{
"document": {
"aggregate_severity": {
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "TuxCare License Agreement",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Cloud Linux Inc. and provide a link to the original.",
"title": "Terms of Use"
},
{
"category": "details",
"text": "ext4: fix possible UAF when remounting r/o a mmp-protected file system {CVE-2021-47342}\n- ext4: fix memory leak in ext4_fill_super\n- net: defer final 'struct net' free in netns dismantle {CVE-2024-56658}\n- net/sched: sch_qfq: Fix race condition on qfq_aggregate {CVE-2025-38477}\n- ALSA: usb-audio: Fix an out-of-bounds bug in __snd_usb_parse_audio_interface() {CVE-2022-48701}\n- fix: virtio-net: Add validation for used length {CVE-2021-47352}",
"title": "Details"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://tuxcare.com/contact/",
"name": "TuxCare",
"namespace": "https://tuxcare.com/"
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.tuxcare.com/csaf/v2/els_os/centos7els/advisories/2025/clsa-2025_1762332910.json"
},
{
"category": "self",
"summary": "https://cve.tuxcare.com/els/releases/CLSA-2025:1762332910",
"url": "https://cve.tuxcare.com/els/releases/CLSA-2025:1762332910"
}
],
"tracking": {
"current_release_date": "2025-11-21T10:39:28Z",
"generator": {
"date": "2025-11-21T10:39:28Z",
"engine": {
"name": "pyCSAF"
}
},
"id": "CLSA-2025:1762332910",
"initial_release_date": "2025-11-05T08:55:12Z",
"revision_history": [
{
"date": "2025-11-05T08:55:12Z",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-11-21T10:39:28Z",
"number": "2",
"summary": "Official Publication"
}
],
"status": "final",
"version": "2"
},
"title": "kernel: Fix of 5 CVEs"
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Community Enterprise Operating System 7",
"product": {
"name": "Community Enterprise Operating System 7",
"product_id": "CentOS-7",
"product_identification_helper": {
"cpe": "cpe:2.3:o:centos:centos:7:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_family",
"name": "Community Enterprise Operating System"
}
],
"category": "vendor",
"name": "Red Hat, Inc."
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"product": {
"name": "kernel-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"product_id": "kernel-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/tuxcare/kernel@3.10.0-1160.139.1.el7.tuxcare.els2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-libs-devel-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"product": {
"name": "kernel-tools-libs-devel-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"product_id": "kernel-tools-libs-devel-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/tuxcare/kernel-tools-libs-devel@3.10.0-1160.139.1.el7.tuxcare.els2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"product": {
"name": "kernel-debug-devel-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"product_id": "kernel-debug-devel-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/tuxcare/kernel-debug-devel@3.10.0-1160.139.1.el7.tuxcare.els2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"product": {
"name": "kernel-debug-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"product_id": "kernel-debug-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/tuxcare/kernel-debug@3.10.0-1160.139.1.el7.tuxcare.els2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"product": {
"name": "kernel-tools-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"product_id": "kernel-tools-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/tuxcare/kernel-tools@3.10.0-1160.139.1.el7.tuxcare.els2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "perf-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"product": {
"name": "perf-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"product_id": "perf-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/tuxcare/perf@3.10.0-1160.139.1.el7.tuxcare.els2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-libs-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"product": {
"name": "kernel-tools-libs-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"product_id": "kernel-tools-libs-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/tuxcare/kernel-tools-libs@3.10.0-1160.139.1.el7.tuxcare.els2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-devel-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"product": {
"name": "kernel-devel-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"product_id": "kernel-devel-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/tuxcare/kernel-devel@3.10.0-1160.139.1.el7.tuxcare.els2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-headers-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"product": {
"name": "kernel-headers-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"product_id": "kernel-headers-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/tuxcare/kernel-headers@3.10.0-1160.139.1.el7.tuxcare.els2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python-perf-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"product": {
"name": "python-perf-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"product_id": "python-perf-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/tuxcare/python-perf@3.10.0-1160.139.1.el7.tuxcare.els2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "bpftool-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"product": {
"name": "bpftool-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"product_id": "bpftool-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/tuxcare/bpftool@3.10.0-1160.139.1.el7.tuxcare.els2?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "TuxCare"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64 as a component of Community Enterprise Operating System 7",
"product_id": "CentOS-7:kernel-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64"
},
"product_reference": "kernel-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"relates_to_product_reference": "CentOS-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-libs-devel-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64 as a component of Community Enterprise Operating System 7",
"product_id": "CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64"
},
"product_reference": "kernel-tools-libs-devel-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"relates_to_product_reference": "CentOS-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64 as a component of Community Enterprise Operating System 7",
"product_id": "CentOS-7:kernel-debug-devel-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64"
},
"product_reference": "kernel-debug-devel-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"relates_to_product_reference": "CentOS-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64 as a component of Community Enterprise Operating System 7",
"product_id": "CentOS-7:kernel-debug-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64"
},
"product_reference": "kernel-debug-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"relates_to_product_reference": "CentOS-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64 as a component of Community Enterprise Operating System 7",
"product_id": "CentOS-7:kernel-tools-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64"
},
"product_reference": "kernel-tools-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"relates_to_product_reference": "CentOS-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64 as a component of Community Enterprise Operating System 7",
"product_id": "CentOS-7:perf-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64"
},
"product_reference": "perf-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"relates_to_product_reference": "CentOS-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-libs-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64 as a component of Community Enterprise Operating System 7",
"product_id": "CentOS-7:kernel-tools-libs-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64"
},
"product_reference": "kernel-tools-libs-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"relates_to_product_reference": "CentOS-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64 as a component of Community Enterprise Operating System 7",
"product_id": "CentOS-7:kernel-devel-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64"
},
"product_reference": "kernel-devel-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"relates_to_product_reference": "CentOS-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-headers-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64 as a component of Community Enterprise Operating System 7",
"product_id": "CentOS-7:kernel-headers-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64"
},
"product_reference": "kernel-headers-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"relates_to_product_reference": "CentOS-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-perf-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64 as a component of Community Enterprise Operating System 7",
"product_id": "CentOS-7:python-perf-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64"
},
"product_reference": "python-perf-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"relates_to_product_reference": "CentOS-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bpftool-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64 as a component of Community Enterprise Operating System 7",
"product_id": "CentOS-7:bpftool-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64"
},
"product_reference": "bpftool-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"relates_to_product_reference": "CentOS-7"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-56658",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: defer final 'struct net' free in netns dismantle\n\nIlya reported a slab-use-after-free in dst_destroy [1]\n\nIssue is in xfrm6_net_init() and xfrm4_net_init() :\n\nThey copy xfrm[46]_dst_ops_template into net->xfrm.xfrm[46]_dst_ops.\n\nBut net structure might be freed before all the dst callbacks are\ncalled. So when dst_destroy() calls later :\n\nif (dst->ops->destroy)\n dst->ops->destroy(dst);\n\ndst->ops points to the old net->xfrm.xfrm[46]_dst_ops, which has been freed.\n\nSee a relevant issue fixed in :\n\nac888d58869b (\"net: do not delay dst_entries_add() in dst_release()\")\n\nA fix is to queue the 'struct net' to be freed after one\nanother cleanup_net() round (and existing rcu_barrier())\n\n[1]\n\nBUG: KASAN: slab-use-after-free in dst_destroy (net/core/dst.c:112)\nRead of size 8 at addr ffff8882137ccab0 by task swapper/37/0\nDec 03 05:46:18 kernel:\nCPU: 37 UID: 0 PID: 0 Comm: swapper/37 Kdump: loaded Not tainted 6.12.0 #67\nHardware name: Red Hat KVM/RHEL, BIOS 1.16.1-1.el9 04/01/2014\nCall Trace:\n \ndump_stack_lvl (lib/dump_stack.c:124)\nprint_address_description.constprop.0 (mm/kasan/report.c:378)\n? dst_destroy (net/core/dst.c:112)\nprint_report (mm/kasan/report.c:489)\n? dst_destroy (net/core/dst.c:112)\n? kasan_addr_to_slab (mm/kasan/common.c:37)\nkasan_report (mm/kasan/report.c:603)\n? dst_destroy (net/core/dst.c:112)\n? rcu_do_batch (kernel/rcu/tree.c:2567)\ndst_destroy (net/core/dst.c:112)\nrcu_do_batch (kernel/rcu/tree.c:2567)\n? __pfx_rcu_do_batch (kernel/rcu/tree.c:2491)\n? lockdep_hardirqs_on_prepare (kernel/locking/lockdep.c:4339 kernel/locking/lockdep.c:4406)\nrcu_core (kernel/rcu/tree.c:2825)\nhandle_softirqs (kernel/softirq.c:554)\n__irq_exit_rcu (kernel/softirq.c:589 kernel/softirq.c:428 kernel/softirq.c:637)\nirq_exit_rcu (kernel/softirq.c:651)\nsysvec_apic_timer_interrupt (arch/x86/kernel/apic/apic.c:1049 arch/x86/kernel/apic/apic.c:1049)\n \n \nasm_sysvec_apic_timer_interrupt (./arch/x86/include/asm/idtentry.h:702)\nRIP: 0010:default_idle (./arch/x86/include/asm/irqflags.h:37 ./arch/x86/include/asm/irqflags.h:92 arch/x86/kernel/process.c:743)\nCode: 00 4d 29 c8 4c 01 c7 4c 29 c2 e9 6e ff ff ff 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 66 90 0f 00 2d c7 c9 27 00 fb f4 c3 cc cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 90\nRSP: 0018:ffff888100d2fe00 EFLAGS: 00000246\nRAX: 00000000001870ed RBX: 1ffff110201a5fc2 RCX: ffffffffb61a3e46\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffffb3d4d123\nRBP: 0000000000000000 R08: 0000000000000001 R09: ffffed11c7e1835d\nR10: ffff888e3f0c1aeb R11: 0000000000000000 R12: 0000000000000000\nR13: ffff888100d20000 R14: dffffc0000000000 R15: 0000000000000000\n? ct_kernel_exit.constprop.0 (kernel/context_tracking.c:148)\n? cpuidle_idle_call (kernel/sched/idle.c:186)\ndefault_idle_call (./include/linux/cpuidle.h:143 kernel/sched/idle.c:118)\ncpuidle_idle_call (kernel/sched/idle.c:186)\n? __pfx_cpuidle_idle_call (kernel/sched/idle.c:168)\n? lock_release (kernel/locking/lockdep.c:467 kernel/locking/lockdep.c:5848)\n? lockdep_hardirqs_on_prepare (kernel/locking/lockdep.c:4347 kernel/locking/lockdep.c:4406)\n? tsc_verify_tsc_adjust (arch/x86/kernel/tsc_sync.c:59)\ndo_idle (kernel/sched/idle.c:326)\ncpu_startup_entry (kernel/sched/idle.c:423 (discriminator 1))\nstart_secondary (arch/x86/kernel/smpboot.c:202 arch/x86/kernel/smpboot.c:282)\n? __pfx_start_secondary (arch/x86/kernel/smpboot.c:232)\n? soft_restart_cpu (arch/x86/kernel/head_64.S:452)\ncommon_startup_64 (arch/x86/kernel/head_64.S:414)\n \nDec 03 05:46:18 kernel:\nAllocated by task 12184:\nkasan_save_stack (mm/kasan/common.c:48)\nkasan_save_track (./arch/x86/include/asm/current.h:49 mm/kasan/common.c:60 mm/kasan/common.c:69)\n__kasan_slab_alloc (mm/kasan/common.c:319 mm/kasan/common.c:345)\nkmem_cache_alloc_noprof (mm/slub.c:4085 mm/slub.c:4134 mm/slub.c:4141)\ncopy_net_ns (net/core/net_namespace.c:421 net/core/net_namespace.c:480)\ncreate_new_namespaces\n---truncated---",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"CentOS-7:bpftool-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"CentOS-7:kernel-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"CentOS-7:kernel-debug-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"CentOS-7:kernel-debug-devel-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"CentOS-7:kernel-devel-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"CentOS-7:kernel-headers-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"CentOS-7:kernel-tools-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"CentOS-7:kernel-tools-libs-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"CentOS-7:perf-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"CentOS-7:python-perf-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2024-56658"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/0f6ede9fbc747e2553612271bce108f7517e7a45",
"url": "https://git.kernel.org/stable/c/0f6ede9fbc747e2553612271bce108f7517e7a45"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/3267b254dc0a04dfa362a2be24573cfa6d2d78f5",
"url": "https://git.kernel.org/stable/c/3267b254dc0a04dfa362a2be24573cfa6d2d78f5"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/6610c7f8a8d47fd1123eed55ba8c11c2444d8842",
"url": "https://git.kernel.org/stable/c/6610c7f8a8d47fd1123eed55ba8c11c2444d8842"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/b7a79e51297f7b82adb687086f5cb2da446f1e40",
"url": "https://git.kernel.org/stable/c/b7a79e51297f7b82adb687086f5cb2da446f1e40"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/c261dcd61c9e88a8f1a66654354d32295a975230",
"url": "https://git.kernel.org/stable/c/c261dcd61c9e88a8f1a66654354d32295a975230"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/dac465986a4a38cd2f13e934f562b6ca344e5720",
"url": "https://git.kernel.org/stable/c/dac465986a4a38cd2f13e934f562b6ca344e5720"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html",
"url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html",
"url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html"
}
],
"release_date": "2024-12-27T15:15:00Z",
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CentOS-7:bpftool-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"CentOS-7:kernel-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"CentOS-7:kernel-debug-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"CentOS-7:kernel-debug-devel-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"CentOS-7:kernel-devel-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"CentOS-7:kernel-headers-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"CentOS-7:kernel-tools-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"CentOS-7:kernel-tools-libs-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"CentOS-7:perf-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"CentOS-7:python-perf-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2025-38477",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\nnet/sched: sch_qfq: Fix race condition on qfq_aggregate\nA race condition can occur when 'agg' is modified in qfq_change_agg\n(called during qfq_enqueue) while other threads access it\nconcurrently. For example, qfq_dump_class may trigger a NULL\ndereference, and qfq_delete_class may cause a use-after-free.\nThis patch addresses the issue by:\n1. Moved qfq_destroy_class into the critical section.\n2. Added sch_tree_lock protection to qfq_dump_class and\nqfq_dump_class_stats.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"CentOS-7:bpftool-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"CentOS-7:kernel-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"CentOS-7:kernel-debug-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"CentOS-7:kernel-debug-devel-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"CentOS-7:kernel-devel-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"CentOS-7:kernel-headers-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"CentOS-7:kernel-tools-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"CentOS-7:kernel-tools-libs-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"CentOS-7:perf-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"CentOS-7:python-perf-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2025-38477"
}
],
"release_date": "2025-07-28T00:00:00Z",
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H",
"version": "3.1"
},
"products": [
"CentOS-7:bpftool-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"CentOS-7:kernel-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"CentOS-7:kernel-debug-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"CentOS-7:kernel-debug-devel-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"CentOS-7:kernel-devel-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"CentOS-7:kernel-headers-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"CentOS-7:kernel-tools-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"CentOS-7:kernel-tools-libs-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"CentOS-7:perf-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"CentOS-7:python-perf-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2021-47342",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix possible UAF when remounting r/o a mmp-protected file system\n\nAfter commit 618f003199c6 (\"ext4: fix memory leak in\next4_fill_super\"), after the file system is remounted read-only, there\nis a race where the kmmpd thread can exit, causing sbi->s_mmp_tsk to\npoint at freed memory, which the call to ext4_stop_mmpd() can trip\nover.\n\nFix this by only allowing kmmpd() to exit when it is stopped via\next4_stop_mmpd().\n\nBug-Report-Link: <20210629143603.2166962-1-yebin10@huawei.com>",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"CentOS-7:bpftool-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"CentOS-7:kernel-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"CentOS-7:kernel-debug-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"CentOS-7:kernel-debug-devel-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"CentOS-7:kernel-devel-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"CentOS-7:kernel-headers-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"CentOS-7:kernel-tools-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"CentOS-7:kernel-tools-libs-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"CentOS-7:perf-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"CentOS-7:python-perf-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2021-47342"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/61bb4a1c417e5b95d9edb4f887f131de32e419cb",
"url": "https://git.kernel.org/stable/c/61bb4a1c417e5b95d9edb4f887f131de32e419cb"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/7ed572cdf11081f8f9e07abd4bea56a3f2c4edbd",
"url": "https://git.kernel.org/stable/c/7ed572cdf11081f8f9e07abd4bea56a3f2c4edbd"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/b663890d854403e566169f7e90aed5cd6ff64f6b",
"url": "https://git.kernel.org/stable/c/b663890d854403e566169f7e90aed5cd6ff64f6b"
}
],
"release_date": "2024-05-21T15:15:00Z",
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CentOS-7:bpftool-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"CentOS-7:kernel-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"CentOS-7:kernel-debug-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"CentOS-7:kernel-debug-devel-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"CentOS-7:kernel-devel-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"CentOS-7:kernel-headers-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"CentOS-7:kernel-tools-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"CentOS-7:kernel-tools-libs-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"CentOS-7:perf-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"CentOS-7:python-perf-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2022-48701",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: usb-audio: Fix an out-of-bounds bug in __snd_usb_parse_audio_interface()\n\nThere may be a bad USB audio device with a USB ID of (0x04fa, 0x4201) and\nthe number of it's interfaces less than 4, an out-of-bounds read bug occurs\nwhen parsing the interface descriptor for this device.\n\nFix this by checking the number of interfaces.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"CentOS-7:bpftool-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"CentOS-7:kernel-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"CentOS-7:kernel-debug-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"CentOS-7:kernel-debug-devel-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"CentOS-7:kernel-devel-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"CentOS-7:kernel-headers-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"CentOS-7:kernel-tools-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"CentOS-7:kernel-tools-libs-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"CentOS-7:perf-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"CentOS-7:python-perf-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2022-48701"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/0492798bf8dfcc09c9337a1ba065da1d1ca68712",
"url": "https://git.kernel.org/stable/c/0492798bf8dfcc09c9337a1ba065da1d1ca68712"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/2a308e415d247a23d4d64c964c02e782eede2936",
"url": "https://git.kernel.org/stable/c/2a308e415d247a23d4d64c964c02e782eede2936"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/6123bec8480d23369e2ee0b2208611619f269faf",
"url": "https://git.kernel.org/stable/c/6123bec8480d23369e2ee0b2208611619f269faf"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/8293e61bbf908b18ff9935238d4fc2ad359e3fe0",
"url": "https://git.kernel.org/stable/c/8293e61bbf908b18ff9935238d4fc2ad359e3fe0"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/91904870370fd986c29719846ed76d559de43251",
"url": "https://git.kernel.org/stable/c/91904870370fd986c29719846ed76d559de43251"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/98e8e67395cc6d0cdf3a771f86ea42d0ee6e59dd",
"url": "https://git.kernel.org/stable/c/98e8e67395cc6d0cdf3a771f86ea42d0ee6e59dd"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/b970518014f2f0f6c493fb86c1e092b936899061",
"url": "https://git.kernel.org/stable/c/b970518014f2f0f6c493fb86c1e092b936899061"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/e53f47f6c1a56d2af728909f1cb894da6b43d9bf",
"url": "https://git.kernel.org/stable/c/e53f47f6c1a56d2af728909f1cb894da6b43d9bf"
}
],
"release_date": "2024-05-03T16:15:00Z",
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CentOS-7:bpftool-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"CentOS-7:kernel-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"CentOS-7:kernel-debug-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"CentOS-7:kernel-debug-devel-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"CentOS-7:kernel-devel-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"CentOS-7:kernel-headers-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"CentOS-7:kernel-tools-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"CentOS-7:kernel-tools-libs-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"CentOS-7:kernel-tools-libs-devel-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"CentOS-7:perf-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64",
"CentOS-7:python-perf-0:3.10.0-1160.139.1.el7.tuxcare.els2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
}
]
}