CLSA-2025-1759866837

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1759866837.json
JSON Data
https://api.osv.dev/v1/vulns/CLSA-2025-1759866837
Upstream
Published
2025-10-07T19:54:01Z
Modified
2026-05-29T01:35:10.243321935Z
Summary
kernel: Fix of 44 CVEs
Details
  • mm: zswap: fix missing folio cleanup in writeback race path {CVE-2024-26832}
  • mm: fix zswap writeback race condition {CVE-2023-53178}
  • dm array: fix releasing a faulty array block twice in dmarraycursor_end {CVE-2024-57929}
  • drm/dp_mst: Fix MST sideband message body length check {CVE-2024-56616}
  • gpio: davinci: Validate the obtained number of IRQs {CVE-2024-42092}
  • ASoC: topology: Fix references to freed memory {CVE-2024-41069}
  • Bluetooth: hci_sock: Fix not validating setsockopt user input {CVE-2024-35963}
  • Bluetooth: ISO: Fix not validating setsockopt user input {CVE-2024-35964}
  • Bluetooth: L2CAP: Fix not validating setsockopt user input {CVE-2024-35965}
  • Bluetooth: RFCOMM: Fix not validating setsockopt user input {CVE-2024-35966}
  • Bluetooth: SCO: Fix not validating setsockopt user input {CVE-2024-35967}
  • dma-direct: Leak pages on dmasetdecrypted() failure {CVE-2024-35939}
  • wifi: mwifiex: avoid possible NULL skb pointer dereference {CVE-2023-53384}
  • md/raid10: fix null-ptr-deref of mreplace in raid10syncrequest {CVE-2023-53380}
  • icmp6: Fix null-ptr-deref of ip6nullentry->rt6iidev in icmp6dev(). {CVE-2023-53343}
  • thermal: core: prevent potential string overflow {CVE-2023-52868}
  • drm/amdkfd: Fix shift out-of-bounds issue {CVE-2023-52816}
  • drm/vkms: Fix null-ptr-deref in vkms_release() {CVE-2022-50369}
  • nvmem: Fix shift-out-of-bound (UBSAN) with byte size cells {CVE-2021-47497}
  • net/mlx5: Fix tainted pointer delete is case of flow rules creation fail {CVE-2024-40940}
  • ipvlan: add ipvlanroutev6_outbound() helper {CVE-2023-52796}
  • platform/x86: wmi: Fix opening of char device {CVE-2023-52864}
  • platform/x86: wmi: remove unnecessary initializations
  • perf/core: Bail out early if the request AUX area is out of bound {CVE-2023-52835}
  • dochangetype(): refuse to operate on unmounted/not ours mounts {CVE-2025-38498}
  • net_sched: hfsc: Address reentrant enqueue adding class to eltree twice {CVE-2025-38001}
  • usb: cdc-acm: Check control transfer buffer size before access {CVE-2025-21704}
  • vfio/pci: Properly hide first-in-list PCIe extended capability {CVE-2024-53214}
  • igb: Fix potential invalid memory access in igbinitmodule() {CVE-2024-52332}
  • kobjectuevent: Fix OOB access within zapmodalias_env() {CVE-2024-42292}
  • mm: kmem: fix a NULL pointer dereference in objstockflush_required() {CVE-2023-53401}
  • net: usb: smsc75xx: Limit packet length to skb->len {CVE-2023-53125}
  • drm/radeon: possible buffer overflow {CVE-2023-52867}
  • media: gspca: cpia1: shift-out-of-bounds in set_flicker {CVE-2023-52764}
  • wifi: mac80211_hwsim: Fix possible NULL dereference {CVE-2023-53209}
  • vmci: prevent speculation leaks by sanitizing event in event_deliver() {CVE-2024-39499}
  • wifi: iwlwifi: fw: fix memory leak in debugfs {CVE-2023-53422}
  • drm/amdgpu: fix memory leak in mes self test {CVE-2023-53370}
  • skbuff: skb_segment, Call zero copy functions before using skbuff frags {CVE-2023-53354}
  • md/raid10: fix leak of 'r10bio->remaining' for recovery {CVE-2023-53299}
  • nfsd: call oprelease, even when opfunc returns an error {CVE-2023-53241}
  • ppdev: Add an error check in register_device {CVE-2024-36015}
  • wifi: cfg80211: check A-MSDU format more carefully {CVE-2024-35937}
  • net: bridge: use DEVSTATSINC() {CVE-2023-52578}
  • net: add atomiclongt to netdevicestats fields {CVE-2024-26882}
References

Affected packages