- Import Source
- https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux7els/CLSA-2026-1773047152.json
- JSON Data
-
https://api.osv.dev/v1/vulns/CLSA-2026-1773047152
- Upstream
- Published
- 2026-03-09T09:05:56Z
- Modified
- 2026-05-29T01:34:04.948244534Z
- Summary
-
kernel: Fix of 21 CVEs
- Details
-
- i40e: fix IRQ freeing in i40evsirequestirqmsix error path {CVE-2025-39911}
- media: rc: fix races with imon_disconnect() {CVE-2025-39993}
- VMCI: fix race between vmcihostsetupnotify and vmcictxunsetnotify {CVE-2025-38102}
- partitions: mac: fix handling of bogus partition table {CVE-2025-21772}
- tracing: Fix oob write in traceseqto_buffer() {CVE-2025-37923}
- drm/vmwgfx: Validate command header size against SVGACMDMAX_DATASIZE {CVE-2025-40277}
- Bluetooth: fix use-after-free in deviceforeach_child() {CVE-2024-53237}
- net/atm: remove the atmdev_ops {get, set}sockopt methods {CVE-2022-50410}
- i40e: add validation for ring_len param {CVE-2025-39973}
- vsock: Ignore signal/timeout on connect() if already established {CVE-2025-40248}
- sctp: avoid NULL dereference when chunk data buffer is missing {CVE-2025-40240}
- nfsd: handle getclientlocked() failure in nfsd4setclientidconfirm() {CVE-2025-38724}
- VMCI: check context->notifypage after call to getuserpagesfast() to avoid GPF {CVE-2023-53259}
- wifi: brcmsmac: add gain range check to wlcphyiqcalgainparamsnphy() {CVE-2024-58014}
- isofs: Prevent the use of too small fid {CVE-2025-37780}
- net: ppp: Add bound checking for skb data on pppsynctxmung {CVE-2025-37749}
- Bluetooth: Fix use-after-free in l2capsockcleanup_listen() {CVE-2025-39860}
- i40e: Fix potential invalid access when MAC list is empty {CVE-2025-39853}
- ALSA: usb-audio: Fix out-of-bounds read in sndusbgetaudioformatuac3() {CVE-2025-38249}
- fbdev: bitblit: bound-check glyph index in bit_putcs* {CVE-2025-40322}
- fbdev: Add bounds checking in bit_putcs to fix vmalloc-out-of-bounds {CVE-2025-40304}
- References
-
Affected packages
CLSA-2026-1773047152 - OSV
