CLSA-2025-1757699693

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux7els/CLSA-2025-1757699693.json
JSON Data
https://api.osv.dev/v1/vulns/CLSA-2025-1757699693
Upstream
Published
2025-09-12T17:54:59Z
Modified
2026-06-01T00:33:26.468075587Z
Summary
kernel-uek: Fix of 16 CVEs
Details
  • Bluetooth: afbluetooth: Fix Use-After-Free in btsock_recvmsg {CVE-2024-21803}
  • net: defer final 'struct net' free in netns dismantle {CVE-2024-56658}
  • netfilter: validate user input for expected length {CVE-2024-35896}
  • drm/amd/display: Fix out-of-bounds access in 'dcn21linkencoder_create' {CVE-2024-56608}
  • smb: client: fix UAF in async decryption {CVE-2024-50047}
  • drm/amdgpu: fix usage slab after free {CVE-2024-56551}
  • nvme: avoid double free special payload {CVE-2024-41073}
  • xfs: add bounds checking to xlogrecoverprocess_data {CVE-2024-41014}
  • net/sched: act_mirred: don't override retval if we already lost the skb {CVE-2024-26739}
  • ext4: fix timer use-after-free on failed mount {CVE-2024-49960}
  • smb: client: fix potential UAF in cifsstatsproc_show() {CVE-2024-35867}
  • smb: client: fix potential UAF in cifsdebugfilesprocshow() {CVE-2024-26928}
  • RDMA/mlx5: Fix fortify source warning while accessing Eth segment {CVE-2024-26907}
  • stddef: Introduce DECLAREFLEXARRAY() helper
  • nvme-tcp: fix potential memory corruption in nvmetcprecv_pdu() {CVE-2025-21927}
  • netsched: schsfq: move the limit validation {CVE-2024-57996}
  • netsched: schsfq: use a temporary work area for validating configuration
  • netsched: schsfq: don't allow 1 packet limit {CVE-2024-57996}
  • netsched: schsfq: handle bigger packets
  • netsched: schsfq: annotate data-races around q->perturb_period
  • squashfs: fix memory leak in squashfsfillsuper
  • netfilter: nf_tables: adjust lockdep assertions handling
  • Revert "vgacon: Add check for vcorigin address range in vgaconscroll()"
  • ASoC: ops: dynamically allocate struct sndctlelem_value
  • KVM: x86: use arrayindexnospec with indices that come from guest
  • KVM: APIC: add helper func to remove duplicate code in kvmpvsend_ipi
  • rds: Fix NULL ptr deref in xas_start
  • mm: make pagemappedin_vma() hugetlb walk aware
  • mm/rmap: Fix handling of hugetlbfs pages in pagevmamapped_walk
  • netsched: schsfq: move the limit validation {CVE-2025-37752}
  • netsched: schsfq: use a temporary work area for validating configuration
  • netsched: schsfq: don't allow 1 packet limit {CVE-2024-57996}
  • netsched: schsfq: handle bigger packets
  • netsched: schsfq: annotate data-races around q->perturb_period
  • squashfs: fix memory leak in squashfsfillsuper
  • netfilter: nf_tables: adjust lockdep assertions handling
  • Revert "vgacon: Add check for vcorigin address range in vgaconscroll()"
  • ASoC: ops: dynamically allocate struct sndctlelem_value
  • KVM: x86: use arrayindexnospec with indices that come from guest
  • KVM: APIC: add helper func to remove duplicate code in kvmpvsend_ipi
  • rds: Fix NULL ptr deref in xas_start
  • mm: make pagemappedin_vma() hugetlb walk aware
  • mm/rmap: Fix handling of hugetlbfs pages in pagevmamapped_walk
References

Affected packages

TuxCare:OracleLinux:7
bpftool

Package

Name
bpftool
Purl
pkg:rpm/tuxcare/bpftool?distro=oraclelinux-7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.4.17-2136.338.4.2.el7uek.tuxcare.els3

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux7els/CLSA-2025-1757699693.json"
kernel-uek

Package

Name
kernel-uek
Purl
pkg:rpm/tuxcare/kernel-uek?distro=oraclelinux-7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.4.17-2136.338.4.2.el7uek.tuxcare.els3

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux7els/CLSA-2025-1757699693.json"
kernel-uek-container

Package

Name
kernel-uek-container
Purl
pkg:rpm/tuxcare/kernel-uek-container?distro=oraclelinux-7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.4.17-2136.338.4.2.el7uek.tuxcare.els3

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux7els/CLSA-2025-1757699693.json"
kernel-uek-container-debug

Package

Name
kernel-uek-container-debug
Purl
pkg:rpm/tuxcare/kernel-uek-container-debug?distro=oraclelinux-7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.4.17-2136.338.4.2.el7uek.tuxcare.els3

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux7els/CLSA-2025-1757699693.json"
kernel-uek-debug

Package

Name
kernel-uek-debug
Purl
pkg:rpm/tuxcare/kernel-uek-debug?distro=oraclelinux-7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.4.17-2136.338.4.2.el7uek.tuxcare.els3

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux7els/CLSA-2025-1757699693.json"
kernel-uek-debug-devel

Package

Name
kernel-uek-debug-devel
Purl
pkg:rpm/tuxcare/kernel-uek-debug-devel?distro=oraclelinux-7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.4.17-2136.338.4.2.el7uek.tuxcare.els3

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux7els/CLSA-2025-1757699693.json"
kernel-uek-devel

Package

Name
kernel-uek-devel
Purl
pkg:rpm/tuxcare/kernel-uek-devel?distro=oraclelinux-7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.4.17-2136.338.4.2.el7uek.tuxcare.els3

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux7els/CLSA-2025-1757699693.json"
kernel-uek-headers

Package

Name
kernel-uek-headers
Purl
pkg:rpm/tuxcare/kernel-uek-headers?distro=oraclelinux-7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.4.17-2136.338.4.2.el7uek.tuxcare.els3

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux7els/CLSA-2025-1757699693.json"
kernel-uek-tools

Package

Name
kernel-uek-tools
Purl
pkg:rpm/tuxcare/kernel-uek-tools?distro=oraclelinux-7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.4.17-2136.338.4.2.el7uek.tuxcare.els3

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux7els/CLSA-2025-1757699693.json"
perf

Package

Name
perf
Purl
pkg:rpm/tuxcare/perf?distro=oraclelinux-7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.4.17-2136.338.4.2.el7uek.tuxcare.els3

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux7els/CLSA-2025-1757699693.json"
python-perf

Package

Name
python-perf
Purl
pkg:rpm/tuxcare/python-perf?distro=oraclelinux-7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.4.17-2136.338.4.2.el7uek.tuxcare.els3

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux7els/CLSA-2025-1757699693.json"