CLSA-2025-1757693980

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/rhel7els/CLSA-2025-1757693980.json
JSON Data
https://api.osv.dev/v1/vulns/CLSA-2025-1757693980
Upstream
Published
2025-09-12T16:19:44Z
Modified
2026-05-29T01:36:16.036049376Z
Summary
kernel: Fix of 40 CVEs
Details
  • x86/kvm: Disable kvmclock on all CPUs on shutdown {CVE-2021-47110}
  • posix-cpu-timers: fix race between handleposixcputimers() and posixcputimerdel() {CVE-2025-38352}
  • cifs: fix double free race when mount fails in cifsgetroot() {CVE-2022-48919}
  • aio: mark AIO pseudo-fs noexec {CVE-2016-10044}
  • cifs: potential buffer overflow in handling symlinks {CVE-2022-49058}
  • NFSD: fix race between nfsd registration and exports_proc {CVE-2025-38232}
  • nfsd: register pernet ops last, unregister first {CVE-2025-38232}
  • dochangetype(): refuse to operate on unmounted/not ours mounts {CVE-2025-38498}
  • net: atm: fix /proc/net/atm/lec handling {CVE-2025-38180}
  • net: atm: add lec_mutex {CVE-2025-38180}
  • SUNRPC: make sure cache entry active before cache_show {CVE-2024-53174}
  • scsi: target: Fix NULL pointer dereference in corescsi3decodespeci_port() {CVE-2025-38399}
  • scsi: target: Fix crash during SPECIPT handling {CVE-2025-38399}
  • mm/hugetlb: fix hugepmdunshare() vs GUP-fast race {CVE-2025-38085}
  • drivers:md:fix a potential use-after-free bug {CVE-2022-50022}
  • ext4: avoid resizing to a partial cluster size {CVE-2022-50020}
  • HID: intel-ish-hid: Fix use-after-free issue in ishtphidremove() {CVE-2025-21928}
  • net/sched: Abort __tcmodifyqdisc if parent class does not exist {CVE-2025-38457}
  • misc/vmwvmci: fix an infoleak in vmcihostdoreceive_datagram() {CVE-2022-49788}
  • dlm: fix plock invalid read {CVE-2022-49407}
  • net: usb: smsc75xx: Limit packet length to skb->len {CVE-2023-53125}
  • scsi: libfc: Fix use after free in fcexchabts_resp() {CVE-2022-49114}
  • crypto: algifhash - fix double free in hashaccept {CVE-2025-38079}
  • HID: core: Harden s32ton() against conversion to 0 bits {CVE-2025-38556}
  • HID: core: ensure the allocated report buffer can contain the reserved report ID {CVE-2025-38495}
  • ext4: Fix possible corruption when moving a directory {CVE-2023-53137}
  • ceph: avoid putting the realm twice when decoding snaps fails {CVE-2022-49770}
  • vsock/vmci: Clear the vmci transport packet properly when initializing it {CVE-2025-38403}
  • HID: core: do not bypass hidhwraw_request {CVE-2025-38494}
  • schhfsc: make hfscqlen_notify() idempotent {CVE-2025-38177}
  • ext4: check dot and dotdot of dx_root before making dir indexed {CVE-2024-42305}
  • ALSA: bcd2000: Fix a UAF bug on the error path of probing {CVE-2022-50229}
  • dm ioctl: prevent potential spectre v1 gadget {CVE-2022-49122}
  • netsched: hfsc: Fix a potential UAF in hfscdequeue() too {CVE-2025-37823}
  • md-raid10: fix KASAN warning {CVE-2022-50211}
  • scsi: lpfc: Use memcpy() for BIOS version {CVE-2025-38332}
  • ACPICA: Refuse to evaluate a method if arguments are missing {CVE-2025-38386}
  • media: cxusb: no longer judge rbuf when the write fails {CVE-2025-38229}
  • ipc: fix to protect IPCS lookups using RCU {CVE-2025-38212}
  • ext4: fix off-by-one error in do_split {CVE-2025-23150}
  • perf/core: Fix WARN_ON(!ctx) in _freeevent() for partial init {CVE-2025-37878}
  • schhfsc: Fix qlen accounting bug when using peek in hfscenqueue() {CVE-2025-38000}
  • i40e: fix MMIO write access to an invalid page in i40eclearhw {CVE-2025-38200}
References

Affected packages