{"id":"CLSA-2024-1705494763","summary":"kernel: Fix of 13 CVEs","details":"- Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb {CVE-2023-40283}\n- ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet {CVE-2023-6932}\n- smb: client: fix OOB in smbCalcSize() {CVE-2023-6606}\n- net/sched: sch_hfsc: Ensure inner classes have fsc curve {CVE-2023-4623}\n- net/sched: cls_fw: Fix improper refcount update leads to use-after-free {CVE-2023-3776}\n- vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF {CVE-2023-3567}\n- relayfs: fix out-of-bounds access in relay_file_read {CVE-2023-3268}\n- btrfs: unset reloc control if transaction commit fails in prepare_to_relocate() {CVE-2023-3111}\n- xirc2ps_cs: Fix use after free bug in xirc2ps_detach {CVE-2023-1670}\n- Bluetooth: L2CAP: Fix u8 overflow {CVE-2022-45934}\n- Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM {CVE-2022-42896}\n- tcp: Fix data races around icsk-\u003eicsk_af_ops. {CVE-2022-3566}\n- ipv6: use prandom_u32() for ID generation {CVE-2021-45485}","modified":"2026-05-27T11:34:06.310443716Z","published":"2024-01-17T12:32:48Z","upstream":["CVE-2021-45485","CVE-2022-3566","CVE-2022-42896","CVE-2022-45934","CVE-2023-1670","CVE-2023-3111","CVE-2023-3268","CVE-2023-3567","CVE-2023-3776","CVE-2023-40283","CVE-2023-4623","CVE-2023-6606","CVE-2023-6932"],"references":[{"type":"ADVISORY","url":"https://errata.cloudlinux.com/els6/CLSA-2024-1705494763.html"}],"affected":[{"package":{"name":"kernel-abi-whitelists","ecosystem":"TuxCare:CentOS:6","purl":"pkg:rpm/tuxcare/kernel-abi-whitelists?distro=centos-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.6.32-754.35.8.el6.tuxcare.els14"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2024-1705494763.json"}},{"package":{"name":"kernel-doc","ecosystem":"TuxCare:CentOS:6","purl":"pkg:rpm/tuxcare/kernel-doc?distro=centos-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.6.32-754.35.8.el6.tuxcare.els14"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2024-1705494763.json"}},{"package":{"name":"kernel-firmware","ecosystem":"TuxCare:CentOS:6","purl":"pkg:rpm/tuxcare/kernel-firmware?distro=centos-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.6.32-754.35.8.el6.tuxcare.els14"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2024-1705494763.json"}}],"schema_version":"1.7.5"}