CLSA-2025-1763722365

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2025-1763722365.json
JSON Data
https://api.osv.dev/v1/vulns/CLSA-2025-1763722365
Upstream
Published
2025-11-21T10:52:49Z
Modified
2026-06-01T00:33:00.532341671Z
Summary
kernel: Fix of 62 CVEs
Details
  • wifi: mwifiex: Fix OOB and integer underflow when rx packets {CVE-2023-53226} {CVE-2023-53226}
  • wifi: mac80211: check S1G action frame size {CVE-2023-53257} {CVE-2023-53257}
  • wifi: cfg80211: fix use-after-free in cmp_bss() {CVE-2025-39864} {CVE-2025-39864}
  • partitions: mac: fix handling of bogus partition table {CVE-2025-21772} {CVE-2025-21772}
  • wifi: brcmsmac: add gain range check to wlcphyiqcalgainparamsnphy() {CVE-2024-58014} {CVE-2024-58014}
  • wifi: at76c50x: fix use after free access in at76_disconnect {CVE-2025-37796} {CVE-2025-37796}
  • dma-direct: Leak pages on dmasetdecrypted() failure {CVE-2024-35939} {CVE-2024-35939}
  • Bluetooth: L2CAP: Fix user-after-free {CVE-2022-50386} {CVE-2022-50386}
  • efivarfs: Fix slab-out-of-bounds in efivarfsdcompare {CVE-2025-39817} {CVE-2025-39817}
  • wifi: cfg80211: check A-MSDU format more carefully {CVE-2024-35937} {CVE-2024-35937}
  • nfs: fix UAF in direct writes {CVE-2024-26958} {CVE-2024-26958}
  • wifi: iwlwifi: mvm: guard against invalid STA ID on removal {CVE-2024-36921} {CVE-2024-36921}
  • net/smc: avoid data corruption caused by decline {CVE-2023-52775} {CVE-2023-52775}
  • bonding: Fix out-of-bounds read in bondoptionarpiptargets_set() {CVE-2024-39487} {CVE-2024-39487}
  • scsi: qedi: Fix crash while reading debugfs attribute {CVE-2024-40978} {CVE-2024-40978}
  • mac802154: fix llsec key resources release in mac802154llseckey_del {CVE-2024-26961} {CVE-2024-26961}
  • platform/x86: wmi: Fix opening of char device {CVE-2023-52864} {CVE-2023-52864}
  • net/sched: act_mirred: don't override retval if we already lost the skb {CVE-2024-26739} {CVE-2024-26739}
  • drm/dp_mst: Fix resetting msg rx state after topology removal {CVE-2024-57876} {CVE-2024-57876}
  • net/mlx5: Add a timeout to acquire the command queue semaphore {CVE-2024-38556} {CVE-2024-38556}
  • of: Fix double free in ofparsephandlewithargs_map {CVE-2023-52679} {CVE-2023-52679}
  • xhci: Handle TD clearing for multiple streams case {CVE-2024-40927} {CVE-2024-40927}
  • wifi: mac80211: fix potential key use-after-free {CVE-2023-52530} {CVE-2023-52530}
  • net: openvswitch: Fix Use-After-Free in ovsctexit {CVE-2024-27395} {CVE-2024-27395}
  • r8169: Fix possible ring buffer corruption on fragmented Tx packets. {CVE-2024-38586} {CVE-2024-38586}
  • media: gspca: cpia1: shift-out-of-bounds in set_flicker {CVE-2023-52764} {CVE-2023-52764}
  • media: bttv: fix use after free error due to btv->timeout timer {CVE-2023-52847} {CVE-2023-52847}
  • vsock: Fix transport_* TOCTOU {CVE-2025-38461} {CVE-2025-38461}
  • ppdev: Add an error check in register_device {CVE-2024-36015} {CVE-2024-36015}
  • HID: core: Harden s32ton() against conversion to 0 bits {CVE-2025-38556} {CVE-2025-38556}
  • iio: adc: at91: call inputfreedevice() on allocated iio_dev {CVE-2024-57904} {CVE-2024-57904}
  • perf/aux: Fix AUX buffer serialization {CVE-2024-46713} {CVE-2024-46713}
  • net_sched: hfsc: Fix a UAF vulnerability in class handling {CVE-2025-37797} {CVE-2025-37797}
  • wifi: rtlwifi: remove unused checkbuddypriv {CVE-2024-58072} {CVE-2024-58072}
  • wifi: rtlwifi: remove unused dualmac control leftovers {CVE-2024-58072} {CVE-2024-58072}
  • wifi: rtlwifi: remove unused timer and related code {CVE-2024-58072} {CVE-2024-58072}
  • ext4: fix out-of-bound read in ext4xattrinodedecref_all() {CVE-2025-22121} {CVE-2025-22121}
  • ext4: move where set the MAYINLINEDATA flag is set {CVE-2025-22121} {CVE-2025-22121}
  • ext4: introduce ITAIL helper {CVE-2025-22121} {CVE-2025-22121}
  • ext4: improve xattr consistency checking and error reporting {CVE-2025-22121} {CVE-2025-22121}
  • mm: fix zswap writeback race condition {CVE-2023-53178} {CVE-2023-53178}
  • fs: fix UAF/GPF bug in nilfsmdtdestroy {CVE-2022-50367} {CVE-2022-50367}
  • ALSA: hda/ca0132: Fix buffer overflow in addtuningcontrol
  • ALSA: usb-audio: Validate UAC3 cluster segment descriptors {CVE-2025-39757} {CVE-2025-39757}
  • smb: client: fix use-after-free in cifsoplockbreak {CVE-2025-38527} {CVE-2025-38527}
  • crypto: seqiv - Handle EBUSY correctly {CVE-2023-53373} {CVE-2023-53373}
  • wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiexconfigscan() {CVE-2024-56539} {CVE-2024-56539}
  • bpf: Remove tstrun from lwtseg6localprogops. {CVE-2024-46754} {CVE-2024-46754}
  • drm/amdgpu: set the right AMDGPU sg segment limitation {CVE-2024-56594} {CVE-2024-56594}
  • net_sched: hfsc: Address reentrant enqueue adding class to eltree twice {CVE-2025-38001} {CVE-2025-38001}
  • idpf: convert control queue mutex to a spinlock {CVE-2025-38392} {CVE-2025-38392}
  • kobjectuevent: Fix OOB access within zapmodalias_env() {CVE-2024-42292} {CVE-2024-42292}
  • bpf: Don't use tnum_range on array range checking for poke descriptors {CVE-2022-49985} {CVE-2022-49985}
  • net: usb: smsc75xx: Limit packet length to skb->len {CVE-2023-53125} {CVE-2023-53125}
  • soundwire: cadence: fix invalid PDI offset {CVE-2024-38635} {CVE-2024-38635}
  • usb: cdc-acm: Check control transfer buffer size before access {CVE-2025-21704} {CVE-2025-21704}
  • vfio/pci: Properly hide first-in-list PCIe extended capability {CVE-2024-53214} {CVE-2024-53214}
  • igb: Fix potential invalid memory access in igbinitmodule() {CVE-2024-52332} {CVE-2024-52332}
  • dochangetype(): refuse to operate on unmounted/not ours mounts {CVE-2025-38498} {CVE-2025-38498}
  • Bluetooth: qca: add missing firmware sanity checks {CVE-2024-36880} {CVE-2024-36880}
  • Bluetooth: L2CAP: Fix use-after-free {CVE-2023-53305} {CVE-2023-53305}
  • ovl: Filter invalid inodes with missing lookup function {CVE-2024-56570} {CVE-2024-56570}
  • enic: Validate length of nl attributes in enicsetvf_port {CVE-2024-38659} {CVE-2024-38659}
  • dm array: fix releasing a faulty array block twice in dmarraycursor_end {CVE-2024-57929} {CVE-2024-57929}
  • NFS: Fix filehandle bounds checking in nfsfhto_dentry() {CVE-2025-39730} {CVE-2025-39730}
  • drm/amd/display: Skip finding free audio for unknown engine_id {CVE-2024-42119} {CVE-2024-42119}
  • drm/dp_mst: Fix MST sideband message body length check {CVE-2024-56616} {CVE-2024-56616}
  • sctp: linearize cloned gso packets in sctp_rcv {CVE-2025-38718} {CVE-2025-38718}
References

Affected packages

TuxCare:CentOS-Stream:8
bpftool

Package

Name
bpftool
Purl
pkg:rpm/tuxcare/bpftool?distro=centos-stream-8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-553.6.1.el8_10.tuxcare.els14

Database specific

source
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2025-1763722365.json"
kernel

Package

Name
kernel
Purl
pkg:rpm/tuxcare/kernel?distro=centos-stream-8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-553.6.1.el8_10.tuxcare.els14

Database specific

source
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2025-1763722365.json"
kernel-core

Package

Name
kernel-core
Purl
pkg:rpm/tuxcare/kernel-core?distro=centos-stream-8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-553.6.1.el8_10.tuxcare.els14

Database specific

source
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2025-1763722365.json"
kernel-cross-headers

Package

Name
kernel-cross-headers
Purl
pkg:rpm/tuxcare/kernel-cross-headers?distro=centos-stream-8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-553.6.1.el8_10.tuxcare.els14

Database specific

source
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2025-1763722365.json"
kernel-debug

Package

Name
kernel-debug
Purl
pkg:rpm/tuxcare/kernel-debug?distro=centos-stream-8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-553.6.1.el8_10.tuxcare.els14

Database specific

source
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2025-1763722365.json"
kernel-debug-core

Package

Name
kernel-debug-core
Purl
pkg:rpm/tuxcare/kernel-debug-core?distro=centos-stream-8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-553.6.1.el8_10.tuxcare.els14

Database specific

source
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2025-1763722365.json"
kernel-debug-devel

Package

Name
kernel-debug-devel
Purl
pkg:rpm/tuxcare/kernel-debug-devel?distro=centos-stream-8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-553.6.1.el8_10.tuxcare.els14

Database specific

source
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2025-1763722365.json"
kernel-debug-modules

Package

Name
kernel-debug-modules
Purl
pkg:rpm/tuxcare/kernel-debug-modules?distro=centos-stream-8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-553.6.1.el8_10.tuxcare.els14

Database specific

source
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2025-1763722365.json"
kernel-debug-modules-extra

Package

Name
kernel-debug-modules-extra
Purl
pkg:rpm/tuxcare/kernel-debug-modules-extra?distro=centos-stream-8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-553.6.1.el8_10.tuxcare.els14

Database specific

source
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2025-1763722365.json"
kernel-debug-modules-internal

Package

Name
kernel-debug-modules-internal
Purl
pkg:rpm/tuxcare/kernel-debug-modules-internal?distro=centos-stream-8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-553.6.1.el8_10.tuxcare.els14

Database specific

source
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2025-1763722365.json"
kernel-devel

Package

Name
kernel-devel
Purl
pkg:rpm/tuxcare/kernel-devel?distro=centos-stream-8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-553.6.1.el8_10.tuxcare.els14

Database specific

source
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2025-1763722365.json"
kernel-headers

Package

Name
kernel-headers
Purl
pkg:rpm/tuxcare/kernel-headers?distro=centos-stream-8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-553.6.1.el8_10.tuxcare.els14

Database specific

source
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2025-1763722365.json"
kernel-ipaclones-internal

Package

Name
kernel-ipaclones-internal
Purl
pkg:rpm/tuxcare/kernel-ipaclones-internal?distro=centos-stream-8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-553.6.1.el8_10.tuxcare.els14

Database specific

source
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2025-1763722365.json"
kernel-modules

Package

Name
kernel-modules
Purl
pkg:rpm/tuxcare/kernel-modules?distro=centos-stream-8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-553.6.1.el8_10.tuxcare.els14

Database specific

source
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2025-1763722365.json"
kernel-modules-extra

Package

Name
kernel-modules-extra
Purl
pkg:rpm/tuxcare/kernel-modules-extra?distro=centos-stream-8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-553.6.1.el8_10.tuxcare.els14

Database specific

source
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2025-1763722365.json"
kernel-modules-internal

Package

Name
kernel-modules-internal
Purl
pkg:rpm/tuxcare/kernel-modules-internal?distro=centos-stream-8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-553.6.1.el8_10.tuxcare.els14

Database specific

source
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2025-1763722365.json"
kernel-selftests-internal

Package

Name
kernel-selftests-internal
Purl
pkg:rpm/tuxcare/kernel-selftests-internal?distro=centos-stream-8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-553.6.1.el8_10.tuxcare.els14

Database specific

source
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2025-1763722365.json"
kernel-tools

Package

Name
kernel-tools
Purl
pkg:rpm/tuxcare/kernel-tools?distro=centos-stream-8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-553.6.1.el8_10.tuxcare.els14

Database specific

source
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2025-1763722365.json"
kernel-tools-libs

Package

Name
kernel-tools-libs
Purl
pkg:rpm/tuxcare/kernel-tools-libs?distro=centos-stream-8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-553.6.1.el8_10.tuxcare.els14

Database specific

source
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2025-1763722365.json"
kernel-tools-libs-devel

Package

Name
kernel-tools-libs-devel
Purl
pkg:rpm/tuxcare/kernel-tools-libs-devel?distro=centos-stream-8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-553.6.1.el8_10.tuxcare.els14

Database specific

source
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2025-1763722365.json"
perf

Package

Name
perf
Purl
pkg:rpm/tuxcare/perf?distro=centos-stream-8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-553.6.1.el8_10.tuxcare.els14

Database specific

source
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2025-1763722365.json"
python3-perf

Package

Name
python3-perf
Purl
pkg:rpm/tuxcare/python3-perf?distro=centos-stream-8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-553.6.1.el8_10.tuxcare.els14

Database specific

source
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2025-1763722365.json"