CLSA-2026-1770032032

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2026-1770032032.json
JSON Data
https://api.test.osv.dev/v1/vulns/CLSA-2026-1770032032
Upstream
Published
2026-02-02T11:33:56Z
Modified
2026-05-27T11:33:39.497077388Z
Summary
kernel: Fix of 63 CVEs
Details
  • mm/memory-failure: fix VMBUGON_PAGE(PagePoisoned(page)) when unpoison memory {CVE-2025-39883}
  • comedi: aioiiro16: Fix bit shift out of bounds {CVE-2025-38529}
  • comedi: das6402: Fix bit shift out of bounds {CVE-2025-38482}
  • comedi: pcl812: Fix bit shift out of bounds {CVE-2025-38530}
  • comedi: das16m1: Fix bit shift out of bounds {CVE-2025-38483}
  • tcp: Don't call reqskfastopenremove() in tcpconnrequest(). {CVE-2025-40186}
  • wifi: brcmfmac: fix use-after-free when rescheduling brcmfbtcoexinfo work {CVE-2025-39863}
  • smb: client: Fix use-after-free in cifsfilldirent {CVE-2025-38051}
  • libceph: fix potential use-after-free in havemonandosdmap() {CVE-2025-68285}
  • sctp: avoid NULL dereference when chunk data buffer is missing {CVE-2025-40240}
  • smb: client: let recvdone verify dataoffset, datalength and remainingdata_length {CVE-2025-39933}
  • vsock: Ignore signal/timeout on connect() if already established {CVE-2025-40248}
  • ASoC: Intel: bytcr_rt5640: Fix invalid quirk input mapping {CVE-2025-40154}
  • Bluetooth: hci_event: call disconnect callback before deleting conn {CVE-2023-53673}
  • net: fix information leakage in /proc/net/ptype {CVE-2022-48757}
  • net/mlx5e: fix a potential double-free in fsanycreate_groups {CVE-2023-52667}
  • mlxsw: spectrumacltcam: Fix possible use-after-free during activity update {CVE-2024-35855}
  • Squashfs: check the inode number is not the invalid value of zero {CVE-2024-26982}
  • crypto: qat - resolve race condition during AER recovery {CVE-2024-26974}
  • perf/core: Bail out early if the request AUX area is out of bound {CVE-2023-52835}
  • ext4: fix double-free of blocks due to wrong extents moved_len {CVE-2024-26704}
  • stm class: Fix a double free in stmregisterdevice() {CVE-2024-38627}
  • pinctrl: core: delete incorrect free in pinctrl_enable() {CVE-2024-36940}
  • ipvlan: add ipvlanroutev6_outbound() helper {CVE-2023-52796}
  • wifi: ath11k: fix gtk offload status event locking {CVE-2023-52777}
  • ice: fix memory corruption bug with suspend and rebuild {CVE-2024-35911}
  • drm/amdgpu: Fix potential out-of-bounds access in 'amdgpudiscoveryregbaseinit()' {CVE-2024-27042}
  • drm/i915/vma: Fix UAF on destroy against retire race {CVE-2024-26939}
  • netfilter: nftables: prefer nftchain_validate {CVE-2024-41042}
  • Bluetooth: Fix potential use-after-free when clear keys {CVE-2023-53386}
  • drm/amd/display: Check numvalidsets before accessing readerwmsets[] {CVE-2024-46815}
  • drm/amd/display: Check pipe offset before setting vblank {CVE-2024-42120}
  • nbd: fix incomplete validation of ioctl arg {CVE-2023-53513}
  • RDMA/rxe: Fix incomplete state save in rxe_requester {CVE-2023-53539}
  • netfilter: nftables: exthdr: fix 4-byte stack OOB write
  • net: ppp: Add bound checking for skb data on pppsynctxmung {CVE-2025-37749}
  • netsched: hfsc: Fix a potential UAF in hfscdequeue() too {CVE-2025-37823}
  • iommu/amd: Fix potential buffer overflow in parseivrsacpihid {CVE-2025-37927}
  • drm/vmwgfx: Validate command header size against SVGACMDMAX_DATASIZE {CVE-2025-40277}
  • nfsd: handle getclientlocked() failure in nfsd4setclientidconfirm() {CVE-2025-38724}
  • RDMA/rxe: Fix mr->map double free {CVE-2022-50543}
  • ipc: fix to protect IPCS lookups using RCU {CVE-2025-38212}
  • vsock/vmci: Clear the vmci transport packet properly when initializing it {CVE-2025-38403}
  • RDMA/rxe: Fix slab-use-after-free Read in rxequeuecleanup bug {CVE-2025-38024}
  • drm/sched: Fix potential double free in drmschedjobaddresv_dependencies {CVE-2025-40096}
  • HID: usbhid: Eliminate recurrent out-of-bounds bug in usbhid_parse() {CVE-2025-38103}
  • drm/i915: mark requests for GuC virtual engines to avoid use-after-free {CVE-2023-53552}
  • net: atlantic: fix fragment overflow handling in RX path {CVE-2025-68301}
  • net: atm: add lec_mutex {CVE-2025-38323}
  • net: openvswitch: fix nested key length validation in the set() action {CVE-2025-37789}
  • scsi: lpfc: Fix buffer free/clear order in deferred receive path {CVE-2025-39841}
  • jbd2: remove wrong sb->s_sequence check {CVE-2025-37839}
  • tracing: Fix oob write in traceseqto_buffer() {CVE-2025-37923}
  • Squashfs: check return result of sbminblocksize {CVE-2025-38415}
  • ftrace: Fix UAF when lookup kallsym after ftrace disabled {CVE-2025-38346}
  • tcp: Clear tcpsk(sk)->fastopenrsk in tcp_disconnect(). {CVE-2025-39955}
  • wifi: ath9k_htc: Abort software beacon handling if disabled {CVE-2025-38157}
  • atm: Release atmdevmutex after removing procfs in atmdevderegister(). {CVE-2025-38245}
  • ALSA: usb-audio: Fix out-of-bounds read in sndusbgetaudioformatuac3() {CVE-2025-38249}
  • md/raid1: Fix stack memory use after return in raid1_reshape {CVE-2025-38445}
  • atm: clip: Fix infinite recursive call of clip_push(). {CVE-2025-38459}
  • bpf: Avoid _bpfprogret0warn when jit fails {CVE-2025-38280}
  • vsock: Do not allow binding to VMADDRPORTANY {CVE-2025-38618}
  • fbcon: Make sure modelist not set on unregistered console {CVE-2025-38198}
References

Affected packages

TuxCare:CentOS-Stream:8
bpftool

Package

Name
bpftool
Purl
pkg:rpm/tuxcare/bpftool?distro=centos-stream-8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-553.6.1.el8_10.tuxcare.els15

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2026-1770032032.json"
kernel

Package

Name
kernel
Purl
pkg:rpm/tuxcare/kernel?distro=centos-stream-8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-553.6.1.el8_10.tuxcare.els15

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2026-1770032032.json"
kernel-core

Package

Name
kernel-core
Purl
pkg:rpm/tuxcare/kernel-core?distro=centos-stream-8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-553.6.1.el8_10.tuxcare.els15

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2026-1770032032.json"
kernel-cross-headers

Package

Name
kernel-cross-headers
Purl
pkg:rpm/tuxcare/kernel-cross-headers?distro=centos-stream-8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-553.6.1.el8_10.tuxcare.els15

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2026-1770032032.json"
kernel-debug

Package

Name
kernel-debug
Purl
pkg:rpm/tuxcare/kernel-debug?distro=centos-stream-8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-553.6.1.el8_10.tuxcare.els15

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2026-1770032032.json"
kernel-debug-core

Package

Name
kernel-debug-core
Purl
pkg:rpm/tuxcare/kernel-debug-core?distro=centos-stream-8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-553.6.1.el8_10.tuxcare.els15

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2026-1770032032.json"
kernel-debug-devel

Package

Name
kernel-debug-devel
Purl
pkg:rpm/tuxcare/kernel-debug-devel?distro=centos-stream-8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-553.6.1.el8_10.tuxcare.els15

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2026-1770032032.json"
kernel-debug-modules

Package

Name
kernel-debug-modules
Purl
pkg:rpm/tuxcare/kernel-debug-modules?distro=centos-stream-8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-553.6.1.el8_10.tuxcare.els15

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2026-1770032032.json"
kernel-debug-modules-extra

Package

Name
kernel-debug-modules-extra
Purl
pkg:rpm/tuxcare/kernel-debug-modules-extra?distro=centos-stream-8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-553.6.1.el8_10.tuxcare.els15

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2026-1770032032.json"
kernel-debug-modules-internal

Package

Name
kernel-debug-modules-internal
Purl
pkg:rpm/tuxcare/kernel-debug-modules-internal?distro=centos-stream-8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-553.6.1.el8_10.tuxcare.els15

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2026-1770032032.json"
kernel-devel

Package

Name
kernel-devel
Purl
pkg:rpm/tuxcare/kernel-devel?distro=centos-stream-8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-553.6.1.el8_10.tuxcare.els15

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2026-1770032032.json"
kernel-headers

Package

Name
kernel-headers
Purl
pkg:rpm/tuxcare/kernel-headers?distro=centos-stream-8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-553.6.1.el8_10.tuxcare.els15

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2026-1770032032.json"
kernel-ipaclones-internal

Package

Name
kernel-ipaclones-internal
Purl
pkg:rpm/tuxcare/kernel-ipaclones-internal?distro=centos-stream-8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-553.6.1.el8_10.tuxcare.els15

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2026-1770032032.json"
kernel-modules

Package

Name
kernel-modules
Purl
pkg:rpm/tuxcare/kernel-modules?distro=centos-stream-8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-553.6.1.el8_10.tuxcare.els15

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2026-1770032032.json"
kernel-modules-extra

Package

Name
kernel-modules-extra
Purl
pkg:rpm/tuxcare/kernel-modules-extra?distro=centos-stream-8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-553.6.1.el8_10.tuxcare.els15

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2026-1770032032.json"
kernel-modules-internal

Package

Name
kernel-modules-internal
Purl
pkg:rpm/tuxcare/kernel-modules-internal?distro=centos-stream-8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-553.6.1.el8_10.tuxcare.els15

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2026-1770032032.json"
kernel-selftests-internal

Package

Name
kernel-selftests-internal
Purl
pkg:rpm/tuxcare/kernel-selftests-internal?distro=centos-stream-8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-553.6.1.el8_10.tuxcare.els15

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2026-1770032032.json"
kernel-tools

Package

Name
kernel-tools
Purl
pkg:rpm/tuxcare/kernel-tools?distro=centos-stream-8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-553.6.1.el8_10.tuxcare.els15

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2026-1770032032.json"
kernel-tools-libs

Package

Name
kernel-tools-libs
Purl
pkg:rpm/tuxcare/kernel-tools-libs?distro=centos-stream-8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-553.6.1.el8_10.tuxcare.els15

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2026-1770032032.json"
kernel-tools-libs-devel

Package

Name
kernel-tools-libs-devel
Purl
pkg:rpm/tuxcare/kernel-tools-libs-devel?distro=centos-stream-8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-553.6.1.el8_10.tuxcare.els15

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2026-1770032032.json"
perf

Package

Name
perf
Purl
pkg:rpm/tuxcare/perf?distro=centos-stream-8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-553.6.1.el8_10.tuxcare.els15

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2026-1770032032.json"
python3-perf

Package

Name
python3-perf
Purl
pkg:rpm/tuxcare/python3-perf?distro=centos-stream-8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.18.0-553.6.1.el8_10.tuxcare.els15

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2026-1770032032.json"