- Import Source
- https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1757699471.json
- JSON Data
-
https://api.osv.dev/v1/vulns/CLSA-2025-1757699471
- Upstream
- Published
- 2025-09-12T17:51:15Z
- Modified
- 2026-05-29T01:37:50.481310437Z
- Summary
-
kernel: Fix of 13 CVEs
- Details
-
- mm/hugetlb: unshare page tables during VMA split, not before {CVE-2025-38084}
- hugetlb: unshare some PMDs when splitting VMAs {CVE-2025-38084}
- posix-cpu-timers: fix race between handleposixcputimers() and posixcputimerdel() {CVE-2025-38352}
- tipc: Fix use-after-free in tipcconnclose(). {CVE-2025-38464}
- vsock: Fix transport_* TOCTOU {CVE-2025-38461}
- RDMA/iwcm: Fix use-after-free of work objects after cm_id destruction {CVE-2025-38211}
- i40e: fix MMIO write access to an invalid page in i40eclearhw {CVE-2025-38200}
- net_sched: ets: Fix double list add in class with netem as child qdisc {CVE-2025-37914}
- netsched: hfsc: Fix a potential UAF in hfscdequeue() too {CVE-2025-37823}
- udp: Fix memory accounting leak. {CVE-2025-22058}
- net/sched: Always pass notifications when child class becomes empty {CVE-2025-38350}
- codel: remove sch->q.qlen check before qdisctreereduce_backlog() {CVE-2025-38177}
- schhtb: make htbdeactivate() idempotent {CVE-2025-38177}
- schdrr: make drrqlen_notify() idempotent {CVE-2025-38177}
- schhtb: make htbqlen_notify() idempotent {CVE-2025-38177}
- schqfq: make qfqqlen_notify() idempotent {CVE-2025-38177}
- schets: make estqlen_notify() idempotent {CVE-2025-38177}
- schhfsc: make hfscqlen_notify() idempotent {CVE-2025-38177}
- schhfsc: Fix qlen accounting bug when using peek in hfscenqueue() {CVE-2025-38000}
- net: fix udp gso skbsegment after pull from fraglist {CVE-2025-38124}
- References
-
Affected packages
CLSA-2025-1757699471 - OSV
