{"id":"CLSA-2026-1768669128","summary":"kernel: Fix of 39 CVEs","details":"- Bluetooth: hci_sysfs: Fix attempting to call device_add multiple times {CVE-2022-50419}\n- firewire: net: fix use after free in fwnet_finish_incoming_packet() {CVE-2023-53432}\n- wifi: brcmfmac: fix use-after-free bug in brcmf_netdev_start_xmit() {CVE-2022-50408}\n- wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies() {CVE-2023-1380}\n- wifi: mac80211_hwsim: drop short frames {CVE-2023-53321}\n- wifi: cfg80211: Fix use after free for wext {CVE-2023-53153}\n- scsi: libsas: Fix use-after-free bug in smp_execute_task_sg() {CVE-2022-50422}\n- wifi: brcmfmac: fix use-after-free when rescheduling brcmf_btcoex_info work {CVE-2025-39863}\n- NFSD: Protect against send buffer overflow in NFSv2 READ {CVE-2022-43945}\n- can: bcm: add locking for bcm_op runtime updates {CVE-2025-38004}\n- Squashfs: check return result of sb_min_blocksize {CVE-2025-38415}\n- scsi: qla2xxx: Wait for io return on terminate rport {CVE-2023-53322}\n- fs: fix UAF/GPF bug in nilfs_mdt_destroy {CVE-2022-2978}\n- ipv6: Fix infinite recursion in fib6_dump_done(). {CVE-2024-35886}\n- wifi: ath9k_htc: Abort software beacon handling if disabled {CVE-2025-38157}\n- atm: Release atm_dev_mutex after removing procfs in atm_dev_deregister(). {CVE-2025-38245}\n- atm: clip: Fix infinite recursive call of clip_push(). {CVE-2025-38459}\n- smb: client: Fix use-after-free in cifs_fill_dirent {CVE-2025-38051}\n- spec: merge oraclelinux6els changes\n- ip6mr: Fix skb_under_panic in ip6mr_cache_report() {CVE-2023-53365}\n- ipvs: fix WARNING in ip_vs_app_net_cleanup() {CVE-2022-49917}\n- ipvs: fix WARNING in __ip_vs_cleanup_batch() {CVE-2022-49918}\n- ipvs: use explicitly signed chars\n- HID: core: Harden s32ton() against conversion to 0 bits {CVE-2025-38556}\n- net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too {CVE-2025-37823}\n- xen/netfront: react properly to failing gnttab_end_foreign_access_ref() {CVE-2022-48900}\n- netlink: prevent potential spectre v1 gadgets {CVE-2023-53000}\n- mtd: inftlcore: Add error check for inftl_read_oob() {CVE-2025-37892}\n- igb: Do not free q_vector unless new one was allocated {CVE-2022-50252}\n- scsi: target: Fix WRITE_SAME No Data Buffer crash {CVE-2022-21546}\n- net: mdio: fix undefined behavior in bit shift for __mdiobus_register {CVE-2022-49907}\n- capabilities: fix undefined behavior in bit shift for CAP_TO_MASK {CVE-2022-49870}\n- wifi: brcmfmac: Fix potential stack-out-of-bounds in brcmf_c_preinit_dcmds() {CVE-2022-50258}\n- md-raid10: fix KASAN warning {CVE-2022-50211}\n- usb: xhci: Fix isochronous Ring Underrun/Overrun event handling {CVE-2025-37882}\n- ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control {CVE-2025-39751}\n- crypto: seqiv - Handle EBUSY correctly {CVE-2023-53373}\n- wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy() {CVE-2024-58014}\n- isofs: Prevent the use of too small fid {CVE-2025-37780}\n- net: openvswitch: fix nested key length validation in the set() action {CVE-2025-37789}\n- partitions: mac: fix handling of bogus partition table {CVE-2025-21772}","modified":"2026-06-01T00:33:16.769304365Z","published":"2026-01-20T12:06:07Z","upstream":["CVE-2022-50419","CVE-2023-53432","CVE-2022-50408","CVE-2023-1380","CVE-2023-53321","CVE-2023-53153","CVE-2022-50422","CVE-2025-39863","CVE-2022-43945","CVE-2025-38004","CVE-2025-38415","CVE-2023-53322","CVE-2022-2978","CVE-2024-35886","CVE-2025-38157","CVE-2025-38245","CVE-2025-38459","CVE-2025-38051","CVE-2023-53365","CVE-2022-49917","CVE-2022-49918","CVE-2025-38556","CVE-2025-37823","CVE-2022-48900","CVE-2023-53000","CVE-2025-37892","CVE-2022-50252","CVE-2022-21546","CVE-2022-49907","CVE-2022-49870","CVE-2022-50258","CVE-2022-50211","CVE-2025-37882","CVE-2025-39751","CVE-2023-53373","CVE-2024-58014","CVE-2025-37780","CVE-2025-37789","CVE-2025-21772"],"references":[{"type":"ADVISORY","url":"https://errata.tuxcare.com/els_os/centos6els/CLSA-2026-1768669128.html"}],"affected":[{"package":{"name":"kernel","ecosystem":"TuxCare:CentOS:6","purl":"pkg:rpm/tuxcare/kernel?distro=centos-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.6.32-754.35.8.el6.tuxcare.els28"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2026-1768669128.json"}},{"package":{"name":"kernel-abi-whitelists","ecosystem":"TuxCare:CentOS:6","purl":"pkg:rpm/tuxcare/kernel-abi-whitelists?distro=centos-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.6.32-754.35.8.el6.tuxcare.els28"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2026-1768669128.json"}},{"package":{"name":"kernel-debug","ecosystem":"TuxCare:CentOS:6","purl":"pkg:rpm/tuxcare/kernel-debug?distro=centos-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.6.32-754.35.8.el6.tuxcare.els28"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2026-1768669128.json"}},{"package":{"name":"kernel-debug-devel","ecosystem":"TuxCare:CentOS:6","purl":"pkg:rpm/tuxcare/kernel-debug-devel?distro=centos-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.6.32-754.35.8.el6.tuxcare.els28"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2026-1768669128.json"}},{"package":{"name":"kernel-devel","ecosystem":"TuxCare:CentOS:6","purl":"pkg:rpm/tuxcare/kernel-devel?distro=centos-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.6.32-754.35.8.el6.tuxcare.els28"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2026-1768669128.json"}},{"package":{"name":"kernel-doc","ecosystem":"TuxCare:CentOS:6","purl":"pkg:rpm/tuxcare/kernel-doc?distro=centos-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.6.32-754.35.8.el6.tuxcare.els28"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2026-1768669128.json"}},{"package":{"name":"kernel-firmware","ecosystem":"TuxCare:CentOS:6","purl":"pkg:rpm/tuxcare/kernel-firmware?distro=centos-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.6.32-754.35.8.el6.tuxcare.els28"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2026-1768669128.json"}},{"package":{"name":"kernel-headers","ecosystem":"TuxCare:CentOS:6","purl":"pkg:rpm/tuxcare/kernel-headers?distro=centos-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.6.32-754.35.8.el6.tuxcare.els28"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2026-1768669128.json"}},{"package":{"name":"perf","ecosystem":"TuxCare:CentOS:6","purl":"pkg:rpm/tuxcare/perf?distro=centos-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.6.32-754.35.8.el6.tuxcare.els28"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2026-1768669128.json"}},{"package":{"name":"python-perf","ecosystem":"TuxCare:CentOS:6","purl":"pkg:rpm/tuxcare/python-perf?distro=centos-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.6.32-754.35.8.el6.tuxcare.els28"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2026-1768669128.json"}}],"schema_version":"1.7.5"}