{ "document": { "aggregate_severity": { "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "TuxCare License Agreement", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Cloud Linux Inc. and provide a link to the original.", "title": "Terms of Use" }, { "category": "details", "text": "ext4: fix OOB read when checking dotdot dir {CVE-2025-37785}\n- iscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic() {CVE-2025-21993}\n- media: uvcvideo: Fix double free in error path {CVE-2024-57980}\n- jffs2: Prevent rtime decompress memory corruption {CVE-2024-57850}\n- wifi: iwlegacy: Clear stale interrupts before resuming device {CVE-2024-50234}\n- udf: fix uninit-value use in udf_get_fileshortad {CVE-2024-50143}\n- wifi: brcmfmac: Check the count value of channel spec to prevent out-of-bounds reads {CVE-2022-49740}\n- ubifs: Fix read out-of-bounds in ubifs_wbuf_write_nolock() {CVE-2021-47636}\n- kvm: avoid speculation-based attacks from out-of-range memslot accesses {CVE-2021-47277}\n- scsi: scsi_debug: Fix out-of-bound read in resp_report_tgtpgs() {CVE-2021-47219}\n- ALSA: emu10k1: Fix out of bounds access in snd_emu10k1_pcm_channel_alloc() {CVE-2022-48702}\n- ALSA: usb-audio: Fix an out-of-bounds bug in __snd_usb_parse_audio_interface() {CVE-2022-48701}", "title": "Details" } ], "publisher": { "category": "vendor", "contact_details": "https://tuxcare.com/contact/", "name": "TuxCare", "namespace": "https://tuxcare.com/" }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://security.tuxcare.com/csaf/v2/els_os/centos6els/advisories/2025/clsa-2025_1748366748.json" }, { "category": "self", "summary": "https://cve.tuxcare.com/els/releases/CLSA-2025:1748366748", "url": "https://cve.tuxcare.com/els/releases/CLSA-2025:1748366748" } ], "tracking": { "current_release_date": "2025-06-09T14:39:23Z", "generator": { "date": "2025-06-09T14:39:23Z", "engine": { "name": "pyCSAF" } }, "id": "CLSA-2025:1748366748", "initial_release_date": "2025-05-27T17:25:50Z", "revision_history": [ { "date": "2025-05-27T17:25:50Z", "number": "1", "summary": "Initial version" }, { "date": "2025-06-09T14:39:23Z", "number": "2", "summary": "Official Publication" } ], "status": "final", "version": "2" }, "title": "kernel: Fix of 12 CVEs" }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Community Enterprise Operating System 6", "product": { "name": "Community Enterprise Operating System 6", "product_id": "CentOS-6", "product_identification_helper": { "cpe": "cpe:2.3:o:centos:centos:6:*:*:*:*:*:*:*" } } } ], "category": "product_family", "name": "Community Enterprise Operating System" } ], "category": "vendor", "name": "Red Hat, Inc." }, { "branches": [ { "branches": [ { "category": "product_version", "name": "kernel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "product": { "name": "kernel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "product_id": "kernel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/kernel@2.6.32-754.35.8.el6.tuxcare.els22?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-debug-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "product": { "name": "kernel-debug-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "product_id": "kernel-debug-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/kernel-debug@2.6.32-754.35.8.el6.tuxcare.els22?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "product": { "name": "kernel-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "product_id": "kernel-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/kernel-devel@2.6.32-754.35.8.el6.tuxcare.els22?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "product": { "name": "kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "product_id": "kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/kernel-debug-devel@2.6.32-754.35.8.el6.tuxcare.els22?arch=x86_64" } } }, { "category": "product_version", "name": "python-perf-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "product": { "name": "python-perf-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "product_id": "python-perf-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/python-perf@2.6.32-754.35.8.el6.tuxcare.els22?arch=x86_64" } } }, { "category": "product_version", "name": "perf-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "product": { "name": "perf-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "product_id": "perf-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/perf@2.6.32-754.35.8.el6.tuxcare.els22?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-headers-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "product": { "name": "kernel-headers-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "product_id": "kernel-headers-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/kernel-headers@2.6.32-754.35.8.el6.tuxcare.els22?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "kernel-abi-whitelists-0:2.6.32-754.35.8.el6.tuxcare.els22.noarch", "product": { "name": "kernel-abi-whitelists-0:2.6.32-754.35.8.el6.tuxcare.els22.noarch", "product_id": "kernel-abi-whitelists-0:2.6.32-754.35.8.el6.tuxcare.els22.noarch", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/kernel-abi-whitelists@2.6.32-754.35.8.el6.tuxcare.els22?arch=noarch" } } }, { "category": "product_version", "name": "kernel-firmware-0:2.6.32-754.35.8.el6.tuxcare.els22.noarch", "product": { "name": "kernel-firmware-0:2.6.32-754.35.8.el6.tuxcare.els22.noarch", "product_id": "kernel-firmware-0:2.6.32-754.35.8.el6.tuxcare.els22.noarch", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/kernel-firmware@2.6.32-754.35.8.el6.tuxcare.els22?arch=noarch" } } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.i686", "product": { "name": "kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.i686", "product_id": "kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.i686", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/kernel-debug-devel@2.6.32-754.35.8.el6.tuxcare.els22?arch=i686" } } } ], "category": "architecture", "name": "i686" } ], "category": "vendor", "name": "CloudLinux" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "kernel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64 as a component of Community Enterprise Operating System 6", "product_id": "CentOS-6:kernel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64" }, "product_reference": "kernel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "relates_to_product_reference": "CentOS-6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-abi-whitelists-0:2.6.32-754.35.8.el6.tuxcare.els22.noarch as a component of Community Enterprise Operating System 6", "product_id": "CentOS-6:kernel-abi-whitelists-0:2.6.32-754.35.8.el6.tuxcare.els22.noarch" }, "product_reference": "kernel-abi-whitelists-0:2.6.32-754.35.8.el6.tuxcare.els22.noarch", "relates_to_product_reference": "CentOS-6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64 as a component of Community Enterprise Operating System 6", "product_id": "CentOS-6:kernel-debug-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64" }, "product_reference": "kernel-debug-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "relates_to_product_reference": "CentOS-6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64 as a component of Community Enterprise Operating System 6", "product_id": "CentOS-6:kernel-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64" }, "product_reference": "kernel-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "relates_to_product_reference": "CentOS-6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.i686 as a component of Community Enterprise Operating System 6", "product_id": "CentOS-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.i686" }, "product_reference": "kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.i686", "relates_to_product_reference": "CentOS-6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64 as a component of Community Enterprise Operating System 6", "product_id": "CentOS-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64" }, "product_reference": "kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "relates_to_product_reference": "CentOS-6" }, { "category": "default_component_of", "full_product_name": { "name": "python-perf-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64 as a component of Community Enterprise Operating System 6", "product_id": "CentOS-6:python-perf-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64" }, "product_reference": "python-perf-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "relates_to_product_reference": "CentOS-6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-firmware-0:2.6.32-754.35.8.el6.tuxcare.els22.noarch as a component of Community Enterprise Operating System 6", "product_id": "CentOS-6:kernel-firmware-0:2.6.32-754.35.8.el6.tuxcare.els22.noarch" }, "product_reference": "kernel-firmware-0:2.6.32-754.35.8.el6.tuxcare.els22.noarch", "relates_to_product_reference": "CentOS-6" }, { "category": "default_component_of", "full_product_name": { "name": "perf-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64 as a component of Community Enterprise Operating System 6", "product_id": "CentOS-6:perf-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64" }, "product_reference": "perf-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "relates_to_product_reference": "CentOS-6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-headers-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64 as a component of Community Enterprise Operating System 6", "product_id": "CentOS-6:kernel-headers-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64" }, "product_reference": "kernel-headers-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "relates_to_product_reference": "CentOS-6" } ] }, "vulnerabilities": [ { "cve": "CVE-2024-57850", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\njffs2: Prevent rtime decompress memory corruption\n\nThe rtime decompression routine does not fully check bounds during the\nentirety of the decompression pass and can corrupt memory outside the\ndecompression buffer if the compressed data is corrupted. This adds the\nrequired check to prevent this failure mode.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CentOS-6:kernel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-abi-whitelists-0:2.6.32-754.35.8.el6.tuxcare.els22.noarch", "CentOS-6:kernel-debug-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.i686", "CentOS-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:python-perf-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-firmware-0:2.6.32-754.35.8.el6.tuxcare.els22.noarch", "CentOS-6:perf-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-headers-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2024-57850" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/421f9e9f0fae9f8e721ffa07f22d9765fa1214d5", "url": "https://git.kernel.org/stable/c/421f9e9f0fae9f8e721ffa07f22d9765fa1214d5" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/47c9a7f81027a78afea9d2e9a54bfd8fabb6b3d0", "url": "https://git.kernel.org/stable/c/47c9a7f81027a78afea9d2e9a54bfd8fabb6b3d0" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/6808a1812a3419542223e7fe9e2de577e99e45d1", "url": "https://git.kernel.org/stable/c/6808a1812a3419542223e7fe9e2de577e99e45d1" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/bd384b04ad1995441b18fe6c1366d02de8c5d5eb", "url": "https://git.kernel.org/stable/c/bd384b04ad1995441b18fe6c1366d02de8c5d5eb" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/dc39b08fcc3831b0bc46add91ba93cd2aab50716", "url": "https://git.kernel.org/stable/c/dc39b08fcc3831b0bc46add91ba93cd2aab50716" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/f6fc251baefc3cdc4f41f2f5a47940d7d4a67332", "url": "https://git.kernel.org/stable/c/f6fc251baefc3cdc4f41f2f5a47940d7d4a67332" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/fe051552f5078fa02d593847529a3884305a6ffe", "url": "https://git.kernel.org/stable/c/fe051552f5078fa02d593847529a3884305a6ffe" } ], "release_date": "2025-01-11T15:15:00", "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CentOS-6:kernel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-abi-whitelists-0:2.6.32-754.35.8.el6.tuxcare.els22.noarch", "CentOS-6:kernel-debug-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.i686", "CentOS-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:python-perf-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-firmware-0:2.6.32-754.35.8.el6.tuxcare.els22.noarch", "CentOS-6:perf-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-headers-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64" ] } ], "threats": [ { "category": "impact", "details": "High" } ] }, { "cve": "CVE-2021-47636", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nubifs: Fix read out-of-bounds in ubifs_wbuf_write_nolock()\n\nFunction ubifs_wbuf_write_nolock() may access buf out of bounds in\nfollowing process:\n\nubifs_wbuf_write_nolock():\n aligned_len = ALIGN(len, 8); // Assume len = 4089, aligned_len = 4096\n if (aligned_len <= wbuf->avail) ... // Not satisfy\n if (wbuf->used) {\n ubifs_leb_write() // Fill some data in avail wbuf\n len -= wbuf->avail; // len is still not 8-bytes aligned\n aligned_len -= wbuf->avail;\n }\n n = aligned_len >> c->max_write_shift;\n if (n) {\n n <<= c->max_write_shift;\n err = ubifs_leb_write(c, wbuf->lnum, buf + written,\n wbuf->offs, n);\n // n > len, read out of bounds less than 8(n-len) bytes\n }\n\n, which can be catched by KASAN:\n =========================================================\n BUG: KASAN: slab-out-of-bounds in ecc_sw_hamming_calculate+0x1dc/0x7d0\n Read of size 4 at addr ffff888105594ff8 by task kworker/u8:4/128\n Workqueue: writeback wb_workfn (flush-ubifs_0_0)\n Call Trace:\n kasan_report.cold+0x81/0x165\n nand_write_page_swecc+0xa9/0x160\n ubifs_leb_write+0xf2/0x1b0 [ubifs]\n ubifs_wbuf_write_nolock+0x421/0x12c0 [ubifs]\n write_head+0xdc/0x1c0 [ubifs]\n ubifs_jnl_write_inode+0x627/0x960 [ubifs]\n wb_workfn+0x8af/0xb80\n\nFunction ubifs_wbuf_write_nolock() accepts that parameter 'len' is not 8\nbytes aligned, the 'len' represents the true length of buf (which is\nallocated in 'ubifs_jnl_xxx', eg. ubifs_jnl_write_inode), so\nubifs_wbuf_write_nolock() must handle the length read from 'buf' carefully\nto write leb safely.\n\nFetch a reproducer in [Link].", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CentOS-6:kernel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-abi-whitelists-0:2.6.32-754.35.8.el6.tuxcare.els22.noarch", "CentOS-6:kernel-debug-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.i686", "CentOS-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:python-perf-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-firmware-0:2.6.32-754.35.8.el6.tuxcare.els22.noarch", "CentOS-6:perf-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-headers-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2021-47636" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/07a209fadee7b53b46858538e1177597273862e4", "url": "https://git.kernel.org/stable/c/07a209fadee7b53b46858538e1177597273862e4" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/3b7fb89135a20587d57f8877c02e25003e9edbdf", "url": "https://git.kernel.org/stable/c/3b7fb89135a20587d57f8877c02e25003e9edbdf" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/4f2262a334641e05f645364d5ade1f565c85f20b", "url": "https://git.kernel.org/stable/c/4f2262a334641e05f645364d5ade1f565c85f20b" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/5343575aa11c5d7044107d59d43f84aec01312b0", "url": "https://git.kernel.org/stable/c/5343575aa11c5d7044107d59d43f84aec01312b0" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a7054aaf1909cf40489c0ec1b728fdcf79c751a6", "url": "https://git.kernel.org/stable/c/a7054aaf1909cf40489c0ec1b728fdcf79c751a6" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/b80ccbec0e4804436c382d7dd60e943c386ed83a", "url": "https://git.kernel.org/stable/c/b80ccbec0e4804436c382d7dd60e943c386ed83a" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/e09fa5318d51f522e1af4fbaf8f74999355980c8", "url": "https://git.kernel.org/stable/c/e09fa5318d51f522e1af4fbaf8f74999355980c8" } ], "release_date": "2025-02-26T06:37:00", "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "CentOS-6:kernel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-abi-whitelists-0:2.6.32-754.35.8.el6.tuxcare.els22.noarch", "CentOS-6:kernel-debug-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.i686", "CentOS-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:python-perf-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-firmware-0:2.6.32-754.35.8.el6.tuxcare.els22.noarch", "CentOS-6:perf-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-headers-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64" ] } ], "threats": [ { "category": "impact", "details": "High" } ] }, { "cve": "CVE-2024-50143", "cwe": { "id": "CWE-908", "name": "Use of Uninitialized Resource" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nudf: fix uninit-value use in udf_get_fileshortad\n\nCheck for overflow when computing alen in udf_current_aext to mitigate\nlater uninit-value use in udf_get_fileshortad KMSAN bug[1].\nAfter applying the patch reproducer did not trigger any issue[2].\n\n[1] https://syzkaller.appspot.com/bug?extid=8901c4560b7ab5c2f9df\n[2] https://syzkaller.appspot.com/x/log.txt?x=10242227980000", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CentOS-6:kernel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-abi-whitelists-0:2.6.32-754.35.8.el6.tuxcare.els22.noarch", "CentOS-6:kernel-debug-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.i686", "CentOS-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:python-perf-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-firmware-0:2.6.32-754.35.8.el6.tuxcare.els22.noarch", "CentOS-6:perf-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-headers-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2024-50143" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/1ac49babc952f48d82676979b20885e480e69be8", "url": "https://git.kernel.org/stable/c/1ac49babc952f48d82676979b20885e480e69be8" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/264db9d666ad9a35075cc9ed9ec09d021580fbb1", "url": "https://git.kernel.org/stable/c/264db9d666ad9a35075cc9ed9ec09d021580fbb1" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/417bd613bdbe791549f7687bb1b9b8012ff111c2", "url": "https://git.kernel.org/stable/c/417bd613bdbe791549f7687bb1b9b8012ff111c2" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/4fc0d8660e391dcd8dde23c44d702be1f6846c61", "url": "https://git.kernel.org/stable/c/4fc0d8660e391dcd8dde23c44d702be1f6846c61" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/5eb76fb98b3335aa5cca6a7db2e659561c79c32b", "url": "https://git.kernel.org/stable/c/5eb76fb98b3335aa5cca6a7db2e659561c79c32b" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/72e445df65a0aa9066c6fe2b8736ba2fcca6dac7", "url": "https://git.kernel.org/stable/c/72e445df65a0aa9066c6fe2b8736ba2fcca6dac7" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/e52e0b92ed31dc62afbda15c243dcee0bb5bb58d", "url": "https://git.kernel.org/stable/c/e52e0b92ed31dc62afbda15c243dcee0bb5bb58d" } ], "release_date": "2024-11-07T10:15:00", "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CentOS-6:kernel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-abi-whitelists-0:2.6.32-754.35.8.el6.tuxcare.els22.noarch", "CentOS-6:kernel-debug-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.i686", "CentOS-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:python-perf-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-firmware-0:2.6.32-754.35.8.el6.tuxcare.els22.noarch", "CentOS-6:perf-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-headers-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64" ] } ], "threats": [ { "category": "impact", "details": "High" } ] }, { "cve": "CVE-2022-48701", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: usb-audio: Fix an out-of-bounds bug in __snd_usb_parse_audio_interface()\n\nThere may be a bad USB audio device with a USB ID of (0x04fa, 0x4201) and\nthe number of it's interfaces less than 4, an out-of-bounds read bug occurs\nwhen parsing the interface descriptor for this device.\n\nFix this by checking the number of interfaces.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CentOS-6:kernel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-abi-whitelists-0:2.6.32-754.35.8.el6.tuxcare.els22.noarch", "CentOS-6:kernel-debug-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.i686", "CentOS-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:python-perf-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-firmware-0:2.6.32-754.35.8.el6.tuxcare.els22.noarch", "CentOS-6:perf-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-headers-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-48701" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/0492798bf8dfcc09c9337a1ba065da1d1ca68712", "url": "https://git.kernel.org/stable/c/0492798bf8dfcc09c9337a1ba065da1d1ca68712" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/2a308e415d247a23d4d64c964c02e782eede2936", "url": "https://git.kernel.org/stable/c/2a308e415d247a23d4d64c964c02e782eede2936" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/6123bec8480d23369e2ee0b2208611619f269faf", "url": "https://git.kernel.org/stable/c/6123bec8480d23369e2ee0b2208611619f269faf" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/8293e61bbf908b18ff9935238d4fc2ad359e3fe0", "url": "https://git.kernel.org/stable/c/8293e61bbf908b18ff9935238d4fc2ad359e3fe0" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/91904870370fd986c29719846ed76d559de43251", "url": "https://git.kernel.org/stable/c/91904870370fd986c29719846ed76d559de43251" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/98e8e67395cc6d0cdf3a771f86ea42d0ee6e59dd", "url": "https://git.kernel.org/stable/c/98e8e67395cc6d0cdf3a771f86ea42d0ee6e59dd" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/b970518014f2f0f6c493fb86c1e092b936899061", "url": "https://git.kernel.org/stable/c/b970518014f2f0f6c493fb86c1e092b936899061" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/e53f47f6c1a56d2af728909f1cb894da6b43d9bf", "url": "https://git.kernel.org/stable/c/e53f47f6c1a56d2af728909f1cb894da6b43d9bf" } ], "release_date": "2024-05-03T16:15:00", "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "CentOS-6:kernel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-abi-whitelists-0:2.6.32-754.35.8.el6.tuxcare.els22.noarch", "CentOS-6:kernel-debug-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.i686", "CentOS-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:python-perf-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-firmware-0:2.6.32-754.35.8.el6.tuxcare.els22.noarch", "CentOS-6:perf-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-headers-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64" ] } ], "threats": [ { "category": "impact", "details": "High" } ] }, { "cve": "CVE-2024-50234", "cwe": { "id": "CWE-367", "name": "Time-of-check Time-of-use (TOCTOU) Race Condition" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlegacy: Clear stale interrupts before resuming device\n\niwl4965 fails upon resume from hibernation on my laptop. The reason\nseems to be a stale interrupt which isn't being cleared out before\ninterrupts are enabled. We end up with a race beween the resume\ntrying to bring things back up, and the restart work (queued form\nthe interrupt handler) trying to bring things down. Eventually\nthe whole thing blows up.\n\nFix the problem by clearing out any stale interrupts before\ninterrupts get enabled during resume.\n\nHere's a debug log of the indicent:\n[ 12.042589] ieee80211 phy0: il_isr ISR inta 0x00000080, enabled 0xaa00008b, fh 0x00000000\n[ 12.042625] ieee80211 phy0: il4965_irq_tasklet inta 0x00000080, enabled 0x00000000, fh 0x00000000\n[ 12.042651] iwl4965 0000:10:00.0: RF_KILL bit toggled to enable radio.\n[ 12.042653] iwl4965 0000:10:00.0: On demand firmware reload\n[ 12.042690] ieee80211 phy0: il4965_irq_tasklet End inta 0x00000000, enabled 0xaa00008b, fh 0x00000000, flags 0x00000282\n[ 12.052207] ieee80211 phy0: il4965_mac_start enter\n[ 12.052212] ieee80211 phy0: il_prep_station Add STA to driver ID 31: ff:ff:ff:ff:ff:ff\n[ 12.052244] ieee80211 phy0: il4965_set_hw_ready hardware ready\n[ 12.052324] ieee80211 phy0: il_apm_init Init card's basic functions\n[ 12.052348] ieee80211 phy0: il_apm_init L1 Enabled; Disabling L0S\n[ 12.055727] ieee80211 phy0: il4965_load_bsm Begin load bsm\n[ 12.056140] ieee80211 phy0: il4965_verify_bsm Begin verify bsm\n[ 12.058642] ieee80211 phy0: il4965_verify_bsm BSM bootstrap uCode image OK\n[ 12.058721] ieee80211 phy0: il4965_load_bsm BSM write complete, poll 1 iterations\n[ 12.058734] ieee80211 phy0: __il4965_up iwl4965 is coming up\n[ 12.058737] ieee80211 phy0: il4965_mac_start Start UP work done.\n[ 12.058757] ieee80211 phy0: __il4965_down iwl4965 is going down\n[ 12.058761] ieee80211 phy0: il_scan_cancel_timeout Scan cancel timeout\n[ 12.058762] ieee80211 phy0: il_do_scan_abort Not performing scan to abort\n[ 12.058765] ieee80211 phy0: il_clear_ucode_stations Clearing ucode stations in driver\n[ 12.058767] ieee80211 phy0: il_clear_ucode_stations No active stations found to be cleared\n[ 12.058819] ieee80211 phy0: _il_apm_stop Stop card, put in low power state\n[ 12.058827] ieee80211 phy0: _il_apm_stop_master stop master\n[ 12.058864] ieee80211 phy0: il4965_clear_free_frames 0 frames on pre-allocated heap on clear.\n[ 12.058869] ieee80211 phy0: Hardware restart was requested\n[ 16.132299] iwl4965 0000:10:00.0: START_ALIVE timeout after 4000ms.\n[ 16.132303] ------------[ cut here ]------------\n[ 16.132304] Hardware became unavailable upon resume. This could be a software issue prior to suspend or a hardware issue.\n[ 16.132338] WARNING: CPU: 0 PID: 181 at net/mac80211/util.c:1826 ieee80211_reconfig+0x8f/0x14b0 [mac80211]\n[ 16.132390] Modules linked in: ctr ccm sch_fq_codel xt_tcpudp xt_multiport xt_state iptable_filter iptable_nat nf_nat nf_conntrack nf_defrag_ipv4 ip_tables x_tables binfmt_misc joydev mousedev btusb btrtl btintel btbcm bluetooth ecdh_generic ecc iTCO_wdt i2c_dev iwl4965 iwlegacy coretemp snd_hda_codec_analog pcspkr psmouse mac80211 snd_hda_codec_generic libarc4 sdhci_pci cqhci sha256_generic sdhci libsha256 firewire_ohci snd_hda_intel snd_intel_dspcfg mmc_core snd_hda_codec snd_hwdep firewire_core led_class iosf_mbi snd_hda_core uhci_hcd lpc_ich crc_itu_t cfg80211 ehci_pci ehci_hcd snd_pcm usbcore mfd_core rfkill snd_timer snd usb_common soundcore video parport_pc parport intel_agp wmi intel_gtt backlight e1000e agpgart evdev\n[ 16.132456] CPU: 0 UID: 0 PID: 181 Comm: kworker/u8:6 Not tainted 6.11.0-cl+ #143\n[ 16.132460] Hardware name: Hewlett-Packard HP Compaq 6910p/30BE, BIOS 68MCU Ver. F.19 07/06/2010\n[ 16.132463] Workqueue: async async_run_entry_fn\n[ 16.132469] RIP: 0010:ieee80211_reconfig+0x8f/0x14b0 [mac80211]\n[ 16.132501] Code: da 02 00 0\n---truncated---", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CentOS-6:kernel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-abi-whitelists-0:2.6.32-754.35.8.el6.tuxcare.els22.noarch", "CentOS-6:kernel-debug-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.i686", "CentOS-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:python-perf-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-firmware-0:2.6.32-754.35.8.el6.tuxcare.els22.noarch", "CentOS-6:perf-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-headers-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2024-50234" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/07c90acb071b9954e1fecb1e4f4f13d12c544b34", "url": "https://git.kernel.org/stable/c/07c90acb071b9954e1fecb1e4f4f13d12c544b34" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/23f9cef17ee315777dbe88d5c11ff6166e4d0699", "url": "https://git.kernel.org/stable/c/23f9cef17ee315777dbe88d5c11ff6166e4d0699" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/271d282ecc15d7012e71ca82c89a6c0e13a063dd", "url": "https://git.kernel.org/stable/c/271d282ecc15d7012e71ca82c89a6c0e13a063dd" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/8ac22fe1e2b104c37e4fecd97735f64bd6349ebc", "url": "https://git.kernel.org/stable/c/8ac22fe1e2b104c37e4fecd97735f64bd6349ebc" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/8af8294d369a871cdbcdbb4d13b87d2d6e490a1f", "url": "https://git.kernel.org/stable/c/8af8294d369a871cdbcdbb4d13b87d2d6e490a1f" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/9d89941e51259c2b0b8e9c10c6f1f74200d7444f", "url": "https://git.kernel.org/stable/c/9d89941e51259c2b0b8e9c10c6f1f74200d7444f" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/cedf0f1db8d5f3524339c2c6e35a8505b0f1ab73", "url": "https://git.kernel.org/stable/c/cedf0f1db8d5f3524339c2c6e35a8505b0f1ab73" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/d0231f43df473e2f80372d0ca150eb3619932ef9", "url": "https://git.kernel.org/stable/c/d0231f43df473e2f80372d0ca150eb3619932ef9" } ], "release_date": "2024-11-09T11:15:00", "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CentOS-6:kernel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-abi-whitelists-0:2.6.32-754.35.8.el6.tuxcare.els22.noarch", "CentOS-6:kernel-debug-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.i686", "CentOS-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:python-perf-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-firmware-0:2.6.32-754.35.8.el6.tuxcare.els22.noarch", "CentOS-6:perf-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-headers-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64" ] } ], "threats": [ { "category": "impact", "details": "High" } ] }, { "cve": "CVE-2024-57980", "cwe": { "id": "CWE-415", "name": "Double Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: uvcvideo: Fix double free in error path\n\nIf the uvc_status_init() function fails to allocate the int_urb, it will\nfree the dev->status pointer but doesn't reset the pointer to NULL. This\nresults in the kfree() call in uvc_status_cleanup() trying to\ndouble-free the memory. Fix it by resetting the dev->status pointer to\nNULL after freeing it.\n\nReviewed by: Ricardo Ribalda ", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CentOS-6:kernel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-abi-whitelists-0:2.6.32-754.35.8.el6.tuxcare.els22.noarch", "CentOS-6:kernel-debug-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.i686", "CentOS-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:python-perf-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-firmware-0:2.6.32-754.35.8.el6.tuxcare.els22.noarch", "CentOS-6:perf-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-headers-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2024-57980" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/3ba8884a56a3eb97c22f0ce0e4dd410d4ca4c277", "url": "https://git.kernel.org/stable/c/3ba8884a56a3eb97c22f0ce0e4dd410d4ca4c277" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/6c36dcd662ec5276782838660f8533a7cb26be49", "url": "https://git.kernel.org/stable/c/6c36dcd662ec5276782838660f8533a7cb26be49" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/87522ef165e5b6de8ef98cc318f3335166a1512c", "url": "https://git.kernel.org/stable/c/87522ef165e5b6de8ef98cc318f3335166a1512c" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/9232719ac9ce4d5c213cebda23d72aec3e1c4c0d", "url": "https://git.kernel.org/stable/c/9232719ac9ce4d5c213cebda23d72aec3e1c4c0d" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c6ef3a7fa97ec823a1e1af9085cf13db9f7b3bac", "url": "https://git.kernel.org/stable/c/c6ef3a7fa97ec823a1e1af9085cf13db9f7b3bac" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/d1f8e69eec91d5a75ef079778a5d0151db2a7f22", "url": "https://git.kernel.org/stable/c/d1f8e69eec91d5a75ef079778a5d0151db2a7f22" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/d6e5ba2516c5bef87c1fcb8189b6f3cad7c64b2d", "url": "https://git.kernel.org/stable/c/d6e5ba2516c5bef87c1fcb8189b6f3cad7c64b2d" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/d8e63dd7b6683969d3d47c7b8e9635f96d554ad4", "url": "https://git.kernel.org/stable/c/d8e63dd7b6683969d3d47c7b8e9635f96d554ad4" } ], "release_date": "2025-02-27T02:15:00", "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CentOS-6:kernel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-abi-whitelists-0:2.6.32-754.35.8.el6.tuxcare.els22.noarch", "CentOS-6:kernel-debug-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.i686", "CentOS-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:python-perf-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-firmware-0:2.6.32-754.35.8.el6.tuxcare.els22.noarch", "CentOS-6:perf-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-headers-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64" ] } ], "threats": [ { "category": "impact", "details": "High" } ] }, { "cve": "CVE-2022-48702", "cwe": { "id": "CWE-129", "name": "Improper Validation of Array Index" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: emu10k1: Fix out of bounds access in snd_emu10k1_pcm_channel_alloc()\n\nThe voice allocator sometimes begins allocating from near the end of the\narray and then wraps around, however snd_emu10k1_pcm_channel_alloc()\naccesses the newly allocated voices as if it never wrapped around.\n\nThis results in out of bounds access if the first voice has a high enough\nindex so that first_voice + requested_voice_count > NUM_G (64).\nThe more voices are requested, the more likely it is for this to occur.\n\nThis was initially discovered using PipeWire, however it can be reproduced\nby calling aplay multiple times with 16 channels:\naplay -r 48000 -D plughw:CARD=Live,DEV=3 -c 16 /dev/zero\n\nUBSAN: array-index-out-of-bounds in sound/pci/emu10k1/emupcm.c:127:40\nindex 65 is out of range for type 'snd_emu10k1_voice [64]'\nCPU: 1 PID: 31977 Comm: aplay Tainted: G W IOE 6.0.0-rc2-emu10k1+ #7\nHardware name: ASUSTEK COMPUTER INC P5W DH Deluxe/P5W DH Deluxe, BIOS 3002 07/22/2010\nCall Trace:\n\ndump_stack_lvl+0x49/0x63\ndump_stack+0x10/0x16\nubsan_epilogue+0x9/0x3f\n__ubsan_handle_out_of_bounds.cold+0x44/0x49\nsnd_emu10k1_playback_hw_params+0x3bc/0x420 [snd_emu10k1]\nsnd_pcm_hw_params+0x29f/0x600 [snd_pcm]\nsnd_pcm_common_ioctl+0x188/0x1410 [snd_pcm]\n? exit_to_user_mode_prepare+0x35/0x170\n? do_syscall_64+0x69/0x90\n? syscall_exit_to_user_mode+0x26/0x50\n? do_syscall_64+0x69/0x90\n? exit_to_user_mode_prepare+0x35/0x170\nsnd_pcm_ioctl+0x27/0x40 [snd_pcm]\n__x64_sys_ioctl+0x95/0xd0\ndo_syscall_64+0x5c/0x90\n? do_syscall_64+0x69/0x90\n? do_syscall_64+0x69/0x90\nentry_SYSCALL_64_after_hwframe+0x63/0xcd", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CentOS-6:kernel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-abi-whitelists-0:2.6.32-754.35.8.el6.tuxcare.els22.noarch", "CentOS-6:kernel-debug-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.i686", "CentOS-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:python-perf-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-firmware-0:2.6.32-754.35.8.el6.tuxcare.els22.noarch", "CentOS-6:perf-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-headers-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-48702" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/39a90720f3abe96625d1224e7a7463410875de4c", "url": "https://git.kernel.org/stable/c/39a90720f3abe96625d1224e7a7463410875de4c" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/4204a01ffce97cae1d59edc5848f02be5b2b9178", "url": "https://git.kernel.org/stable/c/4204a01ffce97cae1d59edc5848f02be5b2b9178" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/45321a7d02b7cf9b3f97e3987fc1e4d649b82da2", "url": "https://git.kernel.org/stable/c/45321a7d02b7cf9b3f97e3987fc1e4d649b82da2" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/45814a53514e10a8014906c882e0d0d38df39cc1", "url": "https://git.kernel.org/stable/c/45814a53514e10a8014906c882e0d0d38df39cc1" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/637c5310acb48fffcc5657568db3f3e9bc719bfa", "url": "https://git.kernel.org/stable/c/637c5310acb48fffcc5657568db3f3e9bc719bfa" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/6b0e260ac3cf289e38446552461caa65e6dab275", "url": "https://git.kernel.org/stable/c/6b0e260ac3cf289e38446552461caa65e6dab275" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/88aac6684cf8bc885cca15463cb4407e91f28ff7", "url": "https://git.kernel.org/stable/c/88aac6684cf8bc885cca15463cb4407e91f28ff7" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/d29f59051d3a07b81281b2df2b8c9dfe4716067f", "url": "https://git.kernel.org/stable/c/d29f59051d3a07b81281b2df2b8c9dfe4716067f" } ], "release_date": "2024-05-03T16:15:00", "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CentOS-6:kernel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-abi-whitelists-0:2.6.32-754.35.8.el6.tuxcare.els22.noarch", "CentOS-6:kernel-debug-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.i686", "CentOS-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:python-perf-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-firmware-0:2.6.32-754.35.8.el6.tuxcare.els22.noarch", "CentOS-6:perf-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-headers-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64" ] } ], "threats": [ { "category": "impact", "details": "High" } ] }, { "cve": "CVE-2021-47219", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: scsi_debug: Fix out-of-bound read in resp_report_tgtpgs()\n\nThe following issue was observed running syzkaller:\n\nBUG: KASAN: slab-out-of-bounds in memcpy include/linux/string.h:377 [inline]\nBUG: KASAN: slab-out-of-bounds in sg_copy_buffer+0x150/0x1c0 lib/scatterlist.c:831\nRead of size 2132 at addr ffff8880aea95dc8 by task syz-executor.0/9815\n\nCPU: 0 PID: 9815 Comm: syz-executor.0 Not tainted 4.19.202-00874-gfc0fe04215a9 #2\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.10.2-1ubuntu1 04/01/2014\nCall Trace:\n __dump_stack lib/dump_stack.c:77 [inline]\n dump_stack+0xe4/0x14a lib/dump_stack.c:118\n print_address_description+0x73/0x280 mm/kasan/report.c:253\n kasan_report_error mm/kasan/report.c:352 [inline]\n kasan_report+0x272/0x370 mm/kasan/report.c:410\n memcpy+0x1f/0x50 mm/kasan/kasan.c:302\n memcpy include/linux/string.h:377 [inline]\n sg_copy_buffer+0x150/0x1c0 lib/scatterlist.c:831\n fill_from_dev_buffer+0x14f/0x340 drivers/scsi/scsi_debug.c:1021\n resp_report_tgtpgs+0x5aa/0x770 drivers/scsi/scsi_debug.c:1772\n schedule_resp+0x464/0x12f0 drivers/scsi/scsi_debug.c:4429\n scsi_debug_queuecommand+0x467/0x1390 drivers/scsi/scsi_debug.c:5835\n scsi_dispatch_cmd+0x3fc/0x9b0 drivers/scsi/scsi_lib.c:1896\n scsi_request_fn+0x1042/0x1810 drivers/scsi/scsi_lib.c:2034\n __blk_run_queue_uncond block/blk-core.c:464 [inline]\n __blk_run_queue+0x1a4/0x380 block/blk-core.c:484\n blk_execute_rq_nowait+0x1c2/0x2d0 block/blk-exec.c:78\n sg_common_write.isra.19+0xd74/0x1dc0 drivers/scsi/sg.c:847\n sg_write.part.23+0x6e0/0xd00 drivers/scsi/sg.c:716\n sg_write+0x64/0xa0 drivers/scsi/sg.c:622\n __vfs_write+0xed/0x690 fs/read_write.c:485\nkill_bdev:block_device:00000000e138492c\n vfs_write+0x184/0x4c0 fs/read_write.c:549\n ksys_write+0x107/0x240 fs/read_write.c:599\n do_syscall_64+0xc2/0x560 arch/x86/entry/common.c:293\n entry_SYSCALL_64_after_hwframe+0x49/0xbe\n\nWe get 'alen' from command its type is int. If userspace passes a large\nlength we will get a negative 'alen'.\n\nSwitch n, alen, and rlen to u32.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CentOS-6:kernel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-abi-whitelists-0:2.6.32-754.35.8.el6.tuxcare.els22.noarch", "CentOS-6:kernel-debug-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.i686", "CentOS-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:python-perf-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-firmware-0:2.6.32-754.35.8.el6.tuxcare.els22.noarch", "CentOS-6:perf-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-headers-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2021-47219" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/66523553fa62c7878fc5441dc4e82be71934eb77", "url": "https://git.kernel.org/stable/c/66523553fa62c7878fc5441dc4e82be71934eb77" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/8440377e1a5644779b4c8d013aa2a917f5fc83c3", "url": "https://git.kernel.org/stable/c/8440377e1a5644779b4c8d013aa2a917f5fc83c3" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/f347c26836c270199de1599c3cd466bb7747caa9", "url": "https://git.kernel.org/stable/c/f347c26836c270199de1599c3cd466bb7747caa9" } ], "release_date": "2024-04-10T19:15:00", "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "CentOS-6:kernel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-abi-whitelists-0:2.6.32-754.35.8.el6.tuxcare.els22.noarch", "CentOS-6:kernel-debug-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.i686", "CentOS-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:python-perf-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-firmware-0:2.6.32-754.35.8.el6.tuxcare.els22.noarch", "CentOS-6:perf-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-headers-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64" ] } ], "threats": [ { "category": "impact", "details": "High" } ] }, { "cve": "CVE-2025-37785", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix OOB read when checking dotdot dir\n\nMounting a corrupted filesystem with directory which contains '.' dir\nentry with rec_len == block size results in out-of-bounds read (later\non, when the corrupted directory is removed).\n\next4_empty_dir() assumes every ext4 directory contains at least '.'\nand '..' as directory entries in the first data block. It first loads\nthe '.' dir entry, performs sanity checks by calling ext4_check_dir_entry()\nand then uses its rec_len member to compute the location of '..' dir\nentry (in ext4_next_entry). It assumes the '..' dir entry fits into the\nsame data block.\n\nIf the rec_len of '.' is precisely one block (4KB), it slips through the\nsanity checks (it is considered the last directory entry in the data\nblock) and leaves \"struct ext4_dir_entry_2 *de\" point exactly past the\nmemory slot allocated to the data block. The following call to\next4_check_dir_entry() on new value of de then dereferences this pointer\nwhich results in out-of-bounds mem access.\n\nFix this by extending __ext4_check_dir_entry() to check for '.' dir\nentries that reach the end of data block. Make sure to ignore the phony\ndir entries for checksum (by checking name_len for non-zero).\n\nNote: This is reported by KASAN as use-after-free in case another\nstructure was recently freed from the slot past the bound, but it is\nreally an OOB read.\n\nThis issue was found by syzkaller tool.\n\nCall Trace:\n[ 38.594108] BUG: KASAN: slab-use-after-free in __ext4_check_dir_entry+0x67e/0x710\n[ 38.594649] Read of size 2 at addr ffff88802b41a004 by task syz-executor/5375\n[ 38.595158]\n[ 38.595288] CPU: 0 UID: 0 PID: 5375 Comm: syz-executor Not tainted 6.14.0-rc7 #1\n[ 38.595298] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014\n[ 38.595304] Call Trace:\n[ 38.595308] \n[ 38.595311] dump_stack_lvl+0xa7/0xd0\n[ 38.595325] print_address_description.constprop.0+0x2c/0x3f0\n[ 38.595339] ? __ext4_check_dir_entry+0x67e/0x710\n[ 38.595349] print_report+0xaa/0x250\n[ 38.595359] ? __ext4_check_dir_entry+0x67e/0x710\n[ 38.595368] ? kasan_addr_to_slab+0x9/0x90\n[ 38.595378] kasan_report+0xab/0xe0\n[ 38.595389] ? __ext4_check_dir_entry+0x67e/0x710\n[ 38.595400] __ext4_check_dir_entry+0x67e/0x710\n[ 38.595410] ext4_empty_dir+0x465/0x990\n[ 38.595421] ? __pfx_ext4_empty_dir+0x10/0x10\n[ 38.595432] ext4_rmdir.part.0+0x29a/0xd10\n[ 38.595441] ? __dquot_initialize+0x2a7/0xbf0\n[ 38.595455] ? __pfx_ext4_rmdir.part.0+0x10/0x10\n[ 38.595464] ? __pfx___dquot_initialize+0x10/0x10\n[ 38.595478] ? down_write+0xdb/0x140\n[ 38.595487] ? __pfx_down_write+0x10/0x10\n[ 38.595497] ext4_rmdir+0xee/0x140\n[ 38.595506] vfs_rmdir+0x209/0x670\n[ 38.595517] ? lookup_one_qstr_excl+0x3b/0x190\n[ 38.595529] do_rmdir+0x363/0x3c0\n[ 38.595537] ? __pfx_do_rmdir+0x10/0x10\n[ 38.595544] ? strncpy_from_user+0x1ff/0x2e0\n[ 38.595561] __x64_sys_unlinkat+0xf0/0x130\n[ 38.595570] do_syscall_64+0x5b/0x180\n[ 38.595583] entry_SYSCALL_64_after_hwframe+0x76/0x7e", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CentOS-6:kernel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-abi-whitelists-0:2.6.32-754.35.8.el6.tuxcare.els22.noarch", "CentOS-6:kernel-debug-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.i686", "CentOS-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:python-perf-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-firmware-0:2.6.32-754.35.8.el6.tuxcare.els22.noarch", "CentOS-6:perf-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-headers-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-37785" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/14da7dbecb430e35b5889da8dae7bef33173b351", "url": "https://git.kernel.org/stable/c/14da7dbecb430e35b5889da8dae7bef33173b351" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/52a5509ab19a5d3afe301165d9b5787bba34d842", "url": "https://git.kernel.org/stable/c/52a5509ab19a5d3afe301165d9b5787bba34d842" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/53bc45da8d8da92ec07877f5922b130562eb4b00", "url": "https://git.kernel.org/stable/c/53bc45da8d8da92ec07877f5922b130562eb4b00" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/89503e5eae64637d0fa2218912b54660effe7d93", "url": "https://git.kernel.org/stable/c/89503e5eae64637d0fa2218912b54660effe7d93" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/ac28c5684c1cdab650a7e5065b19e91577d37a4b", "url": "https://git.kernel.org/stable/c/ac28c5684c1cdab650a7e5065b19e91577d37a4b" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/b47584c556444cf7acb66b26a62cbc348eb92b78", "url": "https://git.kernel.org/stable/c/b47584c556444cf7acb66b26a62cbc348eb92b78" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/b7531a4f99c3887439d778afaf418d1a01a5f01b", "url": "https://git.kernel.org/stable/c/b7531a4f99c3887439d778afaf418d1a01a5f01b" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/d5e206778e96e8667d3bde695ad372c296dc9353", "url": "https://git.kernel.org/stable/c/d5e206778e96e8667d3bde695ad372c296dc9353" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/e47f472a664d70a3d104a6c2a035cdff55a719b4", "url": "https://git.kernel.org/stable/c/e47f472a664d70a3d104a6c2a035cdff55a719b4" } ], "release_date": "2025-04-18T07:15:00", "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "CentOS-6:kernel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-abi-whitelists-0:2.6.32-754.35.8.el6.tuxcare.els22.noarch", "CentOS-6:kernel-debug-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.i686", "CentOS-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:python-perf-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-firmware-0:2.6.32-754.35.8.el6.tuxcare.els22.noarch", "CentOS-6:perf-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-headers-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64" ] } ], "threats": [ { "category": "impact", "details": "High" } ] }, { "cve": "CVE-2025-21993", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\niscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic()\n\nWhen performing an iSCSI boot using IPv6, iscsistart still reads the\n/sys/firmware/ibft/ethernetX/subnet-mask entry. Since the IPv6 prefix\nlength is 64, this causes the shift exponent to become negative,\ntriggering a UBSAN warning. As the concept of a subnet mask does not\napply to IPv6, the value is set to ~0 to suppress the warning message.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CentOS-6:kernel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-abi-whitelists-0:2.6.32-754.35.8.el6.tuxcare.els22.noarch", "CentOS-6:kernel-debug-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.i686", "CentOS-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:python-perf-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-firmware-0:2.6.32-754.35.8.el6.tuxcare.els22.noarch", "CentOS-6:perf-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-headers-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-21993" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/07e0d99a2f701123ad3104c0f1a1e66bce74d6e5", "url": "https://git.kernel.org/stable/c/07e0d99a2f701123ad3104c0f1a1e66bce74d6e5" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/2d1eef248107bdf3d5a69d0fde04c30a79a7bf5d", "url": "https://git.kernel.org/stable/c/2d1eef248107bdf3d5a69d0fde04c30a79a7bf5d" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/9bfa80c8aa4e06dff55a953c3fffbfc68a3a3b1c", "url": "https://git.kernel.org/stable/c/9bfa80c8aa4e06dff55a953c3fffbfc68a3a3b1c" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a858cd58dea06cf85b142673deea8c5d87f11e70", "url": "https://git.kernel.org/stable/c/a858cd58dea06cf85b142673deea8c5d87f11e70" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/b253660fac5e0e9080d2c95e3a029e1898d49afb", "url": "https://git.kernel.org/stable/c/b253660fac5e0e9080d2c95e3a029e1898d49afb" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/b388e185bfad32bfed6a97a6817f74ca00a4318f", "url": "https://git.kernel.org/stable/c/b388e185bfad32bfed6a97a6817f74ca00a4318f" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c1c6e527470e5eab0b2d57bd073530fbace39eab", "url": "https://git.kernel.org/stable/c/c1c6e527470e5eab0b2d57bd073530fbace39eab" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/f763c82db8166e28f45b7cc4a5398a7859665940", "url": "https://git.kernel.org/stable/c/f763c82db8166e28f45b7cc4a5398a7859665940" } ], "release_date": "2025-04-02T13:15:00", "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "CentOS-6:kernel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-abi-whitelists-0:2.6.32-754.35.8.el6.tuxcare.els22.noarch", "CentOS-6:kernel-debug-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.i686", "CentOS-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:python-perf-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-firmware-0:2.6.32-754.35.8.el6.tuxcare.els22.noarch", "CentOS-6:perf-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64", "CentOS-6:kernel-headers-0:2.6.32-754.35.8.el6.tuxcare.els22.x86_64" ] } ], "threats": [ { "category": "impact", "details": "High" } ] } ] }