{"id":"CLSA-2026-1770032032","summary":"kernel: Fix of 63 CVEs","details":"- mm/memory-failure: fix VM_BUG_ON_PAGE(PagePoisoned(page)) when unpoison memory {CVE-2025-39883}\n- comedi: aio_iiro_16: Fix bit shift out of bounds {CVE-2025-38529}\n- comedi: das6402: Fix bit shift out of bounds {CVE-2025-38482}\n- comedi: pcl812: Fix bit shift out of bounds {CVE-2025-38530}\n- comedi: das16m1: Fix bit shift out of bounds {CVE-2025-38483}\n- tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request(). {CVE-2025-40186}\n- wifi: brcmfmac: fix use-after-free when rescheduling brcmf_btcoex_info work {CVE-2025-39863}\n- smb: client: Fix use-after-free in cifs_fill_dirent {CVE-2025-38051}\n- libceph: fix potential use-after-free in have_mon_and_osd_map() {CVE-2025-68285}\n- sctp: avoid NULL dereference when chunk data buffer is missing {CVE-2025-40240}\n- smb: client: let recv_done verify data_offset, data_length and remaining_data_length {CVE-2025-39933}\n- vsock: Ignore signal/timeout on connect() if already established {CVE-2025-40248}\n- ASoC: Intel: bytcr_rt5640: Fix invalid quirk input mapping {CVE-2025-40154}\n- Bluetooth: hci_event: call disconnect callback before deleting conn {CVE-2023-53673}\n- net: fix information leakage in /proc/net/ptype {CVE-2022-48757}\n- net/mlx5e: fix a potential double-free in fs_any_create_groups {CVE-2023-52667}\n- mlxsw: spectrum_acl_tcam: Fix possible use-after-free during activity update {CVE-2024-35855}\n- Squashfs: check the inode number is not the invalid value of zero {CVE-2024-26982}\n- crypto: qat - resolve race condition during AER recovery {CVE-2024-26974}\n- perf/core: Bail out early if the request AUX area is out of bound {CVE-2023-52835}\n- ext4: fix double-free of blocks due to wrong extents moved_len {CVE-2024-26704}\n- stm class: Fix a double free in stm_register_device() {CVE-2024-38627}\n- pinctrl: core: delete incorrect free in pinctrl_enable() {CVE-2024-36940}\n- ipvlan: add ipvlan_route_v6_outbound() helper {CVE-2023-52796}\n- wifi: ath11k: fix gtk offload status event locking {CVE-2023-52777}\n- ice: fix memory corruption bug with suspend and rebuild {CVE-2024-35911}\n- drm/amdgpu: Fix potential out-of-bounds access in 'amdgpu_discovery_reg_base_init()' {CVE-2024-27042}\n- drm/i915/vma: Fix UAF on destroy against retire race {CVE-2024-26939}\n- netfilter: nf_tables: prefer nft_chain_validate {CVE-2024-41042}\n- Bluetooth: Fix potential use-after-free when clear keys {CVE-2023-53386}\n- drm/amd/display: Check num_valid_sets before accessing reader_wm_sets[] {CVE-2024-46815}\n- drm/amd/display: Check pipe offset before setting vblank {CVE-2024-42120}\n- nbd: fix incomplete validation of ioctl arg {CVE-2023-53513}\n- RDMA/rxe: Fix incomplete state save in rxe_requester {CVE-2023-53539}\n- netfilter: nftables: exthdr: fix 4-byte stack OOB write\n- net: ppp: Add bound checking for skb data on ppp_sync_txmung {CVE-2025-37749}\n- net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too {CVE-2025-37823}\n- iommu/amd: Fix potential buffer overflow in parse_ivrs_acpihid {CVE-2025-37927}\n- drm/vmwgfx: Validate command header size against SVGA_CMD_MAX_DATASIZE {CVE-2025-40277}\n- nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm() {CVE-2025-38724}\n- RDMA/rxe: Fix mr-\u003emap double free {CVE-2022-50543}\n- ipc: fix to protect IPCS lookups using RCU {CVE-2025-38212}\n- vsock/vmci: Clear the vmci transport packet properly when initializing it {CVE-2025-38403}\n- RDMA/rxe: Fix slab-use-after-free Read in rxe_queue_cleanup bug {CVE-2025-38024}\n- drm/sched: Fix potential double free in drm_sched_job_add_resv_dependencies {CVE-2025-40096}\n- HID: usbhid: Eliminate recurrent out-of-bounds bug in usbhid_parse() {CVE-2025-38103}\n- drm/i915: mark requests for GuC virtual engines to avoid use-after-free {CVE-2023-53552}\n- net: atlantic: fix fragment overflow handling in RX path {CVE-2025-68301}\n- net: atm: add lec_mutex {CVE-2025-38323}\n- net: openvswitch: fix nested key length validation in the set() action {CVE-2025-37789}\n- scsi: lpfc: Fix buffer free/clear order in deferred receive path {CVE-2025-39841}\n- jbd2: remove wrong sb-\u003es_sequence check {CVE-2025-37839}\n- tracing: Fix oob write in trace_seq_to_buffer() {CVE-2025-37923}\n- Squashfs: check return result of sb_min_blocksize {CVE-2025-38415}\n- ftrace: Fix UAF when lookup kallsym after ftrace disabled {CVE-2025-38346}\n- tcp: Clear tcp_sk(sk)-\u003efastopen_rsk in tcp_disconnect(). {CVE-2025-39955}\n- wifi: ath9k_htc: Abort software beacon handling if disabled {CVE-2025-38157}\n- atm: Release atm_dev_mutex after removing procfs in atm_dev_deregister(). {CVE-2025-38245}\n- ALSA: usb-audio: Fix out-of-bounds read in snd_usb_get_audioformat_uac3() {CVE-2025-38249}\n- md/raid1: Fix stack memory use after return in raid1_reshape {CVE-2025-38445}\n- atm: clip: Fix infinite recursive call of clip_push(). {CVE-2025-38459}\n- bpf: Avoid __bpf_prog_ret0_warn when jit fails {CVE-2025-38280}\n- vsock: Do not allow binding to VMADDR_PORT_ANY {CVE-2025-38618}\n- fbcon: Make sure modelist not set on unregistered console {CVE-2025-38198}","modified":"2026-05-27T11:33:39.497077388Z","published":"2026-02-02T11:33:56Z","upstream":["CVE-2022-48757","CVE-2022-50543","CVE-2023-52667","CVE-2023-52777","CVE-2023-52796","CVE-2023-52835","CVE-2023-53386","CVE-2023-53513","CVE-2023-53539","CVE-2023-53552","CVE-2023-53673","CVE-2024-26704","CVE-2024-26939","CVE-2024-26974","CVE-2024-26982","CVE-2024-27042","CVE-2024-35855","CVE-2024-35911","CVE-2024-36940","CVE-2024-38627","CVE-2024-41042","CVE-2024-42120","CVE-2024-46815","CVE-2025-37749","CVE-2025-37789","CVE-2025-37823","CVE-2025-37839","CVE-2025-37923","CVE-2025-37927","CVE-2025-38024","CVE-2025-38051","CVE-2025-38103","CVE-2025-38157","CVE-2025-38198","CVE-2025-38212","CVE-2025-38245","CVE-2025-38249","CVE-2025-38280","CVE-2025-38323","CVE-2025-38346","CVE-2025-38403","CVE-2025-38415","CVE-2025-38445","CVE-2025-38459","CVE-2025-38482","CVE-2025-38483","CVE-2025-38529","CVE-2025-38530","CVE-2025-38618","CVE-2025-38724","CVE-2025-39841","CVE-2025-39863","CVE-2025-39883","CVE-2025-39933","CVE-2025-39955","CVE-2025-40096","CVE-2025-40154","CVE-2025-40186","CVE-2025-40240","CVE-2025-40248","CVE-2025-40277","CVE-2025-68285","CVE-2025-68301"],"references":[{"type":"ADVISORY","url":"https://errata.tuxcare.com/els_os/centos-stream8els/CLSA-2026-1770032032.html"}],"affected":[{"package":{"name":"bpftool","ecosystem":"TuxCare:CentOS-Stream:8","purl":"pkg:rpm/tuxcare/bpftool?distro=centos-stream-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.6.1.el8_10.tuxcare.els15"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2026-1770032032.json"}},{"package":{"name":"kernel","ecosystem":"TuxCare:CentOS-Stream:8","purl":"pkg:rpm/tuxcare/kernel?distro=centos-stream-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.6.1.el8_10.tuxcare.els15"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2026-1770032032.json"}},{"package":{"name":"kernel-core","ecosystem":"TuxCare:CentOS-Stream:8","purl":"pkg:rpm/tuxcare/kernel-core?distro=centos-stream-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.6.1.el8_10.tuxcare.els15"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2026-1770032032.json"}},{"package":{"name":"kernel-cross-headers","ecosystem":"TuxCare:CentOS-Stream:8","purl":"pkg:rpm/tuxcare/kernel-cross-headers?distro=centos-stream-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.6.1.el8_10.tuxcare.els15"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2026-1770032032.json"}},{"package":{"name":"kernel-debug","ecosystem":"TuxCare:CentOS-Stream:8","purl":"pkg:rpm/tuxcare/kernel-debug?distro=centos-stream-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.6.1.el8_10.tuxcare.els15"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2026-1770032032.json"}},{"package":{"name":"kernel-debug-core","ecosystem":"TuxCare:CentOS-Stream:8","purl":"pkg:rpm/tuxcare/kernel-debug-core?distro=centos-stream-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.6.1.el8_10.tuxcare.els15"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2026-1770032032.json"}},{"package":{"name":"kernel-debug-devel","ecosystem":"TuxCare:CentOS-Stream:8","purl":"pkg:rpm/tuxcare/kernel-debug-devel?distro=centos-stream-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.6.1.el8_10.tuxcare.els15"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2026-1770032032.json"}},{"package":{"name":"kernel-debug-modules","ecosystem":"TuxCare:CentOS-Stream:8","purl":"pkg:rpm/tuxcare/kernel-debug-modules?distro=centos-stream-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.6.1.el8_10.tuxcare.els15"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2026-1770032032.json"}},{"package":{"name":"kernel-debug-modules-extra","ecosystem":"TuxCare:CentOS-Stream:8","purl":"pkg:rpm/tuxcare/kernel-debug-modules-extra?distro=centos-stream-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.6.1.el8_10.tuxcare.els15"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2026-1770032032.json"}},{"package":{"name":"kernel-debug-modules-internal","ecosystem":"TuxCare:CentOS-Stream:8","purl":"pkg:rpm/tuxcare/kernel-debug-modules-internal?distro=centos-stream-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.6.1.el8_10.tuxcare.els15"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2026-1770032032.json"}},{"package":{"name":"kernel-devel","ecosystem":"TuxCare:CentOS-Stream:8","purl":"pkg:rpm/tuxcare/kernel-devel?distro=centos-stream-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.6.1.el8_10.tuxcare.els15"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2026-1770032032.json"}},{"package":{"name":"kernel-headers","ecosystem":"TuxCare:CentOS-Stream:8","purl":"pkg:rpm/tuxcare/kernel-headers?distro=centos-stream-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.6.1.el8_10.tuxcare.els15"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2026-1770032032.json"}},{"package":{"name":"kernel-ipaclones-internal","ecosystem":"TuxCare:CentOS-Stream:8","purl":"pkg:rpm/tuxcare/kernel-ipaclones-internal?distro=centos-stream-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.6.1.el8_10.tuxcare.els15"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2026-1770032032.json"}},{"package":{"name":"kernel-modules","ecosystem":"TuxCare:CentOS-Stream:8","purl":"pkg:rpm/tuxcare/kernel-modules?distro=centos-stream-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.6.1.el8_10.tuxcare.els15"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2026-1770032032.json"}},{"package":{"name":"kernel-modules-extra","ecosystem":"TuxCare:CentOS-Stream:8","purl":"pkg:rpm/tuxcare/kernel-modules-extra?distro=centos-stream-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.6.1.el8_10.tuxcare.els15"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2026-1770032032.json"}},{"package":{"name":"kernel-modules-internal","ecosystem":"TuxCare:CentOS-Stream:8","purl":"pkg:rpm/tuxcare/kernel-modules-internal?distro=centos-stream-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.6.1.el8_10.tuxcare.els15"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2026-1770032032.json"}},{"package":{"name":"kernel-selftests-internal","ecosystem":"TuxCare:CentOS-Stream:8","purl":"pkg:rpm/tuxcare/kernel-selftests-internal?distro=centos-stream-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.6.1.el8_10.tuxcare.els15"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2026-1770032032.json"}},{"package":{"name":"kernel-tools","ecosystem":"TuxCare:CentOS-Stream:8","purl":"pkg:rpm/tuxcare/kernel-tools?distro=centos-stream-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.6.1.el8_10.tuxcare.els15"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2026-1770032032.json"}},{"package":{"name":"kernel-tools-libs","ecosystem":"TuxCare:CentOS-Stream:8","purl":"pkg:rpm/tuxcare/kernel-tools-libs?distro=centos-stream-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.6.1.el8_10.tuxcare.els15"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2026-1770032032.json"}},{"package":{"name":"kernel-tools-libs-devel","ecosystem":"TuxCare:CentOS-Stream:8","purl":"pkg:rpm/tuxcare/kernel-tools-libs-devel?distro=centos-stream-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.6.1.el8_10.tuxcare.els15"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2026-1770032032.json"}},{"package":{"name":"perf","ecosystem":"TuxCare:CentOS-Stream:8","purl":"pkg:rpm/tuxcare/perf?distro=centos-stream-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.6.1.el8_10.tuxcare.els15"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2026-1770032032.json"}},{"package":{"name":"python3-perf","ecosystem":"TuxCare:CentOS-Stream:8","purl":"pkg:rpm/tuxcare/python3-perf?distro=centos-stream-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-553.6.1.el8_10.tuxcare.els15"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2026-1770032032.json"}}],"schema_version":"1.7.5"}