Release date:
2026-07-07 11:29:05 UTC
Description:
- libceph: prevent potential out-of-bounds reads in handle_auth_done() {CVE-2026-22984}
- drm/i915: Fix NULL ptr deref by checking new_crtc_state {CVE-2023-53833}
- netfilter: nf_tables: release flowtable after rcu grace period on error {CVE-2026-23392}
- wifi: brcmfmac: validate bsscfg indices in IF events {CVE-2026-43110}
- xfrm: hold dev ref until after transport_finish NF_HOOK {CVE-2026-31663}
- mm: blk-cgroup: fix use-after-free in cgwb_release_workfn() {CVE-2026-31586}
- scsi: sg: Do not sleep in atomic context {CVE-2025-40259}
- Bluetooth: L2CAP: Fix use-after-free in l2cap_disconnect_{req,rsp} {CVE-2023-53827}
- drm/i915/gem: add missing boundary check in vm_access {CVE-2023-28410}
- ASoC: SOF: debug: Fix potential buffer overflow by snprintf() {CVE-2022-50051}
- tipc: fix use-after-free Read in tipc_named_reinit {CVE-2022-49696}
- wifi: mac8021: fix possible oob access in ieee80211_get_rate_duration {CVE-2022-49022}
- ethtool: do not perform operations on net devices being unregistered {CVE-2021-47517}
- cxgb4: avoid accessing registers when clearing filters {CVE-2021-47138}
- bpf: Fix ringbuf helper function compatibility {CVE-2021-34866}
- HID: wacom: fix out-of-bounds read in wacom_intuos_bt_irq {CVE-2026-43051}
- Bluetooth: SCO: Fix use-after-free in sco_recv_frame() due to missing sock_hold {CVE-2026-31408}
- net: usb: cdc_ncm: add ndpoffset to NDP16 nframes bounds check {CVE-2026-23448}
- nbd: defer config unlock in nbd_genl_connect {CVE-2025-68366}
- asix: fix uninit-value in asix_mdio_read() {CVE-2021-47101}
- kyber: fix out of bounds access when preempted {CVE-2021-46984}
- can: bcm: add locking for bcm_op runtime updates {CVE-2025-38004}
- tls: separate no-async decryption request handling from async {CVE-2024-58240}
- ftrace: Also allocate and copy hash for reading of filter files {CVE-2025-39689}
- Make filldir[64]() verify the directory entry filename is valid {CVE-2019-10220}
- scsi: qla2xxx: Fix bsg_done() causing double free {CVE-2025-71238}
- team: fix check for port enabled in team_queue_override_port_prio_changed() {CVE-2025-71091}
- bonding: limit BOND_MODE_8023AD to Ethernet devices {CVE-2026-23099}
- Bluetooth: btusb: revert use of devm_kzalloc in btusb {CVE-2025-71082}
- proc/vmcore: fix clearing user buffer by properly using clear_user() {CVE-2021-47566}
- nfsd: fix use-after-free due to delegation race {CVE-2021-47506}
- drm: bridge/panel: Cleanup connector on bridge detach {CVE-2021-47063}
- usb: class: cdc-wdm: fix reordering issue in read code path {CVE-2026-43427}
- nfsd: fix heap overflow in NFSv4.0 LOCK replay cache {CVE-2026-31402}
- ext4: convert inline data to extents when truncate exceeds inline size {CVE-2026-31452}
- wifi: mac80211: check tdls flag in ieee80211_tdls_oper {CVE-2026-43052}
- netfilter: nfnetlink_osf: avoid OOB read {CVE-2023-39189}
- crypto: asymmetric_keys - prevent overflow in asymmetric_key_generate_id {CVE-2025-68724}
- ALSA: 6fire: fix use-after-free on disconnect {CVE-2026-31581}
- Bluetooth: btintel: serialize btintel_hw_error() with hci_req_sync_lock {CVE-2026-31500}
- drm/amdgpu: Fix use-after-free race in VM acquire {CVE-2026-43370}
- net: use dst_dev_rcu() in sk_setup_caps() {CVE-2025-40170}
- wifi: brcmfmac: Fix potential stack-out-of-bounds in brcmf_c_preinit_dcmds() {CVE-2022-50258}
- x86/fpu: Invalidate FPU state after a failed XRSTOR from a user buffer {CVE-2021-47226}
- kvm: LAPIC: Restore guard to prevent illegal APIC register access {CVE-2021-47255}
- tunnels: fix kasan splat when generating ipv4 pmtu error {CVE-2023-53600}
- macvlan: fix error recovery in macvlan_common_newlink() {CVE-2026-23209}
- ALSA: aloop: Fix racy access at PCM trigger {CVE-2026-23191}
- RDMA/cxgb4: Do not dma memory off of the stack {CVE-2019-17075}
- netfilter: nf_conntrack_helper: pass helper to expect cleanup {CVE-2026-43027}
- KVM: nVMX: unconditionally cancel preemption timer in free_nested (CVE-2019-7221) {CVE-2019-7221}
- RDMA/umad: Reject negative data_len in ib_umad_write {CVE-2026-23243}
- netfilter: nf_conntrack_h323: check for zero length in DecodeQ931() {CVE-2026-23455}
- can: raw: fix ro->uniq use-after-free in raw_rcv() {CVE-2026-31532}
- can: af_can: export can_sock_destruct()
- kvm: avoid speculation-based attacks from out-of-range memslot accesses {CVE-2021-47277}
- Bluetooth: MGMT: validate LTK enc_size on load {CVE-2026-43020}
- media: dvb-net: fix OOB access in ULE extension header tables {CVE-2026-31405}
- netfilter: xt_tcpmss: check remaining length before reading optlen {CVE-2026-43190}
- netfilter: ip6t_eui64: reject invalid MAC header for all packets {CVE-2026-31685}
Updated packages:
-
bpftool-4.18.0-305.25.1.el8_4.tuxcare.els42.x86_64.rpm
sha:f6d3eed5efa672fb55ef29141f9ca1475158fd54f6c3297ada1439558c0b04f7
-
kernel-4.18.0-305.25.1.el8_4.tuxcare.els42.x86_64.rpm
sha:fe5be442b37b9bc96ca0bf80cd44bfea85236b08290b33a1ebb28f845afe9ad6
-
kernel-core-4.18.0-305.25.1.el8_4.tuxcare.els42.x86_64.rpm
sha:26eb680d3caa1664ac05d11dc99bad9b3527a21d8bfcf783e7e9bddad9820147
-
kernel-cross-headers-4.18.0-305.25.1.el8_4.tuxcare.els42.x86_64.rpm
sha:22b06cb93d6cdc0c2148d7b18a67d382f4d2cbfc428204ae089457309a06a6f2
-
kernel-debug-4.18.0-305.25.1.el8_4.tuxcare.els42.x86_64.rpm
sha:c5348b61d6e235ec97a81433cc0f53547991485bd34fa487d5f78d9638ca363d
-
kernel-debug-core-4.18.0-305.25.1.el8_4.tuxcare.els42.x86_64.rpm
sha:2ba9b0a7436376d10875c62cd290a39cb9d89fc9788e6fb5db9f55ea627a1400
-
kernel-debug-devel-4.18.0-305.25.1.el8_4.tuxcare.els42.x86_64.rpm
sha:237f7bd3ba299f104a5cedc5767466d088f1ec8d0b7c50e84e94342343cbe158
-
kernel-debug-modules-4.18.0-305.25.1.el8_4.tuxcare.els42.x86_64.rpm
sha:2660d201de6d1ef34b5317590f67eb01fef9fb105d6e93398469fb0cc8647ffd
-
kernel-debug-modules-extra-4.18.0-305.25.1.el8_4.tuxcare.els42.x86_64.rpm
sha:82ed14dd69567fc3c37b47e16be00a8aa978f9c950ab37e3951f979a02980043
-
kernel-debug-modules-internal-4.18.0-305.25.1.el8_4.tuxcare.els42.x86_64.rpm
sha:7ca638db8869ea3c3606a69839b0a619c44133c392d8767d2d720e714e2dbbe4
-
kernel-devel-4.18.0-305.25.1.el8_4.tuxcare.els42.x86_64.rpm
sha:c9df81b4ff74118e212369142159c35df59f8e2be87efcdac11d1f2170575e88
-
kernel-headers-4.18.0-305.25.1.el8_4.tuxcare.els42.x86_64.rpm
sha:063fb6a5f9180734ef113bc16e16d1c57ab09db8244268cf36ada482cd83bd43
-
kernel-ipaclones-internal-4.18.0-305.25.1.el8_4.tuxcare.els42.x86_64.rpm
sha:9d74b0288a3bb62c12eee911eef6d45510c4ca7be01791d8b9fc2c166cbd9d89
-
kernel-modules-4.18.0-305.25.1.el8_4.tuxcare.els42.x86_64.rpm
sha:9813790aa4ee334da249910fd7c0fe0ea4baca61eb6b9d55dfcc08b10091fd2d
-
kernel-modules-extra-4.18.0-305.25.1.el8_4.tuxcare.els42.x86_64.rpm
sha:d846499c1789769874948ab0f0f18201868206f1dc081ef3807b8e33bfb04813
-
kernel-modules-internal-4.18.0-305.25.1.el8_4.tuxcare.els42.x86_64.rpm
sha:4539151495279a63b69d36c3ebadb859f88675ee960360ce6f67f6d6b1f8107e
-
kernel-selftests-internal-4.18.0-305.25.1.el8_4.tuxcare.els42.x86_64.rpm
sha:b73e11c7d80241b2db761f4005ec616b260810478fad9008208ec3bd619dda09
-
kernel-tools-4.18.0-305.25.1.el8_4.tuxcare.els42.x86_64.rpm
sha:c4a77e30854638d966051c98de145f161e8aaae12bc46675aed70b5cdcac5d96
-
kernel-tools-libs-4.18.0-305.25.1.el8_4.tuxcare.els42.x86_64.rpm
sha:fa01b64a1a6959ab0c05593457b21dd3d1c8fcb22f3faa3ef270b5135ea609ee
-
kernel-tools-libs-devel-4.18.0-305.25.1.el8_4.tuxcare.els42.x86_64.rpm
sha:3417e4739aefdc5bb4bba1bd31b9a00b86c567381bbffd82ab3db6e92842acf9
-
perf-4.18.0-305.25.1.el8_4.tuxcare.els42.x86_64.rpm
sha:233a2f6f8db60eed78d2d0e48e21e72e48d57b9a089a2324da328676152f7ee3
-
python3-perf-4.18.0-305.25.1.el8_4.tuxcare.els42.x86_64.rpm
sha:1526a4eeb8af42712b786953beea9cc3d5d5076623c5b9ab5732cb9cbbdd2e1e
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.