[CLSA-2026:1782145985] kernel: Fix of 62 CVEs
Type:
security
Severity:
Important
Release date:
2026-07-07 11:29:05 UTC
Description:
- libceph: prevent potential out-of-bounds reads in handle_auth_done() {CVE-2026-22984} - drm/i915: Fix NULL ptr deref by checking new_crtc_state {CVE-2023-53833} - netfilter: nf_tables: release flowtable after rcu grace period on error {CVE-2026-23392} - wifi: brcmfmac: validate bsscfg indices in IF events {CVE-2026-43110} - xfrm: hold dev ref until after transport_finish NF_HOOK {CVE-2026-31663} - mm: blk-cgroup: fix use-after-free in cgwb_release_workfn() {CVE-2026-31586} - scsi: sg: Do not sleep in atomic context {CVE-2025-40259} - Bluetooth: L2CAP: Fix use-after-free in l2cap_disconnect_{req,rsp} {CVE-2023-53827} - drm/i915/gem: add missing boundary check in vm_access {CVE-2023-28410} - ASoC: SOF: debug: Fix potential buffer overflow by snprintf() {CVE-2022-50051} - tipc: fix use-after-free Read in tipc_named_reinit {CVE-2022-49696} - wifi: mac8021: fix possible oob access in ieee80211_get_rate_duration {CVE-2022-49022} - ethtool: do not perform operations on net devices being unregistered {CVE-2021-47517} - cxgb4: avoid accessing registers when clearing filters {CVE-2021-47138} - bpf: Fix ringbuf helper function compatibility {CVE-2021-34866} - HID: wacom: fix out-of-bounds read in wacom_intuos_bt_irq {CVE-2026-43051} - Bluetooth: SCO: Fix use-after-free in sco_recv_frame() due to missing sock_hold {CVE-2026-31408} - net: usb: cdc_ncm: add ndpoffset to NDP16 nframes bounds check {CVE-2026-23448} - nbd: defer config unlock in nbd_genl_connect {CVE-2025-68366} - asix: fix uninit-value in asix_mdio_read() {CVE-2021-47101} - kyber: fix out of bounds access when preempted {CVE-2021-46984} - can: bcm: add locking for bcm_op runtime updates {CVE-2025-38004} - tls: separate no-async decryption request handling from async {CVE-2024-58240} - ftrace: Also allocate and copy hash for reading of filter files {CVE-2025-39689} - Make filldir[64]() verify the directory entry filename is valid {CVE-2019-10220} - scsi: qla2xxx: Fix bsg_done() causing double free {CVE-2025-71238} - team: fix check for port enabled in team_queue_override_port_prio_changed() {CVE-2025-71091} - bonding: limit BOND_MODE_8023AD to Ethernet devices {CVE-2026-23099} - Bluetooth: btusb: revert use of devm_kzalloc in btusb {CVE-2025-71082} - proc/vmcore: fix clearing user buffer by properly using clear_user() {CVE-2021-47566} - nfsd: fix use-after-free due to delegation race {CVE-2021-47506} - drm: bridge/panel: Cleanup connector on bridge detach {CVE-2021-47063} - usb: class: cdc-wdm: fix reordering issue in read code path {CVE-2026-43427} - nfsd: fix heap overflow in NFSv4.0 LOCK replay cache {CVE-2026-31402} - ext4: convert inline data to extents when truncate exceeds inline size {CVE-2026-31452} - wifi: mac80211: check tdls flag in ieee80211_tdls_oper {CVE-2026-43052} - netfilter: nfnetlink_osf: avoid OOB read {CVE-2023-39189} - crypto: asymmetric_keys - prevent overflow in asymmetric_key_generate_id {CVE-2025-68724} - ALSA: 6fire: fix use-after-free on disconnect {CVE-2026-31581} - Bluetooth: btintel: serialize btintel_hw_error() with hci_req_sync_lock {CVE-2026-31500} - drm/amdgpu: Fix use-after-free race in VM acquire {CVE-2026-43370} - net: use dst_dev_rcu() in sk_setup_caps() {CVE-2025-40170} - wifi: brcmfmac: Fix potential stack-out-of-bounds in brcmf_c_preinit_dcmds() {CVE-2022-50258} - x86/fpu: Invalidate FPU state after a failed XRSTOR from a user buffer {CVE-2021-47226} - kvm: LAPIC: Restore guard to prevent illegal APIC register access {CVE-2021-47255} - tunnels: fix kasan splat when generating ipv4 pmtu error {CVE-2023-53600} - macvlan: fix error recovery in macvlan_common_newlink() {CVE-2026-23209} - ALSA: aloop: Fix racy access at PCM trigger {CVE-2026-23191} - RDMA/cxgb4: Do not dma memory off of the stack {CVE-2019-17075} - netfilter: nf_conntrack_helper: pass helper to expect cleanup {CVE-2026-43027} - KVM: nVMX: unconditionally cancel preemption timer in free_nested (CVE-2019-7221) {CVE-2019-7221} - RDMA/umad: Reject negative data_len in ib_umad_write {CVE-2026-23243} - netfilter: nf_conntrack_h323: check for zero length in DecodeQ931() {CVE-2026-23455} - can: raw: fix ro->uniq use-after-free in raw_rcv() {CVE-2026-31532} - can: af_can: export can_sock_destruct() - kvm: avoid speculation-based attacks from out-of-range memslot accesses {CVE-2021-47277} - Bluetooth: MGMT: validate LTK enc_size on load {CVE-2026-43020} - media: dvb-net: fix OOB access in ULE extension header tables {CVE-2026-31405} - netfilter: xt_tcpmss: check remaining length before reading optlen {CVE-2026-43190} - netfilter: ip6t_eui64: reject invalid MAC header for all packets {CVE-2026-31685}
Updated packages:
  • bpftool-4.18.0-305.25.1.el8_4.tuxcare.els42.x86_64.rpm
    sha:f6d3eed5efa672fb55ef29141f9ca1475158fd54f6c3297ada1439558c0b04f7
  • kernel-4.18.0-305.25.1.el8_4.tuxcare.els42.x86_64.rpm
    sha:fe5be442b37b9bc96ca0bf80cd44bfea85236b08290b33a1ebb28f845afe9ad6
  • kernel-core-4.18.0-305.25.1.el8_4.tuxcare.els42.x86_64.rpm
    sha:26eb680d3caa1664ac05d11dc99bad9b3527a21d8bfcf783e7e9bddad9820147
  • kernel-cross-headers-4.18.0-305.25.1.el8_4.tuxcare.els42.x86_64.rpm
    sha:22b06cb93d6cdc0c2148d7b18a67d382f4d2cbfc428204ae089457309a06a6f2
  • kernel-debug-4.18.0-305.25.1.el8_4.tuxcare.els42.x86_64.rpm
    sha:c5348b61d6e235ec97a81433cc0f53547991485bd34fa487d5f78d9638ca363d
  • kernel-debug-core-4.18.0-305.25.1.el8_4.tuxcare.els42.x86_64.rpm
    sha:2ba9b0a7436376d10875c62cd290a39cb9d89fc9788e6fb5db9f55ea627a1400
  • kernel-debug-devel-4.18.0-305.25.1.el8_4.tuxcare.els42.x86_64.rpm
    sha:237f7bd3ba299f104a5cedc5767466d088f1ec8d0b7c50e84e94342343cbe158
  • kernel-debug-modules-4.18.0-305.25.1.el8_4.tuxcare.els42.x86_64.rpm
    sha:2660d201de6d1ef34b5317590f67eb01fef9fb105d6e93398469fb0cc8647ffd
  • kernel-debug-modules-extra-4.18.0-305.25.1.el8_4.tuxcare.els42.x86_64.rpm
    sha:82ed14dd69567fc3c37b47e16be00a8aa978f9c950ab37e3951f979a02980043
  • kernel-debug-modules-internal-4.18.0-305.25.1.el8_4.tuxcare.els42.x86_64.rpm
    sha:7ca638db8869ea3c3606a69839b0a619c44133c392d8767d2d720e714e2dbbe4
  • kernel-devel-4.18.0-305.25.1.el8_4.tuxcare.els42.x86_64.rpm
    sha:c9df81b4ff74118e212369142159c35df59f8e2be87efcdac11d1f2170575e88
  • kernel-headers-4.18.0-305.25.1.el8_4.tuxcare.els42.x86_64.rpm
    sha:063fb6a5f9180734ef113bc16e16d1c57ab09db8244268cf36ada482cd83bd43
  • kernel-ipaclones-internal-4.18.0-305.25.1.el8_4.tuxcare.els42.x86_64.rpm
    sha:9d74b0288a3bb62c12eee911eef6d45510c4ca7be01791d8b9fc2c166cbd9d89
  • kernel-modules-4.18.0-305.25.1.el8_4.tuxcare.els42.x86_64.rpm
    sha:9813790aa4ee334da249910fd7c0fe0ea4baca61eb6b9d55dfcc08b10091fd2d
  • kernel-modules-extra-4.18.0-305.25.1.el8_4.tuxcare.els42.x86_64.rpm
    sha:d846499c1789769874948ab0f0f18201868206f1dc081ef3807b8e33bfb04813
  • kernel-modules-internal-4.18.0-305.25.1.el8_4.tuxcare.els42.x86_64.rpm
    sha:4539151495279a63b69d36c3ebadb859f88675ee960360ce6f67f6d6b1f8107e
  • kernel-selftests-internal-4.18.0-305.25.1.el8_4.tuxcare.els42.x86_64.rpm
    sha:b73e11c7d80241b2db761f4005ec616b260810478fad9008208ec3bd619dda09
  • kernel-tools-4.18.0-305.25.1.el8_4.tuxcare.els42.x86_64.rpm
    sha:c4a77e30854638d966051c98de145f161e8aaae12bc46675aed70b5cdcac5d96
  • kernel-tools-libs-4.18.0-305.25.1.el8_4.tuxcare.els42.x86_64.rpm
    sha:fa01b64a1a6959ab0c05593457b21dd3d1c8fcb22f3faa3ef270b5135ea609ee
  • kernel-tools-libs-devel-4.18.0-305.25.1.el8_4.tuxcare.els42.x86_64.rpm
    sha:3417e4739aefdc5bb4bba1bd31b9a00b86c567381bbffd82ab3db6e92842acf9
  • perf-4.18.0-305.25.1.el8_4.tuxcare.els42.x86_64.rpm
    sha:233a2f6f8db60eed78d2d0e48e21e72e48d57b9a089a2324da328676152f7ee3
  • python3-perf-4.18.0-305.25.1.el8_4.tuxcare.els42.x86_64.rpm
    sha:1526a4eeb8af42712b786953beea9cc3d5d5076623c5b9ab5732cb9cbbdd2e1e
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.