CLSA-2025-1736469006
See a problem?- Import Source
- https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2025-1736469006.json
- JSON Data
- https://api.osv.dev/v1/vulns/CLSA-2025-1736469006
- Upstream
- Published
- 2025-01-10T00:30:12Z
- Modified
- 2026-06-04T10:03:23.800764516Z
- Summary
- Fix of 35 CVEs
- Details
-
- CVE-url: https://ubuntu.com/security/CVE-2023-52664
- net: atlantic: eliminate double free in error handling logic
- CVE-url: https://ubuntu.com/security/CVE-2023-52698
- calipso: fix memory leak in netlblcalipsoadd_pass()
- CVE-url: https://ubuntu.com/security/CVE-2021-47466
- mm, slub: fix potential memoryleak in kmemcacheopen()
- CVE-url: https://ubuntu.com/security/CVE-2023-52757
- smb: client: fix potential deadlock when releasing mids
- CVE-url: https://ubuntu.com/security/CVE-2023-52749
- spi: Fix null dereference on suspend
- CVE-url: https://ubuntu.com/security/CVE-2024-26921
- net: ipv4: do not handle duplicate fragments as overlapping
- net: IP defrag: encapsulate rbtree defrag code into callable functions
- ipv4: remove unnecessary type castings
- skbexpandhead() adjust skb->truesize incorrectly
- inet: inet_defrag: prevent sk release while still in use
- CVE-url: https://ubuntu.com/security/CVE-2021-47082
- tun: avoid double free in tunfreenetdev
- CVE-url: https://ubuntu.com/security/CVE-2024-36968
- Bluetooth: L2CAP: Fix div-by-zero in l2capleflowctl_init()
- CVE-url: https://ubuntu.com/security/CVE-2023-52507
- nfc: nci: assert requested protocol is valid
- CVE-url: https://ubuntu.com/security/CVE-2024-44944
- netfilter: ctnetlink: use helper function to calculate expect ID
- CVE-url: https://ubuntu.com/security/CVE-2024-35861
- smb: client: fix potential UAF in cifsdebugfilesprocshow()
- smb: client: fix potential UAF in cifssignalcifsdforreconnect()
- CVE-url: https://ubuntu.com/security/CVE-2024-35863
- smb: client: fix potential UAF in smb2isvalidoplockbreak()
- CVE-url: https://ubuntu.com/security/CVE-2024-35864
- smb: client: fix potential UAF in smb2isvalidleasebreak()
- CVE-url: https://ubuntu.com/security/CVE-2024-35867
- smb: client: fix potential UAF in cifsstatsproc_show()
- CVE-url: https://ubuntu.com/security/CVE-2024-35868
- smb: client: fix potential UAF in cifsstatsproc_write()
- CVE-url: https://ubuntu.com/security/CVE-2024-35896
- netfilter: validate user input for expected length
- CVE-url: https://ubuntu.com/security/CVE-2024-27010
- net/sched: Fix mirred deadlock on device recursion
- CVE-url: https://ubuntu.com/security/CVE-2024-26961
- mac802154: fix llsec key resources release in mac802154llseckey_del
- CVE-url: https://ubuntu.com/security/CVE-2024-26958
- NFS: Fix up commit deadlocks
- nfs: fix UAF in direct writes
- CVE-url: https://ubuntu.com/security/CVE-2024-50115
- KVM: nSVM: Don't strip host's C-bit from guest's CR3 when reading PDPTRs
- KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory
- CVE-url: https://ubuntu.com/security/CVE-2024-50148
- Bluetooth: bnep: fix wild-memory-access in proto_unregister
- CVE-url: https://ubuntu.com/security/CVE-2024-40910
- ax25: Fix refcount imbalance on inbound connections
- CVE-url: https://ubuntu.com/security/CVE-2024-53057
- net/sched: stop qdisctreereducebacklog on TCH_ROOT
- CVE-url: https://ubuntu.com/security/CVE-2021-47101
- net: asix: fix uninit value bugs
- asix: fix uninit-value in asixmdioread()
- CVE-url: https://ubuntu.com/security/CVE-2024-36952
- scsi: lpfc: Move NPIV's transport unregistration to after resource clean up
- CVE-url: https://ubuntu.com/security/CVE-2023-52488
- regmap: Add regmapnoincread API
- regmap: Add regmapnoincwrite API
- serial: sc16is7xx: convert from raw to noinc regmap functions for FIFO
- CVE-url: https://ubuntu.com/security/CVE-2024-50142
- xfrm: validate new SA's prefixlen using SA family when sel.family is unset
- CVE-url: https://ubuntu.com/security/CVE-2024-50256
- netfilter: nfrejectipv6: fix potential crash in nfsendreset6()
- CVE-url: https://ubuntu.com/security/CVE-2024-50264
- vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans
- CVE-url: https://ubuntu.com/security/CVE-2021-47501
- i40e: Fix NULL pointer dereference in i40edbgdump_desc
- CVE-url: https://ubuntu.com/security/CVE-2021-47076
- RDMA/rxe: Return CQE error if invalid lkey was supplied
- CVE-url: https://ubuntu.com/security/CVE-2023-52574
- team: fix null-ptr-deref when team device type is changed
- CVE-url: https://ubuntu.com/security/CVE-2023-52477
- usb: hub: Guard against accesses to uninitialized BOS descriptors
- CVE-url: https://ubuntu.com/security/CVE-2023-52475
- Input: powermate - fix use-after-free in powermateconfigcomplete
- CVE-url: https://ubuntu.com/security/CVE-2024-39489
- ipv6: sr: fix memleak in seg6hmacinit_algo
- CVE-url: https://ubuntu.com/security/CVE-2023-52664
- References
Affected packages
TuxCare:Ubuntu:18.04
linux-buildinfo-4.15.0-242-tuxcare.els30-generic
linux-buildinfo-4.15.0-242-tuxcare.els30-lowlatency
linux-cloud-tools-4.15.0-242-tuxcare.els30
linux-cloud-tools-4.15.0-242-tuxcare.els30-generic
linux-cloud-tools-4.15.0-242-tuxcare.els30-lowlatency
linux-cloud-tools-common
linux-cloud-tools-generic
linux-cloud-tools-lowlatency
linux-crashdump
linux-doc
linux-generic
linux-headers-4.15.0-242-tuxcare.els30
linux-headers-4.15.0-242-tuxcare.els30-generic
linux-headers-4.15.0-242-tuxcare.els30-lowlatency
linux-headers-generic
linux-headers-lowlatency
linux-image-generic
linux-image-lowlatency
linux-image-unsigned-4.15.0-242-tuxcare.els30-generic
linux-image-unsigned-4.15.0-242-tuxcare.els30-lowlatency
Package
- Name
- linux-image-unsigned-4.15.0-242-tuxcare.els30-lowlatency
- Purl
- pkg:deb/tuxcare/linux-image-unsigned-4.15.0-242-tuxcare.els30-lowlatency?distro=ubuntu-18.04