{"id":"CLSA-2026-1768775579","summary":"kernel: Fix of 49 CVEs","details":"- scsi: ses: Fix slab-out-of-bounds in ses_enclosure_data_process() {CVE-2023-53803}\n- md/raid1: Fix stack memory use after return in raid1_reshape {CVE-2025-38445}\n- ALSA: usb-audio: Fix out-of-bounds read in snd_usb_get_audioformat_uac3() {CVE-2025-38249}\n- atm: clip: Fix infinite recursive call of clip_push(). {CVE-2025-38459}\n- dm cache: free background tracker's queued work in {CVE-2023-53765}\n- drm/vmwgfx: Validate the box size for the snooped cursor {CVE-2022-36280,CVE-2022-50440}\n- vsock: Do not allow binding to VMADDR_PORT_ANY {CVE-2025-38618}\n- ice: set tx_tstamps when creating new Tx rings via ethtool {CVE-2022-50710}\n- sctp: avoid NULL dereference when chunk data buffer is {CVE-2025-40240}\n- ip6_vti: fix slab-use-after-free in decode_session6 {CVE-2023-53821}\n- wifi: mac80211_hwsim: drop short frames {CVE-2023-53321}\n- ext4: add bounds checking in get_max_inline_xattr_value_size() {CVE-2023-53285}\n- md/raid10: fix null-ptr-deref in raid10_sync_request {CVE-2023-53832}\n- dm flakey: fix a crash with invalid table line {CVE-2023-53786}\n- wifi: mt7601u: fix an integer underflow {CVE-2023-53679}\n- ext4: fix bug_on in __es_tree_search caused by bad boot loader inode {CVE-2022-50638}\n- ext4: add EXT4_IGET_BAD flag to prevent unexpected bad inode\n- ext4: add helper to check quota inums\n- ext4: fix bug_on in __es_tree_search caused by bad quota inode\n- quota: Factor out setup of quota inode\n- USB: usbtmc: Fix direction for 0-length ioctl control messages {CVE-2023-53761}\n- ACPICA: Add AML_NO_OPERAND_RESOLVE flag to Timer {CVE-2023-53395}\n- drm/amd/display: Check num_valid_sets before accessing reader_wm_sets[] {CVE-2024-46815}\n- Bluetooth: btsdio: fix use after free bug in btsdio_remove due to race condition {CVE-2023-1989}\n- nvmet: avoid potential UAF in nvmet_req_complete() {CVE-2023-53116}\n- wifi: brcmfmac: Fix potential stack-out-of-bounds in brcmf_c_preinit_dcmds() {CVE-2022-50258}\n- dm raid: fix address sanitizer warning in raid_status {CVE-2022-50084}\n- vt: Clear selection before changing the font {CVE-2022-49948}\n- ipvs: fix WARNING in ip_vs_app_net_cleanup() {CVE-2022-49917}\n- capabilities: fix undefined behavior in bit shift for CAP_TO_MASK {CVE-2022-49870}\n- ata: libata-transport: fix double ata_host_put() in ata_tport_add() {CVE-2022-49826}\n- ath9k_htc: fix potential out of bounds access with invalid rxstatus-\u003ers_keyix {CVE-2022-49503}\n- selinux: Add boundary check in put_entry() {CVE-2022-50200}\n- rbd: avoid use-after-free in do_rbd_add() when rbd_dev_create() fails {CVE-2023-53307}\n- RDMA/mlx5: Return the firmware result upon destroying QP/RQ {CVE-2023-53286}\n- sched/fair: Don't balance task to its current running CPU {CVE-2023-53215}\n- powercap: intel_rapl: fix UBSAN shift-out-of-bounds issue {CVE-2022-50366}\n- ACPI: tables: FPDT: Don't call acpi_os_map_memory() on invalid phys address {CVE-2022-50320}\n- wifi: ath9k: Fix use-after-free in ath9k_hif_usb_disconnect() {CVE-2022-50881}\n- slcan: Don't transmit uninitialized stack data in padding {CVE-2020-11494}\n- media: dvb-frontends: avoid stack overflow warnings with clang {CVE-2024-27075}\n- PCI/ASPM: Disable ASPM on MFD function removal to avoid use-after-free {CVE-2023-53446}\n- cifs: Fix warning and UAF when destroy the MR list {CVE-2023-53427}\n- sctp: fix a potential overflow in sctp_ifwdtsn_skip {CVE-2023-53372}\n- md/raid10: check slab-out-of-bounds in md_bitmap_get_counter {CVE-2023-53357}\n- lwt: Fix return values of BPF xmit ops {CVE-2023-53338}\n- ubi: ensure that VID header offset + VID header size \u003c= alloc, size {CVE-2023-53265}\n- ACPICA: Fix use-after-free in acpi_ut_copy_ipackage_to_ipackage() {CVE-2022-50423}\n- Bluetooth: hci_sysfs: Fix attempting to call device_add multiple times {CVE-2022-50419}\n- ACPICA: Fix error code path in acpi_ds_call_control_method() {CVE-2022-50411}\n- ata: ahci: Match EM_MAX_SLOTS with SATA_PMP_MAX_PORTS {CVE-2022-50315}\n- wifi: iwlwifi: dvm: Fix memcpy: detected field-spanning write backtrace {CVE-2023-54286}","modified":"2026-05-27T11:33:22.367821426Z","published":"2026-01-19T15:09:29Z","upstream":["CVE-2020-11494","CVE-2022-36280","CVE-2022-49503","CVE-2022-49826","CVE-2022-49870","CVE-2022-49917","CVE-2022-49948","CVE-2022-50084","CVE-2022-50200","CVE-2022-50258","CVE-2022-50315","CVE-2022-50320","CVE-2022-50366","CVE-2022-50411","CVE-2022-50419","CVE-2022-50423","CVE-2022-50440","CVE-2022-50638","CVE-2022-50710","CVE-2022-50881","CVE-2023-1989","CVE-2023-53116","CVE-2023-53215","CVE-2023-53265","CVE-2023-53285","CVE-2023-53286","CVE-2023-53307","CVE-2023-53321","CVE-2023-53338","CVE-2023-53357","CVE-2023-53372","CVE-2023-53395","CVE-2023-53427","CVE-2023-53446","CVE-2023-53679","CVE-2023-53761","CVE-2023-53765","CVE-2023-53786","CVE-2023-53803","CVE-2023-53821","CVE-2023-53832","CVE-2023-54286","CVE-2024-27075","CVE-2024-46815","CVE-2025-38249","CVE-2025-38445","CVE-2025-38459","CVE-2025-38618","CVE-2025-40240"],"references":[{"type":"ADVISORY","url":"https://errata.tuxcare.com/els_os/centos8.5els/CLSA-2026-1768775579.html"}],"affected":[{"package":{"name":"bpftool","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/bpftool?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els33"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2026-1768775579.json"}},{"package":{"name":"kernel","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/kernel?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els33"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2026-1768775579.json"}},{"package":{"name":"kernel-core","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/kernel-core?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els33"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2026-1768775579.json"}},{"package":{"name":"kernel-cross-headers","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/kernel-cross-headers?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els33"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2026-1768775579.json"}},{"package":{"name":"kernel-debug","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/kernel-debug?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els33"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2026-1768775579.json"}},{"package":{"name":"kernel-debug-core","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/kernel-debug-core?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els33"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2026-1768775579.json"}},{"package":{"name":"kernel-debug-devel","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/kernel-debug-devel?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els33"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2026-1768775579.json"}},{"package":{"name":"kernel-debug-modules","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/kernel-debug-modules?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els33"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2026-1768775579.json"}},{"package":{"name":"kernel-debug-modules-extra","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/kernel-debug-modules-extra?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els33"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2026-1768775579.json"}},{"package":{"name":"kernel-debug-modules-internal","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/kernel-debug-modules-internal?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els33"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2026-1768775579.json"}},{"package":{"name":"kernel-devel","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/kernel-devel?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els33"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2026-1768775579.json"}},{"package":{"name":"kernel-headers","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/kernel-headers?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els33"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2026-1768775579.json"}},{"package":{"name":"kernel-ipaclones-internal","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/kernel-ipaclones-internal?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els33"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2026-1768775579.json"}},{"package":{"name":"kernel-modules","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/kernel-modules?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els33"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2026-1768775579.json"}},{"package":{"name":"kernel-modules-extra","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/kernel-modules-extra?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els33"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2026-1768775579.json"}},{"package":{"name":"kernel-modules-internal","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/kernel-modules-internal?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els33"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2026-1768775579.json"}},{"package":{"name":"kernel-selftests-internal","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/kernel-selftests-internal?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els33"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2026-1768775579.json"}},{"package":{"name":"kernel-tools","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/kernel-tools?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els33"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2026-1768775579.json"}},{"package":{"name":"kernel-tools-libs","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/kernel-tools-libs?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els33"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2026-1768775579.json"}},{"package":{"name":"kernel-tools-libs-devel","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/kernel-tools-libs-devel?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els33"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2026-1768775579.json"}},{"package":{"name":"perf","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/perf?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els33"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2026-1768775579.json"}},{"package":{"name":"python3-perf","ecosystem":"TuxCare:CentOS:8.5","purl":"pkg:rpm/tuxcare/python3-perf?distro=centos-8.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.7.1.el8_5.tuxcare.els33"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2026-1768775579.json"}}],"schema_version":"1.7.5"}