eff71
linux-libc-dev_5.4.0-231.251+tuxcare.els1_amd64.deb
sha:035193b077be9eb8c5c873bfd690066e46c0be0e
linux-modules-5.4.0-231-generic_5.4.0-231.251+tuxcare.els1_amd64.deb
sha:47af1993400758b1e7f53e4471ec4a30c45efffc
linux-modules-5.4.0-231-lowlatency_5.4.0-231.251+tuxcare.els1_amd64.deb
sha:60f955e36457499a4b9d4747e859ca4fa26c1c5d
linux-modules-extra-5.4.0-231-generic_5.4.0-231.251+tuxcare.els1_amd64.deb
sha:4af1f8ba8c981a8469a36ab5cdde67b957f1a254
linux-source-5.4.0_5.4.0-231.251+tuxcare.els1_all.deb
sha:7acea2bde051510d8d62c3e2b34724b82ab0afa0
linux-tools-5.4.0-231_5.4.0-231.251+tuxcare.els1_amd64.deb
sha:27b33a610cf96fae96c660a19e830757093e7f04
linux-tools-5.4.0-231-generic_5.4.0-231.251+tuxcare.els1_amd64.deb
sha:80755fa7245ce831245d38458e10a7a7ab207dc6
linux-tools-5.4.0-231-lowlatency_5.4.0-231.251+tuxcare.els1_amd64.deb
sha:ceced7c324b4cfd8cc0237e1d70e2483ad5871b6
linux-tools-common_5.4.0-231.251+tuxcare.els1_all.deb
sha:4a37d0be5e118ed89ee4cee53441bfa13121e7f4
linux-tools-host_5.4.0-231.251+tuxcare.els1_all.deb
sha:dd4b1c166baccdbf4e46d01042ecd29505bb33b6

Notes:

This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.