CLSA-2025-1766599987

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux7els/CLSA-2025-1766599987.json
JSON Data
https://api.osv.dev/v1/vulns/CLSA-2025-1766599987
Upstream
  • CVE-2022-48900
Published
2025-12-25T10:49:32Z
Modified
2026-06-01T00:33:20.153955436Z
Summary
kernel: Fix of 27 CVEs
Details
  • xfrm: Duplicate SPI Handling {CVE-2025-39965}
  • xfrm: state: use atomicincnot_zero to increment refcount
  • padata: Fix pd UAF once and for all {CVE-2025-38584}
  • padata: Remove broken queue flushing {CVE-2023-52854}
  • padata: ensure padatadoserial() runs on the correct CPU
  • Bluetooth: L2CAP: Fix use-after-free {CVE-2023-53305}
  • wifi: brcmfmac: fix use-after-free bug in brcmfnetdevstart_xmit() {CVE-2022-50408}
  • sctp: linearize cloned gso packets in sctp_rcv {CVE-2025-38718}
  • ip6mr: Fix skbunderpanic in ip6mrcachereport() {CVE-2023-53365}
  • Bluetooth: L2CAP: Fix user-after-free {CVE-2022-50386}
  • Bluetooth: L2CAP: Fix use-after-free caused by l2capchanput {CVE-2022-3640}
  • ipvs: fix WARNING in ipvsappnetcleanup() {CVE-2022-49917}
  • ipvs: fix WARNING in _ipvscleanupbatch() {CVE-2022-49918}
  • ipvs: use explicitly signed chars
  • vt: Clear selection before changing the font {CVE-2022-49948}
  • fs: prevent out-of-bounds array speculation when closing a file descriptor {CVE-2023-53117}
  • xen/netfront: react properly to failing gnttabendforeignaccessref() {CVE-2022-48900}
  • netlink: prevent potential spectre v1 gadgets {CVE-2023-53000}
  • igb: Do not free q_vector unless new one was allocated {CVE-2022-50252}
  • scsi: target: Fix WRITE_SAME No Data Buffer crash {CVE-2022-21546}
  • net: mdio: fix undefined behavior in bit shift for _mdiobusregister {CVE-2022-49907}
  • dm raid: fix address sanitizer warning in raid_status {CVE-2022-50084}
  • dm raid: fix address sanitizer warning in raid_resume {CVE-2022-50085}
  • capabilities: fix undefined behavior in bit shift for CAPTOMASK {CVE-2022-49870}
  • wifi: brcmfmac: Fix potential stack-out-of-bounds in brcmfcpreinit_dcmds() {CVE-2022-50258}
  • usb: xhci: Fix isochronous Ring Underrun/Overrun event handling {CVE-2025-37882}
  • Bluetooth: hcicore: Fix use-after-free in vhciflush() {CVE-2025-38250}
  • ALSA: hda/ca0132: Fix buffer overflow in addtuningcontrol {CVE-2025-39751}
  • jbd2: remove wrong sb->s_sequence check {CVE-2025-37839}
  • net_sched: hfsc: Fix a UAF vulnerability in class handling
  • crypto: seqiv - Handle EBUSY correctly {CVE-2023-53373}
References

Affected packages

TuxCare:OracleLinux:7
bpftool

Package

Name
bpftool
Purl
pkg:rpm/tuxcare/bpftool?distro=oraclelinux-7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.10.0-1160.139.1.el7.tuxcare.els3

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux7els/CLSA-2025-1766599987.json"
kernel

Package

Name
kernel
Purl
pkg:rpm/tuxcare/kernel?distro=oraclelinux-7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.10.0-1160.139.1.el7.tuxcare.els3

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux7els/CLSA-2025-1766599987.json"
kernel-debug

Package

Name
kernel-debug
Purl
pkg:rpm/tuxcare/kernel-debug?distro=oraclelinux-7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.10.0-1160.139.1.el7.tuxcare.els3

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux7els/CLSA-2025-1766599987.json"
kernel-debug-devel

Package

Name
kernel-debug-devel
Purl
pkg:rpm/tuxcare/kernel-debug-devel?distro=oraclelinux-7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.10.0-1160.139.1.el7.tuxcare.els3

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux7els/CLSA-2025-1766599987.json"
kernel-devel

Package

Name
kernel-devel
Purl
pkg:rpm/tuxcare/kernel-devel?distro=oraclelinux-7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.10.0-1160.139.1.el7.tuxcare.els3

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux7els/CLSA-2025-1766599987.json"
kernel-headers

Package

Name
kernel-headers
Purl
pkg:rpm/tuxcare/kernel-headers?distro=oraclelinux-7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.10.0-1160.139.1.el7.tuxcare.els3

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux7els/CLSA-2025-1766599987.json"
kernel-tools

Package

Name
kernel-tools
Purl
pkg:rpm/tuxcare/kernel-tools?distro=oraclelinux-7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.10.0-1160.139.1.el7.tuxcare.els3

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux7els/CLSA-2025-1766599987.json"
kernel-tools-libs

Package

Name
kernel-tools-libs
Purl
pkg:rpm/tuxcare/kernel-tools-libs?distro=oraclelinux-7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.10.0-1160.139.1.el7.tuxcare.els3

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux7els/CLSA-2025-1766599987.json"
kernel-tools-libs-devel

Package

Name
kernel-tools-libs-devel
Purl
pkg:rpm/tuxcare/kernel-tools-libs-devel?distro=oraclelinux-7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.10.0-1160.139.1.el7.tuxcare.els3

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux7els/CLSA-2025-1766599987.json"
perf

Package

Name
perf
Purl
pkg:rpm/tuxcare/perf?distro=oraclelinux-7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.10.0-1160.139.1.el7.tuxcare.els3

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux7els/CLSA-2025-1766599987.json"
python-perf

Package

Name
python-perf
Purl
pkg:rpm/tuxcare/python-perf?distro=oraclelinux-7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.10.0-1160.139.1.el7.tuxcare.els3

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux7els/CLSA-2025-1766599987.json"