{"id":"CLSA-2025-1761074747","summary":"kernel: Fix of 39 CVEs","details":"- nfs: fix UAF in direct writes {CVE-2024-26958}\n- NFSD: Fix the behavior of READ near OFFSET_MAX {CVE-2022-48827}\n- thermal: core: prevent potential string overflow {CVE-2023-52868}\n- ath5k: fix OOB in ath5k_eeprom_read_pcal_info_5111 {CVE-2021-47633}\n- RDMA/cma: Ensure rdma_addr_cancel() happens before issuing more requests {CVE-2021-47391}\n- drm/dp_mst: Fix MST sideband message body length check {CVE-2024-56616}\n- Squashfs: check the inode number is not the invalid value of zero {CVE-2024-26982}\n- wifi: mac80211: fix potential key use-after-free {CVE-2023-52530}\n- crypto: qat - resolve race condition during AER recovery {CVE-2024-26974}\n- netfilter: validate user input for expected length {CVE-2024-35896}\n- wifi: cfg80211: check A-MSDU format more carefully {CVE-2024-35937}\n- net: bridge: xmit: make sure we have at least eth header len bytes {CVE-2024-38538}\n- bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set() {CVE-2024-39487}\n- SUNRPC: Fix UAF in svc_tcp_listen_data_ready() {CVE-2023-52885}\n- tty: Fix out-of-bound vmalloc access in imageblit {CVE-2021-47383}\n- watchdog: Fix possible use-after-free by calling del_timer_sync() {CVE-2021-47321}\n- virtio-net: Add validation for used length {CVE-2021-47352}\n- USB: core: Fix hang in usb_kill_urb by adding memory barriers {CVE-2022-48760}\n- scsi: mpt3sas: Avoid test/set_bit() operating in non-allocated memory {CVE-2024-40901}\n- xfs: add bounds checking to xlog_recover_process_data {CVE-2024-41014}\n- scsi: mpt3sas: Fix use-after-free warning {CVE-2022-48695}\n- jffs2: prevent xattr node from overflowing the eraseblock {CVE-2024-38599}\n- ecryptfs: Fix buffer size for tag 66 packet {CVE-2024-38578}\n- dlm: fix plock invalid read {CVE-2022-49407}\n- media: gspca: cpia1: shift-out-of-bounds in set_flicker {CVE-2023-52764}\n- igb: Fix potential invalid memory access in igb_init_module() {CVE-2024-52332}\n- jfs: fix shift-out-of-bounds in dbSplit {CVE-2024-56597}\n- wifi: ath9k: Fix potential array-index-out-of-bounds read in ath9k_htc_txstatus() {CVE-2023-52594}\n- pid: take a reference when initializing `cad_pid` {CVE-2021-47118}\n- Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg {CVE-2023-51779}\n- sched/rt: pick_next_rt_entity(): check list_entry {CVE-2023-1077}\n- media: dm1105: Fix use after free bug in dm1105_remove due to race condition {CVE-2023-35824}\n- xen/grant-table: add gnttab_try_end_foreign_access() {CVE-2022-23038}\n- media: dvb-core: Fix use-after-free due to race at dvb_register_device() {CVE-2022-45884}\n- media: dvb-core: Fix use-after-free due on race condition at dvb_net {CVE-2022-45886}\n- media: dvb-core: Fix use-after-free on race condition at dvb_frontend {CVE-2022-45885}\n- media: dvb-core: Fix use-after-free due to race condition at dvb_ca_en50221 {CVE-2022-45919}\n- x86/elf: Disable automatic READ_IMPLIES_EXEC on 64-bit {CVE-2022-25265}\n- x86/elf: Split READ_IMPLIES_EXEC from executable PT_GNU_STACK {CVE-2022-25265}\n- x86/elf: Add table to document READ_IMPLIES_EXEC {CVE-2022-25265}\n- i2c: i801: Don't generate an interrupt on bus reset {CVE-2021-47153}","modified":"2026-06-01T00:33:25.863276892Z","published":"2025-10-21T19:25:51Z","upstream":["CVE-2024-26958","CVE-2022-48827","CVE-2023-52868","CVE-2021-47633","CVE-2021-47391","CVE-2024-56616","CVE-2024-26982","CVE-2023-52530","CVE-2024-26974","CVE-2024-35896","CVE-2024-35937","CVE-2024-38538","CVE-2024-39487","CVE-2023-52885","CVE-2021-47383","CVE-2021-47321","CVE-2021-47352","CVE-2022-48760","CVE-2024-40901","CVE-2024-41014","CVE-2022-48695","CVE-2024-38599","CVE-2024-38578","CVE-2022-49407","CVE-2023-52764","CVE-2024-52332","CVE-2024-56597","CVE-2023-52594","CVE-2021-47118","CVE-2023-51779","CVE-2023-1077","CVE-2023-35824","CVE-2022-23038","CVE-2022-45884","CVE-2022-45886","CVE-2022-45885","CVE-2022-45919","CVE-2022-25265","CVE-2021-47153"],"references":[{"type":"ADVISORY","url":"https://errata.tuxcare.com/els_os/oraclelinux6els/CLSA-2025-1761074747.html"}],"affected":[{"package":{"name":"kernel","ecosystem":"TuxCare:OracleLinux:6","purl":"pkg:rpm/tuxcare/kernel?distro=oraclelinux-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.6.32-754.35.8.el6.tuxcare.els26"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2025-1761074747.json"}},{"package":{"name":"kernel-abi-whitelists","ecosystem":"TuxCare:OracleLinux:6","purl":"pkg:rpm/tuxcare/kernel-abi-whitelists?distro=oraclelinux-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.6.32-754.35.8.el6.tuxcare.els26"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2025-1761074747.json"}},{"package":{"name":"kernel-debug","ecosystem":"TuxCare:OracleLinux:6","purl":"pkg:rpm/tuxcare/kernel-debug?distro=oraclelinux-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.6.32-754.35.8.el6.tuxcare.els26"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2025-1761074747.json"}},{"package":{"name":"kernel-debug-devel","ecosystem":"TuxCare:OracleLinux:6","purl":"pkg:rpm/tuxcare/kernel-debug-devel?distro=oraclelinux-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.6.32-754.35.8.el6.tuxcare.els26"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2025-1761074747.json"}},{"package":{"name":"kernel-devel","ecosystem":"TuxCare:OracleLinux:6","purl":"pkg:rpm/tuxcare/kernel-devel?distro=oraclelinux-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.6.32-754.35.8.el6.tuxcare.els26"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2025-1761074747.json"}},{"package":{"name":"kernel-doc","ecosystem":"TuxCare:OracleLinux:6","purl":"pkg:rpm/tuxcare/kernel-doc?distro=oraclelinux-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.6.32-754.35.8.el6.tuxcare.els26"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2025-1761074747.json"}},{"package":{"name":"kernel-firmware","ecosystem":"TuxCare:OracleLinux:6","purl":"pkg:rpm/tuxcare/kernel-firmware?distro=oraclelinux-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.6.32-754.35.8.el6.tuxcare.els26"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2025-1761074747.json"}},{"package":{"name":"kernel-headers","ecosystem":"TuxCare:OracleLinux:6","purl":"pkg:rpm/tuxcare/kernel-headers?distro=oraclelinux-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.6.32-754.35.8.el6.tuxcare.els26"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2025-1761074747.json"}},{"package":{"name":"perf","ecosystem":"TuxCare:OracleLinux:6","purl":"pkg:rpm/tuxcare/perf?distro=oraclelinux-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.6.32-754.35.8.el6.tuxcare.els26"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2025-1761074747.json"}},{"package":{"name":"python-perf","ecosystem":"TuxCare:OracleLinux:6","purl":"pkg:rpm/tuxcare/python-perf?distro=oraclelinux-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.6.32-754.35.8.el6.tuxcare.els26"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2025-1761074747.json"}}],"schema_version":"1.7.5"}