CLSA-2025-1747725447

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1747725447.json
JSON Data
https://api.osv.dev/v1/vulns/CLSA-2025-1747725447
Upstream
Published
2025-05-20T10:24:45Z
Modified
2026-05-29T01:35:55.964382736Z
Summary
kernel: Fix of 35 CVEs
Details
  • ext4: fix OOB read when checking dotdot dir {CVE-2025-37785}
  • wifi: iwlwifi: limit printed string from FW file {CVE-2025-21905}
  • drm/amdgpu: Fix potential out-of-bounds access in 'amdgpudiscoveryregbaseinit()' {CVE-2024-27042}
  • dm-crypt: don't modify the data when using authenticated encryption {CVE-2024-26763}
  • sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket {CVE-2024-53168}
  • cifs: Fix UAF in cifsdemultiplexthread() {CVE-2023-52572}
  • veth: Fix use after free in XDP_REDIRECT {CVE-2023-53107}
  • firmware: armscmi: Fix slab-use-after-free in scmibus_notifier() {CVE-2024-53068}
  • arm64/sve: Discard stale CPU state when handling SVE traps {CVE-2024-50275}
  • Bluetooth: L2CAP: Fix slab-use-after-free Read in l2capsendcmd {CVE-2025-21969}
  • wifi: mt76: mt7921e: fix use-after-free in free_irq() {CVE-2024-26892}
  • rtc: pcf85063: fix potential OOB write in PCF85063 NVMEM read {CVE-2024-58069}
  • nvme-tcp: fix potential memory corruption in nvmetcprecv_pdu() {CVE-2025-21927}
  • pfifotailenqueue: Drop new packet when sch->limit == 0 {CVE-2025-21702}
  • netsched: schfifo: implement lockless _fifodump() {CVE-2025-21702}
  • iscsiibft: Fix UBSAN shift-out-of-bounds warning in ibftattrshownic() {CVE-2025-21993}
  • vlan: enforce underlying device type {CVE-2025-21920}
  • HID: intel-ish-hid: Fix use-after-free issue in ishtphidremove() {CVE-2025-21928}
  • watch_queue: Actually free the watch {CVE-2022-49256}
  • can: bcm: Fix UAF in bcmprocshow() {CVE-2023-52922}
  • ALSA: hda/via: Avoid potential array out-of-bound in addsecretdac_path() {CVE-2023-52988}
  • netfilter: nfsetpipapo: fix initial map fill {CVE-2024-57947}
  • hwmon: (lm90) Prevent integer overflow/underflow in hysteresis calculations {CVE-2021-47098}
  • aio: fix use-after-free due to missing POLLFREE handling {CVE-2021-47505}
  • aio: keep poll requests on waitqueue until completed {CVE-2021-47505}
  • smb: client: fix potential deadlock when releasing mids {CVE-2023-52757}
  • cifs: remove useless DeleteMidQEntry() {CVE-2023-52757}
  • media: uvcvideo: Remove dangling pointers {CVE-2024-58002}
  • media: uvcvideo: Only save async fh if success {CVE-2024-58002}
  • media: uvcvideo: Refactor iterators {CVE-2024-58002}
  • drm: nv04: Fix out of bounds access {CVE-2024-27008}
  • drm/amdgpu: avoid buffer overflow attach in smusyssetpptable() {CVE-2025-21780}
  • arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array {CVE-2025-21785}
  • net: rose: fix timer races against user threads {CVE-2025-21718}
  • media: uvcvideo: Fix double free in error path {CVE-2024-57980}
  • vrf: use RCU protection in l3mdevl3out() {CVE-2025-21791}
  • geneve: Fix use-after-free in genevefinddev(). {CVE-2025-21858}
  • afs: Increase buffer size in afsupdatevolume_status() {CVE-2024-26736}
  • net: atlantic: eliminate double free in error handling logic {CVE-2023-52664}
  • bpf: Check validity of link->type in bpflinkshow_fdinfo() {CVE-2024-53099}
References

Affected packages