{
"document": {
"aggregate_severity": {
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "TuxCare License Agreement",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Cloud Linux Inc. and provide a link to the original.",
"title": "Terms of Use"
},
{
"category": "details",
"text": "vsock: Keep the binding until socket destruction {CVE-2025-21756}\n- mt76: fix use-after-free by removing a non-RCU wcid pointer {CVE-2022-49328}\n- bpf, test_run: Fix alignment problem in bpf_prog_test_run_skb() {CVE-2022-49840}\n- ASoC: core: Fix use-after-free in snd_soc_exit() {CVE-2022-49842}\n- net: sched: Fix use after free in red_enqueue() {CVE-2022-49921}\n- udf: Fix a slab-out-of-bounds write bug in udf_find_entry() {CVE-2022-49846}\n- ftrace: Fix use-after-free for dynamic ftrace_ops {CVE-2022-49892}\n- dm ioctl: prevent potential spectre v1 gadget {CVE-2022-49122}\n- scsi: libfc: Fix use after free in fc_exch_abts_resp() {CVE-2022-49114}\n- mac80211: fix potential double free on mesh join {CVE-2022-49290}\n- wifi: mac80211: fix use-after-free in chanctx code {CVE-2022-49416}\n- ext4: fix OOB read when checking dotdot dir {CVE-2025-37785}\n- ALSA: hda/via: Avoid potential array out-of-bound in add_secret_dac_path() {CVE-2023-52988}\n- tracing: Fix potential double free in create_var_ref() {CVE-2022-49410}\n- wifi: brcmfmac: Check the count value of channel spec to prevent out-of-bounds reads {CVE-2022-49740}\n- mm/khugepaged: invoke MMU notifiers in shmem/file collapse paths {CVE-2022-48991}\n- cifs: potential buffer overflow in handling symlinks {CVE-2022-49058}\n- media: pvrusb2: fix array-index-out-of-bounds in pvr2_i2c_core_init {CVE-2022-49478}\n- HID: elan: Fix potential double free in elan_input_configured {CVE-2022-49508}\n- bpf: Check rcu_read_lock_trace_held() before calling bpf map helpers {CVE-2023-52621}\n- drm/amd/pm: fix double free in si_parse_power_table() {CVE-2022-49530}\n- drm/amdgpu: avoid buffer overflow attach in smu_sys_set_pp_table() {CVE-2025-21780}\n- crypto: scomp - fix req->dst buffer overflow {CVE-2023-52612}\n- sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket {CVE-2024-53168}\n- net: make sock_inuse_add() available {CVE-2024-53168}",
"title": "Details"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://tuxcare.com/contact/",
"name": "TuxCare",
"namespace": "https://tuxcare.com/"
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.tuxcare.com/csaf/v2/els_os/centos8.4els/advisories/2025/clsa-2025_1749568993.json"
},
{
"category": "self",
"summary": "https://cve.tuxcare.com/els/releases/CLSA-2025:1749568993",
"url": "https://cve.tuxcare.com/els/releases/CLSA-2025:1749568993"
}
],
"tracking": {
"current_release_date": "2025-06-10T15:26:31Z",
"generator": {
"date": "2025-06-10T15:26:31Z",
"engine": {
"name": "pyCSAF"
}
},
"id": "CLSA-2025:1749568993",
"initial_release_date": "2025-06-10T15:26:31Z",
"revision_history": [
{
"date": "2025-06-10T15:26:31Z",
"number": "1",
"summary": "Initial version"
}
],
"status": "final",
"version": "1"
},
"title": "kernel: Fix of 24 CVEs"
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Community Enterprise Operating System 8.4",
"product": {
"name": "Community Enterprise Operating System 8.4",
"product_id": "CentOS-8.4",
"product_identification_helper": {
"cpe": "cpe:2.3:o:centos:centos:8.4:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_family",
"name": "Community Enterprise Operating System"
}
],
"category": "vendor",
"name": "Red Hat, Inc."
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"product": {
"name": "kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"product_id": "kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/cloudlinux/kernel-debug-modules-extra@4.18.0-305.25.1.el8_4.tuxcare.els28?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"product": {
"name": "python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"product_id": "python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/cloudlinux/python3-perf@4.18.0-305.25.1.el8_4.tuxcare.els28?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"product": {
"name": "kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"product_id": "kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/cloudlinux/kernel-modules-internal@4.18.0-305.25.1.el8_4.tuxcare.els28?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"product": {
"name": "kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"product_id": "kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/cloudlinux/kernel-modules@4.18.0-305.25.1.el8_4.tuxcare.els28?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"product": {
"name": "kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"product_id": "kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/cloudlinux/kernel-tools-libs-devel@4.18.0-305.25.1.el8_4.tuxcare.els28?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"product": {
"name": "kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"product_id": "kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/cloudlinux/kernel-core@4.18.0-305.25.1.el8_4.tuxcare.els28?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"product": {
"name": "bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"product_id": "bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/cloudlinux/bpftool@4.18.0-305.25.1.el8_4.tuxcare.els28?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"product": {
"name": "kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"product_id": "kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/cloudlinux/kernel-debug-modules@4.18.0-305.25.1.el8_4.tuxcare.els28?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"product": {
"name": "kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"product_id": "kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/cloudlinux/kernel-debug@4.18.0-305.25.1.el8_4.tuxcare.els28?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"product": {
"name": "kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"product_id": "kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/cloudlinux/kernel-debug-core@4.18.0-305.25.1.el8_4.tuxcare.els28?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "CloudLinux"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64 as a component of Community Enterprise Operating System 8.4",
"product_id": "CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64"
},
"product_reference": "kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"relates_to_product_reference": "CentOS-8.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64 as a component of Community Enterprise Operating System 8.4",
"product_id": "CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64"
},
"product_reference": "python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"relates_to_product_reference": "CentOS-8.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64 as a component of Community Enterprise Operating System 8.4",
"product_id": "CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64"
},
"product_reference": "kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"relates_to_product_reference": "CentOS-8.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64 as a component of Community Enterprise Operating System 8.4",
"product_id": "CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64"
},
"product_reference": "kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"relates_to_product_reference": "CentOS-8.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64 as a component of Community Enterprise Operating System 8.4",
"product_id": "CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64"
},
"product_reference": "kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"relates_to_product_reference": "CentOS-8.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64 as a component of Community Enterprise Operating System 8.4",
"product_id": "CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64"
},
"product_reference": "kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"relates_to_product_reference": "CentOS-8.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64 as a component of Community Enterprise Operating System 8.4",
"product_id": "CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64"
},
"product_reference": "bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"relates_to_product_reference": "CentOS-8.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64 as a component of Community Enterprise Operating System 8.4",
"product_id": "CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64"
},
"product_reference": "kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"relates_to_product_reference": "CentOS-8.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64 as a component of Community Enterprise Operating System 8.4",
"product_id": "CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64"
},
"product_reference": "kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"relates_to_product_reference": "CentOS-8.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64 as a component of Community Enterprise Operating System 8.4",
"product_id": "CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64"
},
"product_reference": "kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"relates_to_product_reference": "CentOS-8.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-49842",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: core: Fix use-after-free in snd_soc_exit()\n\nKASAN reports a use-after-free:\n\nBUG: KASAN: use-after-free in device_del+0xb5b/0xc60\nRead of size 8 at addr ffff888008655050 by task rmmod/387\nCPU: 2 PID: 387 Comm: rmmod\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996)\nCall Trace:\n\ndump_stack_lvl+0x79/0x9a\nprint_report+0x17f/0x47b\nkasan_report+0xbb/0xf0\ndevice_del+0xb5b/0xc60\nplatform_device_del.part.0+0x24/0x200\nplatform_device_unregister+0x2e/0x40\nsnd_soc_exit+0xa/0x22 [snd_soc_core]\n__do_sys_delete_module.constprop.0+0x34f/0x5b0\ndo_syscall_64+0x3a/0x90\nentry_SYSCALL_64_after_hwframe+0x63/0xcd\n...\n\n\nIt's bacause in snd_soc_init(), snd_soc_util_init() is possble to fail,\nbut its ret is ignored, which makes soc_dummy_dev unregistered twice.\n\nsnd_soc_init()\n snd_soc_util_init()\n platform_device_register_simple(soc_dummy_dev)\n platform_driver_register() # fail\n \tplatform_device_unregister(soc_dummy_dev)\n platform_driver_register() # success\n...\nsnd_soc_exit()\n snd_soc_util_exit()\n # soc_dummy_dev will be unregistered for second time\n\nTo fix it, handle error and stop snd_soc_init() when util_init() fail.\nAlso clean debugfs when util_init() or driver_register() fail.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2022-49842"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/2ec3f558db343b045a7c7419cdbaec266b8ac1a7",
"url": "https://git.kernel.org/stable/c/2ec3f558db343b045a7c7419cdbaec266b8ac1a7"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/34eee4189bcebbd5f6a2ff25ef0cb893ad33d51e",
"url": "https://git.kernel.org/stable/c/34eee4189bcebbd5f6a2ff25ef0cb893ad33d51e"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/41fad4f712e081acdfde8b59847f9f66eaf407a0",
"url": "https://git.kernel.org/stable/c/41fad4f712e081acdfde8b59847f9f66eaf407a0"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/6ec27c53886c8963729885bcf2dd996eba2767a7",
"url": "https://git.kernel.org/stable/c/6ec27c53886c8963729885bcf2dd996eba2767a7"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/8d21554ec7680e9585fb852d933203c3db60dad1",
"url": "https://git.kernel.org/stable/c/8d21554ec7680e9585fb852d933203c3db60dad1"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/90bbdf30a51e42378cb23a312005a022794b8e1e",
"url": "https://git.kernel.org/stable/c/90bbdf30a51e42378cb23a312005a022794b8e1e"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/a3365e62239dc064019a244bde5686ac18527c22",
"url": "https://git.kernel.org/stable/c/a3365e62239dc064019a244bde5686ac18527c22"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/c5674bd073c0fd9f620ca550c5ff08d0d429bdd9",
"url": "https://git.kernel.org/stable/c/c5674bd073c0fd9f620ca550c5ff08d0d429bdd9"
}
],
"release_date": "2025-05-01T15:16:00",
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "High"
}
]
},
{
"cve": "CVE-2023-52988",
"cwe": {
"id": "CWE-129",
"name": "Improper Validation of Array Index"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: hda/via: Avoid potential array out-of-bound in add_secret_dac_path()\n\nsnd_hda_get_connections() can return a negative error code.\nIt may lead to accessing 'conn' array at a negative index.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2023-52988"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/1b9256c96220bcdba287eeeb90e7c910c77f8c46",
"url": "https://git.kernel.org/stable/c/1b9256c96220bcdba287eeeb90e7c910c77f8c46"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/2b557fa635e7487f638c0f030c305870839eeda2",
"url": "https://git.kernel.org/stable/c/2b557fa635e7487f638c0f030c305870839eeda2"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/437e50ef6290ac835d526d0e45f466a0aa69ba1b",
"url": "https://git.kernel.org/stable/c/437e50ef6290ac835d526d0e45f466a0aa69ba1b"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/6e1f586ddec48d71016b81acf68ba9f49ca54db8",
"url": "https://git.kernel.org/stable/c/6e1f586ddec48d71016b81acf68ba9f49ca54db8"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/b9cee506da2b7920b5ea02ccd8e78a907d0ee7aa",
"url": "https://git.kernel.org/stable/c/b9cee506da2b7920b5ea02ccd8e78a907d0ee7aa"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/d6870f3800dbb212ae8433183ee82f566d067c6c",
"url": "https://git.kernel.org/stable/c/d6870f3800dbb212ae8433183ee82f566d067c6c"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/f011360ad234a07cb6fbcc720fff646a93a9f0d6",
"url": "https://git.kernel.org/stable/c/f011360ad234a07cb6fbcc720fff646a93a9f0d6"
}
],
"release_date": "2025-03-27T17:15:00",
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "High"
}
]
},
{
"cve": "CVE-2022-49058",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: potential buffer overflow in handling symlinks\n\nSmatch printed a warning:\n\tarch/x86/crypto/poly1305_glue.c:198 poly1305_update_arch() error:\n\t__memcpy() 'dctx->buf' too small (16 vs u32max)\n\nIt's caused because Smatch marks 'link_len' as untrusted since it comes\nfrom sscanf(). Add a check to ensure that 'link_len' is not larger than\nthe size of the 'link_str' buffer.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2022-49058"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/1316c28569a80ab3596eeab05bf5e01991e7e739",
"url": "https://git.kernel.org/stable/c/1316c28569a80ab3596eeab05bf5e01991e7e739"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/22d658c6c5affed10c8907e67160cef0b6c92186",
"url": "https://git.kernel.org/stable/c/22d658c6c5affed10c8907e67160cef0b6c92186"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/3e582749e742e662a8e9bb37cffac62dccaaa1e2",
"url": "https://git.kernel.org/stable/c/3e582749e742e662a8e9bb37cffac62dccaaa1e2"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/4e166a41180be2f1e66bbb6d46448e80a9a5ec05",
"url": "https://git.kernel.org/stable/c/4e166a41180be2f1e66bbb6d46448e80a9a5ec05"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/515e7ba11ef043d6febe69389949c8ef5f25e9d0",
"url": "https://git.kernel.org/stable/c/515e7ba11ef043d6febe69389949c8ef5f25e9d0"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/64c4a37ac04eeb43c42d272f6e6c8c12bfcf4304",
"url": "https://git.kernel.org/stable/c/64c4a37ac04eeb43c42d272f6e6c8c12bfcf4304"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/9901b07ba42b39266b34a888e48d7306fd707bee",
"url": "https://git.kernel.org/stable/c/9901b07ba42b39266b34a888e48d7306fd707bee"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/eb5f51756944735ac70cd8bb38637cc202e29c91",
"url": "https://git.kernel.org/stable/c/eb5f51756944735ac70cd8bb38637cc202e29c91"
}
],
"release_date": "2025-02-26T07:00:00",
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "High"
}
]
},
{
"cve": "CVE-2022-49508",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: elan: Fix potential double free in elan_input_configured\n\n'input' is a managed resource allocated with devm_input_allocate_device(),\nso there is no need to call input_free_device() explicitly or\nthere will be a double free.\n\nAccording to the doc of devm_input_allocate_device():\n * Managed input devices do not need to be explicitly unregistered or\n * freed as it will be done automatically when owner device unbinds from\n * its driver (or binding fails).",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2022-49508"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/1af20714fedad238362571620be0bd690ded05b6",
"url": "https://git.kernel.org/stable/c/1af20714fedad238362571620be0bd690ded05b6"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/24f9dfdaece9bd75bb8dbfdba83eddeefdf7dc47",
"url": "https://git.kernel.org/stable/c/24f9dfdaece9bd75bb8dbfdba83eddeefdf7dc47"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/5291451851feeb66fd4bf0826710f482f3b1ab38",
"url": "https://git.kernel.org/stable/c/5291451851feeb66fd4bf0826710f482f3b1ab38"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/6d0726725c7c560495f5ff364862a2cefea542e3",
"url": "https://git.kernel.org/stable/c/6d0726725c7c560495f5ff364862a2cefea542e3"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/8bb1716507ebf12d50bbf181764481de3b6bc7fd",
"url": "https://git.kernel.org/stable/c/8bb1716507ebf12d50bbf181764481de3b6bc7fd"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/c92ec22a991778a096342cf1a917ae36c5c86a90",
"url": "https://git.kernel.org/stable/c/c92ec22a991778a096342cf1a917ae36c5c86a90"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/f1d4f19a796551edc6679a681ea1756b8c578c08",
"url": "https://git.kernel.org/stable/c/f1d4f19a796551edc6679a681ea1756b8c578c08"
}
],
"release_date": "2025-02-26T07:01:00",
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "High"
}
]
},
{
"cve": "CVE-2022-49410",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing: Fix potential double free in create_var_ref()\n\nIn create_var_ref(), init_var_ref() is called to initialize the fields\nof variable ref_field, which is allocated in the previous function call\nto create_hist_field(). Function init_var_ref() allocates the\ncorresponding fields such as ref_field->system, but frees these fields\nwhen the function encounters an error. The caller later calls\ndestroy_hist_field() to conduct error handling, which frees the fields\nand the variable itself. This results in double free of the fields which\nare already freed in the previous function.\n\nFix this by storing NULL to the corresponding fields when they are freed\nin init_var_ref().",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2022-49410"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/058cb6d86b9789377216c936506b346aaa1eb581",
"url": "https://git.kernel.org/stable/c/058cb6d86b9789377216c936506b346aaa1eb581"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/37443b3508b8cce6832f8d25cb4550b2f7801f50",
"url": "https://git.kernel.org/stable/c/37443b3508b8cce6832f8d25cb4550b2f7801f50"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/4fdfb15e08598711dbf50daf56a33965232daf0e",
"url": "https://git.kernel.org/stable/c/4fdfb15e08598711dbf50daf56a33965232daf0e"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/99696a2592bca641eb88cc9a80c90e591afebd0f",
"url": "https://git.kernel.org/stable/c/99696a2592bca641eb88cc9a80c90e591afebd0f"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/bd83ff3bbfb003832481c9bff999d12385f396ae",
"url": "https://git.kernel.org/stable/c/bd83ff3bbfb003832481c9bff999d12385f396ae"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/c27f744ceefadc7bbeb14233b6abc150ced617d2",
"url": "https://git.kernel.org/stable/c/c27f744ceefadc7bbeb14233b6abc150ced617d2"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/f8b383f83cb573152c577eca1ef101e89995b72a",
"url": "https://git.kernel.org/stable/c/f8b383f83cb573152c577eca1ef101e89995b72a"
}
],
"release_date": "2025-02-26T07:01:00",
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "High"
}
]
},
{
"cve": "CVE-2022-49478",
"cwe": {
"id": "CWE-129",
"name": "Improper Validation of Array Index"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: pvrusb2: fix array-index-out-of-bounds in pvr2_i2c_core_init\n\nSyzbot reported that -1 is used as array index. The problem was in\nmissing validation check.\n\nhdw->unit_number is initialized with -1 and then if init table walk fails\nthis value remains unchanged. Since code blindly uses this member for\narray indexing adding sanity check is the easiest fix for that.\n\nhdw->workpoll initialization moved upper to prevent warning in\n__flush_work.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2022-49478"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/1310fc3538dcc375a2f46ef0a438512c2ca32827",
"url": "https://git.kernel.org/stable/c/1310fc3538dcc375a2f46ef0a438512c2ca32827"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/24e807541e4a9263ed928e6ae3498de3ad43bd1e",
"url": "https://git.kernel.org/stable/c/24e807541e4a9263ed928e6ae3498de3ad43bd1e"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/2e004fe914b243db41fa96f9e583385f360ea58e",
"url": "https://git.kernel.org/stable/c/2e004fe914b243db41fa96f9e583385f360ea58e"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/3309c2c574e13b21b44729f5bdbf21f60189b79a",
"url": "https://git.kernel.org/stable/c/3309c2c574e13b21b44729f5bdbf21f60189b79a"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/4351bfe36aba9fa7dc9d68d498d25d41a0f45e67",
"url": "https://git.kernel.org/stable/c/4351bfe36aba9fa7dc9d68d498d25d41a0f45e67"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/471bec68457aaf981add77b4f590d65dd7da1059",
"url": "https://git.kernel.org/stable/c/471bec68457aaf981add77b4f590d65dd7da1059"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/a3304766d9384886e6d3092c776273526947a2e9",
"url": "https://git.kernel.org/stable/c/a3304766d9384886e6d3092c776273526947a2e9"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/a3660e06675bccec4bf149c7229ea1d491ba10d7",
"url": "https://git.kernel.org/stable/c/a3660e06675bccec4bf149c7229ea1d491ba10d7"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/f99a8b1ec0eddc2931aeaa4f490277a15b39f511",
"url": "https://git.kernel.org/stable/c/f99a8b1ec0eddc2931aeaa4f490277a15b39f511"
}
],
"release_date": "2025-02-26T07:01:00",
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "High"
}
]
},
{
"cve": "CVE-2023-52612",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: scomp - fix req->dst buffer overflow\n\nThe req->dst buffer size should be checked before copying from the\nscomp_scratch->dst to avoid req->dst buffer overflow problem.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2023-52612"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/1142d65c5b881590962ad763f94505b6dd67d2fe",
"url": "https://git.kernel.org/stable/c/1142d65c5b881590962ad763f94505b6dd67d2fe"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/4518dc468cdd796757190515a9be7408adc8911e",
"url": "https://git.kernel.org/stable/c/4518dc468cdd796757190515a9be7408adc8911e"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/4df0c942d04a67df174195ad8082f6e30e7f71a5",
"url": "https://git.kernel.org/stable/c/4df0c942d04a67df174195ad8082f6e30e7f71a5"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/71c6670f9f032ec67d8f4e3f8db4646bf5a62883",
"url": "https://git.kernel.org/stable/c/71c6670f9f032ec67d8f4e3f8db4646bf5a62883"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/744e1885922a9943458954cfea917b31064b4131",
"url": "https://git.kernel.org/stable/c/744e1885922a9943458954cfea917b31064b4131"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/7d9e5bed036a7f9e2062a137e97e3c1e77fb8759",
"url": "https://git.kernel.org/stable/c/7d9e5bed036a7f9e2062a137e97e3c1e77fb8759"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/a5f2f91b3fd7387e5102060809316a0f8f0bc625",
"url": "https://git.kernel.org/stable/c/a5f2f91b3fd7387e5102060809316a0f8f0bc625"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/e0e3f4a18784182cfe34e20c00eca11e78d53e76",
"url": "https://git.kernel.org/stable/c/e0e3f4a18784182cfe34e20c00eca11e78d53e76"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html",
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html",
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
}
],
"release_date": "2024-03-18T11:15:00",
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "High"
}
]
},
{
"cve": "CVE-2023-52621",
"cwe": {
"id": "CWE-617",
"name": "Reachable Assertion"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Check rcu_read_lock_trace_held() before calling bpf map helpers\n\nThese three bpf_map_{lookup,update,delete}_elem() helpers are also\navailable for sleepable bpf program, so add the corresponding lock\nassertion for sleepable bpf program, otherwise the following warning\nwill be reported when a sleepable bpf program manipulates bpf map under\ninterpreter mode (aka bpf_jit_enable=0):\n\n WARNING: CPU: 3 PID: 4985 at kernel/bpf/helpers.c:40 ......\n CPU: 3 PID: 4985 Comm: test_progs Not tainted 6.6.0+ #2\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996) ......\n RIP: 0010:bpf_map_lookup_elem+0x54/0x60\n ......\n Call Trace:\n \n ? __warn+0xa5/0x240\n ? bpf_map_lookup_elem+0x54/0x60\n ? report_bug+0x1ba/0x1f0\n ? handle_bug+0x40/0x80\n ? exc_invalid_op+0x18/0x50\n ? asm_exc_invalid_op+0x1b/0x20\n ? __pfx_bpf_map_lookup_elem+0x10/0x10\n ? rcu_lockdep_current_cpu_online+0x65/0xb0\n ? rcu_is_watching+0x23/0x50\n ? bpf_map_lookup_elem+0x54/0x60\n ? __pfx_bpf_map_lookup_elem+0x10/0x10\n ___bpf_prog_run+0x513/0x3b70\n __bpf_prog_run32+0x9d/0xd0\n ? __bpf_prog_enter_sleepable_recur+0xad/0x120\n ? __bpf_prog_enter_sleepable_recur+0x3e/0x120\n bpf_trampoline_6442580665+0x4d/0x1000\n __x64_sys_getpgid+0x5/0x30\n ? do_syscall_64+0x36/0xb0\n entry_SYSCALL_64_after_hwframe+0x6e/0x76\n ",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2023-52621"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/169410eba271afc9f0fb476d996795aa26770c6d",
"url": "https://git.kernel.org/stable/c/169410eba271afc9f0fb476d996795aa26770c6d"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/3516f93cc63d956e1b290ae4b7bf2586074535a0",
"url": "https://git.kernel.org/stable/c/3516f93cc63d956e1b290ae4b7bf2586074535a0"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/483cb92334cd7f1d5387dccc0ab5d595d27a669d",
"url": "https://git.kernel.org/stable/c/483cb92334cd7f1d5387dccc0ab5d595d27a669d"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/82f2df94dac1aa9b879e74d1f82ba1b631bdc612",
"url": "https://git.kernel.org/stable/c/82f2df94dac1aa9b879e74d1f82ba1b631bdc612"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/c7f1b6146f4a46d727c0d046284c28b6882c6304",
"url": "https://git.kernel.org/stable/c/c7f1b6146f4a46d727c0d046284c28b6882c6304"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/d6d6fe4bb105595118f12abeed4a7bdd450853f3",
"url": "https://git.kernel.org/stable/c/d6d6fe4bb105595118f12abeed4a7bdd450853f3"
}
],
"release_date": "2024-03-26T18:15:00",
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "High"
}
]
},
{
"cve": "CVE-2022-49416",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\nwifi: mac80211: fix use-after-free in chanctx code\nIn ieee80211_vif_use_reserved_context(), when we have an\nold context and the new context's replace_state is set to\nIEEE80211_CHANCTX_REPLACE_NONE, we free the old context\nin ieee80211_vif_use_reserved_reassign(). Therefore, we\ncannot check the old_ctx anymore, so we should set it to\nNULL after this point.\nHowever, since the new_ctx replace state is clearly not\nIEEE80211_CHANCTX_REPLACES_OTHER, we're not going to do\nanything else in this function and can just return to\navoid accessing the freed old_ctx.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2022-49416"
}
],
"release_date": "2025-02-26T00:00:00",
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "High"
}
]
},
{
"cve": "CVE-2022-49290",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmac80211: fix potential double free on mesh join\n\nWhile commit 6a01afcf8468 (\"mac80211: mesh: Free ie data when leaving\nmesh\") fixed a memory leak on mesh leave / teardown it introduced a\npotential memory corruption caused by a double free when rejoining the\nmesh:\n\n ieee80211_leave_mesh()\n -> kfree(sdata->u.mesh.ie);\n ...\n ieee80211_join_mesh()\n -> copy_mesh_setup()\n -> old_ie = ifmsh->ie;\n -> kfree(old_ie);\n\nThis double free / kernel panics can be reproduced by using wpa_supplicant\nwith an encrypted mesh (if set up without encryption via \"iw\" then\nifmsh->ie is always NULL, which avoids this issue). And then calling:\n\n $ iw dev mesh0 mesh leave\n $ iw dev mesh0 mesh join my-mesh\n\nNote that typically these commands are not used / working when using\nwpa_supplicant. And it seems that wpa_supplicant or wpa_cli are going\nthrough a NETDEV_DOWN/NETDEV_UP cycle between a mesh leave and mesh join\nwhere the NETDEV_UP resets the mesh.ie to NULL via a memcpy of\ndefault_mesh_setup in cfg80211_netdev_notifier_call, which then avoids\nthe memory corruption, too.\n\nThe issue was first observed in an application which was not using\nwpa_supplicant but \"Senf\" instead, which implements its own calls to\nnl80211.\n\nFixing the issue by removing the kfree()'ing of the mesh IE in the mesh\njoin function and leaving it solely up to the mesh leave to free the\nmesh IE.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2022-49290"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/12e407a8ef17623823fd0c066fbd7f103953d28d",
"url": "https://git.kernel.org/stable/c/12e407a8ef17623823fd0c066fbd7f103953d28d"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/273ebddc5fda2967492cb0b6cdd7d81cfb821b76",
"url": "https://git.kernel.org/stable/c/273ebddc5fda2967492cb0b6cdd7d81cfb821b76"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/3bbd0000d012f92aec423b224784fbf0f7bf40f8",
"url": "https://git.kernel.org/stable/c/3bbd0000d012f92aec423b224784fbf0f7bf40f8"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/46bb87d40683337757a2f902fcd4244b32bb4e86",
"url": "https://git.kernel.org/stable/c/46bb87d40683337757a2f902fcd4244b32bb4e86"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/4a2d4496e15ea5bb5c8e83b94ca8ca7fb045e7d3",
"url": "https://git.kernel.org/stable/c/4a2d4496e15ea5bb5c8e83b94ca8ca7fb045e7d3"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/582d8c60c0c053684f7138875e8150d5749ffc17",
"url": "https://git.kernel.org/stable/c/582d8c60c0c053684f7138875e8150d5749ffc17"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/5d3ff9542a40ce034416bca03864709540a36016",
"url": "https://git.kernel.org/stable/c/5d3ff9542a40ce034416bca03864709540a36016"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/615716af8644813355e014314a0bc1e961250f5a",
"url": "https://git.kernel.org/stable/c/615716af8644813355e014314a0bc1e961250f5a"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/c1d9c3628ef0a0ca197595d0f9e01cd3b5dda186",
"url": "https://git.kernel.org/stable/c/c1d9c3628ef0a0ca197595d0f9e01cd3b5dda186"
}
],
"release_date": "2025-02-26T07:01:00",
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els28.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "High"
}
]
}
]
}