CLSA-2025-1759431869
See a problem?- Import Source
- https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux7els/CLSA-2025-1759431869.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CLSA-2025-1759431869
- Upstream
- Published
- 2025-10-02T19:04:35Z
- Modified
- 2026-05-27T11:36:01.675862100Z
- Summary
- kernel: Fix of 40 CVEs
- Details
-
- ASoC: topology: Clean up route loading {CVE-2024-41069}
- ASoC: topology: Fix references to freed memory {CVE-2024-41069}
- drm/dp_mst: Fix MST sideband message body length check {CVE-2024-56616}
- Bluetooth: L2CAP: Fix not validating setsockopt user input {CVE-2024-35965}
- Bluetooth: L2CAP: uninitialized variables in l2capsocksetsockopt() {CVE-2024-35965}
- usb: cdc-acm: Check control transfer buffer size before access {CVE-2025-21704}
- igb: Fix potential invalid memory access in igbinitmodule() {CVE-2024-52332}
- vfio/pci: Properly hide first-in-list PCIe extended capability {CVE-2024-53214}
- Bluetooth: RFCOMM: Fix not validating setsockopt user input {CVE-2024-35966}
- Bluetooth: SCO: Fix not validating setsockopt user input {CVE-2024-35966}
- media: stk1160: fix bounds checking in stk1160copyvideo() {CVE-2024-38621}
- net/sched: Always pass notifications when child class becomes empty {CVE-2025-38350}
- schhtb: make htbqlen_notify() idempotent {CVE-2025-37932}
- codel: remove sch->q.qlen check before qdisctreereduce_backlog() {CVE-2025-37798}
- schqfq: make qfqqlen_notify() idempotent {CVE-2025-38350}
- schdrr: make drrqlen_notify() idempotent {CVE-2025-38350}
- schhtb: make htbdeactivate() idempotent {CVE-2025-38350}
- schcbq: make cbqqlen_notify() idempotent {CVE-2025-38000}
- inet: fully convert sk->skrxdst to RCU rules {CVE-2021-47103}
- scsi: mpt3sas: Fix use-after-free warning {CVE-2022-48695}
- scsi: mpt3sas: Avoid test/set_bit() operating in non-allocated memory {CVE-2024-40901}
- vmci: prevent speculation leaks by sanitizing event in event_deliver() {CVE-2024-39499}
- USB: core: Fix hang in usbkillurb by adding memory barriers {CVE-2022-48760}
- nvmem: Fix shift-out-of-bound (UBSAN) with byte size cells {CVE-2021-47497}
- virtio-net: Add validation for used length {CVE-2021-47352}
- watchdog: Fix possible use-after-free by calling deltimersync() {CVE-2021-47321}
- scsi: qedi: Fix crash while reading debugfs attribute {CVE-2024-40978}
- wifi: iwlwifi: mvm: check n_ssids before accessing the ssids {CVE-2024-40929}
- wifi: iwlwifi: mvm: guard against invalid STA ID on removal {CVE-2024-36921}
- mac802154: fix llsec key resources release in mac802154llseckey_del {CVE-2024-26961}
- platform/x86: wmi: Fix opening of char device {CVE-2023-52864}
- media: gspca: cpia1: shift-out-of-bounds in set_flicker {CVE-2023-52764}
- wifi: mac80211: fix potential key use-after-free {CVE-2023-52530}
- net: fix information leakage in /proc/net/ptype {CVE-2022-48757}
- crypto: qat - resolve race condition during AER recovery {CVE-2024-26974}
- perf/core: Bail out early if the request AUX area is out of bound {CVE-2023-52835}
- net: ti: fix UAF in tlanremoveone {CVE-2021-47310}
- wifi: ath9k: Fix potential array-index-out-of-bounds read in ath9khtctxstatus() {CVE-2023-52594}
- net: bridge: use DEVSTATSINC() {CVE-2023-52578}
- net: add atomiclongt to netdevicestats fields {CVE-2023-52578}
- media: dvb-core: Fix use-after-free due to race at dvbregisterdevice() {CVE-2022-45884}
- media: dvb-core: Fix use-after-free on race condition at dvb_frontend {CVE-2022-45885}
- xen/gntalloc: don't use gnttabqueryforeign_access() {CVE-2022-23039}
- xen/netfront: don't use gnttabqueryforeign_access() for mapped status {CVE-2022-23037}
- xen/grant-table: add gnttabtryendforeignaccess() {CVE-2022-23038}
- ovl: fail on invalid uid/gid mapping at copy up {CVE-2023-0386}
- ALSA: oss: Fix PCM OSS buffer allocation overflow {CVE-2022-49292}
- gfs2: Fix length of holes reported at end-of-file
- gfs2: Only do glock put in gfs2createinode for free inodes
- gfs2: Fix use-after-free in gfs2_logd after withdraw
- gfs2: fix use-after-free in trans_drain
- gfs2: Clean up revokes on normal withdraws
- GFS2: gfs2freeextlen can return an extent that is too long
- gfs2: Wipe jdata and ail1 in gfs2journalwipe, formerly gfs2metawipe
- GFS2: Refactor gfs2removefrom_journal
- GFS2: Only set PageChecked for jdata pages
- gfs2: keep bios separate for each journal
- gfs2: Remove active journal side effect from gfs2writelog_header
- gfs2: cleanjournal improperly set sdlogflushhead
- partial "GFS2: Introduce new gfs2logheader_v2"
- gfs2: change from write to read lock for sdlogflush_lock in journal replay
- GFS2: Reduce code redundancy writing log headers
- gfs2: Grab glock reference sooner in gfs2addrevoke
- gfs2: fix glock reference problem in gfs2transremove_revoke
- gfs2: Fix occasional glock use-after-free
- gfs2: Make sure we don't miss any delayed withdraws
- gfs2: Fix bad comment for trans_drain
- gfs2: add some much needed cleanup for log flushes that fail
- gfs2: fix trans slab error when withdraw occurs inside log_flush
- gfs2: initialize transaction trailXlists earlier
- GFS2: Remove extra "if" in gfs2logflush()
- gfs2: fix use-after-free on transaction ail lists
- gfs2: Trim the ordered write list in gfs2orderedwrite()
- GFS2: Clean up releasepage
- gfs2: Only set PageChecked if we have a transaction
- gfs2: Fix case in which ail writes are done to jdata holes
- gfs2: simplify gfs2blockmap
- gfs2: Remove unused gfs2iomapalloc argument
- gfs2: Be more careful with the quota sync generation
- gfs2: Get rid of some unnecessary quota locking
- gfs2: Add some missing quota locking
- gfs2: Fold qdfish into gfs2quota_sync
- gfs2: quota need_sync cleanup
- gfs2: Fix and clean up function do_qc
- gfs2: Revert "Add quota_change type"
- gfs2: Revert "ignore negated quota changes"
- gfs2: qdchecksync cleanups
- gfs2: Check quota consistency on mount
- gfs2: Minor gfs2quotainit error path cleanup
- gfs2: fix kernel BUG in gfs2quotacleanup
- gfs2: Clean up quota.c:print_message
- gfs2: Clean up gfs2allocparms initializers
- gfs2: Two quota=account mode fixes
- gfs2: Remove useless assignment
- gfs2: simplify slot_get
- gfs2: Simplify qd2offset
- gfs2: Remove quota allocation info from quota file
- gfs2: use constant for array size
- gfs2: Set qdsyncgen in do_sync
- gfs2: Remove useless err set
- gfs2: Small gfs2quotalock cleanup
- gfs2: move qdsb_put and reduce redundancy
- gfs2: Don't try to sync non-changes
- gfs2: Simplify function need_sync
- gfs2: remove unneeded pg_oflow variable
- gfs2: remove unneeded variable done
- gfs2: pass sdp to gfs2writebuftopage
- gfs2: pass sdp in to gfs2writedisk_quota
- gfs2: Pass sdp to gfs2adjustquota
- gfs2: remove dead code for quota writes
- gfs2: Use qd_sbd more consequently
- gfs2: replace 'found' with dedicated list iterator variable
- gfs2: Some whitespace cleanups
- gfs2: Fix gfs2qaget imbalance in gfs2quotahold
- References