CLSA-2026-1778266904
See a problem?- Import Source
- https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2026-1778266904.json
- JSON Data
- https://api.osv.dev/v1/vulns/CLSA-2026-1778266904
- Upstream
- Published
- 2026-05-08T23:01:14Z
- Modified
- 2026-06-01T00:32:30.001451208Z
- Summary
- kernel: Fix of 188 CVEs
- Details
-
- rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present
- xfrm: esp: avoid in-place decrypt on shared skb frags
- clk: Fix clkhwget_clk() when dev is NULL {CVE-2022-49187}
- x86/sgx: Add overflow check in sgxvalidateoffset_length() {CVE-2022-49785}
- ext4: init quota for 'old.inode' in 'ext4_rename' {CVE-2022-50346}
- skbuff: Account for tail adjustment during pull operations {CVE-2022-50365}
- net: If sock is dead don't access sock's skwq in skstreamwaitmemory {CVE-2022-50409}
- scsi: qla2xxx: Delay module unload while fabric scan in progress {CVE-2025-71235}
- HID: alps: fix NULL pointer dereference in alpsrawevent() {CVE-2026-31625}
- rxrpc: fix reference count leak in rxrpcserverkeyring() {CVE-2026-31634}
- drm/i915/gt: Check setdefaultsubmission() before deferencing {CVE-2026-31540}
- ACPICA: ACPICA: check null return of ACPIALLOCATEZEROED in acpidbdisplay_objects {CVE-2023-54010}
- drm/amdgpu: fix the waring dereferencing hive {CVE-2024-46805}
- drm/amd/display: Add NULL check for function pointer in dcn20setoutputtransferfunc {CVE-2024-49911}
- tracing: Prevent bad count for tracingcpumaskwrite {CVE-2024-56763}
- HID: wacom: fix when get product name maybe null pointer {CVE-2024-56629}
- thermal: int340x: Add NULL check for adev {CVE-2025-23136}
- wifi: mac80211: Purge vif txq in ieee80211dostop() {CVE-2025-37794}
- Bluetooth: L2CAP: Fix null-ptr-deref on l2capsockready_cb {CVE-2026-31510}
- wifi: cfg80211: ocb: don't leave if not joined {CVE-2023-53992}
- mmc: core: Fix kernel panic when remove non-standard SDIO card {CVE-2022-50640}
- EDAC/i10nm: fix refcount leak in pcigetdev_wrapper() {CVE-2022-50645}
- serial: amba-pl011: avoid SBSA UART accessing DMACR register {CVE-2022-50625}
- inetdiag: Initialize pad field in struct inetdiagreqv2 {CVE-2024-42106}
- regulator: pfuze100: Fix refcount leak in pfuzeparseregulators_dt {CVE-2022-49481}
- net/core: Fix ETHP1588 flow dissector {CVE-2023-52580}
- mm/damon/vaddr-test: fix memory leak in damondotestapplythree_regions() {CVE-2023-52560}
- afunix: Fix data races in unixreleasesock/unixstream_sendmsg {CVE-2024-38596}
- drm/amd/display: Implement bounds check for stream encoder creation in DCN301 {CVE-2024-26660}
- block: prevent division by zero in blkrqstat_sum() {CVE-2024-35925}
- netfilter: nfnetlinkqueue: acquire rcureadlock() in instancedestroy_rcu() {CVE-2024-36286}
- tipc: fix a possible memleak in tipcbufappend {CVE-2024-36954}
- ipv6: prevent possible NULL deref in fib6nhinit() {CVE-2024-40961}
- pinctrl: fix deadlock in createpinctrl() when handling -EPROBEDEFER {CVE-2024-42090}
- ipv6: prevent possible NULL dereference in rt6_probe() {CVE-2024-40960}
- drm/radeon: check bo_va->bo is non-NULL before using it {CVE-2024-41060}
- dma: fix call order in dmamfreecoherent {CVE-2024-43856}
- scsi: qla2xxx: Fix for possible memory corruption {CVE-2024-42288}
- ext4: avoid dividing by 0 in mbupdateavgfragmentsize() when block bitmap corrupt {CVE-2024-26774}
- netfilter: flowtable: incorrect pppoe tuple {CVE-2024-27015}
- bnxt_en: Adjust logging of firmware messages in case of released token in _hwrmsend() {CVE-2024-40919}
- Bluetooth: btintel: Fix null ptr deref in btintelreadversion {CVE-2024-35933}
- netdevsim: prevent bad user input in nsimdevhealthbreakwrite() {CVE-2024-56716}
- net/mlx5e: CT: Fix null-ptr-deref in add rule err flow {CVE-2024-53120}
- EDAC/bluefield: Fix potential integer overflow {CVE-2024-53161}
- NFSD: Prevent NULL dereference in nfsd4processcb_update() {CVE-2024-53217}
- ipv4: iptunnel: Fix suspicious RCU usage warning in iptunnel_find() {CVE-2024-50304}
- blk-rq-qos: fix crash on rqqoswait vs. rqqoswake_function race {CVE-2024-50082}
- drm/radeon: fix uninitialized size issue in radeonvcecs_parse() {CVE-2025-21996}
- HID: appleir: Fix potential NULL dereference at raw event handle {CVE-2025-21948}
- filemap: Fix bounds checking in filemap_read() {CVE-2024-50272}
- efi: fix potential NULL deref in efimemreserve_persistent {CVE-2023-52976}
- perf/x86/amd: fix potential integer overflow on shift of a int {CVE-2022-49748}
- ext4: fix infinite loop when replaying fast_commit {CVE-2024-43828}
- kthread: unpark only parked kthread {CVE-2024-50019}
- xhci: tegra: fix checked USB2 port number {CVE-2024-50075}
- Bluetooth: Call iso_exit() on module unload {CVE-2024-50078}
- scsi: target: core: Fix null-ptr-deref in targetallocdevice() {CVE-2024-50153}
- drm/radeon: Fix encoder->possible_clones {CVE-2024-50201}
- squashfs: harden sanity check in squashfsreadxattridtable {CVE-2023-52979}
- xsk: fix an integer overflow in xpcreateandassignumem() {CVE-2025-21997}
- can: j1939: j1939sessionnew(): fix skb reference counting {CVE-2024-56645}
- ice: Do not use WQMEMRECLAIM flag for workqueue {CVE-2023-52743}
- ALSA: usx2y: Use sndcardfreewhenclosed() at disconnection {CVE-2024-56533}
- sched/core: Prevent rescheduling when interrupts are disabled {CVE-2024-58090}
- HID: core: Fix assumption that Resolution Multipliers must be in Logical Collections {CVE-2024-57986}
- RDMA/mlx5: Fix mlx5pollone() cur_qp update flow {CVE-2025-22086}
- x86/mm: Fix flushtlbrange() when used for zapping normal PMDs {CVE-2025-22045}
- Bluetooth: btrtl: Prevent potential NULL dereference {CVE-2025-37792}
- tracing/histograms: Fix memory leak problem {CVE-2022-49648}
- net: hns3: make sure ptp clock is unregister and freed if hclgeptpget_cycle returns an error {CVE-2025-21924}
- ext4: fix another off-by-one fsmap error on 1k block filesystems {CVE-2023-53143}
- can: mcp251x: fix deadlock if an interrupt occurs during mcp251x_open {CVE-2024-46791}
- crypto: ecdh - explicitly zeroize private_key {CVE-2024-42098}
- acpi: nfit: fix narrowing conversion in acpinfitctl {CVE-2025-22044}
- geneve: do not assume mac header is set in genevexmitskb() {CVE-2024-56636}
- tracing/timerlat: Fix a race during cpuhp processing {CVE-2024-49866}
- x86/mtrr: Check if fixed MTRRs exist before saving them {CVE-2024-44948}
- genirq/irq_sim: Initialize work context pointers properly {CVE-2025-38408}
- ice: Fix a null pointer dereference in icecopyandinitpkg() {CVE-2025-38664}
- mm/ksm: fix flag-dropping behavior in ksm_madvise {CVE-2025-40040}
- objtool: Fix SEGFAULT {CVE-2022-50879}
- tty: synclinkgt: Fix null-pointer-dereference in slgtclean() {CVE-2022-49307}
- can: afcan: fix NULL pointer dereference in canrx_register() {CVE-2022-49863}
- bnxten: Fix possible crash in bnxthwrmsetcoal() {CVE-2022-49869}
- pinctrl: devicetree: fix null pointer dereferencing in pinctrldtto_map {CVE-2022-49832}
- tty: vt: initialize unicode screen buffer {CVE-2022-50222}
- mfd: max77620: Fix refcount leak in max77620initialisefps {CVE-2022-50108}
- pnode: terminate at peers of source {CVE-2022-50280}
- mm: /proc/pid/smaps_rollup: fix no vma's null-deref {CVE-2022-50380}
- chardev: fix error handling in cdevdeviceadd() {CVE-2022-50282}
- net: hinic: fix the issue of CMDQ memory leaks {CVE-2022-50387}
- misc: tifm: fix possible memory leak in tifm7xx1switch_media() {CVE-2022-50349}
- tracing: Do not register unsupported perf events {CVE-2025-71125}
- ASoC: amd: fix memory leak in acp3x pdm dma ops {CVE-2026-23190}
- can: j1939: make j1939sessionactivate() fail if device is no longer registered {CVE-2025-71182}
- net: usb: pegasus: fix memory leak in updateethregs_async() {CVE-2026-23021}
- RDMA/irdma: Fix kernel stack leak in irdmacreateuser_ah() {CVE-2026-23335}
- udptunnel: fix NULL deref caused by udpsockcreate6 when CONFIGIPV6=n {CVE-2026-23439}
- xfrm: clear trailing padding in build_polexpire() {CVE-2026-31664}
- wifi: rt2x00usb: fix devres lifetime {CVE-2026-31672}
- mmc: vub300: fix NULL-deref on disconnect {CVE-2026-31651}
- wifi: brcmsmac: Fix dmafreecoherent() size {CVE-2026-31661}
- Bluetooth: RFCOMM: FIX possible deadlock in rfcommskstate_change {CVE-2024-50044}
- drm/nouveau/dispnv04: fix null pointer dereference in nv17tvgetldmodes {CVE-2024-41095}
- smb: client: fix deadlock in smb2findsmb_tcon() {CVE-2024-39468}
- drm/amdgpu: Fixed bug on error when unloading amdgpu {CVE-2023-52912}
- usb: typec: ucsi: Fix null pointer dereference in trace {CVE-2024-46719}
- drm/amdgpu: the warning dereferencing obj for nbiov74 {CVE-2024-46819}
- netfilter: flowtable: initialise extack before use {CVE-2024-45018}
- lib/generic-radix-tree.c: Fix rare race in __genradixptralloc() {CVE-2024-47668}
- drm/amd/display: Check null pointer before dereferencing se {CVE-2024-50049}
- efistub/tpm: Use ACPI reclaim memory for event log to avoid corruption {CVE-2024-49858}
- drm/amd/pm: ensure the fw_info is not null before using it {CVE-2024-49890}
- wifi: iwlwifi: mvm: pause TCM when the firmware is stopped {CVE-2024-47673}
- ACPICA: check null return of ACPIALLOCATEZEROED() in acpidbconverttopackage() {CVE-2024-49962}
- drm/amd/display: Check stream before comparing them {CVE-2024-49896}
- wifi: brcmfmac: Fix oops due to NULL pointer dereference in brcmfsdiodsglist_rw() {CVE-2024-56593}
- USB: serial: quatech2: fix null-ptr-deref in qt2processread_urb() {CVE-2025-21689}
- sctp: properly validate chunk size in sctpsfootb() {CVE-2024-50299}
- USB: usbtmc: prevent kernel-usb-infoleak {CVE-2024-47671}
- printk: Fix signed integer overflow when defining LOGBUFLEN_MAX {CVE-2024-58017}
- nfp: bpf: Add check for nfpappctrlmsgalloc() {CVE-2025-21848}
- kernel/irq/irqdomain.c: fix memory leak with using debugfs_lookup() {CVE-2023-52936}
- linux/dim: Fix divide by 0 in RDMA DIM {CVE-2022-49670}
- scsi: st: Fix array overflow in st_setup() {CVE-2025-37857}
- usb: typec: wusb3801: fix fwnode refcount leak in wusb3801_probe() {CVE-2022-50825}
- samples/bpf: Fix buffer overflow in tcp_basertt {CVE-2023-54312}
- debugobjects: Don't wake up kswapd from fill_pool() {CVE-2023-54268}
- regmap-irq: Fix out-of-bounds access when allocating config buffers {CVE-2023-53768}
- RDMA/core: Fix GID entry ref leak when create_ah fails {CVE-2023-54003}
- drm: Don't unref the same fb many times by mistake due to deadlock handling {CVE-2023-52486}
- pstore/ram: Fix crash when setting number of cpus to an odd number {CVE-2023-52619}
- net: usb: qmi_wwan: fix memory leak for not ip packets {CVE-2024-43861}
- HID: i2c-hid-of: fix NULL-deref on failed power up {CVE-2024-26717}
- netfilter: nf_tables: set dormant flag on hook register failure {CVE-2024-26835}
- md: fix kmemleak of rdev->serial {CVE-2024-26900}
- spi: fix null pointer dereference within spi_sync {CVE-2024-36930}
- scsi: qedf: Fix a possible memory leak in qedfallocandinitsb() {CVE-2024-56748}
- scsi: qedi: Fix a possible memory leak in qediallocandinitsb() {CVE-2024-56747}
- sunrpc: clear XPRTSOCKUPD_TIMEOUT when reset transport {CVE-2024-56688}
- gfs2: Truncate address space when flipping GFS2DIFJDATA flag {CVE-2025-21699}
- sockmap: Add a condresched() in sockhashfree() {CVE-2024-47710}
- net: stmmac: Fix zero-division error when disabling tc cbs {CVE-2024-49977}
- net/mlx5: Fix error path in multi-packet WQE transmit {CVE-2024-50001}
- HID: core: remove unnecessary WARN_ON() in implement() {CVE-2024-39509}
- tipc: fix memory leak in tipclinkxmit {CVE-2025-37757}
- ima: Fix potential memory leak in imainitcrypto() {CVE-2022-49627}
- net: tun: unlink NAPI from device on destruction {CVE-2022-49672}
- iommu/amd: Fix pci device refcount leak in ppr_notifier() {CVE-2022-50505}
- rxrpc: Fix bug due to prealloc collision {CVE-2025-38544}
- ext4: zero i_disksize when initializing the bootloader inode {CVE-2023-53101}
- scsi: hisisas: Add condresched() for no forced preemption model {CVE-2024-56589}
- net: fix NULL pointer dereference in l3mdevl3rcv {CVE-2025-22103}
- cxgb4: fix memory leak in cxgb4initethtool_filters() error path {CVE-2025-37788}
- drm/amdgpu: fix amdgpuirqput call trace in gmcv110hwfini {CVE-2023-53237}
- samples/bpf: Fix fout leak in hbm's runbpfprog {CVE-2023-53290}
- regulator: core: fix NULL dereference on unbind due to stale coupling data {CVE-2025-38668}
- PM / devfreq: Fix leak in devfreqdevrelease() {CVE-2023-53518}
- coresight: trbe: remove cpuhp instance node before remove cpuhp state {CVE-2022-50319}
- net: phy: fix null-ptr-deref while probe() failed {CVE-2022-49021}
- iommu/vt-d: Fix PCI device refcount leak in dmardevscope_init() {CVE-2022-49002}
- mac802154: fix missing INITLISTHEAD in ieee802154ifadd() {CVE-2022-48972}
- watchqueue: Free the page array when watchqueue is dismantled {CVE-2022-49148}
- samples/landlock: Fix path_list memory leak {CVE-2021-47654}
- net: tun: Fix memory leaks of napigetfrags {CVE-2022-49871}
- ftrace: Fix null pointer dereference in ftraceaddmod() {CVE-2022-49802}
- netdevsim: Fix memory leak of nsimdev->facookie {CVE-2022-49803}
- tracing: Fix memory leak in tracingreadpipe() {CVE-2022-49801}
- mtd: core: fix possible resource leak in init_mtd() {CVE-2022-50304}
- wifi: brcmfmac: fix potential memory leak in brcmfnetdevstart_xmit() {CVE-2022-50321}
- xfrmuser: fix info leak in buildreport() {CVE-2026-31671}
- regulator: core: fix resource leak in regulator_register() {CVE-2022-50724}
- x86/tdx: Fix data leak in mmio_read() {CVE-2024-46794}
- x86/entry: Clear X86FEATURESMAP when CONFIGX86SMAP=n {CVE-2021-47430}
- ceph: remove the incorrect Fw reference check when dirtying pages {CVE-2024-50179}
- nfs: Fix KMSAN warning in decodegetfattrattrs() {CVE-2024-53066}
- blk-cgroup: Fix class @block_class's subsystem refcount leakage {CVE-2025-21745}
- cifs: Fix lost destroy smbd connection when MR allocate failed {CVE-2023-54260}
- cifs: Fix xid leak in cifssesadd_channel() {CVE-2022-50856}
- phy: tegra: xusb: Clear the driver reference in usb-phy dev {CVE-2023-54083}
- drm/ttm: Don't leak a resource on swapout move error {CVE-2023-53844}
- team: Move team device type change at the end of teamportadd {CVE-2025-68340}
- udp: Fix wildcard bind conflict check when using hash2 {CVE-2026-31503}
- KVM: SEV: Protect all of sevmemencregisterregion() with kvm->lock {CVE-2026-31592}
- HID: core: clamp report_size in s32ton() to avoid undefined shift {CVE-2026-31624}
- afkey: validate families in pfkeysend_migrate() {CVE-2026-31515}
- nvme-pci: ensure we're polling a polled queue {CVE-2026-31523}
- module: Fix kernel panic when a symbol st_shndx is out of bounds {CVE-2026-31521}
- ALSA: 6fire: fix use-after-free on disconnect {CVE-2026-31581}
- References