CLSA-2025-1761074747

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2025-1761074747.json
JSON Data
https://api.osv.dev/v1/vulns/CLSA-2025-1761074747
Upstream
Published
2025-10-21T19:25:51Z
Modified
2026-05-29T01:35:39.580000290Z
Summary
kernel: Fix of 39 CVEs
Details
  • nfs: fix UAF in direct writes {CVE-2024-26958}
  • NFSD: Fix the behavior of READ near OFFSET_MAX {CVE-2022-48827}
  • thermal: core: prevent potential string overflow {CVE-2023-52868}
  • ath5k: fix OOB in ath5keepromreadpcalinfo_5111 {CVE-2021-47633}
  • RDMA/cma: Ensure rdmaaddrcancel() happens before issuing more requests {CVE-2021-47391}
  • drm/dp_mst: Fix MST sideband message body length check {CVE-2024-56616}
  • Squashfs: check the inode number is not the invalid value of zero {CVE-2024-26982}
  • wifi: mac80211: fix potential key use-after-free {CVE-2023-52530}
  • crypto: qat - resolve race condition during AER recovery {CVE-2024-26974}
  • netfilter: validate user input for expected length {CVE-2024-35896}
  • wifi: cfg80211: check A-MSDU format more carefully {CVE-2024-35937}
  • net: bridge: xmit: make sure we have at least eth header len bytes {CVE-2024-38538}
  • bonding: Fix out-of-bounds read in bondoptionarpiptargets_set() {CVE-2024-39487}
  • SUNRPC: Fix UAF in svctcplistendataready() {CVE-2023-52885}
  • tty: Fix out-of-bound vmalloc access in imageblit {CVE-2021-47383}
  • watchdog: Fix possible use-after-free by calling deltimersync() {CVE-2021-47321}
  • virtio-net: Add validation for used length {CVE-2021-47352}
  • USB: core: Fix hang in usbkillurb by adding memory barriers {CVE-2022-48760}
  • scsi: mpt3sas: Avoid test/set_bit() operating in non-allocated memory {CVE-2024-40901}
  • xfs: add bounds checking to xlogrecoverprocess_data {CVE-2024-41014}
  • scsi: mpt3sas: Fix use-after-free warning {CVE-2022-48695}
  • jffs2: prevent xattr node from overflowing the eraseblock {CVE-2024-38599}
  • ecryptfs: Fix buffer size for tag 66 packet {CVE-2024-38578}
  • dlm: fix plock invalid read {CVE-2022-49407}
  • media: gspca: cpia1: shift-out-of-bounds in set_flicker {CVE-2023-52764}
  • igb: Fix potential invalid memory access in igbinitmodule() {CVE-2024-52332}
  • jfs: fix shift-out-of-bounds in dbSplit {CVE-2024-56597}
  • wifi: ath9k: Fix potential array-index-out-of-bounds read in ath9khtctxstatus() {CVE-2023-52594}
  • pid: take a reference when initializing cad_pid {CVE-2021-47118}
  • Bluetooth: afbluetooth: Fix Use-After-Free in btsock_recvmsg {CVE-2023-51779}
  • sched/rt: picknextrtentity(): check listentry {CVE-2023-1077}
  • media: dm1105: Fix use after free bug in dm1105_remove due to race condition {CVE-2023-35824}
  • xen/grant-table: add gnttabtryendforeignaccess() {CVE-2022-23038}
  • media: dvb-core: Fix use-after-free due to race at dvbregisterdevice() {CVE-2022-45884}
  • media: dvb-core: Fix use-after-free due on race condition at dvb_net {CVE-2022-45886}
  • media: dvb-core: Fix use-after-free on race condition at dvb_frontend {CVE-2022-45885}
  • media: dvb-core: Fix use-after-free due to race condition at dvbcaen50221 {CVE-2022-45919}
  • x86/elf: Disable automatic READIMPLIESEXEC on 64-bit {CVE-2022-25265}
  • x86/elf: Split READIMPLIESEXEC from executable PTGNUSTACK {CVE-2022-25265}
  • x86/elf: Add table to document READIMPLIESEXEC {CVE-2022-25265}
  • i2c: i801: Don't generate an interrupt on bus reset {CVE-2021-47153}
References

Affected packages