CLSA-2026-1778756832
See a problem?- Import Source
- https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos7els/CLSA-2026-1778756832.json
- JSON Data
- https://api.osv.dev/v1/vulns/CLSA-2026-1778756832
- Upstream
- Published
- 2026-05-14T19:27:09Z
- Modified
- 2026-06-01T00:33:19.002523574Z
- Summary
- kernel: Fix of 40 CVEs
- Details
-
- fix: "vsock: Ignore signal/timeout on connect() if already established {CVE-2025-40248}"
- gfs2: Fix possible data races in gfs2showoptions() {CVE-2023-53622}
- ALSA: 6fire: fix use-after-free on disconnect {CVE-2026-31581}
- nfnetlink_osf: validate individual option lengths in fingerprints {CVE-2026-23397}
- netfilter: nfnetlink_osf: avoid OOB read {CVE-2026-23397}
- Squashfs: check metadata block offset is within range {CVE-2026-23388}
- scsi: target: iscsi: Fix use-after-free in iscsitdecconnusagecount() {CVE-2026-23216}
- can: usb8dev: usb8devreadbulk_callback(): fix URB memory leak {CVE-2026-23108}
- net/sched: qfq: Use clisactive to determine whether class is active in qfqrmfrom_ag {CVE-2026-23105}
- ALSA: ctxfi: Fix potential OOB access in audio mixer handling {CVE-2026-23076}
- net: usb: pegasus: fix memory leak in updateethregs_async() {CVE-2026-23021}
- ipv4: ipgre: make ipgreheader() robust {CVE-2026-23011}
- libceph: make decode_pool() more resilient against corrupted osdmaps {CVE-2025-71116}
- via_wdt: fix critical boot hang due to unnamed resource allocation {CVE-2025-71114}
- hwmon: (w83791d) Convert macros to functions to avoid TOCTOU {CVE-2025-71111}
- Bluetooth: btusb: revert use of devm_kzalloc in btusb {CVE-2025-71082}
- Revert "fbdev: bitblit: bound-check glyph index in bit_putcs* {CVE-2025-40322}"
- driver core: fix potential null-ptr-deref in device_add() {CVE-2023-54321}
- btrfs: output extra debug info if we failed to find an inline backref {CVE-2023-53672}
- ring-buffer: Fix deadloop issue on reading trace_pipe {CVE-2023-53668}
- netfilter: conntrack: Avoid nfcthelper_hash uses after free {CVE-2023-53619}
- ring-buffer: Sync IRQ works before buffer destruction {CVE-2023-53587}
- net: usbnet: Fix WARNING in usbnetstartxmit/usbsubmiturb {CVE-2023-53548}
- udf: Do not bother merging very long extents {CVE-2023-53506}
- lib: cpurmap: Fix potential use-after-free in irqcpurmaprelease(CVE-2023-53484)
- lib: cpu_rmap: Avoid use after free on rmap->obj array entries {CVE-2023-53484}
- ext4: remove a BUGON in ext4mbreleasegroup_pa() {CVE-2023-53450}
- md/raid10: fix wrong setting of maxcorrread_errors {CVE-2023-53313}
- platform/x86: mxm-wmi: fix memleak in mxmwmicall_mxds|mx {CVE-2022-50521}
- binfmtmisc: fix shift-out-of-bounds in checkspecial_flags {CVE-2022-50497}
- ntbnetdev: Use devkfreeskbany() in interrupt context {CVE-2022-50476}
- i2c: ismt: use correct length when copy buffer {CVE-2022-50394}
- misc: tifm: fix possible memory leak in tifm7xx1switch_media() {CVE-2022-50349}
- ata: ahci: Match EMMAXSLOTS with SATAPMPMAX_PORTS {CVE-2022-50315}
- ipv6: addrlabel: fix infoleak when sending struct ifaddrlblmsg to network {CVE-2022-49865}
- KVM: x86/mmu: make apf token non-zero to fix bug {CVE-2022-48943}
- kvm: avoid speculation-based attacks from out-of-range memslot accesses {CVE-2021-47277}
- scsi: scsidebug: Fix out-of-bound read in respreport_tgtpgs() {CVE-2021-47219}
- scsi: scsidebug: Fix out-of-bound read in respreadcap16() {CVE-2021-47191}
- USB: core: Add routines for endpoint checks in old drivers
- xen: sync some headers with xen tree
- squashfs: fix memory leak in squashfsfillsuper {CVE-2025-38415}
- pptp: fix pptp_xmit() error path {CVE-2025-38574}
- Revert "net/sched: sch_hfsc: Ensure inner classes have fsc curve" {CVE-2023-4623}
- References