{"id":"CLSA-2025-1766600619","summary":"kernel: Fix of 27 CVEs","details":"- xfrm: Duplicate SPI Handling {CVE-2025-39965}\n- xfrm: state: use atomic_inc_not_zero to increment refcount\n- padata: Fix pd UAF once and for all {CVE-2025-38584}\n- padata: Remove broken queue flushing {CVE-2023-52854}\n- padata: ensure padata_do_serial() runs on the correct CPU\n- Bluetooth: L2CAP: Fix use-after-free {CVE-2023-53305}\n- wifi: brcmfmac: fix use-after-free bug in brcmf_netdev_start_xmit() {CVE-2022-50408}\n- sctp: linearize cloned gso packets in sctp_rcv {CVE-2025-38718}\n- ip6mr: Fix skb_under_panic in ip6mr_cache_report() {CVE-2023-53365}\n- Bluetooth: L2CAP: Fix user-after-free {CVE-2022-50386}\n- Bluetooth: L2CAP: Fix use-after-free caused by l2cap_chan_put {CVE-2022-3640}\n- ipvs: fix WARNING in ip_vs_app_net_cleanup() {CVE-2022-49917}\n- ipvs: fix WARNING in __ip_vs_cleanup_batch() {CVE-2022-49918}\n- ipvs: use explicitly signed chars\n- vt: Clear selection before changing the font {CVE-2022-49948}\n- fs: prevent out-of-bounds array speculation when closing a file descriptor {CVE-2023-53117}\n- xen/netfront: react properly to failing gnttab_end_foreign_access_ref() {CVE-2022-48900}\n- netlink: prevent potential spectre v1 gadgets {CVE-2023-53000}\n- igb: Do not free q_vector unless new one was allocated {CVE-2022-50252}\n- scsi: target: Fix WRITE_SAME No Data Buffer crash {CVE-2022-21546}\n- net: mdio: fix undefined behavior in bit shift for __mdiobus_register {CVE-2022-49907}\n- dm raid: fix address sanitizer warning in raid_status {CVE-2022-50084}\n- dm raid: fix address sanitizer warning in raid_resume {CVE-2022-50085}\n- capabilities: fix undefined behavior in bit shift for CAP_TO_MASK {CVE-2022-49870}\n- wifi: brcmfmac: Fix potential stack-out-of-bounds in brcmf_c_preinit_dcmds() {CVE-2022-50258}\n- usb: xhci: Fix isochronous Ring Underrun/Overrun event handling {CVE-2025-37882}\n- Bluetooth: hci_core: Fix use-after-free in vhci_flush() {CVE-2025-38250}\n- ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control {CVE-2025-39751}\n- jbd2: remove wrong sb-\u003es_sequence check {CVE-2025-37839}\n- net_sched: hfsc: Fix a UAF vulnerability in class handling\n- crypto: seqiv - Handle EBUSY correctly {CVE-2023-53373}","modified":"2026-06-01T00:33:27.954555279Z","published":"2025-12-25T10:54:09Z","upstream":["CVE-2025-39965","CVE-2025-38584","CVE-2023-52854","CVE-2023-53305","CVE-2022-50408","CVE-2025-38718","CVE-2023-53365","CVE-2022-50386","CVE-2022-3640","CVE-2022-49917","CVE-2022-49918","CVE-2022-49948","CVE-2023-53117","CVE-2022-48900","CVE-2023-53000","CVE-2022-50252","CVE-2022-21546","CVE-2022-49907","CVE-2022-50084","CVE-2022-50085","CVE-2022-49870","CVE-2022-50258","CVE-2025-37882","CVE-2025-38250","CVE-2025-39751","CVE-2025-37839","CVE-2023-53373"],"references":[{"type":"ADVISORY","url":"https://errata.tuxcare.com/els_os/rhel7els/CLSA-2025-1766600619.html"}],"affected":[{"package":{"name":"bpftool","ecosystem":"TuxCare:RHEL:7","purl":"pkg:rpm/tuxcare/bpftool?distro=rhel-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.10.0-1160.139.1.el7.tuxcare.els3"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/rhel7els/CLSA-2025-1766600619.json"}},{"package":{"name":"kernel","ecosystem":"TuxCare:RHEL:7","purl":"pkg:rpm/tuxcare/kernel?distro=rhel-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.10.0-1160.139.1.el7.tuxcare.els3"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/rhel7els/CLSA-2025-1766600619.json"}},{"package":{"name":"kernel-debug","ecosystem":"TuxCare:RHEL:7","purl":"pkg:rpm/tuxcare/kernel-debug?distro=rhel-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.10.0-1160.139.1.el7.tuxcare.els3"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/rhel7els/CLSA-2025-1766600619.json"}},{"package":{"name":"kernel-debug-devel","ecosystem":"TuxCare:RHEL:7","purl":"pkg:rpm/tuxcare/kernel-debug-devel?distro=rhel-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.10.0-1160.139.1.el7.tuxcare.els3"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/rhel7els/CLSA-2025-1766600619.json"}},{"package":{"name":"kernel-devel","ecosystem":"TuxCare:RHEL:7","purl":"pkg:rpm/tuxcare/kernel-devel?distro=rhel-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.10.0-1160.139.1.el7.tuxcare.els3"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/rhel7els/CLSA-2025-1766600619.json"}},{"package":{"name":"kernel-headers","ecosystem":"TuxCare:RHEL:7","purl":"pkg:rpm/tuxcare/kernel-headers?distro=rhel-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.10.0-1160.139.1.el7.tuxcare.els3"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/rhel7els/CLSA-2025-1766600619.json"}},{"package":{"name":"kernel-tools","ecosystem":"TuxCare:RHEL:7","purl":"pkg:rpm/tuxcare/kernel-tools?distro=rhel-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.10.0-1160.139.1.el7.tuxcare.els3"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/rhel7els/CLSA-2025-1766600619.json"}},{"package":{"name":"kernel-tools-libs","ecosystem":"TuxCare:RHEL:7","purl":"pkg:rpm/tuxcare/kernel-tools-libs?distro=rhel-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.10.0-1160.139.1.el7.tuxcare.els3"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/rhel7els/CLSA-2025-1766600619.json"}},{"package":{"name":"kernel-tools-libs-devel","ecosystem":"TuxCare:RHEL:7","purl":"pkg:rpm/tuxcare/kernel-tools-libs-devel?distro=rhel-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.10.0-1160.139.1.el7.tuxcare.els3"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/rhel7els/CLSA-2025-1766600619.json"}},{"package":{"name":"perf","ecosystem":"TuxCare:RHEL:7","purl":"pkg:rpm/tuxcare/perf?distro=rhel-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.10.0-1160.139.1.el7.tuxcare.els3"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/rhel7els/CLSA-2025-1766600619.json"}},{"package":{"name":"python-perf","ecosystem":"TuxCare:RHEL:7","purl":"pkg:rpm/tuxcare/python-perf?distro=rhel-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.10.0-1160.139.1.el7.tuxcare.els3"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/rhel7els/CLSA-2025-1766600619.json"}}],"schema_version":"1.7.5"}