Release date:
2026-07-06 18:27:36 UTC
Description:
- KVM: x86: Fix shadow paging use-after-free due to unexpected role {CVE-2026-46113}
- KVM: x86: Fix shadow paging use-after-free due to unexpected GFN {CVE-2026-46113}
- Bluetooth: bcsp: receive data only if registered {CVE-2025-40308}
- xen/privcmd: unregister xenstore notifier on module exit {CVE-2026-31788}
- xen/privcmd: restrict usage in unprivileged domU {CVE-2026-31788}
- USB: usbtmc: Use usb_bulk_msg_killable() with user-specified timeouts {CVE-2026-43429}
- net: usb: rtl8150: enable basic endpoint checking {CVE-2025-21708}
- net: usb: kaweth: validate USB endpoints {CVE-2026-23312}
- net: usb: kalmia: validate USB endpoints {CVE-2026-23365}
- net: usb: pegasus: validate USB endpoints {CVE-2026-23290}
- net: usb: pegasus: enable basic endpoint checking {CVE-2026-43156}
- USB: usbcore: Introduce usb_bulk_msg_killable() {CVE-2026-43429}
- USB: core: Add routines for endpoint checks in old drivers {CVE-2026-43156}
- nf_tables: nft_dynset: fix possible stateful expression memleak in error path {CVE-2026-23399}
- tpm: Cap the number of PCR banks {CVE-2025-71077}
- clk: imx: clk-imx8mp: improve error handling in imx8mp_clocks_probe() {CVE-2023-53704}
- dm: fix a race condition in retrieve_deps {CVE-2023-54324}
- ice: fix Tx scheduler error handling in XDP callback {CVE-2025-38127}
- mlx5: fix skb leak while fifo resync and push {CVE-2023-54238}
- mmc: vub300: fix return value check of mmc_add_host() {CVE-2022-50251}
- bonding: annotate data-races around slave->last_rx {CVE-2026-23212}
- RDMA/irdma: Fix data race on CQP completion stats {CVE-2023-54302}
- bpf: cpumap: Fix memory leak in cpu_map_update_elem {CVE-2023-53441}
- fbdev: Fix do_register_framebuffer to prevent null-ptr-deref in fb_videomode_to_var {CVE-2025-38215}
- trace/fgraph: Fix the warning caused by missing unregister notifier {CVE-2025-39829}
- vxlan: Fix NPD in {arp,neigh}_reduce() when using nexthop objects {CVE-2025-39850}
- team: prevent adding a device which is already a team device lower {CVE-2024-58071}
- net: stmmac: move the EST lock to struct stmmac_priv {CVE-2024-38594}
- drm/amd/display: Disable PSR-SU on Parade 08-01 TCON too {CVE-2024-50108}
- rxrpc: Fix handling of received connection abort {CVE-2024-58053}
- bnxt_en: Fix out-of-bound memcpy() during ethtool -w {CVE-2025-37911}
- scsi: storvsc: Ratelimit warning logs to prevent VM denial of service {CVE-2025-21690}
- net: atlantic: Fix DMA mapping for PTP hwts ring {CVE-2024-26680}
- wifi: mac80211: use two-phase skb reclamation in ieee80211_do_stop() {CVE-2024-47713}
- drm/amd/display: Add null check for 'afb' in amdgpu_dm_plane_handle_cursor_update (v2) {CVE-2024-49905}
- dm: fix NULL pointer dereference in __dm_suspend() {CVE-2025-40134}
- smb: client: validate the whole DACL before rewriting it in cifsacl {CVE-2026-31709}
- PM: runtime: Fix a race condition related to device removal {CVE-2026-23452}
- ALSA: usb-audio: Check endpoint numbers at parsing Scarlett2 mixer interfaces {CVE-2026-43436}
- nvme-pci: Fix race bug in nvme_poll_irqdisable() {CVE-2026-43448}
- sctp: add mutual exclusion in proc_sctp_do_udp_port() {CVE-2025-22062}
- cachefiles: fix dentry leak in cachefiles_open_file() {CVE-2024-49870}
- mm: revert "mm: shmem: fix data-race in shmem_getattr()" {CVE-2024-53136}
- memcg: fix soft lockup in the OOM process {CVE-2024-57977}
- resource: fix region_intersects() vs add_memory_driver_managed() {CVE-2024-49878}
- r8169: add tally counter fields added with RTL8125 {CVE-2024-49973}
- svcrdma: fix miss destroy percpu_counter in svc_rdma_proc_init() {CVE-2024-53215}
- ext4: fix iloc.bh leak in ext4_fc_replay_inode() error paths {CVE-2026-43066}
- wifi: rtw88: Use devm_kmemdup() in rtw_set_supported_band() {CVE-2025-71273}
- net: netlink: af_netlink: Prevent empty skb by adding a check on len. {CVE-2021-47606}
- extcon: Modify extcon device to be created after driver data is set {CVE-2022-49308}
- tick/nohz: unexport __init-annotated tick_nohz_full_setup() {CVE-2022-49675}
- bridge: switchdev: Fix memory leaks when changing VLAN protocol {CVE-2022-49812}
- capabilities: fix potential memleak on error path from vfs_getxattr_alloc() {CVE-2022-49890}
- net: genl: fix error path memory leak in policy dumping {CVE-2022-50042}
- kprobes: don't call disarm_kprobe() for disabled kprobes {CVE-2022-50008}
- lib/fonts: fix undefined behavior in bit shift for get_default_font {CVE-2022-50511}
- net: af_key: zero aligned sockaddr tail in PF_KEY exports {CVE-2026-43088}
- arm64: mte: Avoid setting PG_mte_tagged if no tags cleared or restored {CVE-2022-50675}
- HID: logitech-hidpp: Fix kernel crash on receiver USB disconnect {CVE-2023-52478}
- efivarfs: force RO when remounting if SetVariable is not supported {CVE-2023-52463}
- Fix page corruption caused by racy check in __free_pages {CVE-2023-52739}
- mptcp: deal with large GSO size {CVE-2023-52778}
- net: can: j1939: enhanced error handling for tightly received RTS messages in xtp_rx_rts_session_new {CVE-2023-52887}
- drm/i915/active: Fix misuse of non-idle barriers as fence trackers {CVE-2023-53087}
- ext4: fix task hung in ext4_xattr_delete_inode {CVE-2023-53089}
- ACPI: PPTT: Fix to avoid sleep in the atomic context when PPTT is absent {CVE-2023-53070}
- bnxt_en: Avoid order-5 memory allocation for TPA data {CVE-2023-53134}
- tcp: tcp_make_synack() can be called from process context {CVE-2023-53121}
- i40e: Fix kernel crash during reboot when adapter is in recovery mode {CVE-2023-53114}
- skbuff: Fix a race between coalescing and releasing SKBs {CVE-2023-53186}
- blk-cgroup: Reinit blkg_iostat_set after clearing in blkcg_reset_stats() {CVE-2023-53421}
- arm64: mm: fix VA-range sanity check {CVE-2023-53989}
- ip6_tunnel: fix NEXTHDR_FRAGMENT handling in ip6_tnl_parse_tlv_enc_lim() {CVE-2024-26633}
- SUNRPC: double free xprt_ctxt while still in use {CVE-2023-54269}
- KVM: Always flush async #PF workqueue when vCPU is being destroyed {CVE-2024-26976}
- drm/amdgpu: validate the parameters of bo mapping operations more clearly {CVE-2024-26922}
- tracing/trigger: Fix to return error if failed to alloc snapshot {CVE-2024-26920}
- dmaengine: idxd: Fix oops during rmmod on single-CPU platforms {CVE-2024-35989}
- nsh: Restore skb->{protocol,data,mac_header} for outer header in nsh_gso_segment(). {CVE-2024-36933}
- firmware: cs_dsp: Use strnlen() on name fields in V1 wmfw files {CVE-2024-41056}
- scsi: qla2xxx: During vport delete send async logout explicitly {CVE-2024-42289}
- ata: libata-core: fix NULL pointer deref in ata_host_alloc_pinfo() {CVE-2022-49731}
- ixgbevf: Fix resource leak in ixgbevf_init_module() {CVE-2022-49028}
- mmc: core: Avoid bitfield RMW for claim/retune flags {CVE-2026-43484}
- Bluetooth: L2CAP: Fix null-ptr-deref in l2cap_sock_new_connection_cb() {CVE-2026-45835}
- cpufreq: Init completion before kobject_init_and_add() {CVE-2022-50473}
- USB: gadget: Fix use-after-free during usb config switch {CVE-2022-50704}
- IB/mad: Don't call to function that might sleep while in atomic context {CVE-2022-50472}
- null_blk: fix poll request timeout handling {CVE-2023-53531}
- drm/i915/gvt: fix vgpu debugfs clean in remove {CVE-2023-53625}
- mlxsw: spectrum_acl_erp: Fix object nesting warning {CVE-2024-43880}
- drm/drm_vma_manager: Add drm_vma_node_allow_once() {CVE-2023-53001}
- drm/amd/display: fix mapping to non-allocated address {CVE-2023-53753}
- ipv6: Fix an uninit variable access bug in __ip6_make_skb() {CVE-2023-54265}
- udplite: Fix NULL pointer dereference in __sk_mem_raise_allocated(). {CVE-2023-54004}
- netlink: terminate outstanding dump on socket close {CVE-2024-53140}
- KVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN {CVE-2024-53135}
- scsi: qla2xxx: Fix use after free on unload {CVE-2024-56623}
- net: Fix icmp host relookup triggering ip_rt_bug {CVE-2024-56647}
- spi: spi-imx: Add check for spi_imx_setupxfer() {CVE-2025-37801}
- netdevsim: fix a race issue related to the operation on bpf_bound_progs list {CVE-2026-23126}
- net: ipv6: fix panic when IPv4 route references loopback IPv6 nexthop {CVE-2026-23300}
- ethtool: check device is present when getting link settings {CVE-2024-46679}
- nfsd: return -EINVAL when namelen is 0 {CVE-2024-47692}
- x86/ioapic: Handle allocation failures gracefully {CVE-2024-49927}
- jbd2: stop waiting for space when jbd2_cleanup_journal_tail() returns error {CVE-2024-49959}
- secretmem: disable memfd_secret() if arch cannot set direct map {CVE-2024-50182}
- wifi: rtlwifi: Drastically reduce the attempts to read efuse in case of failures {CVE-2024-53190}
- iommu/arm-smmu: Defer probe of clients after smmu device bound {CVE-2024-56568}
- RDMA/bnxt_re: Fix the page details for the srq created by kernel consumers {CVE-2025-21885}
- sound/virtio: Fix cancel_sync warnings on uninitialized work_structs {CVE-2025-37805}
- page_pool: avoid infinite loop to schedule delayed worker {CVE-2025-37859}
- netfilter: flowtable: account for Ethernet header in nf_flow_pppoe_proto() {CVE-2025-38441}
- tracing: Add down_write(trace_event_sem) when adding trace event {CVE-2025-38539}
- mm/ptdump: take the memory hotplug lock inside ptdump_walk_pgd() {CVE-2025-38681}
- ipv6: add NULL checks for idev in SRv6 paths {CVE-2026-23442}
- sunrpc: fix cache_request leak in cache_release {CVE-2026-31400}
- netfilter: x_tables: restrict xt_check_match/xt_check_target extensions for NFPROTO_ARP {CVE-2026-31424}
- netfilter: xt_multiport: validate range encoding in checkentry {CVE-2026-31681}
- net: sched: act_csum: validate nested VLAN headers {CVE-2026-31684}
- vxlan: validate ND option lengths in vxlan_na_create {CVE-2026-31738}
- gfs2: fiemap page fault fix {CVE-2026-43262}
- e1000/e1000e: Fix leak in DMA error cleanup {CVE-2026-43445}
- ALSA: usb-audio: Add sanity check for OOB writes at silencing {CVE-2026-43279}
Updated packages:
-
bpftool-7.0.0-284.1101.el9_2.tuxcare.11.els7.x86_64.rpm
sha:716f93cc611493f68bcc951bf74e286016a5818196e7cd27e5ad5a21131731f9
-
kernel-5.14.0-284.1101.el9_2.tuxcare.11.els7.x86_64.rpm
sha:c5d1e18905fdfef844a9597f98196657532b96f9f7980e27dfb6e7069580eb8e
-
kernel-abi-stablelists-5.14.0-284.1101.el9_2.tuxcare.11.els7.noarch.rpm
sha:81c36c8ce723a00dfca6656b6f86bb4656b9262bb93ebd2c78120cad7e491668
-
kernel-core-5.14.0-284.1101.el9_2.tuxcare.11.els7.x86_64.rpm
sha:e7836e812d602b00b403297704d80b13de931da44adb186847c53ecb75f5ef34
-
kernel-cross-headers-5.14.0-284.1101.el9_2.tuxcare.11.els7.x86_64.rpm
sha:1b889e11e2dde1636ce5c0872be9b5d669f39ba547a6d42dbe50d4fec978adbd
-
kernel-debug-5.14.0-284.1101.el9_2.tuxcare.11.els7.x86_64.rpm
sha:d13abd016c9d8bbec8380627523a034b0f7b8376b32b87f41b483fa9ca7fe818
-
kernel-debug-core-5.14.0-284.1101.el9_2.tuxcare.11.els7.x86_64.rpm
sha:3188ab159fd6b7c4162fcfcccdba72db10daabef59ddd4e554a8cbe1f17a58f9
-
kernel-debug-devel-5.14.0-284.1101.el9_2.tuxcare.11.els7.x86_64.rpm
sha:c934a4f2a0d0782d0cd953f73990c53580d274c4b8ec2a623c695875dfef9759
-
kernel-debug-devel-matched-5.14.0-284.1101.el9_2.tuxcare.11.els7.x86_64.rpm
sha:ca2b761c3b40c87b83ac56db3de6e8fda86772e3cadf62c1445cd98f946e8a18
-
kernel-debug-modules-5.14.0-284.1101.el9_2.tuxcare.11.els7.x86_64.rpm
sha:3a79c38d0facad77c7859f3a844a9416e9591aeac2882a82e229ca7d91810a98
-
kernel-debug-modules-core-5.14.0-284.1101.el9_2.tuxcare.11.els7.x86_64.rpm
sha:f78ad56fc88f16360c88a4bb750383247cd25a4c2482b2da7093f6be3e692198
-
kernel-debug-modules-extra-5.14.0-284.1101.el9_2.tuxcare.11.els7.x86_64.rpm
sha:2a9fb554a53e52f07ca398117574dedbcb7ffb0ab2156ce6cb8f5eb76265a535
-
kernel-debug-modules-internal-5.14.0-284.1101.el9_2.tuxcare.11.els7.x86_64.rpm
sha:625ce42eb146578c48e42a7058ecc9c5671a97115701d1cd54eb9cd75b42c6d9
-
kernel-debug-modules-partner-5.14.0-284.1101.el9_2.tuxcare.11.els7.x86_64.rpm
sha:5875d27c6f1876e3364efcdd17f6fc370e676993480304d4992af12a32d38abf
-
kernel-debug-uki-virt-5.14.0-284.1101.el9_2.tuxcare.11.els7.x86_64.rpm
sha:2564e911c0cec5b86388d776a073d3012a2a672f19dda32bc25082669c85bc8f
-
kernel-devel-5.14.0-284.1101.el9_2.tuxcare.11.els7.x86_64.rpm
sha:fd0814b010bbf9430d4d0d139836d17acb573137bdf39f91746f176b894747e2
-
kernel-devel-matched-5.14.0-284.1101.el9_2.tuxcare.11.els7.x86_64.rpm
sha:40e9a471352d2b32a14fdeb458a5a9c57e359402242682196ab53ba23441e2e0
-
kernel-doc-5.14.0-284.1101.el9_2.tuxcare.11.els7.noarch.rpm
sha:11ab01aed4b8005491a320490805eef32d232765aef6ee0b676b5de868b28a7c
-
kernel-headers-5.14.0-284.1101.el9_2.tuxcare.11.els7.x86_64.rpm
sha:e9fcb8289424292c8487343008625567dfd466dad478b5828a3b8ada8da095fe
-
kernel-ipaclones-internal-5.14.0-284.1101.el9_2.tuxcare.11.els7.x86_64.rpm
sha:4e290bad8e69ff7eefa231a298b4f609544d618b4259130fa8bcd666dc8ef5da
-
kernel-modules-5.14.0-284.1101.el9_2.tuxcare.11.els7.x86_64.rpm
sha:c6afd106c83fcdad3678e7cd986c87df495fc097d337b6bd1315eb05f6782a43
-
kernel-modules-core-5.14.0-284.1101.el9_2.tuxcare.11.els7.x86_64.rpm
sha:b0a16cff20981e838d26f4e4b8db42a1f04f23d5219411b807901526315bdce0
-
kernel-modules-extra-5.14.0-284.1101.el9_2.tuxcare.11.els7.x86_64.rpm
sha:edef3dbf85fa4e2f3fc040acaf49390a87c7ce52c563d583ab341e1c85073e14
-
kernel-modules-internal-5.14.0-284.1101.el9_2.tuxcare.11.els7.x86_64.rpm
sha:8b98eef78529e70632b6c4b0d8972a2f606b40adc95c003dc69b4998b0b117bf
-
kernel-modules-partner-5.14.0-284.1101.el9_2.tuxcare.11.els7.x86_64.rpm
sha:0b7f5393bb56248b2ce7e5a73d42b0d9e86153d8af9c90251258a6831858132a
-
kernel-selftests-internal-5.14.0-284.1101.el9_2.tuxcare.11.els7.x86_64.rpm
sha:cccc11b71a5d33e4cc18d9e5c583ab2a07cf4021d263264ec5b9f84640a4dda0
-
kernel-tools-5.14.0-284.1101.el9_2.tuxcare.11.els7.x86_64.rpm
sha:523bf5c05f5dc37b0eaa4e0a820706251515c0005e37563a89bfbec9a8f8c3fc
-
kernel-tools-libs-5.14.0-284.1101.el9_2.tuxcare.11.els7.x86_64.rpm
sha:cf7ec60f4061b1f8c72099c5695f50383c4c7296d12ac33a1289da4e927e9ba9
-
kernel-tools-libs-devel-5.14.0-284.1101.el9_2.tuxcare.11.els7.x86_64.rpm
sha:26b26a0eb2b7bd6c3cdaad151a8afcf6e559129dad1b9f95f62e62d095b7d870
-
kernel-uki-virt-5.14.0-284.1101.el9_2.tuxcare.11.els7.x86_64.rpm
sha:fb90a601c056f6d11750b339f5ad8f0a4714fcbdccc98e87c4c7c90ba28854f0
-
libbpf-1.0.0-2.el9_2.tuxcare.11.els7.i686.rpm
sha:3158b6b415e4c9af3f442178e18c7f2698df9b3db41117ac3f6a9eacca8b3363
-
libbpf-1.0.0-2.el9_2.tuxcare.11.els7.x86_64.rpm
sha:2d183386ef0aadb6352c1d7aa6cbb0d9aef837768a7c5756494a0c2c7e8b31f5
-
libbpf-devel-1.0.0-2.el9_2.tuxcare.11.els7.i686.rpm
sha:4edfb484c37b474f1b17d5011ceb9c48037234b2bd2cc765d30cb275188d74eb
-
libbpf-devel-1.0.0-2.el9_2.tuxcare.11.els7.x86_64.rpm
sha:0d68011b7b2234a6340123bc4c74d9427f73e8bb2164dad5676757221f18557d
-
libbpf-static-1.0.0-2.el9_2.tuxcare.11.els7.i686.rpm
sha:9d65b3e7b2867ff7b9ec8aef948488638ad8e9faa8e84fd6feee459dbe39aa21
-
libbpf-static-1.0.0-2.el9_2.tuxcare.11.els7.x86_64.rpm
sha:03df7436e51af466ec670dc749cf473ad7c8dcc660703f73114751b57cb1aa0c
-
perf-5.14.0-284.1101.el9_2.tuxcare.11.els7.x86_64.rpm
sha:d32954857bb92859dc81a6079afe839f576145a55838f05ba95c4ec234ffe367
-
python3-perf-5.14.0-284.1101.el9_2.tuxcare.11.els7.x86_64.rpm
sha:94866c04bdb2a45bf342c25389c75fdca977d35ed9004141950d4aaaa139d5de
-
rtla-5.14.0-284.1101.el9_2.tuxcare.11.els7.x86_64.rpm
sha:5d19cd393e5f7b32cf1f29649b7e50105705e8242822543408ae5e0e4edc17e4
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.