CLSA-2025-1753083608
See a problem?- Import Source
- https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2025-1753083608.json
- JSON Data
- https://api.osv.dev/v1/vulns/CLSA-2025-1753083608
- Upstream
- Published
- 2025-07-21T07:40:12Z
- Modified
- 2026-06-04T10:03:32.373025817Z
- Summary
- Fix of 17 CVEs
- Details
-
- Focal update: v5.4.292 upstream stable release (LP: #2109357) // CVE-url:
https://ubuntu.com/security/CVE-2025-37937
- objtool, media: dib8000: Prevent divide-by-zero in dib8000setdds()
- Focal update: v5.4.287 upstream stable release (LP: #2095145) // CVE-url:
https://ubuntu.com/security/CVE-2024-53197
- ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices
- CVE-url: https://ubuntu.com/security/CVE-2024-46787
- userfaultfd: fix checks for huge PMDs
- CVE-url: https://ubuntu.com/security/CVE-2025-37798
- schdrr: make drrqlennotify() idempotent
- schhfsc: make hfscqlennotify() idempotent
- schqfq: make qfqqlennotify() idempotent
- codel: remove sch->q.qlen check before qdisctreereducebacklog()
- Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-50116 // CVE-url: https://ubuntu.com/security/CVE-2024-50116
- nilfs2: fix kernel bug due to missing clearing of buffer delay flag
- Focal update: v5.4.285 upstream stable release (LP: #2089233) //
CVE-2024-49958 // CVE-url: https://ubuntu.com/security/CVE-2024-49958
- ocfs2: reserve space for inline xattr before attaching reflink tree
- Focal update: v5.4.286 upstream stable release (LP: #2089558) // CVE-url:
https://ubuntu.com/security/CVE-2021-47195
- spi: fix use-after-free of the add_lock mutex
- CVE-url: https://ubuntu.com/security/CVE-2021-47469
- spi: Fix deadlock when adding SPI controllers on SPI buses
- CVE-url: https://ubuntu.com/security/CVE-2025-39735
- jfs: fix slab-out-of-bounds read in ea_get()
- CVE-url: https://ubuntu.com/security/CVE-2025-22020
- memstick: rtsxusbms: Fix slab-use-after-free in rtsxusbmsdrvremove
- CVE-url: https://ubuntu.com/security/CVE-2025-22004
- net: atm: fix use after free in lec_send()
- CVE-url: https://ubuntu.com/security/CVE-2025-39688
- nfsd: allow SCSTATUSFREEABLE when searching via nfs4lookupstateid()
- CVE-url: https://ubuntu.com/security/CVE-2022-49892
- ftrace: Fix use-after-free for dynamic ftrace_ops
- CVE-url: https://ubuntu.com/security/CVE-2021-47293
- net/sched: act_skbmod: Skip non-Ethernet packets
- CVE-url: https://ubuntu.com/security/CVE-2024-50106
- nfsd: simplify nfs4putdeleglease calls
- nfsd: factor out common delegation-destruction code
- nfsd: Fix race to FREESTATEID and clrevoked
- nfsd: don't call functions with side-effecting inside WARNON()
- nfsd: remove fault injection code
- nfsd: avoid race after unhashdelegationlocked()
- nfsd4: don't set lock stateid's sctype to CLOSED
- nfsd: split scstatus out of sctype
- nfsd: fix race between laundromat and freestateid
- CVE-url: https://ubuntu.com/security/CVE-2024-57982
- xfrm: state: fix out-of-bounds read during lookup
- CVE-url: https://ubuntu.com/security/CVE-2023-52588
- f2fs: fix to tag gcing flag on page during block migration
- Miscellaneous Ubuntu changes
- [Config] updateconfigs for NFSDFAULTINJECTION
- Focal update: v5.4.292 upstream stable release (LP: #2109357) // CVE-url:
https://ubuntu.com/security/CVE-2025-37937
- References
Affected packages
TuxCare:Ubuntu:18.04
linux-buildinfo-4.15.0-249-tuxcare.els37-generic
linux-buildinfo-4.15.0-249-tuxcare.els37-lowlatency
linux-cloud-tools-4.15.0-249-tuxcare.els37
linux-cloud-tools-4.15.0-249-tuxcare.els37-generic
linux-cloud-tools-4.15.0-249-tuxcare.els37-lowlatency
linux-cloud-tools-common
linux-doc
linux-headers-4.15.0-249-tuxcare.els37
linux-headers-4.15.0-249-tuxcare.els37-generic
linux-headers-4.15.0-249-tuxcare.els37-lowlatency
linux-image-unsigned-4.15.0-249-tuxcare.els37-generic
linux-image-unsigned-4.15.0-249-tuxcare.els37-lowlatency
Package
- Name
- linux-image-unsigned-4.15.0-249-tuxcare.els37-lowlatency
- Purl
- pkg:deb/tuxcare/linux-image-unsigned-4.15.0-249-tuxcare.els37-lowlatency?distro=ubuntu-18.04