{ "document": { "aggregate_severity": { "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "TuxCare License Agreement", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Cloud Linux Inc. and provide a link to the original.", "title": "Terms of Use" }, { "category": "details", "text": "net: ch9200: fix uninitialised access during mii_nway_restart {CVE-2025-38086}\n- idpf: fix null-ptr-deref in idpf_features_check {CVE-2025-38053}\n- ftrace: Fix NULL pointer dereference in is_ftrace_trampoline when ftrace is dead {CVE-2022-49977}\n- sched/fair: Fix potential memory corruption in child_cfs_rq_on_list {CVE-2025-21919}\n- wifi: iwlwifi: limit printed string from FW file {CVE-2025-21905}\n- misc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram() {CVE-2022-49788}\n- x86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes {CVE-2025-21991}\n- ext4: ignore xattrs past end {CVE-2025-37738}\n- ext4: fix off-by-one error in do_split {CVE-2025-23150}\n- net: atm: fix use after free in lec_send() {CVE-2025-22004}\n- cifs: potential buffer overflow in handling symlinks {CVE-2022-49058}\n- media: uvcvideo: Remove dangling pointers {CVE-2024-58002}", "title": "Details" } ], "publisher": { "category": "vendor", "contact_details": "https://tuxcare.com/contact/", "name": "TuxCare", "namespace": "https://tuxcare.com/" }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://security.tuxcare.com/csaf/v2/els_os/centos-stream8els/advisories/2025/clsa-2025_1754552669.json" }, { "category": "self", "summary": "https://cve.tuxcare.com/els/releases/CLSA-2025:1754552669", "url": "https://cve.tuxcare.com/els/releases/CLSA-2025:1754552669" } ], "tracking": { "current_release_date": "2025-08-07T07:46:44Z", "generator": { "date": "2025-08-07T07:46:44Z", "engine": { "name": "pyCSAF" } }, "id": "CLSA-2025:1754552669", "initial_release_date": "2025-08-07T07:46:44Z", "revision_history": [ { "date": "2025-08-07T07:46:44Z", "number": "1", "summary": "Initial version" } ], "status": "final", "version": "1" }, "title": "kernel: Fix of 12 CVEs" }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Community Enterprise Operating System 8", "product": { "name": "Community Enterprise Operating System 8", "product_id": "CentOS-Stream-8", "product_identification_helper": { "cpe": "cpe:2.3:o:centos:centos:8:*:*:*:*:*:*:*" } } } ], "category": "product_family", "name": "Community Enterprise Operating System" } ], "category": "vendor", "name": "Red Hat, Inc." }, { "branches": [ { "branches": [ { "category": "product_version", "name": "python3-perf-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "product": { "name": "python3-perf-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "product_id": "python3-perf-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/python3-perf@4.18.0-553.6.1.el8_10.tuxcare.els12?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-modules-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "product": { "name": "kernel-modules-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "product_id": "kernel-modules-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/kernel-modules@4.18.0-553.6.1.el8_10.tuxcare.els12?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "product": { "name": "kernel-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "product_id": "kernel-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/kernel-devel@4.18.0-553.6.1.el8_10.tuxcare.els12?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-debug-modules-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "product": { "name": "kernel-debug-modules-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "product_id": "kernel-debug-modules-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/kernel-debug-modules-internal@4.18.0-553.6.1.el8_10.tuxcare.els12?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-tools-libs-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "product": { "name": "kernel-tools-libs-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "product_id": "kernel-tools-libs-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/kernel-tools-libs@4.18.0-553.6.1.el8_10.tuxcare.els12?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-tools-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "product": { "name": "kernel-tools-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "product_id": "kernel-tools-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/kernel-tools@4.18.0-553.6.1.el8_10.tuxcare.els12?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-tools-libs-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "product": { "name": "kernel-tools-libs-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "product_id": "kernel-tools-libs-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/kernel-tools-libs-devel@4.18.0-553.6.1.el8_10.tuxcare.els12?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-selftests-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "product": { "name": "kernel-selftests-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "product_id": "kernel-selftests-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/kernel-selftests-internal@4.18.0-553.6.1.el8_10.tuxcare.els12?arch=x86_64" } } }, { "category": "product_version", "name": "bpftool-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "product": { "name": "bpftool-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "product_id": "bpftool-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/bpftool@4.18.0-553.6.1.el8_10.tuxcare.els12?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-debug-modules-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "product": { "name": "kernel-debug-modules-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "product_id": "kernel-debug-modules-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/kernel-debug-modules@4.18.0-553.6.1.el8_10.tuxcare.els12?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-core-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "product": { "name": "kernel-core-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "product_id": "kernel-core-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/kernel-core@4.18.0-553.6.1.el8_10.tuxcare.els12?arch=x86_64" } } }, { "category": "product_version", "name": "perf-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "product": { "name": "perf-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "product_id": "perf-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/perf@4.18.0-553.6.1.el8_10.tuxcare.els12?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-ipaclones-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "product": { "name": "kernel-ipaclones-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "product_id": "kernel-ipaclones-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/kernel-ipaclones-internal@4.18.0-553.6.1.el8_10.tuxcare.els12?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-debug-core-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "product": { "name": "kernel-debug-core-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "product_id": "kernel-debug-core-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/kernel-debug-core@4.18.0-553.6.1.el8_10.tuxcare.els12?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-cross-headers-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "product": { "name": "kernel-cross-headers-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "product_id": "kernel-cross-headers-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/kernel-cross-headers@4.18.0-553.6.1.el8_10.tuxcare.els12?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "product": { "name": "kernel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "product_id": "kernel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/kernel@4.18.0-553.6.1.el8_10.tuxcare.els12?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-debug-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "product": { "name": "kernel-debug-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "product_id": "kernel-debug-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/kernel-debug-devel@4.18.0-553.6.1.el8_10.tuxcare.els12?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-debug-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "product": { "name": "kernel-debug-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "product_id": "kernel-debug-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/kernel-debug@4.18.0-553.6.1.el8_10.tuxcare.els12?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-headers-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "product": { "name": "kernel-headers-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "product_id": "kernel-headers-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/kernel-headers@4.18.0-553.6.1.el8_10.tuxcare.els12?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-debug-modules-extra-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "product": { "name": "kernel-debug-modules-extra-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "product_id": "kernel-debug-modules-extra-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/kernel-debug-modules-extra@4.18.0-553.6.1.el8_10.tuxcare.els12?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-modules-extra-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "product": { "name": "kernel-modules-extra-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "product_id": "kernel-modules-extra-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/kernel-modules-extra@4.18.0-553.6.1.el8_10.tuxcare.els12?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-modules-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "product": { "name": "kernel-modules-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "product_id": "kernel-modules-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/kernel-modules-internal@4.18.0-553.6.1.el8_10.tuxcare.els12?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" } ], "category": "vendor", "name": "TuxCare" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "python3-perf-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64 as a component of Community Enterprise Operating System 8", "product_id": "CentOS-Stream-8:python3-perf-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64" }, "product_reference": "python3-perf-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "relates_to_product_reference": "CentOS-Stream-8" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-modules-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64 as a component of Community Enterprise Operating System 8", "product_id": "CentOS-Stream-8:kernel-modules-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64" }, "product_reference": "kernel-modules-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "relates_to_product_reference": "CentOS-Stream-8" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64 as a component of Community Enterprise Operating System 8", "product_id": "CentOS-Stream-8:kernel-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64" }, "product_reference": "kernel-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "relates_to_product_reference": "CentOS-Stream-8" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-modules-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64 as a component of Community Enterprise Operating System 8", "product_id": "CentOS-Stream-8:kernel-debug-modules-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64" }, "product_reference": "kernel-debug-modules-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "relates_to_product_reference": "CentOS-Stream-8" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-libs-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64 as a component of Community Enterprise Operating System 8", "product_id": "CentOS-Stream-8:kernel-tools-libs-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64" }, "product_reference": "kernel-tools-libs-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "relates_to_product_reference": "CentOS-Stream-8" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64 as a component of Community Enterprise Operating System 8", "product_id": "CentOS-Stream-8:kernel-tools-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64" }, "product_reference": "kernel-tools-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "relates_to_product_reference": "CentOS-Stream-8" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-libs-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64 as a component of Community Enterprise Operating System 8", "product_id": "CentOS-Stream-8:kernel-tools-libs-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64" }, "product_reference": "kernel-tools-libs-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "relates_to_product_reference": "CentOS-Stream-8" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-selftests-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64 as a component of Community Enterprise Operating System 8", "product_id": "CentOS-Stream-8:kernel-selftests-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64" }, "product_reference": "kernel-selftests-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "relates_to_product_reference": "CentOS-Stream-8" }, { "category": "default_component_of", "full_product_name": { "name": "bpftool-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64 as a component of Community Enterprise Operating System 8", "product_id": "CentOS-Stream-8:bpftool-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64" }, "product_reference": "bpftool-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "relates_to_product_reference": "CentOS-Stream-8" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-modules-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64 as a component of Community Enterprise Operating System 8", "product_id": "CentOS-Stream-8:kernel-debug-modules-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64" }, "product_reference": "kernel-debug-modules-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "relates_to_product_reference": "CentOS-Stream-8" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-core-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64 as a component of Community Enterprise Operating System 8", "product_id": "CentOS-Stream-8:kernel-core-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64" }, "product_reference": "kernel-core-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "relates_to_product_reference": "CentOS-Stream-8" }, { "category": "default_component_of", "full_product_name": { "name": "perf-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64 as a component of Community Enterprise Operating System 8", "product_id": "CentOS-Stream-8:perf-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64" }, "product_reference": "perf-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "relates_to_product_reference": "CentOS-Stream-8" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-ipaclones-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64 as a component of Community Enterprise Operating System 8", "product_id": "CentOS-Stream-8:kernel-ipaclones-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64" }, "product_reference": "kernel-ipaclones-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "relates_to_product_reference": "CentOS-Stream-8" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-core-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64 as a component of Community Enterprise Operating System 8", "product_id": "CentOS-Stream-8:kernel-debug-core-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64" }, "product_reference": "kernel-debug-core-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "relates_to_product_reference": "CentOS-Stream-8" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-cross-headers-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64 as a component of Community Enterprise Operating System 8", "product_id": "CentOS-Stream-8:kernel-cross-headers-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64" }, "product_reference": "kernel-cross-headers-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "relates_to_product_reference": "CentOS-Stream-8" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64 as a component of Community Enterprise Operating System 8", "product_id": "CentOS-Stream-8:kernel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64" }, "product_reference": "kernel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "relates_to_product_reference": "CentOS-Stream-8" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64 as a component of Community Enterprise Operating System 8", "product_id": "CentOS-Stream-8:kernel-debug-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64" }, "product_reference": "kernel-debug-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "relates_to_product_reference": "CentOS-Stream-8" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64 as a component of Community Enterprise Operating System 8", "product_id": "CentOS-Stream-8:kernel-debug-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64" }, "product_reference": "kernel-debug-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "relates_to_product_reference": "CentOS-Stream-8" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-headers-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64 as a component of Community Enterprise Operating System 8", "product_id": "CentOS-Stream-8:kernel-headers-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64" }, "product_reference": "kernel-headers-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "relates_to_product_reference": "CentOS-Stream-8" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-modules-extra-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64 as a component of Community Enterprise Operating System 8", "product_id": "CentOS-Stream-8:kernel-debug-modules-extra-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64" }, "product_reference": "kernel-debug-modules-extra-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "relates_to_product_reference": "CentOS-Stream-8" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-modules-extra-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64 as a component of Community Enterprise Operating System 8", "product_id": "CentOS-Stream-8:kernel-modules-extra-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64" }, "product_reference": "kernel-modules-extra-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "relates_to_product_reference": "CentOS-Stream-8" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-modules-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64 as a component of Community Enterprise Operating System 8", "product_id": "CentOS-Stream-8:kernel-modules-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64" }, "product_reference": "kernel-modules-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "relates_to_product_reference": "CentOS-Stream-8" } ] }, "vulnerabilities": [ { "cve": "CVE-2022-49977", "cwe": { "id": "CWE-763", "name": "Release of Invalid Pointer or Reference" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\nftrace: Fix NULL pointer dereference in is_ftrace_trampoline when ftrace is dead\nftrace_startup does not remove ops from ftrace_ops_list when\nftrace_startup_enable fails:\nregister_ftrace_function\nftrace_startup\n__register_ftrace_function\n...\nadd_ftrace_ops(&ftrace_ops_list, ops)\n...\n...\nftrace_startup_enable // if ftrace failed to modify, ftrace_disabled is set to 1\n...\nreturn 0 // ops is in the ftrace_ops_list.\nWhen ftrace_disabled = 1, unregister_ftrace_function simply returns without doing anything:\nunregister_ftrace_function\nftrace_shutdown\nif (unlikely(ftrace_disabled))\nreturn -ENODEV; // return here, __unregister_ftrace_function is not executed,\n// as a result, ops is still in the ftrace_ops_list\n__unregister_ftrace_function\n...\nIf ops is dynamically allocated, it will be free later, in this case,\nis_ftrace_trampoline accesses NULL pointer:\nis_ftrace_trampoline\nftrace_ops_trampoline\ndo_for_each_ftrace_op(op, ftrace_ops_list) // OOPS! op may be NULL!\nSyzkaller reports as follows:\n[ 1203.506103] BUG: kernel NULL pointer dereference, address: 000000000000010b\n[ 1203.508039] #PF: supervisor read access in kernel mode\n[ 1203.508798] #PF: error_code(0x0000) - not-present page\n[ 1203.509558] PGD 800000011660b067 P4D 800000011660b067 PUD 130fb8067 PMD 0\n[ 1203.510560] Oops: 0000 [#1] SMP KASAN PTI\n[ 1203.511189] CPU: 6 PID: 29532 Comm: syz-executor.2 Tainted: G B W 5.10.0 #8\n[ 1203.512324] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014\n[ 1203.513895] RIP: 0010:is_ftrace_trampoline+0x26/0xb0\n[ 1203.514644] Code: ff eb d3 90 41 55 41 54 49 89 fc 55 53 e8 f2 00 fd ff 48 8b 1d 3b 35 5d 03 e8 e6 00 fd ff 48 8d bb 90 00 00 00 e8 2a 81 26 00 <48> 8b ab 90 00 00 00 48 85 ed 74 1d e8 c9 00 fd ff 48 8d bb 98 00\n[ 1203.518838] RSP: 0018:ffffc900012cf960 EFLAGS: 00010246\n[ 1203.520092] RAX: 0000000000000000 RBX: 000000000000007b RCX: ffffffff8a331866\n[ 1203.521469] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 000000000000010b\n[ 1203.522583] RBP: 0000000000000000 R08: 0000000000000000 R09: ffffffff8df18b07\n[ 1203.523550] R10: fffffbfff1be3160 R11: 0000000000000001 R12: 0000000000478399\n[ 1203.524596] R13: 0000000000000000 R14: ffff888145088000 R15: 0000000000000008\n[ 1203.525634] FS: 00007f429f5f4700(0000) GS:ffff8881daf00000(0000) knlGS:0000000000000000\n[ 1203.526801] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 1203.527626] CR2: 000000000000010b CR3: 0000000170e1e001 CR4: 00000000003706e0\n[ 1203.528611] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 1203.529605] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nTherefore, when ftrace_startup_enable fails, we need to rollback registration\nprocess and remove ops from ftrace_ops_list.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CentOS-Stream-8:python3-perf-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-modules-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-modules-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-tools-libs-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-tools-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-tools-libs-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-selftests-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:bpftool-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-modules-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-core-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:perf-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-ipaclones-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-core-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-cross-headers-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-headers-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-modules-extra-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-modules-extra-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-modules-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-49977" } ], "release_date": "2025-06-18T00:00:00", "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CentOS-Stream-8:python3-perf-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-modules-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-modules-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-tools-libs-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-tools-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-tools-libs-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-selftests-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:bpftool-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-modules-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-core-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:perf-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-ipaclones-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-core-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-cross-headers-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-headers-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-modules-extra-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-modules-extra-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-modules-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64" ] } ], "threats": [ { "category": "impact", "details": "High" } ] }, { "cve": "CVE-2025-23150", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\next4: fix off-by-one error in do_split\nSyzkaller detected a use-after-free issue in ext4_insert_dentry that was\ncaused by out-of-bounds access due to incorrect splitting in do_split.\nBUG: KASAN: use-after-free in ext4_insert_dentry+0x36a/0x6d0 fs/ext4/namei.c:2109\nWrite of size 251 at addr ffff888074572f14 by task syz-executor335/5847\nCPU: 0 UID: 0 PID: 5847 Comm: syz-executor335 Not tainted 6.12.0-rc6-syzkaller-00318-ga9cda7c0ffed #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024\nCall Trace:\n\n__dump_stack lib/dump_stack.c:94 [inline]\ndump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\nprint_address_description mm/kasan/report.c:377 [inline]\nprint_report+0x169/0x550 mm/kasan/report.c:488\nkasan_report+0x143/0x180 mm/kasan/report.c:601\nkasan_check_range+0x282/0x290 mm/kasan/generic.c:189\n__asan_memcpy+0x40/0x70 mm/kasan/shadow.c:106\next4_insert_dentry+0x36a/0x6d0 fs/ext4/namei.c:2109\nadd_dirent_to_buf+0x3d9/0x750 fs/ext4/namei.c:2154\nmake_indexed_dir+0xf98/0x1600 fs/ext4/namei.c:2351\next4_add_entry+0x222a/0x25d0 fs/ext4/namei.c:2455\next4_add_nondir+0x8d/0x290 fs/ext4/namei.c:2796\next4_symlink+0x920/0xb50 fs/ext4/namei.c:3431\nvfs_symlink+0x137/0x2e0 fs/namei.c:4615\ndo_symlinkat+0x222/0x3a0 fs/namei.c:4641\n__do_sys_symlink fs/namei.c:4662 [inline]\n__se_sys_symlink fs/namei.c:4660 [inline]\n__x64_sys_symlink+0x7a/0x90 fs/namei.c:4660\ndo_syscall_x64 arch/x86/entry/common.c:52 [inline]\ndo_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\nentry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nThe following loop is located right above 'if' statement.\nfor (i = count-1; i >= 0; i--) {\n/* is more than half of this entry in 2nd half of the block? */\nif (size + map[i].size/2 > blocksize/2)\nbreak;\nsize += map[i].size;\nmove++;\n}\n'i' in this case could go down to -1, in which case sum of active entries\nwouldn't exceed half the block size, but previous behaviour would also do\nsplit in half if sum would exceed at the very last block, which in case of\nhaving too many long name files in a single block could lead to\nout-of-bounds access and following use-after-free.\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CentOS-Stream-8:python3-perf-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-modules-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-modules-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-tools-libs-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-tools-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-tools-libs-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-selftests-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:bpftool-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-modules-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-core-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:perf-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-ipaclones-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-core-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-cross-headers-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-headers-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-modules-extra-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-modules-extra-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-modules-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-23150" } ], "release_date": "2025-05-01T00:00:00", "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "CentOS-Stream-8:python3-perf-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-modules-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-modules-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-tools-libs-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-tools-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-tools-libs-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-selftests-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:bpftool-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-modules-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-core-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:perf-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-ipaclones-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-core-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-cross-headers-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-headers-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-modules-extra-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-modules-extra-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-modules-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64" ] } ], "threats": [ { "category": "impact", "details": "High" } ] }, { "cve": "CVE-2025-21991", "cwe": { "id": "CWE-129", "name": "Improper Validation of Array Index" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes\n\nCurrently, load_microcode_amd() iterates over all NUMA nodes, retrieves their\nCPU masks and unconditionally accesses per-CPU data for the first CPU of each\nmask.\n\nAccording to Documentation/admin-guide/mm/numaperf.rst:\n\n \"Some memory may share the same node as a CPU, and others are provided as\n memory only nodes.\"\n\nTherefore, some node CPU masks may be empty and wouldn't have a \"first CPU\".\n\nOn a machine with far memory (and therefore CPU-less NUMA nodes):\n- cpumask_of_node(nid) is 0\n- cpumask_first(0) is CONFIG_NR_CPUS\n- cpu_data(CONFIG_NR_CPUS) accesses the cpu_info per-CPU array at an\n index that is 1 out of bounds\n\nThis does not have any security implications since flashing microcode is\na privileged operation but I believe this has reliability implications by\npotentially corrupting memory while flashing a microcode update.\n\nWhen booting with CONFIG_UBSAN_BOUNDS=y on an AMD machine that flashes\na microcode update. I get the following splat:\n\n UBSAN: array-index-out-of-bounds in arch/x86/kernel/cpu/microcode/amd.c:X:Y\n index 512 is out of range for type 'unsigned long[512]'\n [...]\n Call Trace:\n dump_stack\n __ubsan_handle_out_of_bounds\n load_microcode_amd\n request_microcode_amd\n reload_store\n kernfs_fop_write_iter\n vfs_write\n ksys_write\n do_syscall_64\n entry_SYSCALL_64_after_hwframe\n\nChange the loop to go over only NUMA nodes which have CPUs before determining\nwhether the first CPU on the respective node needs microcode update.\n\n [ bp: Massage commit message, fix typo. ]", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CentOS-Stream-8:python3-perf-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-modules-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-modules-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-tools-libs-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-tools-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-tools-libs-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-selftests-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:bpftool-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-modules-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-core-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:perf-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-ipaclones-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-core-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-cross-headers-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-headers-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-modules-extra-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-modules-extra-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-modules-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-21991" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/18b5d857c6496b78ead2fd10001b81ae32d30cac", "url": "https://git.kernel.org/stable/c/18b5d857c6496b78ead2fd10001b81ae32d30cac" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/488ffc0cac38f203979f83634236ee53251ce593", "url": "https://git.kernel.org/stable/c/488ffc0cac38f203979f83634236ee53251ce593" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/5ac295dfccb5b015493f86694fa13a0dde4d3665", "url": "https://git.kernel.org/stable/c/5ac295dfccb5b015493f86694fa13a0dde4d3665" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/985a536e04bbfffb1770df43c6470f635a6b1073", "url": "https://git.kernel.org/stable/c/985a536e04bbfffb1770df43c6470f635a6b1073" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/d509c4731090ebd9bbdb72c70a2d70003ae81f4f", "url": "https://git.kernel.org/stable/c/d509c4731090ebd9bbdb72c70a2d70003ae81f4f" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/e3e89178a9f4a80092578af3ff3c8478f9187d59", "url": "https://git.kernel.org/stable/c/e3e89178a9f4a80092578af3ff3c8478f9187d59" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/e686349cc19e800dac8971929089ba5ff59abfb0", "url": "https://git.kernel.org/stable/c/e686349cc19e800dac8971929089ba5ff59abfb0" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/ec52240622c4d218d0240079b7c1d3ec2328a9f4", "url": "https://git.kernel.org/stable/c/ec52240622c4d218d0240079b7c1d3ec2328a9f4" } ], "release_date": "2025-04-02T13:15:00", "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CentOS-Stream-8:python3-perf-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-modules-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-modules-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-tools-libs-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-tools-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-tools-libs-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-selftests-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:bpftool-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-modules-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-core-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:perf-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-ipaclones-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-core-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-cross-headers-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-headers-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-modules-extra-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-modules-extra-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-modules-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64" ] } ], "threats": [ { "category": "impact", "details": "High" } ] }, { "cve": "CVE-2025-38086", "cwe": { "id": "CWE-908", "name": "Use of Uninitialized Resource" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\nnet: ch9200: fix uninitialised access during mii_nway_restart\nIn mii_nway_restart() the code attempts to call\nmii->mdio_read which is ch9200_mdio_read(). ch9200_mdio_read()\nutilises a local buffer called \"buff\", which is initialised\nwith control_read(). However \"buff\" is conditionally\ninitialised inside control_read():\nif (err == size) {\nmemcpy(data, buf, size);\n}\nIf the condition of \"err == size\" is not met, then\n\"buff\" remains uninitialised. Once this happens the\nuninitialised \"buff\" is accessed and returned during\nch9200_mdio_read():\nreturn (buff[0] | buff[1] << 8);\nThe problem stems from the fact that ch9200_mdio_read()\nignores the return value of control_read(), leading to\nuinit-access of \"buff\".\nTo fix this we should check the return value of\ncontrol_read() and return early on error.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CentOS-Stream-8:python3-perf-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-modules-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-modules-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-tools-libs-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-tools-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-tools-libs-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-selftests-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:bpftool-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-modules-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-core-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:perf-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-ipaclones-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-core-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-cross-headers-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-headers-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-modules-extra-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-modules-extra-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-modules-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-38086" } ], "release_date": "2025-06-28T00:00:00", "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CentOS-Stream-8:python3-perf-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-modules-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-modules-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-tools-libs-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-tools-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-tools-libs-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-selftests-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:bpftool-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-modules-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-core-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:perf-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-ipaclones-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-core-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-cross-headers-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-headers-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-modules-extra-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-modules-extra-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-modules-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64" ] } ], "threats": [ { "category": "impact", "details": "High" } ] }, { "cve": "CVE-2022-49788", "cwe": { "id": "CWE-401", "name": "Missing Release of Memory after Effective Lifetime" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\nmisc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram()\n`struct vmci_event_qp` allocated by qp_notify_peer() contains padding,\nwhich may carry uninitialized data to the userspace, as observed by\nKMSAN:\nBUG: KMSAN: kernel-infoleak in instrument_copy_to_user ./include/linux/instrumented.h:121\ninstrument_copy_to_user ./include/linux/instrumented.h:121\n_copy_to_user+0x5f/0xb0 lib/usercopy.c:33\ncopy_to_user ./include/linux/uaccess.h:169\nvmci_host_do_receive_datagram drivers/misc/vmw_vmci/vmci_host.c:431\nvmci_host_unlocked_ioctl+0x33d/0x43d0 drivers/misc/vmw_vmci/vmci_host.c:925\nvfs_ioctl fs/ioctl.c:51\n...\nUninit was stored to memory at:\nkmemdup+0x74/0xb0 mm/util.c:131\ndg_dispatch_as_host drivers/misc/vmw_vmci/vmci_datagram.c:271\nvmci_datagram_dispatch+0x4f8/0xfc0 drivers/misc/vmw_vmci/vmci_datagram.c:339\nqp_notify_peer+0x19a/0x290 drivers/misc/vmw_vmci/vmci_queue_pair.c:1479\nqp_broker_attach drivers/misc/vmw_vmci/vmci_queue_pair.c:1662\nqp_broker_alloc+0x2977/0x2f30 drivers/misc/vmw_vmci/vmci_queue_pair.c:1750\nvmci_qp_broker_alloc+0x96/0xd0 drivers/misc/vmw_vmci/vmci_queue_pair.c:1940\nvmci_host_do_alloc_queuepair drivers/misc/vmw_vmci/vmci_host.c:488\nvmci_host_unlocked_ioctl+0x24fd/0x43d0 drivers/misc/vmw_vmci/vmci_host.c:927\n...\nLocal variable ev created at:\nqp_notify_peer+0x54/0x290 drivers/misc/vmw_vmci/vmci_queue_pair.c:1456\nqp_broker_attach drivers/misc/vmw_vmci/vmci_queue_pair.c:1662\nqp_broker_alloc+0x2977/0x2f30 drivers/misc/vmw_vmci/vmci_queue_pair.c:1750\nBytes 28-31 of 48 are uninitialized\nMemory access of size 48 starts at ffff888035155e00\nData copied to user address 0000000020000100\nUse memset() to prevent the infoleaks.\nAlso speculatively fix qp_notify_peer_local(), which may suffer from the\nsame problem.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CentOS-Stream-8:python3-perf-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-modules-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-modules-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-tools-libs-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-tools-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-tools-libs-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-selftests-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:bpftool-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-modules-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-core-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:perf-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-ipaclones-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-core-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-cross-headers-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-headers-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-modules-extra-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-modules-extra-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-modules-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-49788" } ], "release_date": "2025-05-01T00:00:00", "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "CentOS-Stream-8:python3-perf-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-modules-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-modules-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-tools-libs-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-tools-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-tools-libs-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-selftests-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:bpftool-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-modules-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-core-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:perf-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-ipaclones-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-core-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-cross-headers-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-headers-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-modules-extra-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-modules-extra-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-modules-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64" ] } ], "threats": [ { "category": "impact", "details": "High" } ] }, { "cve": "CVE-2025-37738", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\next4: ignore xattrs past end\nOnce inside 'ext4_xattr_inode_dec_ref_all' we should\nignore xattrs entries past the 'end' entry.\nThis fixes the following KASAN reported issue:\n==================================================================\nBUG: KASAN: slab-use-after-free in ext4_xattr_inode_dec_ref_all+0xb8c/0xe90\nRead of size 4 at addr ffff888012c120c4 by task repro/2065\nCPU: 1 UID: 0 PID: 2065 Comm: repro Not tainted 6.13.0-rc2+ #11\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014\nCall Trace:\n\ndump_stack_lvl+0x1fd/0x300\n? tcp_gro_dev_warn+0x260/0x260\n? _printk+0xc0/0x100\n? read_lock_is_recursive+0x10/0x10\n? irq_work_queue+0x72/0xf0\n? __virt_addr_valid+0x17b/0x4b0\nprint_address_description+0x78/0x390\nprint_report+0x107/0x1f0\n? __virt_addr_valid+0x17b/0x4b0\n? __virt_addr_valid+0x3ff/0x4b0\n? __phys_addr+0xb5/0x160\n? ext4_xattr_inode_dec_ref_all+0xb8c/0xe90\nkasan_report+0xcc/0x100\n? ext4_xattr_inode_dec_ref_all+0xb8c/0xe90\next4_xattr_inode_dec_ref_all+0xb8c/0xe90\n? ext4_xattr_delete_inode+0xd30/0xd30\n? __ext4_journal_ensure_credits+0x5f0/0x5f0\n? __ext4_journal_ensure_credits+0x2b/0x5f0\n? inode_update_timestamps+0x410/0x410\next4_xattr_delete_inode+0xb64/0xd30\n? ext4_truncate+0xb70/0xdc0\n? ext4_expand_extra_isize_ea+0x1d20/0x1d20\n? __ext4_mark_inode_dirty+0x670/0x670\n? ext4_journal_check_start+0x16f/0x240\n? ext4_inode_is_fast_symlink+0x2f2/0x3a0\next4_evict_inode+0xc8c/0xff0\n? ext4_inode_is_fast_symlink+0x3a0/0x3a0\n? do_raw_spin_unlock+0x53/0x8a0\n? ext4_inode_is_fast_symlink+0x3a0/0x3a0\nevict+0x4ac/0x950\n? proc_nr_inodes+0x310/0x310\n? trace_ext4_drop_inode+0xa2/0x220\n? _raw_spin_unlock+0x1a/0x30\n? iput+0x4cb/0x7e0\ndo_unlinkat+0x495/0x7c0\n? try_break_deleg+0x120/0x120\n? 0xffffffff81000000\n? __check_object_size+0x15a/0x210\n? strncpy_from_user+0x13e/0x250\n? getname_flags+0x1dc/0x530\n__x64_sys_unlinkat+0xc8/0xf0\ndo_syscall_64+0x65/0x110\nentry_SYSCALL_64_after_hwframe+0x67/0x6f\nRIP: 0033:0x434ffd\nCode: 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 8\nRSP: 002b:00007ffc50fa7b28 EFLAGS: 00000246 ORIG_RAX: 0000000000000107\nRAX: ffffffffffffffda RBX: 00007ffc50fa7e18 RCX: 0000000000434ffd\nRDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000005\nRBP: 00007ffc50fa7be0 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001\nR13: 00007ffc50fa7e08 R14: 00000000004bbf30 R15: 0000000000000001\n\nThe buggy address belongs to the object at ffff888012c12000\nwhich belongs to the cache filp of size 360\nThe buggy address is located 196 bytes inside of\nfreed 360-byte region [ffff888012c12000, ffff888012c12168)\nThe buggy address belongs to the physical page:\npage: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x12c12\nhead: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0\nflags: 0x40(head|node=0|zone=0)\npage_type: f5(slab)\nraw: 0000000000000040 ffff888000ad7640 ffffea0000497a00 dead000000000004\nraw: 0000000000000000 0000000000100010 00000001f5000000 0000000000000000\nhead: 0000000000000040 ffff888000ad7640 ffffea0000497a00 dead000000000004\nhead: 0000000000000000 0000000000100010 00000001f5000000 0000000000000000\nhead: 0000000000000001 ffffea00004b0481 ffffffffffffffff 0000000000000000\nhead: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000\npage dumped because: kasan: bad access detected\nMemory state around the buggy address:\nffff888012c11f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\nffff888012c12000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n> ffff888012c12080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n^\nffff888012c12100: fb fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc\nffff888012c12180: fc fc fc fc fc fc fc fc fc\n---truncated---", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CentOS-Stream-8:python3-perf-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-modules-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-modules-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-tools-libs-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-tools-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-tools-libs-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-selftests-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:bpftool-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-modules-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-core-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:perf-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-ipaclones-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-core-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-cross-headers-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-headers-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-modules-extra-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-modules-extra-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-modules-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-37738" } ], "release_date": "2025-05-01T00:00:00", "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "CentOS-Stream-8:python3-perf-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-modules-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-modules-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-tools-libs-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-tools-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-tools-libs-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-selftests-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:bpftool-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-modules-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-core-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:perf-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-ipaclones-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-core-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-cross-headers-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-headers-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-modules-extra-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-modules-extra-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-modules-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64" ] } ], "threats": [ { "category": "impact", "details": "High" } ] }, { "cve": "CVE-2025-22004", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\nnet: atm: fix use after free in lec_send()\nThe ->send() operation frees skb so save the length before calling\n->send() to avoid a use after free.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CentOS-Stream-8:python3-perf-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-modules-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-modules-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-tools-libs-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-tools-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-tools-libs-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-selftests-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:bpftool-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-modules-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-core-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:perf-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-ipaclones-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-core-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-cross-headers-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-headers-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-modules-extra-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-modules-extra-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-modules-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-22004" } ], "release_date": "2025-04-03T00:00:00", "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CentOS-Stream-8:python3-perf-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-modules-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-modules-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-tools-libs-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-tools-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-tools-libs-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-selftests-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:bpftool-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-modules-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-core-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:perf-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-ipaclones-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-core-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-cross-headers-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-headers-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-modules-extra-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-modules-extra-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-modules-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64" ] } ], "threats": [ { "category": "impact", "details": "High" } ] }, { "cve": "CVE-2024-58002", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: uvcvideo: Remove dangling pointers\n\nWhen an async control is written, we copy a pointer to the file handle\nthat started the operation. That pointer will be used when the device is\ndone. Which could be anytime in the future.\n\nIf the user closes that file descriptor, its structure will be freed,\nand there will be one dangling pointer per pending async control, that\nthe driver will try to use.\n\nClean all the dangling pointers during release().\n\nTo avoid adding a performance penalty in the most common case (no async\noperation), a counter has been introduced with some logic to make sure\nthat it is properly handled.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CentOS-Stream-8:python3-perf-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-modules-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-modules-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-tools-libs-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-tools-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-tools-libs-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-selftests-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:bpftool-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-modules-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-core-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:perf-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-ipaclones-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-core-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-cross-headers-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-headers-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-modules-extra-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-modules-extra-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-modules-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2024-58002" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/117f7a2975baa4b7d702d3f4830d5a4ebd0c6d50", "url": "https://git.kernel.org/stable/c/117f7a2975baa4b7d702d3f4830d5a4ebd0c6d50" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/221cd51efe4565501a3dbf04cc011b537dcce7fb", "url": "https://git.kernel.org/stable/c/221cd51efe4565501a3dbf04cc011b537dcce7fb" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/2a29413ace64627e178fd422dd8a5d95219a2c0b", "url": "https://git.kernel.org/stable/c/2a29413ace64627e178fd422dd8a5d95219a2c0b" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/438bda062b2c40ddd7df23b932e29ffe0a448cac", "url": "https://git.kernel.org/stable/c/438bda062b2c40ddd7df23b932e29ffe0a448cac" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/4dbaa738c583a0e947803c69e8996e88cf98d971", "url": "https://git.kernel.org/stable/c/4dbaa738c583a0e947803c69e8996e88cf98d971" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/653993f46861f2971e95e9a0e36a34b49dec542c", "url": "https://git.kernel.org/stable/c/653993f46861f2971e95e9a0e36a34b49dec542c" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/9edc7d25f7e49c33a1ce7a5ffadea2222065516c", "url": "https://git.kernel.org/stable/c/9edc7d25f7e49c33a1ce7a5ffadea2222065516c" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/ac18d781466252cd35a3e311e0a4b264260fd927", "url": "https://git.kernel.org/stable/c/ac18d781466252cd35a3e311e0a4b264260fd927" } ], "release_date": "2025-02-27T03:15:00", "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CentOS-Stream-8:python3-perf-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-modules-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-modules-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-tools-libs-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-tools-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-tools-libs-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-selftests-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:bpftool-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-modules-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-core-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:perf-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-ipaclones-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-core-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-cross-headers-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-headers-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-modules-extra-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-modules-extra-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-modules-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64" ] } ], "threats": [ { "category": "impact", "details": "High" } ] }, { "cve": "CVE-2025-38053", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\nidpf: fix null-ptr-deref in idpf_features_check\nidpf_features_check is used to validate the TX packet. skb header\nlength is compared with the hardware supported value received from\nthe device control plane. The value is stored in the adapter structure\nand to access it, vport pointer is used. During reset all the vports\nare released and the vport pointer that the netdev private structure\npoints to is NULL.\nTo avoid null-ptr-deref, store the max header length value in netdev\nprivate structure. This also helps to cache the value and avoid\naccessing adapter pointer in hot path.\nBUG: kernel NULL pointer dereference, address: 0000000000000068\n...\nRIP: 0010:idpf_features_check+0x6d/0xe0 [idpf]\nCall Trace:\n\n? __die+0x23/0x70\n? page_fault_oops+0x154/0x520\n? exc_page_fault+0x76/0x190\n? asm_exc_page_fault+0x26/0x30\n? idpf_features_check+0x6d/0xe0 [idpf]\nnetif_skb_features+0x88/0x310\nvalidate_xmit_skb+0x2a/0x2b0\nvalidate_xmit_skb_list+0x4c/0x70\nsch_direct_xmit+0x19d/0x3a0\n__dev_queue_xmit+0xb74/0xe70\n...", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CentOS-Stream-8:python3-perf-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-modules-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-modules-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-tools-libs-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-tools-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-tools-libs-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-selftests-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:bpftool-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-modules-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-core-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:perf-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-ipaclones-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-core-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-cross-headers-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-headers-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-modules-extra-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-modules-extra-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-modules-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-38053" } ], "release_date": "2025-06-18T00:00:00", "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CentOS-Stream-8:python3-perf-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-modules-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-modules-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-tools-libs-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-tools-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-tools-libs-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-selftests-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:bpftool-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-modules-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-core-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:perf-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-ipaclones-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-core-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-cross-headers-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-headers-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-modules-extra-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-modules-extra-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-modules-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Medium" } ] }, { "cve": "CVE-2025-21919", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched/fair: Fix potential memory corruption in child_cfs_rq_on_list\n\nchild_cfs_rq_on_list attempts to convert a 'prev' pointer to a cfs_rq.\nThis 'prev' pointer can originate from struct rq's leaf_cfs_rq_list,\nmaking the conversion invalid and potentially leading to memory\ncorruption. Depending on the relative positions of leaf_cfs_rq_list and\nthe task group (tg) pointer within the struct, this can cause a memory\nfault or access garbage data.\n\nThe issue arises in list_add_leaf_cfs_rq, where both\ncfs_rq->leaf_cfs_rq_list and rq->leaf_cfs_rq_list are added to the same\nleaf list. Also, rq->tmp_alone_branch can be set to rq->leaf_cfs_rq_list.\n\nThis adds a check `if (prev == &rq->leaf_cfs_rq_list)` after the main\nconditional in child_cfs_rq_on_list. This ensures that the container_of\noperation will convert a correct cfs_rq struct.\n\nThis check is sufficient because only cfs_rqs on the same CPU are added\nto the list, so verifying the 'prev' pointer against the current rq's list\nhead is enough.\n\nFixes a potential memory corruption issue that due to current struct\nlayout might not be manifesting as a crash but could lead to unpredictable\nbehavior when the layout changes.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CentOS-Stream-8:python3-perf-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-modules-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-modules-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-tools-libs-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-tools-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-tools-libs-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-selftests-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:bpftool-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-modules-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-core-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:perf-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-ipaclones-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-core-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-cross-headers-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-headers-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-modules-extra-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-modules-extra-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-modules-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-21919" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/000c9ee43928f2ce68a156dd40bab7616256f4dd", "url": "https://git.kernel.org/stable/c/000c9ee43928f2ce68a156dd40bab7616256f4dd" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/3b4035ddbfc8e4521f85569998a7569668cccf51", "url": "https://git.kernel.org/stable/c/3b4035ddbfc8e4521f85569998a7569668cccf51" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/5cb300dcdd27e6a351ac02541e0231261c775852", "url": "https://git.kernel.org/stable/c/5cb300dcdd27e6a351ac02541e0231261c775852" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/9cc7f0018609f75a349e42e3aebc3b0e905ba775", "url": "https://git.kernel.org/stable/c/9cc7f0018609f75a349e42e3aebc3b0e905ba775" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/b5741e4b9ef3567613b2351384f91d3f16e59986", "url": "https://git.kernel.org/stable/c/b5741e4b9ef3567613b2351384f91d3f16e59986" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/e1dd09df30ba86716cb2ffab97dc35195c01eb8f", "url": "https://git.kernel.org/stable/c/e1dd09df30ba86716cb2ffab97dc35195c01eb8f" } ], "release_date": "2025-04-01T16:15:00", "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CentOS-Stream-8:python3-perf-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-modules-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-modules-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-tools-libs-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-tools-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-tools-libs-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-selftests-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:bpftool-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-modules-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-core-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:perf-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-ipaclones-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-core-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-cross-headers-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-headers-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-modules-extra-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-modules-extra-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-modules-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64" ] } ], "threats": [ { "category": "impact", "details": "High" } ] }, { "cve": "CVE-2025-21905", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: limit printed string from FW file\n\nThere's no guarantee here that the file is always with a\nNUL-termination, so reading the string may read beyond the\nend of the TLV. If that's the last TLV in the file, it can\nperhaps even read beyond the end of the file buffer.\n\nFix that by limiting the print format to the size of the\nbuffer we have.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CentOS-Stream-8:python3-perf-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-modules-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-modules-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-tools-libs-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-tools-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-tools-libs-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-selftests-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:bpftool-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-modules-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-core-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:perf-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-ipaclones-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-core-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-cross-headers-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-headers-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-modules-extra-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-modules-extra-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-modules-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-21905" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/38f0d398b6d7640d223db69df022c4a232f24774", "url": "https://git.kernel.org/stable/c/38f0d398b6d7640d223db69df022c4a232f24774" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/47616b82f2d42ea2060334746fed9a2988d845c9", "url": "https://git.kernel.org/stable/c/47616b82f2d42ea2060334746fed9a2988d845c9" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/59cdda202829d1d6a095d233386870a59aff986f", "url": "https://git.kernel.org/stable/c/59cdda202829d1d6a095d233386870a59aff986f" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/88ed69f924638c7503644e1f8eed1e976f3ffa7a", "url": "https://git.kernel.org/stable/c/88ed69f924638c7503644e1f8eed1e976f3ffa7a" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/b02f8d5a71c8571ccf77f285737c566db73ef5e5", "url": "https://git.kernel.org/stable/c/b02f8d5a71c8571ccf77f285737c566db73ef5e5" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c0e626f2b2390472afac52dfe72b29daf9ed8e1d", "url": "https://git.kernel.org/stable/c/c0e626f2b2390472afac52dfe72b29daf9ed8e1d" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/e0dc2c1bef722cbf16ae557690861e5f91208129", "url": "https://git.kernel.org/stable/c/e0dc2c1bef722cbf16ae557690861e5f91208129" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/f265e6031d0bc4fc40c4619cb42466722b46eaa9", "url": "https://git.kernel.org/stable/c/f265e6031d0bc4fc40c4619cb42466722b46eaa9" } ], "release_date": "2025-04-01T16:15:00", "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "CentOS-Stream-8:python3-perf-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-modules-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-modules-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-tools-libs-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-tools-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-tools-libs-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-selftests-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:bpftool-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-modules-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-core-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:perf-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-ipaclones-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-core-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-cross-headers-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-headers-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-modules-extra-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-modules-extra-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-modules-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64" ] } ], "threats": [ { "category": "impact", "details": "High" } ] }, { "cve": "CVE-2022-49058", "cwe": { "id": "CWE-120", "name": "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: potential buffer overflow in handling symlinks\n\nSmatch printed a warning:\n\tarch/x86/crypto/poly1305_glue.c:198 poly1305_update_arch() error:\n\t__memcpy() 'dctx->buf' too small (16 vs u32max)\n\nIt's caused because Smatch marks 'link_len' as untrusted since it comes\nfrom sscanf(). Add a check to ensure that 'link_len' is not larger than\nthe size of the 'link_str' buffer.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CentOS-Stream-8:python3-perf-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-modules-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-modules-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-tools-libs-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-tools-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-tools-libs-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-selftests-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:bpftool-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-modules-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-core-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:perf-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-ipaclones-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-core-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-cross-headers-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-headers-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-modules-extra-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-modules-extra-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-modules-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-49058" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/1316c28569a80ab3596eeab05bf5e01991e7e739", "url": "https://git.kernel.org/stable/c/1316c28569a80ab3596eeab05bf5e01991e7e739" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/22d658c6c5affed10c8907e67160cef0b6c92186", "url": "https://git.kernel.org/stable/c/22d658c6c5affed10c8907e67160cef0b6c92186" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/3e582749e742e662a8e9bb37cffac62dccaaa1e2", "url": "https://git.kernel.org/stable/c/3e582749e742e662a8e9bb37cffac62dccaaa1e2" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/4e166a41180be2f1e66bbb6d46448e80a9a5ec05", "url": "https://git.kernel.org/stable/c/4e166a41180be2f1e66bbb6d46448e80a9a5ec05" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/515e7ba11ef043d6febe69389949c8ef5f25e9d0", "url": "https://git.kernel.org/stable/c/515e7ba11ef043d6febe69389949c8ef5f25e9d0" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/64c4a37ac04eeb43c42d272f6e6c8c12bfcf4304", "url": "https://git.kernel.org/stable/c/64c4a37ac04eeb43c42d272f6e6c8c12bfcf4304" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/9901b07ba42b39266b34a888e48d7306fd707bee", "url": "https://git.kernel.org/stable/c/9901b07ba42b39266b34a888e48d7306fd707bee" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/eb5f51756944735ac70cd8bb38637cc202e29c91", "url": "https://git.kernel.org/stable/c/eb5f51756944735ac70cd8bb38637cc202e29c91" } ], "release_date": "2025-02-26T07:00:00", "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CentOS-Stream-8:python3-perf-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-modules-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-modules-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-tools-libs-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-tools-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-tools-libs-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-selftests-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:bpftool-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-modules-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-core-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:perf-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-ipaclones-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-core-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-cross-headers-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-devel-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-headers-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-debug-modules-extra-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-modules-extra-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64", "CentOS-Stream-8:kernel-modules-internal-0:4.18.0-553.6.1.el8_10.tuxcare.els12.x86_64" ] } ], "threats": [ { "category": "impact", "details": "High" } ] } ] }