CLSA-2025-1758034087

tls: always refresh the queue when reading sock {CVE-2025-38471}
Bluetooth: hcicore: Fix use-after-free in vhciflush() {CVE-2025-38250}
i2c/designware: Fix an initialization issue {CVE-2025-38380}
wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds {CVE-2025-38159}
mm/hugetlb: fix hugepmdunshare() vs GUP-fast race {CVE-2025-38085}
mm/khugepaged: fix GUP-fast interaction by sending IPI
bpf, testrun: Fix use-after-free issue in ethskbpkttype() {CVE-2025-21867}
crypto: algifhash - fix double free in hashaccept {CVE-2025-38079}
ext4: avoid journaling sb update on error if journal is destroying {CVE-2025-22113}
ext4: define ext4journaldestroy wrapper
Bluetooth: L2CAP: Fix slab-use-after-free in l2cap_connect() {CVE-2024-36013}
Bluetooth: Remove BT_HS {CVE-2024-38620}
block, bfq: fix bfqq uaf in bfqlimitdepth() {CVE-2024-53166}
dm-crypt: don't modify the data when using authenticated encryption {CVE-2024-26763}
bpf: Fix helper writes to read-only maps (alt version) {CVE-2024-49861}
bpf: Check rcureadlocktraceheld() before calling bpf map helpers {CVE-2023-52621}
netfilter: xtables: avoid NFPROTO_UNSPEC where needed {CVE-2024-50038}
xfs: add bounds checking to xlogrecoverprocess_data {CVE-2024-41014}
scsi: mpt3sas: Avoid test/set_bit() operating in non-allocated memory {CVE-2024-40901}
net/mlx5: Add a timeout to acquire the command queue semaphore {CVE-2024-38556}
net: tipc: fix refcount warning in tipcaeadencrypt {CVE-2025-38273}
net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc {CVE-2025-37890}
net/tipc: fix slab-use-after-free Read in tipcaeadencrypt_done {CVE-2025-38052}
misc/vmwvmci: fix an infoleak in vmcihostdoreceive_datagram() {CVE-2022-49788}
padata: fix UAF in padata_reorder {CVE-2025-21727}
RDMA/mlx5: Fix page_size variable overflow {CVE-2025-22091}

References

https://errata.tuxcare.com/els_os/almalinux9.2esu/CLSA-2025-1758034087.html

CLSA-2025-1758034087

Affected packages