CLSA-2025-1736783731

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2025-1736783731.json
JSON Data
https://api.osv.dev/v1/vulns/CLSA-2025-1736783731
Upstream
Published
2025-01-13T15:55:38Z
Modified
2026-05-29T01:37:07.744064627Z
Summary
kernel: Fix of 10 CVEs
Details
  • media: edia: dvbdev: fix a use-after-free {CVE-2024-27043}
  • vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans {CVE-2024-50264}
  • net/sched: stop qdisctreereducebacklog on TCH_ROOT {CVE-2024-53057}
  • bpf: Fix out-of-bounds write in triegetnext_key() {CVE-2024-50262}
  • KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory {CVE-2024-50115}
  • smb: client: fix UAF in async decryption {CVE-2024-50047}
  • cifs: Adjust key sizes and key generation routines for AES256 encryption {CVE-2024-50047}
  • smb3: rename encryption/decryption TFMs {CVE-2024-50047}
  • uprobe: avoid out-of-bounds memory access of fetching args {CVE-2024-50067}
  • net: do not delay dstentriesadd() in dst_release() {CVE-2024-50036}
  • mptcp: pm: Fix uaf in __timerdeletesync {CVE-2024-46858}
  • firmware_loader: Block path traversal {CVE-2024-47742}
References

Affected packages