{"id":"CLSA-2025-1760546935","summary":"kernel: Fix of 43 CVEs","details":"- locking/ww_mutex/test: Fix potential workqueue corruption {CVE-2023-52836}\n- netfilter: ipset: Fix suspicious rcu_dereference_protected() {CVE-2024-40993}\n- netfilter: ipset: Fix race between namespace cleanup and gc in the list:set type {CVE-2024-39503}\n- netfilter: ipset: Missing gc cancellations fixed {CVE-2024-39503}\n- netfilter: ipset: Add list flush to cancel_gc {CVE-2024-39503}\n- netfilter: ipset: fix performance regression in swap operation {CVE-2024-26910}\n- netfilter: ipset: fix race condition between swap/destroy and kernel side add/del/test {CVE-2024-26910}\n- scsi: ses: Fix slab-out-of-bounds in ses_intf_remove() {CVE-2023-53521}\n- scsi: mpt3sas: Fix a memory leak {CVE-2023-53512}\n- scsi: iscsi_tcp: Check that sock is valid before iscsi_set_param() {CVE-2023-53464}\n- wifi: ath11k: fix deinitialization of firmware resources {CVE-2023-53532}\n- mt76: mt7915: Fix PCI device refcount leak in mt7915_pci_init_hif2() {CVE-2022-50464}\n- ionic: catch failure from devlink_alloc {CVE-2023-53470}\n- enic: Validate length of nl attributes in enic_set_vf_port {CVE-2024-38659}\n- gpiolib: cdev: fix uninitialised kfifo {CVE-2024-36898}\n- Bluetooth: hci_conn: Fix crash on hci_create_cis_sync {CVE-2022-50447}\n- net/sched: taprio: always validate TCA_TAPRIO_ATTR_PRIOMAP {CVE-2024-36974}\n- ext4: Fix function prototype mismatch for ext4_feat_ktype {CVE-2023-53224}\n- ipv6: Add lwtunnel encap size of all siblings in nexthop calculation {CVE-2023-53477}\n- netfilter: nf_tables: prefer nft_chain_validate {CVE-2024-41042}\n- netfilter: nf_conntrack: fix crash due to removal of uninitialised entry {CVE-2025-38472}\n- Bluetooth: qca: add missing firmware sanity checks {CVE-2024-36880}\n- Bluetooth: qca: fix info leak when fetching fw build id {CVE-2024-36032}\n- Bluetooth: L2CAP: fix \"bad unlock balance\" in l2cap_disconnect_rsp {CVE-2023-53297}\n- drm/amd/display: Skip finding free audio for unknown engine_id {CVE-2024-42119}\n- drm/dp_mst: Fix resetting msg rx state after topology removal {CVE-2024-57876}\n- drm/vc4: don't check if plane-\u003estate-\u003efb == state-\u003efb {CVE-2024-35932}\n- drm/nouveau/disp: fix use-after-free in error handling of nouveau_connector_create {CVE-2023-53263}\n- cifs: fix oops during encryption {CVE-2022-50341}\n- smb: client: fix use-after-free in cifs_oplock_break {CVE-2025-38527}\n- smb: client: fix race with concurrent opens in rename(2) {CVE-2025-39825}\n- ASoC: Intel: sof_sdw_rt_sdca_jack_common: ctx-\u003eheadset_codec_dev = NULL {CVE-2023-52697}\n- blk-mq: fix NULL dereference on q-\u003eelevator in blk_mq_elv_switch_none {CVE-2023-53292}\n- mlx5: fix possible ptp queue fifo use-after-free {CVE-2023-53398}\n- sctp: check send stream number after wait_for_sndbuf {CVE-2023-53296}\n- sctp: linearize cloned gso packets in sctp_rcv {CVE-2025-38718}\n- ip6mr: Fix skb_under_panic in ip6mr_cache_report() {CVE-2023-53365}\n- scsi: mpi3mr: Use number of bits to manage bitmap sizes {CVE-2023-53376}\n- scsi: qla2xxx: Remove unused nvme_ls_waitq wait queue {CVE-2023-53280}\n- mt76: mt7921: fix kernel panic by accessing unallocated eeprom.data {CVE-2023-53232}\n- wifi: ath9k: don't allow to overwrite ENDPOINT0 attributes {CVE-2023-53185}\n- fbdev: Fix invalid page access after closing deferred I/O devices {CVE-2023-52731}\n- ACPICA: Add AML_NO_OPERAND_RESOLVE flag to Timer {CVE-2023-53395}\n- ACPI: processor: idle: Check acpi_fetch_acpi_dev() return value {CVE-2022-50327}\n- media: az6007: Fix null-ptr-deref in az6007_i2c_xfer() {CVE-2023-53220}\n- media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer() {CVE-2022-50272}","modified":"2026-05-29T01:37:43.199938632Z","published":"2025-10-15T16:49:07Z","upstream":["CVE-2022-50272","CVE-2022-50327","CVE-2022-50341","CVE-2022-50447","CVE-2022-50464","CVE-2023-52697","CVE-2023-52731","CVE-2023-52836","CVE-2023-53185","CVE-2023-53220","CVE-2023-53224","CVE-2023-53232","CVE-2023-53263","CVE-2023-53280","CVE-2023-53292","CVE-2023-53296","CVE-2023-53297","CVE-2023-53365","CVE-2023-53376","CVE-2023-53395","CVE-2023-53398","CVE-2023-53464","CVE-2023-53470","CVE-2023-53477","CVE-2023-53512","CVE-2023-53521","CVE-2023-53532","CVE-2024-26910","CVE-2024-35932","CVE-2024-36032","CVE-2024-36880","CVE-2024-36898","CVE-2024-36974","CVE-2024-38659","CVE-2024-39503","CVE-2024-40993","CVE-2024-41042","CVE-2024-42119","CVE-2024-57876","CVE-2025-38472","CVE-2025-38527","CVE-2025-38718","CVE-2025-39825"],"references":[{"type":"ADVISORY","url":"https://errata.tuxcare.com/els_os/almalinux9.2esu/CLSA-2025-1760546935.html"}],"schema_version":"1.7.5"}