CLSA-2026-1775779453
See a problem?- Import Source
- https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2026-1775779453.json
- JSON Data
- https://api.osv.dev/v1/vulns/CLSA-2026-1775779453
- Upstream
- Published
- 2026-04-10T00:04:18Z
- Modified
- 2026-06-04T10:03:53.279609700Z
- Summary
- Fix of 68 CVEs
- Details
-
- CVE-2025-39743
- jfs: truncate good inode pages when hard link is 0 {CVE-2025-39743}
- CVE-2025-39685
- comedi: pcl726: Prevent invalid irq number {CVE-2025-39685}
- CVE-2025-38713
- hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc() {CVE-2025-38713}
- CVE-2025-38699
- scsi: bfa: Double-free fix {CVE-2025-38699}
- CVE-2025-38697
- jfs: upper bound check of tree index in dbAllocAG {CVE-2025-38697}
- CVE-2025-38680
- media: uvcvideo: Fix 1-byte out-of-bounds read in uvcparseformat() {CVE-2025-38680}
- CVE-2025-38677
- f2fs: fix to avoid out-of-boundary access in dnode page {CVE-2025-38677}
- CVE-2025-38572
- ipv6: reject malicious packets in ipv6gsosegment() {CVE-2025-38572}
- CVE-2025-38538
- dmaengine: nbpfaxi: Fix memory corruption in probe() {CVE-2025-38538}
- CVE-2025-38530
- comedi: pcl812: Fix bit shift out of bounds {CVE-2025-38530}
- CVE-2025-38529
- comedi: aioiiro16: Fix bit shift out of bounds {CVE-2025-38529}
- CVE-2025-38494
- HID: core: do not bypass hidhwraw_request {CVE-2025-38494}
- CVE-2025-38482
- comedi: das6402: Fix bit shift out of bounds {CVE-2025-38482}
- CVE-2025-38428
- Input: ims-pcu - check record size in imspcuflash_firmware() {CVE-2025-38428}
- CVE-2025-38416
- NFC: nci: uart: Set tty->disc_data only in success path {CVE-2025-38416}
- CVE-2025-38415
- Squashfs: check return result of sbminblocksize {CVE-2025-38415}
- CVE-2025-38403
- vsock/vmci: Clear the vmci transport packet properly when initializing it {CVE-2025-38403}
- CVE-2025-38286
- pinctrl: at91: Fix possible out-of-boundary access {CVE-2025-38286}
- CVE-2025-38245
- atm: Release atmdevmutex after removing procfs in atmdevderegister(). {CVE-2025-38245}
- CVE-2025-38212
- ipc: fix to protect IPCS lookups using RCU {CVE-2025-38212}
- CVE-2025-38204
- jfs: fix array-index-out-of-bounds read in addmissingindices {CVE-2025-38204}
- CVE-2025-38157
- wifi: ath9k_htc: Abort software beacon handling if disabled {CVE-2025-38157}
- CVE-2025-38079
- crypto: algifhash - fix double free in hashaccept {CVE-2025-38079}
- CVE-2025-38051
- smb: client: Fix use-after-free in cifsfilldirent {CVE-2025-38051}
- CVE-2023-53676
- scsi: target: iscsi: Fix buffer overflow in liotargetnaclinfoshow() {CVE-2023-53676}
- CVE-2023-53675
- scsi: ses: Fix possible desc_ptr out-of-bounds accesses {CVE-2023-53675}
- CVE-2023-53668
- ring-buffer: Fix deadloop issue on reading trace_pipe {CVE-2023-53668}
- CVE-2023-53622
- gfs2: Fix possible data races in gfs2showoptions() {CVE-2023-53622}
- CVE-2023-53616
- jfs: fix invalid free of JFSIP(ipimap)->iimap in diUnmount {CVE-2023-53616}
- CVE-2023-53608
- nilfs2: fix potential UAF of struct nilfsscinfo in nilfssegctorthread() {CVE-2023-53608}
- CVE-2023-53587
- ring-buffer: Sync IRQ works before buffer destruction {CVE-2023-53587}
- CVE-2023-53569
- ext2: Check block size validity during mount {CVE-2023-53569}
- CVE-2023-53559
- ipvti: fix potential slab-use-after-free in decodesession6 {CVE-2023-53559}
- CVE-2023-53541
- mtd: rawnand: brcmnand: Fix potential out-of-bounds access in oob write {CVE-2023-53541}
- CVE-2023-53521
- scsi: ses: Fix slab-out-of-bounds in sesintfremove() {CVE-2023-53521}
- CVE-2023-53506
- udf: Do not bother merging very long extents {CVE-2023-53506}
- CVE-2023-53485
- fs: jfs: Fix UBSAN: array-index-out-of-bounds in dbAllocDmapLev {CVE-2023-53485}
- CVE-2023-53484
- lib: cpu_rmap: Avoid use after free on rmap->obj array entries {CVE-2023-53484}
- CVE-2023-53454
- HID: multitouch: Correct devm device reference for hidinput input_dev name {CVE-2023-53454}
- CVE-2023-53322
- scsi: qla2xxx: Wait for io return on terminate rport {CVE-2023-53322}
- CVE-2023-53311
- nilfs2: fix use-after-free of nilfs_root in dirtying inodes via iput {CVE-2023-53311}
- CVE-2023-53259
- VMCI: check context->notifypage after call to getuserpagesfast() to avoid GPF {CVE-2023-53259}
- CVE-2023-53219
- media: netupunidvb: fix use-after-free at deltimer() {CVE-2023-53219}
- CVE-2023-53138
- net: caif: Fix use-after-free in cfusbldevicenotify() {CVE-2023-53138}
- CVE-2023-53075
- ftrace: Fix invalid address access in lookup_rec() when index is 0 {CVE-2023-53075}
- CVE-2023-53035
- nilfs2: fix kernel-infoleak in nilfsioctlwrap_copy() {CVE-2023-53035}
- CVE-2022-50542
- media: si470x: Fix use-after-free in si470xintin_callback() {CVE-2022-50542}
- CVE-2022-50496
- dm cache: Fix UAF in destroy() {CVE-2022-50496}
- CVE-2022-50478
- nilfs2: fix shift-out-of-bounds/overflow in nilfssb2bad_offset() {CVE-2022-50478}
- CVE-2022-50470
- xhci: Remove device endpoints from bandwidth list when freeing the device {CVE-2022-50470}
- CVE-2022-50432
- kernfs: fix use-after-free in _kernfsremove {CVE-2022-50432}
- CVE-2022-50423
- ACPICA: Fix use-after-free in acpiutcopyipackageto_ipackage() {CVE-2022-50423}
- CVE-2022-50419
- Bluetooth: hcisysfs: Fix attempting to call deviceadd multiple times {CVE-2022-50419}
- CVE-2022-50411
- ACPICA: Fix error code path in acpidscallcontrolmethod() {CVE-2022-50411}
- CVE-2022-50394
- i2c: ismt: Fix an out-of-bounds bug in ismt_access() {CVE-2022-50394}
- CVE-2022-50384
- staging: vmeuser: Fix possible UAF in tsi148dmalistadd {CVE-2022-50384}
- CVE-2022-50333
- fs: jfs: fix shift-out-of-bounds in dbDiscardAG {CVE-2022-50333}
- CVE-2022-50301
- iommu/omap: Fix buffer overflow in debugfs {CVE-2022-50301}
- CVE-2022-50094
- spmi: trace: fix stack-out-of-bound access in SPMI tracing functions {CVE-2022-50094}
- CVE-2022-50022
- drivers:md:fix a potential use-after-free bug {CVE-2022-50022}
- CVE-2022-49945
- hwmon: (gpio-fan) Fix array out of bounds access {CVE-2022-49945}
- CVE-2022-49865
- ipv6: addrlabel: fix infoleak when sending struct ifaddrlblmsg to network {CVE-2022-49865}
- CVE-2022-49775
- tcp: cdg: allow tcpcdgrelease() to be called multiple times {CVE-2022-49775}
- CVE-2022-49581
- be2net: Fix buffer overflow in begetmodule_eeprom {CVE-2022-49581}
- CVE-2022-49503
- ath9khtc: fix potential out of bounds access with invalid rxstatus->rskeyix {CVE-2022-49503}
- CVE-2021-47142
- drm/amdgpu: Fix a use-after-free {CVE-2021-47142}
- CVE-url: https://ubuntu.com/security/CVE-2025-38477
- net/sched: schqfq: Avoid triggering mightsleep in atomic context in qfqdeleteclass
- Focal update: v5.4.255 upstream stable release (LP: #2039440)
- Bluetooth: L2CAP: Fix use-after-free
- Bionic update: upstream stable patchset 2022-11-15 (LP: #1996650)
- Bluetooth: L2CAP: Fix user-after-free
- wifi: brcmfmac: fix use-after-free bug in brcmfnetdevstart_xmit()
- Focal update: v5.4.253 upstream stable release (LP: #2038652)
- ip6mr: Fix skbunderpanic in ip6mrcachereport()
- Focal update: v5.4.224 upstream stable release (LP: #1999273)
- ipvs: use explicitly signed chars
- ipvs: fix WARNING in _ipvscleanupbatch()
- ipvs: fix WARNING in ipvsappnetcleanup()
- Bionic update: upstream stable patchset 2022-10-18 (LP: #1993349)
- vt: Clear selection before changing the font
- Focal update: v5.4.237 upstream stable release (LP: #2023420)
- fs: prevent out-of-bounds array speculation when closing a file descriptor
- Focal update: v5.4.231 upstream stable release (LP: #2011226)
- netlink: prevent potential spectre v1 gadgets
- Bionic update: upstream stable patchset 2022-09-23 (LP: #1990698)
- ALSA: bcd2000: Fix a UAF bug on the error path of probing
- drm/radeon: fix potential buffer overflow in nisetmcspecialregisters()
- md-raid10: fix KASAN warning
- selinux: Add boundary check in putentry()
- video: fbdev: vt8623fb: Check the size of screen before memsetio()
- video: fbdev: arkfb: Check the size of screen before memsetio()
- video: fbdev: s3fb: Check the size of screen before memsetio()
- Bionic update: upstream stable patchset 2023-02-06 (LP: #2006403)
- igb: Do not free q_vector unless new one was allocated
- Bionic update: upstream stable patchset 2023-01-20 (LP: #2003596)
- capabilities: fix undefined behavior in bit shift for CAPTOMASK
- net: mdio: fix undefined behavior in bit shift for _mdiobusregister
- CVE-url: https://ubuntu.com/security/CVE-2023-1989
- Bluetooth: btsdio: fix use after free bug in btsdio_remove due to race condition
- Focal update: v5.4.225 upstream stable release (LP: #2002347)
- ntfs: fix use-after-free in ntfsattrfind()
- Focal update: Focal update: v5.4.235 upstream stable release
(LP: #2017706)
- wifi: brcmfmac: Fix potential stack-out-of-bounds in brcmfcpreinit_dcmds()
- Miscellaneous upstream changes
- debian: add control and changelog files
- Merge branch 'master' into master-build
- Merge branch 'master' into master-build
- Merge branch 'master' into master-build
- Merge branch 'master' into master-build
- Merge branch 'master' into master-build
- Merge branch 'master' into master-build
- Merge branch 'master' into master-build
- Merge branch 'master' into master-build
- Merge branch 'master' into master-build
- Merge branch 'master' into master-build
- Merge branch 'master' into master-build
- Merge branch 'master' into master-build
- Merge branch 'master' into master-build
- Merge branch 'master' into master-build
- Merge branch 'master' into master-build
- Merge branch 'master' into master-build
- Merge branch 'master' into master-build
- Merge branch 'master' into master-build
- Merge branch 'master' into master-build
- Merge branch 'master' into master-build
- Merge branch 'master' into master-build
- Merge branch 'master' into master-build
- Merge branch 'master' into master-build
- Merge branch 'master' into master-build
- Merge branch 'master' into master-build
- Merge branch 'master' into master-build
- Merge branch 'master' into master-build
- Merge branch 'master' into master-build
- Merge branch 'master' into master-build
- Merge branch 'master' into master-build
- Merge branch 'master' into master-build
- Merge branch 'master' into master-build
- Merge branch 'master' into master-build
- Merge branch 'master' into master-build
- Merge branch 'master' into master-build
- Merge branch 'master' into master-build
- Merge branch 'master' into master-build
- Merge branch 'master' into master-build
- Merge branch 'master' into master-build
- Merge branch 'master' into master-build
- Merge branch 'master' into master-build
- Merge branch 'master' into master-build
- Merge branch 'master' into master-build
- Merge branch 'master' into master-build
- Merge branch 'master' into master-build
- vhost-scsi: Fix handling of multiple calls to vhostscsisetendpoint
- f2fs: return error when accessing insane flie offset
- f2fs: lost matching-pair of trace in f2fstruncateinodeblocks
- f2fs: fix to avoid out-of-bounds access in f2fstruncateinodeblocks()
- usb: vhci-hcd: Do not drop references before new references are gained
- tracing: Fix oob write in traceseqtobuffer()
- mtd: inftlcore: Add error check for inftlreadoob()
- jbd2: remove wrong sb->ssequence check
- usb: dwc3: gadget: check that event count does not exceed event buffer length
- ALSA: hda/ca0132: Fix buffer overflow in addtuningcontrol
- Bluetooth: hcicore: Fix use-after-free in vhciflush()
- usb: xhci: Fix isochronous Ring Underrun/Overrun event handling
- Revert "Bluetooth: btsdio: fix use after free bug in btsdioremove due to unfinished work"
- scsi: target: Fix WRITESAME No Data Buffer crash
- netsched: hfsc: Fix a potential UAF in hfscdequeue() too
- HID: core: Harden s32ton() against conversion to 0 bits
- scsi: libsas: Fix use-after-free bug in smpexecutetasksg()
- wifi: mac80211hwsim: drop short frames
- ACPICA: Add AMLNOOPERANDRESOLVE flag to Timer
- scsi: lpfc: Fix use-after-free KFENCE violation during sysfs firmware write
- CVE-2025-39743
- References