CLSA-2025-1738592614

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2025-1738592614.json
JSON Data
https://api.osv.dev/v1/vulns/CLSA-2025-1738592614
Upstream
Published
2025-02-03T14:23:43Z
Modified
2026-05-29T01:37:26.799784206Z
Summary
kernel: Fix of 26 CVEs
Details
  • xsk: fix OOB map writes when deleting elements {CVE-2024-56614}
  • hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer {CVE-2024-53103}
  • scsi: sg: Fix slab-use-after-free read in sg_release() {CVE-2024-56631}
  • net: inet: do not leave a dangling sk pointer in inet_create() {CVE-2024-56601}
  • initramfs: avoid filename buffer overrun {CVE-2024-53142}
  • wifi: ath9k: add range check for connrspepid in htcconnectservice() {CVE-2024-53156}
  • ALSA: usb-audio: Fix out of bounds reads when finding clock sources {CVE-2024-53150}
  • Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcommsockalloc() {CVE-2024-56604}
  • Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2capsockcreate() {CVE-2024-56605}
  • afpacket: avoid erroring out after sockinitdata() in packetcreate() {CVE-2024-56606}
  • afpacket: Block execution of tasks waiting for transmit to complete in AFPACKET {CVE-2024-56606}
  • scsi: bfa: Fix use-after-free in bfadimmodule_exit() {CVE-2024-53227}
  • net: ieee802154: do not leave a dangling sk pointer in ieee802154_create() {CVE-2024-56602}
  • net: inet6: do not leave a dangling sk pointer in inet6_create() {CVE-2024-56600}
  • NFSv4.0: Fix a use-after-free problem in the asynchronous open() {CVE-2024-53173}
  • net: afcan: do not leave a dangling sk pointer in cancreate() {CVE-2024-56603}
  • ceph: prevent use-after-free in encodecapmsg() {CVE-2024-26689}
  • drm/amd/display: Fix out-of-bounds access in 'dcn21linkencoder_create' {CVE-2024-56608}
  • netfilter: ipset: add missing range check in bitmapipuadt {CVE-2024-53141}
  • tipc: Fix use-after-free of kernel socket in cleanup_bearer(). {CVE-2024-27043}
  • smb: client: fix potential UAF in cifsstatsproc_write() {CVE-2024-35868}
  • smb: client: fix potential UAF in cifsstatsproc_show() {CVE-2024-35867}
  • smb: client: fix potential UAF in smb2isvalidleasebreak() {CVE-2024-35864}
  • smb: client: fix potential UAF in smb2isvalidoplockbreak() {CVE-2024-35863}
  • smb: client: fix potential UAF in cifssignalcifsdforreconnect() {CVE-2024-35861}
  • smb: client: fix use-after-free bug in cifsdebugdataprocshow() {CVE-2023-52752}
  • smb: client: fix potential UAF in cifsdebugfilesprocshow() {CVE-2024-26928}
References

Affected packages