CLSA-2025-1739525795

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2025-1739525795.json
JSON Data
https://api.osv.dev/v1/vulns/CLSA-2025-1739525795
Upstream
Published
2025-02-14T09:36:40Z
Modified
2026-05-29T01:35:41.835159315Z
Summary
kernel: Fix of 24 CVEs
Details
  • media: uvcvideo: Skip parsing frames of type UVCVSUNDEFINED in uvcparseformat {CVE-2024-53104}
  • wifi: ath9k: add range check for connrspepid in htcconnectservice() {CVE-2024-53156}
  • xsk: fix OOB map writes when deleting elements {CVE-2024-56614}
  • hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer {CVE-2024-53103}
  • net: inet: do not leave a dangling sk pointer in inet_create() {CVE-2024-56601}
  • scsi: sg: Fix slab-use-after-free read in sg_release() {CVE-2024-56631}
  • scsi: sg: Enable runtime power management {CVE-2024-56631}
  • scsi: sg: Avoid race in error handling & drop bogus warn {CVE-2024-56631}
  • scsi: sg: Avoid sg device teardown race {CVE-2024-56631}
  • initramfs: avoid filename buffer overrun {CVE-2024-53142}
  • Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcommsockalloc() {CVE-2024-56604}
  • cifs: Fix use-after-free in rdata->readintopages() {CVE-2023-52741}
  • Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2capsockcreate() {CVE-2024-56605}
  • afpacket: avoid erroring out after sockinitdata() in packetcreate() {CVE-2024-56606}
  • net: ieee802154: do not leave a dangling sk pointer in ieee802154_create() {CVE-2024-56602}
  • net: inet6: do not leave a dangling sk pointer in inet6_create() {CVE-2024-56600}
  • NFSv4.0: Fix a use-after-free problem in the asynchronous open() {CVE-2024-53173}
  • net: afcan: do not leave a dangling sk pointer in cancreate() {CVE-2024-56603}
  • drm/amd: Fix UBSAN array-index-out-of-bounds for SMU7 {CVE-2023-52818}
  • rds: tcp: Fix use-after-free of net in reqsktimerhandler(). {CVE-2024-26865}
  • tcp: Save unnecessary inettwskpurge() calls. {CVE-2024-26865}
  • ceph: prevent use-after-free in encodecapmsg() {CVE-2024-26689}
  • drm/amd/display: Fix out-of-bounds access in 'dcn21linkencoder_create' {CVE-2024-56608}
  • bpf: Check validity of link->type in bpflinkshow_fdinfo() {CVE-2024-53099}
  • drm/amd/pm: fix a double-free in sidpminit {CVE-2023-52691}
  • netfilter: ipset: add missing range check in bitmapipuadt {CVE-2024-53141}
  • tipc: fix NULL deref in cleanup_bearer() {CVE-2024-56661}
  • tipc: Fix use-after-free of kernel socket in cleanup_bearer(). {CVE-2024-56642}
References

Affected packages