CLSA-2025-1759432250

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/rhel7els/CLSA-2025-1759432250.json
JSON Data
https://api.osv.dev/v1/vulns/CLSA-2025-1759432250
Upstream
Published
2025-10-02T19:10:57Z
Modified
2026-05-29T01:34:46.085376475Z
Summary
kernel: Fix of 36 CVEs
Details
  • ASoC: topology: Clean up route loading {CVE-2024-41069}
  • ASoC: topology: Fix references to freed memory {CVE-2024-41069}
  • drm/dp_mst: Fix MST sideband message body length check {CVE-2024-56616}
  • Bluetooth: L2CAP: Fix not validating setsockopt user input {CVE-2024-35965}
  • Bluetooth: L2CAP: uninitialized variables in l2capsocksetsockopt() {CVE-2024-35965}
  • usb: cdc-acm: Check control transfer buffer size before access {CVE-2025-21704}
  • igb: Fix potential invalid memory access in igbinitmodule() {CVE-2024-52332}
  • vfio/pci: Properly hide first-in-list PCIe extended capability {CVE-2024-53214}
  • Bluetooth: RFCOMM: Fix not validating setsockopt user input {CVE-2024-35966}
  • Bluetooth: SCO: Fix not validating setsockopt user input {CVE-2024-35966}
  • media: stk1160: fix bounds checking in stk1160copyvideo() {CVE-2024-38621}
  • inet: fully convert sk->skrxdst to RCU rules {CVE-2021-47103}
  • scsi: mpt3sas: Fix use-after-free warning {CVE-2022-48695}
  • scsi: mpt3sas: Avoid test/set_bit() operating in non-allocated memory {CVE-2024-40901}
  • vmci: prevent speculation leaks by sanitizing event in event_deliver() {CVE-2024-39499}
  • USB: core: Fix hang in usbkillurb by adding memory barriers {CVE-2022-48760}
  • nvmem: Fix shift-out-of-bound (UBSAN) with byte size cells {CVE-2021-47497}
  • virtio-net: Add validation for used length {CVE-2021-47352}
  • watchdog: Fix possible use-after-free by calling deltimersync() {CVE-2021-47321}
  • scsi: qedi: Fix crash while reading debugfs attribute {CVE-2024-40978}
  • wifi: iwlwifi: mvm: check n_ssids before accessing the ssids {CVE-2024-40929}
  • wifi: iwlwifi: mvm: guard against invalid STA ID on removal {CVE-2024-36921}
  • mac802154: fix llsec key resources release in mac802154llseckey_del {CVE-2024-26961}
  • platform/x86: wmi: Fix opening of char device {CVE-2023-52864}
  • media: gspca: cpia1: shift-out-of-bounds in set_flicker {CVE-2023-52764}
  • wifi: mac80211: fix potential key use-after-free {CVE-2023-52530}
  • net: fix information leakage in /proc/net/ptype {CVE-2022-48757}
  • crypto: qat - resolve race condition during AER recovery {CVE-2024-26974}
  • perf/core: Bail out early if the request AUX area is out of bound {CVE-2023-52835}
  • net: ti: fix UAF in tlanremoveone {CVE-2021-47310}
  • wifi: ath9k: Fix potential array-index-out-of-bounds read in ath9khtctxstatus() {CVE-2023-52594}
  • net: bridge: use DEVSTATSINC() {CVE-2023-52578}
  • net: add atomiclongt to netdevicestats fields {CVE-2023-52578}
  • media: dvb-core: Fix use-after-free due to race at dvbregisterdevice() {CVE-2022-45884}
  • media: dvb-core: Fix use-after-free on race condition at dvb_frontend {CVE-2022-45885}
  • xen/gntalloc: don't use gnttabqueryforeign_access() {CVE-2022-23039}
  • xen/netfront: don't use gnttabqueryforeign_access() for mapped status {CVE-2022-23037}
  • xen/grant-table: add gnttabtryendforeignaccess() {CVE-2022-23038}
  • ovl: fail on invalid uid/gid mapping at copy up {CVE-2023-0386}
  • ALSA: oss: Fix PCM OSS buffer allocation overflow {CVE-2022-49292}
References

Affected packages