{ "document": { "aggregate_severity": { "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "TuxCare License Agreement", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Cloud Linux Inc. and provide a link to the original.", "title": "Terms of Use" }, { "category": "details", "text": "net: ch9200: fix uninitialised access during mii_nway_restart {CVE-2025-38086}\n- jbd2: fix assertion 'jh->b_frozen_data == NULL' failure when journal aborted {CVE-2022-50126}\n- kernfs: fix potential NULL dereference in __kernfs_remove {CVE-2022-50148}\n- md-raid10: fix KASAN warning {CVE-2022-50211}\n- xhci: Fix null pointer dereference in remove if xHC has only one roothub {CVE-2022-49962}\n- ftrace: Fix NULL pointer dereference in is_ftrace_trampoline when ftrace is dead {CVE-2022-49977}\n- wifi: iwlwifi: limit printed string from FW file {CVE-2025-21905}\n- udmabuf: Set the DMA mask for the udmabuf device (v2) {CVE-2022-49983}\n- drivers:md:fix a potential use-after-free bug {CVE-2022-50022}\n- RDMA/siw: Fix duplicated reported IW_CM_EVENT_CONNECT_REPLY event {CVE-2022-50136}\n- iavf: Fix reset error handling {CVE-2022-50053}\n- misc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram() {CVE-2022-49788}\n- ext4: ignore xattrs past end {CVE-2025-37738}\n- ext4: fix off-by-one error in do_split {CVE-2025-23150}\n- net: atm: fix use after free in lec_send() {CVE-2025-22004}\n- media: uvcvideo: Remove dangling pointers {CVE-2024-58002}\n- netfilter: flowtable: fix stuck flows on cleanup due to pending work {CVE-2022-50000}\n- netfilter: flowtable: add function to invoke garbage collection immediately {CVE-2022-50000}", "title": "Details" } ], "publisher": { "category": "vendor", "contact_details": "https://tuxcare.com/contact/", "name": "TuxCare", "namespace": "https://tuxcare.com/" }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://security.tuxcare.com/csaf/v2/els_os/centos8.4els/advisories/2025/clsa-2025_1754553172.json" }, { "category": "self", "summary": "https://cve.tuxcare.com/els/releases/CLSA-2025:1754553172", "url": "https://cve.tuxcare.com/els/releases/CLSA-2025:1754553172" } ], "tracking": { "current_release_date": "2025-08-07T07:55:41Z", "generator": { "date": "2025-08-07T07:55:41Z", "engine": { "name": "pyCSAF" } }, "id": "CLSA-2025:1754553172", "initial_release_date": "2025-08-07T07:55:41Z", "revision_history": [ { "date": "2025-08-07T07:55:41Z", "number": "1", "summary": "Initial version" } ], "status": "final", "version": "1" }, "title": "kernel: Fix of 17 CVEs" }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Community Enterprise Operating System 8.4", "product": { "name": "Community Enterprise Operating System 8.4", "product_id": "CentOS-8.4", "product_identification_helper": { "cpe": "cpe:2.3:o:centos:centos:8.4:*:*:*:*:*:*:*" } } } ], "category": "product_family", "name": "Community Enterprise Operating System" } ], "category": "vendor", "name": "Red Hat, Inc." }, { "branches": [ { "branches": [ { "category": "product_version", "name": "kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "product": { "name": "kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "product_id": "kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/kernel-debug-modules-extra@4.18.0-305.25.1.el8_4.tuxcare.els30?arch=x86_64" } } }, { "category": "product_version", "name": "python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "product": { "name": "python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "product_id": "python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/python3-perf@4.18.0-305.25.1.el8_4.tuxcare.els30?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "product": { "name": "kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "product_id": "kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/kernel-modules-internal@4.18.0-305.25.1.el8_4.tuxcare.els30?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "product": { "name": "kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "product_id": "kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/kernel-modules@4.18.0-305.25.1.el8_4.tuxcare.els30?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "product": { "name": "kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "product_id": "kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/kernel-tools-libs-devel@4.18.0-305.25.1.el8_4.tuxcare.els30?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "product": { "name": "kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "product_id": "kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/kernel-core@4.18.0-305.25.1.el8_4.tuxcare.els30?arch=x86_64" } } }, { "category": "product_version", "name": "bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "product": { "name": "bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "product_id": "bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/bpftool@4.18.0-305.25.1.el8_4.tuxcare.els30?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "product": { "name": "kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "product_id": "kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/kernel-debug-modules@4.18.0-305.25.1.el8_4.tuxcare.els30?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "product": { "name": "kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "product_id": "kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/kernel-debug@4.18.0-305.25.1.el8_4.tuxcare.els30?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "product": { "name": "kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "product_id": "kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/kernel-debug-core@4.18.0-305.25.1.el8_4.tuxcare.els30?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "product": { "name": "kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "product_id": "kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/kernel-modules-extra@4.18.0-305.25.1.el8_4.tuxcare.els30?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "product": { "name": "kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "product_id": "kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/kernel-devel@4.18.0-305.25.1.el8_4.tuxcare.els30?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "product": { "name": "kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "product_id": "kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/kernel-debug-devel@4.18.0-305.25.1.el8_4.tuxcare.els30?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "product": { "name": "kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "product_id": "kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/kernel-debug-modules-internal@4.18.0-305.25.1.el8_4.tuxcare.els30?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "product": { "name": "kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "product_id": "kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/kernel-tools@4.18.0-305.25.1.el8_4.tuxcare.els30?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "product": { "name": "kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "product_id": "kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/kernel-tools-libs@4.18.0-305.25.1.el8_4.tuxcare.els30?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "product": { "name": "kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "product_id": "kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/kernel-selftests-internal@4.18.0-305.25.1.el8_4.tuxcare.els30?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "product": { "name": "kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "product_id": "kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/kernel-cross-headers@4.18.0-305.25.1.el8_4.tuxcare.els30?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "product": { "name": "kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "product_id": "kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/kernel-ipaclones-internal@4.18.0-305.25.1.el8_4.tuxcare.els30?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "product": { "name": "kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "product_id": "kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/kernel@4.18.0-305.25.1.el8_4.tuxcare.els30?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "product": { "name": "kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "product_id": "kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/kernel-headers@4.18.0-305.25.1.el8_4.tuxcare.els30?arch=x86_64" } } }, { "category": "product_version", "name": "perf-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "product": { "name": "perf-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "product_id": "perf-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/perf@4.18.0-305.25.1.el8_4.tuxcare.els30?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" } ], "category": "vendor", "name": "CloudLinux" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64 as a component of Community Enterprise Operating System 8.4", "product_id": "CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64" }, "product_reference": "kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "relates_to_product_reference": "CentOS-8.4" }, { "category": "default_component_of", "full_product_name": { "name": "python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64 as a component of Community Enterprise Operating System 8.4", "product_id": "CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64" }, "product_reference": "python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "relates_to_product_reference": "CentOS-8.4" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64 as a component of Community Enterprise Operating System 8.4", "product_id": "CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64" }, "product_reference": "kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "relates_to_product_reference": "CentOS-8.4" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64 as a component of Community Enterprise Operating System 8.4", "product_id": "CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64" }, "product_reference": "kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "relates_to_product_reference": "CentOS-8.4" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64 as a component of Community Enterprise Operating System 8.4", "product_id": "CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64" }, "product_reference": "kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "relates_to_product_reference": "CentOS-8.4" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64 as a component of Community Enterprise Operating System 8.4", "product_id": "CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64" }, "product_reference": "kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "relates_to_product_reference": "CentOS-8.4" }, { "category": "default_component_of", "full_product_name": { "name": "bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64 as a component of Community Enterprise Operating System 8.4", "product_id": "CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64" }, "product_reference": "bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "relates_to_product_reference": "CentOS-8.4" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64 as a component of Community Enterprise Operating System 8.4", "product_id": "CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64" }, "product_reference": "kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "relates_to_product_reference": "CentOS-8.4" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64 as a component of Community Enterprise Operating System 8.4", "product_id": "CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64" }, "product_reference": "kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "relates_to_product_reference": "CentOS-8.4" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64 as a component of Community Enterprise Operating System 8.4", "product_id": "CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64" }, "product_reference": "kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "relates_to_product_reference": "CentOS-8.4" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64 as a component of Community Enterprise Operating System 8.4", "product_id": "CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64" }, "product_reference": "kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "relates_to_product_reference": "CentOS-8.4" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64 as a component of Community Enterprise Operating System 8.4", "product_id": "CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64" }, "product_reference": "kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "relates_to_product_reference": "CentOS-8.4" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64 as a component of Community Enterprise Operating System 8.4", "product_id": "CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64" }, "product_reference": "kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "relates_to_product_reference": "CentOS-8.4" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64 as a component of Community Enterprise Operating System 8.4", "product_id": "CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64" }, "product_reference": "kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "relates_to_product_reference": "CentOS-8.4" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64 as a component of Community Enterprise Operating System 8.4", "product_id": "CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64" }, "product_reference": "kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "relates_to_product_reference": "CentOS-8.4" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64 as a component of Community Enterprise Operating System 8.4", "product_id": "CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64" }, "product_reference": "kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "relates_to_product_reference": "CentOS-8.4" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64 as a component of Community Enterprise Operating System 8.4", "product_id": "CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64" }, "product_reference": "kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "relates_to_product_reference": "CentOS-8.4" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64 as a component of Community Enterprise Operating System 8.4", "product_id": "CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64" }, "product_reference": "kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "relates_to_product_reference": "CentOS-8.4" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64 as a component of Community Enterprise Operating System 8.4", "product_id": "CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64" }, "product_reference": "kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "relates_to_product_reference": "CentOS-8.4" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64 as a component of Community Enterprise Operating System 8.4", "product_id": "CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64" }, "product_reference": "kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "relates_to_product_reference": "CentOS-8.4" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64 as a component of Community Enterprise Operating System 8.4", "product_id": "CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64" }, "product_reference": "kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "relates_to_product_reference": "CentOS-8.4" }, { "category": "default_component_of", "full_product_name": { "name": "perf-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64 as a component of Community Enterprise Operating System 8.4", "product_id": "CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64" }, "product_reference": "perf-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "relates_to_product_reference": "CentOS-8.4" } ] }, "vulnerabilities": [ { "cve": "CVE-2022-50211", "cwe": { "id": "CWE-823", "name": "Use of Out-of-range Pointer Offset" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\nmd-raid10: fix KASAN warning\nThere's a KASAN warning in raid10_remove_disk when running the lvm\ntest lvconvert-raid-reshape.sh. We fix this warning by verifying that the\nvalue \"number\" is valid.\nBUG: KASAN: slab-out-of-bounds in raid10_remove_disk+0x61/0x2a0 [raid10]\nRead of size 8 at addr ffff889108f3d300 by task mdX_raid10/124682\nCPU: 3 PID: 124682 Comm: mdX_raid10 Not tainted 5.19.0-rc6 #1\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.14.0-2 04/01/2014\nCall Trace:\n\ndump_stack_lvl+0x34/0x44\nprint_report.cold+0x45/0x57a\n? __lock_text_start+0x18/0x18\n? raid10_remove_disk+0x61/0x2a0 [raid10]\nkasan_report+0xa8/0xe0\n? raid10_remove_disk+0x61/0x2a0 [raid10]\nraid10_remove_disk+0x61/0x2a0 [raid10]\nBuffer I/O error on dev dm-76, logical block 15344, async page read\n? __mutex_unlock_slowpath.constprop.0+0x1e0/0x1e0\nremove_and_add_spares+0x367/0x8a0 [md_mod]\n? super_written+0x1c0/0x1c0 [md_mod]\n? mutex_trylock+0xac/0x120\n? _raw_spin_lock+0x72/0xc0\n? _raw_spin_lock_bh+0xc0/0xc0\nmd_check_recovery+0x848/0x960 [md_mod]\nraid10d+0xcf/0x3360 [raid10]\n? sched_clock_cpu+0x185/0x1a0\n? rb_erase+0x4d4/0x620\n? var_wake_function+0xe0/0xe0\n? psi_group_change+0x411/0x500\n? preempt_count_sub+0xf/0xc0\n? _raw_spin_lock_irqsave+0x78/0xc0\n? __lock_text_start+0x18/0x18\n? raid10_sync_request+0x36c0/0x36c0 [raid10]\n? preempt_count_sub+0xf/0xc0\n? _raw_spin_unlock_irqrestore+0x19/0x40\n? del_timer_sync+0xa9/0x100\n? try_to_del_timer_sync+0xc0/0xc0\n? _raw_spin_lock_irqsave+0x78/0xc0\n? __lock_text_start+0x18/0x18\n? _raw_spin_unlock_irq+0x11/0x24\n? __list_del_entry_valid+0x68/0xa0\n? finish_wait+0xa3/0x100\nmd_thread+0x161/0x260 [md_mod]\n? unregister_md_personality+0xa0/0xa0 [md_mod]\n? _raw_spin_lock_irqsave+0x78/0xc0\n? prepare_to_wait_event+0x2c0/0x2c0\n? unregister_md_personality+0xa0/0xa0 [md_mod]\nkthread+0x148/0x180\n? kthread_complete_and_exit+0x20/0x20\nret_from_fork+0x1f/0x30\n\nAllocated by task 124495:\nkasan_save_stack+0x1e/0x40\n__kasan_kmalloc+0x80/0xa0\nsetup_conf+0x140/0x5c0 [raid10]\nraid10_run+0x4cd/0x740 [raid10]\nmd_run+0x6f9/0x1300 [md_mod]\nraid_ctr+0x2531/0x4ac0 [dm_raid]\ndm_table_add_target+0x2b0/0x620 [dm_mod]\ntable_load+0x1c8/0x400 [dm_mod]\nctl_ioctl+0x29e/0x560 [dm_mod]\ndm_compat_ctl_ioctl+0x7/0x20 [dm_mod]\n__do_compat_sys_ioctl+0xfa/0x160\ndo_syscall_64+0x90/0xc0\nentry_SYSCALL_64_after_hwframe+0x46/0xb0\nLast potentially related work creation:\nkasan_save_stack+0x1e/0x40\n__kasan_record_aux_stack+0x9e/0xc0\nkvfree_call_rcu+0x84/0x480\ntimerfd_release+0x82/0x140\nL __fput+0xfa/0x400\ntask_work_run+0x80/0xc0\nexit_to_user_mode_prepare+0x155/0x160\nsyscall_exit_to_user_mode+0x12/0x40\ndo_syscall_64+0x42/0xc0\nentry_SYSCALL_64_after_hwframe+0x46/0xb0\nSecond to last potentially related work creation:\nkasan_save_stack+0x1e/0x40\n__kasan_record_aux_stack+0x9e/0xc0\nkvfree_call_rcu+0x84/0x480\ntimerfd_release+0x82/0x140\n__fput+0xfa/0x400\ntask_work_run+0x80/0xc0\nexit_to_user_mode_prepare+0x155/0x160\nsyscall_exit_to_user_mode+0x12/0x40\ndo_syscall_64+0x42/0xc0\nentry_SYSCALL_64_after_hwframe+0x46/0xb0\nThe buggy address belongs to the object at ffff889108f3d200\nwhich belongs to the cache kmalloc-256 of size 256\nThe buggy address is located 0 bytes to the right of\n256-byte region [ffff889108f3d200, ffff889108f3d300)\nThe buggy address belongs to the physical page:\npage:000000007ef2a34c refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1108f3c\nhead:000000007ef2a34c order:2 compound_mapcount:0 compound_pincount:0\nflags: 0x4000000000010200(slab|head|zone=2)\nraw: 4000000000010200 0000000000000000 dead000000000001 ffff889100042b40\nraw: 0000000000000000 0000000080200020 00000001ffffffff 0000000000000000\npage dumped because: kasan: bad access detected\nMemory state around the buggy address:\nffff889108f3d200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\nffff889108f3d280: 00 00\n---truncated---", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-50211" } ], "release_date": "2025-06-18T00:00:00", "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64" ] } ], "threats": [ { "category": "impact", "details": "High" } ] }, { "cve": "CVE-2022-50148", "cwe": { "id": "CWE-413", "name": "Improper Resource Locking" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\nkernfs: fix potential NULL dereference in __kernfs_remove\nWhen lockdep is enabled, lockdep_assert_held_write would\ncause potential NULL pointer dereference.\nFix the following smatch warnings:\nfs/kernfs/dir.c:1353 __kernfs_remove() warn: variable dereferenced before check 'kn' (see line 1346)", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-50148" } ], "release_date": "2025-06-18T00:00:00", "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64" ] } ], "threats": [ { "category": "impact", "details": "High" } ] }, { "cve": "CVE-2022-49977", "cwe": { "id": "CWE-763", "name": "Release of Invalid Pointer or Reference" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\nftrace: Fix NULL pointer dereference in is_ftrace_trampoline when ftrace is dead\nftrace_startup does not remove ops from ftrace_ops_list when\nftrace_startup_enable fails:\nregister_ftrace_function\nftrace_startup\n__register_ftrace_function\n...\nadd_ftrace_ops(&ftrace_ops_list, ops)\n...\n...\nftrace_startup_enable // if ftrace failed to modify, ftrace_disabled is set to 1\n...\nreturn 0 // ops is in the ftrace_ops_list.\nWhen ftrace_disabled = 1, unregister_ftrace_function simply returns without doing anything:\nunregister_ftrace_function\nftrace_shutdown\nif (unlikely(ftrace_disabled))\nreturn -ENODEV; // return here, __unregister_ftrace_function is not executed,\n// as a result, ops is still in the ftrace_ops_list\n__unregister_ftrace_function\n...\nIf ops is dynamically allocated, it will be free later, in this case,\nis_ftrace_trampoline accesses NULL pointer:\nis_ftrace_trampoline\nftrace_ops_trampoline\ndo_for_each_ftrace_op(op, ftrace_ops_list) // OOPS! op may be NULL!\nSyzkaller reports as follows:\n[ 1203.506103] BUG: kernel NULL pointer dereference, address: 000000000000010b\n[ 1203.508039] #PF: supervisor read access in kernel mode\n[ 1203.508798] #PF: error_code(0x0000) - not-present page\n[ 1203.509558] PGD 800000011660b067 P4D 800000011660b067 PUD 130fb8067 PMD 0\n[ 1203.510560] Oops: 0000 [#1] SMP KASAN PTI\n[ 1203.511189] CPU: 6 PID: 29532 Comm: syz-executor.2 Tainted: G B W 5.10.0 #8\n[ 1203.512324] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014\n[ 1203.513895] RIP: 0010:is_ftrace_trampoline+0x26/0xb0\n[ 1203.514644] Code: ff eb d3 90 41 55 41 54 49 89 fc 55 53 e8 f2 00 fd ff 48 8b 1d 3b 35 5d 03 e8 e6 00 fd ff 48 8d bb 90 00 00 00 e8 2a 81 26 00 <48> 8b ab 90 00 00 00 48 85 ed 74 1d e8 c9 00 fd ff 48 8d bb 98 00\n[ 1203.518838] RSP: 0018:ffffc900012cf960 EFLAGS: 00010246\n[ 1203.520092] RAX: 0000000000000000 RBX: 000000000000007b RCX: ffffffff8a331866\n[ 1203.521469] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 000000000000010b\n[ 1203.522583] RBP: 0000000000000000 R08: 0000000000000000 R09: ffffffff8df18b07\n[ 1203.523550] R10: fffffbfff1be3160 R11: 0000000000000001 R12: 0000000000478399\n[ 1203.524596] R13: 0000000000000000 R14: ffff888145088000 R15: 0000000000000008\n[ 1203.525634] FS: 00007f429f5f4700(0000) GS:ffff8881daf00000(0000) knlGS:0000000000000000\n[ 1203.526801] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 1203.527626] CR2: 000000000000010b CR3: 0000000170e1e001 CR4: 00000000003706e0\n[ 1203.528611] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 1203.529605] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nTherefore, when ftrace_startup_enable fails, we need to rollback registration\nprocess and remove ops from ftrace_ops_list.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-49977" } ], "release_date": "2025-06-18T00:00:00", "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64" ] } ], "threats": [ { "category": "impact", "details": "High" } ] }, { "cve": "CVE-2022-50000", "cwe": { "id": "CWE-820", "name": "Missing Synchronization" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\nnetfilter: flowtable: fix stuck flows on cleanup due to pending work\nTo clear the flow table on flow table free, the following sequence\nnormally happens in order:\n1) gc_step work is stopped to disable any further stats/del requests.\n2) All flow table entries are set to teardown state.\n3) Run gc_step which will queue HW del work for each flow table entry.\n4) Waiting for the above del work to finish (flush).\n5) Run gc_step again, deleting all entries from the flow table.\n6) Flow table is freed.\nBut if a flow table entry already has pending HW stats or HW add work\nstep 3 will not queue HW del work (it will be skipped), step 4 will wait\nfor the pending add/stats to finish, and step 5 will queue HW del work\nwhich might execute after freeing of the flow table.\nTo fix the above, this patch flushes the pending work, then it sets the\nteardown flag to all flows in the flowtable and it forces a garbage\ncollector run to queue work to remove the flows from hardware, then it\nflushes this new pending work and (finally) it forces another garbage\ncollector run to remove the entry from the software flowtable.\nStack trace:\n[47773.882335] BUG: KASAN: use-after-free in down_read+0x99/0x460\n[47773.883634] Write of size 8 at addr ffff888103b45aa8 by task kworker/u20:6/543704\n[47773.885634] CPU: 3 PID: 543704 Comm: kworker/u20:6 Not tainted 5.12.0-rc7+ #2\n[47773.886745] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009)\n[47773.888438] Workqueue: nf_ft_offload_del flow_offload_work_handler [nf_flow_table]\n[47773.889727] Call Trace:\n[47773.890214] dump_stack+0xbb/0x107\n[47773.890818] print_address_description.constprop.0+0x18/0x140\n[47773.892990] kasan_report.cold+0x7c/0xd8\n[47773.894459] kasan_check_range+0x145/0x1a0\n[47773.895174] down_read+0x99/0x460\n[47773.899706] nf_flow_offload_tuple+0x24f/0x3c0 [nf_flow_table]\n[47773.907137] flow_offload_work_handler+0x72d/0xbe0 [nf_flow_table]\n[47773.913372] process_one_work+0x8ac/0x14e0\n[47773.921325]\n[47773.921325] Allocated by task 592159:\n[47773.922031] kasan_save_stack+0x1b/0x40\n[47773.922730] __kasan_kmalloc+0x7a/0x90\n[47773.923411] tcf_ct_flow_table_get+0x3cb/0x1230 [act_ct]\n[47773.924363] tcf_ct_init+0x71c/0x1156 [act_ct]\n[47773.925207] tcf_action_init_1+0x45b/0x700\n[47773.925987] tcf_action_init+0x453/0x6b0\n[47773.926692] tcf_exts_validate+0x3d0/0x600\n[47773.927419] fl_change+0x757/0x4a51 [cls_flower]\n[47773.928227] tc_new_tfilter+0x89a/0x2070\n[47773.936652]\n[47773.936652] Freed by task 543704:\n[47773.937303] kasan_save_stack+0x1b/0x40\n[47773.938039] kasan_set_track+0x1c/0x30\n[47773.938731] kasan_set_free_info+0x20/0x30\n[47773.939467] __kasan_slab_free+0xe7/0x120\n[47773.940194] slab_free_freelist_hook+0x86/0x190\n[47773.941038] kfree+0xce/0x3a0\n[47773.941644] tcf_ct_flow_table_cleanup_work\nOriginal patch description and stack trace by Paul Blakey.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-50000" } ], "release_date": "2025-06-18T00:00:00", "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64" ] } ], "threats": [ { "category": "impact", "details": "High" } ] }, { "cve": "CVE-2025-37738", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\next4: ignore xattrs past end\nOnce inside 'ext4_xattr_inode_dec_ref_all' we should\nignore xattrs entries past the 'end' entry.\nThis fixes the following KASAN reported issue:\n==================================================================\nBUG: KASAN: slab-use-after-free in ext4_xattr_inode_dec_ref_all+0xb8c/0xe90\nRead of size 4 at addr ffff888012c120c4 by task repro/2065\nCPU: 1 UID: 0 PID: 2065 Comm: repro Not tainted 6.13.0-rc2+ #11\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014\nCall Trace:\n\ndump_stack_lvl+0x1fd/0x300\n? tcp_gro_dev_warn+0x260/0x260\n? _printk+0xc0/0x100\n? read_lock_is_recursive+0x10/0x10\n? irq_work_queue+0x72/0xf0\n? __virt_addr_valid+0x17b/0x4b0\nprint_address_description+0x78/0x390\nprint_report+0x107/0x1f0\n? __virt_addr_valid+0x17b/0x4b0\n? __virt_addr_valid+0x3ff/0x4b0\n? __phys_addr+0xb5/0x160\n? ext4_xattr_inode_dec_ref_all+0xb8c/0xe90\nkasan_report+0xcc/0x100\n? ext4_xattr_inode_dec_ref_all+0xb8c/0xe90\next4_xattr_inode_dec_ref_all+0xb8c/0xe90\n? ext4_xattr_delete_inode+0xd30/0xd30\n? __ext4_journal_ensure_credits+0x5f0/0x5f0\n? __ext4_journal_ensure_credits+0x2b/0x5f0\n? inode_update_timestamps+0x410/0x410\next4_xattr_delete_inode+0xb64/0xd30\n? ext4_truncate+0xb70/0xdc0\n? ext4_expand_extra_isize_ea+0x1d20/0x1d20\n? __ext4_mark_inode_dirty+0x670/0x670\n? ext4_journal_check_start+0x16f/0x240\n? ext4_inode_is_fast_symlink+0x2f2/0x3a0\next4_evict_inode+0xc8c/0xff0\n? ext4_inode_is_fast_symlink+0x3a0/0x3a0\n? do_raw_spin_unlock+0x53/0x8a0\n? ext4_inode_is_fast_symlink+0x3a0/0x3a0\nevict+0x4ac/0x950\n? proc_nr_inodes+0x310/0x310\n? trace_ext4_drop_inode+0xa2/0x220\n? _raw_spin_unlock+0x1a/0x30\n? iput+0x4cb/0x7e0\ndo_unlinkat+0x495/0x7c0\n? try_break_deleg+0x120/0x120\n? 0xffffffff81000000\n? __check_object_size+0x15a/0x210\n? strncpy_from_user+0x13e/0x250\n? getname_flags+0x1dc/0x530\n__x64_sys_unlinkat+0xc8/0xf0\ndo_syscall_64+0x65/0x110\nentry_SYSCALL_64_after_hwframe+0x67/0x6f\nRIP: 0033:0x434ffd\nCode: 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 8\nRSP: 002b:00007ffc50fa7b28 EFLAGS: 00000246 ORIG_RAX: 0000000000000107\nRAX: ffffffffffffffda RBX: 00007ffc50fa7e18 RCX: 0000000000434ffd\nRDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000005\nRBP: 00007ffc50fa7be0 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001\nR13: 00007ffc50fa7e08 R14: 00000000004bbf30 R15: 0000000000000001\n\nThe buggy address belongs to the object at ffff888012c12000\nwhich belongs to the cache filp of size 360\nThe buggy address is located 196 bytes inside of\nfreed 360-byte region [ffff888012c12000, ffff888012c12168)\nThe buggy address belongs to the physical page:\npage: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x12c12\nhead: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0\nflags: 0x40(head|node=0|zone=0)\npage_type: f5(slab)\nraw: 0000000000000040 ffff888000ad7640 ffffea0000497a00 dead000000000004\nraw: 0000000000000000 0000000000100010 00000001f5000000 0000000000000000\nhead: 0000000000000040 ffff888000ad7640 ffffea0000497a00 dead000000000004\nhead: 0000000000000000 0000000000100010 00000001f5000000 0000000000000000\nhead: 0000000000000001 ffffea00004b0481 ffffffffffffffff 0000000000000000\nhead: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000\npage dumped because: kasan: bad access detected\nMemory state around the buggy address:\nffff888012c11f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\nffff888012c12000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n> ffff888012c12080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n^\nffff888012c12100: fb fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc\nffff888012c12180: fc fc fc fc fc fc fc fc fc\n---truncated---", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-37738" } ], "release_date": "2025-05-01T00:00:00", "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64" ] } ], "threats": [ { "category": "impact", "details": "High" } ] }, { "cve": "CVE-2025-23150", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\next4: fix off-by-one error in do_split\nSyzkaller detected a use-after-free issue in ext4_insert_dentry that was\ncaused by out-of-bounds access due to incorrect splitting in do_split.\nBUG: KASAN: use-after-free in ext4_insert_dentry+0x36a/0x6d0 fs/ext4/namei.c:2109\nWrite of size 251 at addr ffff888074572f14 by task syz-executor335/5847\nCPU: 0 UID: 0 PID: 5847 Comm: syz-executor335 Not tainted 6.12.0-rc6-syzkaller-00318-ga9cda7c0ffed #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024\nCall Trace:\n\n__dump_stack lib/dump_stack.c:94 [inline]\ndump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\nprint_address_description mm/kasan/report.c:377 [inline]\nprint_report+0x169/0x550 mm/kasan/report.c:488\nkasan_report+0x143/0x180 mm/kasan/report.c:601\nkasan_check_range+0x282/0x290 mm/kasan/generic.c:189\n__asan_memcpy+0x40/0x70 mm/kasan/shadow.c:106\next4_insert_dentry+0x36a/0x6d0 fs/ext4/namei.c:2109\nadd_dirent_to_buf+0x3d9/0x750 fs/ext4/namei.c:2154\nmake_indexed_dir+0xf98/0x1600 fs/ext4/namei.c:2351\next4_add_entry+0x222a/0x25d0 fs/ext4/namei.c:2455\next4_add_nondir+0x8d/0x290 fs/ext4/namei.c:2796\next4_symlink+0x920/0xb50 fs/ext4/namei.c:3431\nvfs_symlink+0x137/0x2e0 fs/namei.c:4615\ndo_symlinkat+0x222/0x3a0 fs/namei.c:4641\n__do_sys_symlink fs/namei.c:4662 [inline]\n__se_sys_symlink fs/namei.c:4660 [inline]\n__x64_sys_symlink+0x7a/0x90 fs/namei.c:4660\ndo_syscall_x64 arch/x86/entry/common.c:52 [inline]\ndo_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\nentry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nThe following loop is located right above 'if' statement.\nfor (i = count-1; i >= 0; i--) {\n/* is more than half of this entry in 2nd half of the block? */\nif (size + map[i].size/2 > blocksize/2)\nbreak;\nsize += map[i].size;\nmove++;\n}\n'i' in this case could go down to -1, in which case sum of active entries\nwouldn't exceed half the block size, but previous behaviour would also do\nsplit in half if sum would exceed at the very last block, which in case of\nhaving too many long name files in a single block could lead to\nout-of-bounds access and following use-after-free.\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-23150" } ], "release_date": "2025-05-01T00:00:00", "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64" ] } ], "threats": [ { "category": "impact", "details": "High" } ] }, { "cve": "CVE-2025-38086", "cwe": { "id": "CWE-908", "name": "Use of Uninitialized Resource" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\nnet: ch9200: fix uninitialised access during mii_nway_restart\nIn mii_nway_restart() the code attempts to call\nmii->mdio_read which is ch9200_mdio_read(). ch9200_mdio_read()\nutilises a local buffer called \"buff\", which is initialised\nwith control_read(). However \"buff\" is conditionally\ninitialised inside control_read():\nif (err == size) {\nmemcpy(data, buf, size);\n}\nIf the condition of \"err == size\" is not met, then\n\"buff\" remains uninitialised. Once this happens the\nuninitialised \"buff\" is accessed and returned during\nch9200_mdio_read():\nreturn (buff[0] | buff[1] << 8);\nThe problem stems from the fact that ch9200_mdio_read()\nignores the return value of control_read(), leading to\nuinit-access of \"buff\".\nTo fix this we should check the return value of\ncontrol_read() and return early on error.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-38086" } ], "release_date": "2025-06-28T00:00:00", "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64" ] } ], "threats": [ { "category": "impact", "details": "High" } ] }, { "cve": "CVE-2022-50053", "cwe": { "id": "CWE-833", "name": "Deadlock" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\niavf: Fix reset error handling\nDo not call iavf_close in iavf_reset_task error handling. Doing so can\nlead to double call of napi_disable, which can lead to deadlock there.\nRemoving VF would lead to iavf_remove task being stuck, because it\nrequires crit_lock, which is held by iavf_close.\nCall iavf_disable_vf if reset fail, so that driver will clean up\nremaining invalid resources.\nDuring rapid VF resets, HW can fail to setup VF mailbox. Wrong\nerror handling can lead to iavf_remove being stuck with:\n[ 5218.999087] iavf 0000:82:01.0: Failed to init adminq: -53\n...\n[ 5267.189211] INFO: task repro.sh:11219 blocked for more than 30 seconds.\n[ 5267.189520] Tainted: G S E 5.18.0-04958-ga54ce3703613-dirty #1\n[ 5267.189764] \"echo 0 > /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\n[ 5267.190062] task:repro.sh state:D stack: 0 pid:11219 ppid: 8162 flags:0x00000000\n[ 5267.190347] Call Trace:\n[ 5267.190647] \n[ 5267.190927] __schedule+0x460/0x9f0\n[ 5267.191264] schedule+0x44/0xb0\n[ 5267.191563] schedule_preempt_disabled+0x14/0x20\n[ 5267.191890] __mutex_lock.isra.12+0x6e3/0xac0\n[ 5267.192237] ? iavf_remove+0xf9/0x6c0 [iavf]\n[ 5267.192565] iavf_remove+0x12a/0x6c0 [iavf]\n[ 5267.192911] ? _raw_spin_unlock_irqrestore+0x1e/0x40\n[ 5267.193285] pci_device_remove+0x36/0xb0\n[ 5267.193619] device_release_driver_internal+0xc1/0x150\n[ 5267.193974] pci_stop_bus_device+0x69/0x90\n[ 5267.194361] pci_stop_and_remove_bus_device+0xe/0x20\n[ 5267.194735] pci_iov_remove_virtfn+0xba/0x120\n[ 5267.195130] sriov_disable+0x2f/0xe0\n[ 5267.195506] ice_free_vfs+0x7d/0x2f0 [ice]\n[ 5267.196056] ? pci_get_device+0x4f/0x70\n[ 5267.196496] ice_sriov_configure+0x78/0x1a0 [ice]\n[ 5267.196995] sriov_numvfs_store+0xfe/0x140\n[ 5267.197466] kernfs_fop_write_iter+0x12e/0x1c0\n[ 5267.197918] new_sync_write+0x10c/0x190\n[ 5267.198404] vfs_write+0x24e/0x2d0\n[ 5267.198886] ksys_write+0x5c/0xd0\n[ 5267.199367] do_syscall_64+0x3a/0x80\n[ 5267.199827] entry_SYSCALL_64_after_hwframe+0x46/0xb0\n[ 5267.200317] RIP: 0033:0x7f5b381205c8\n[ 5267.200814] RSP: 002b:00007fff8c7e8c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001\n[ 5267.201981] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f5b381205c8\n[ 5267.202620] RDX: 0000000000000002 RSI: 00005569420ee900 RDI: 0000000000000001\n[ 5267.203426] RBP: 00005569420ee900 R08: 000000000000000a R09: 00007f5b38180820\n[ 5267.204327] R10: 000000000000000a R11: 0000000000000246 R12: 00007f5b383c06e0\n[ 5267.205193] R13: 0000000000000002 R14: 00007f5b383bb880 R15: 0000000000000002\n[ 5267.206041] \n[ 5267.206970] Kernel panic - not syncing: hung_task: blocked tasks\n[ 5267.207809] CPU: 48 PID: 551 Comm: khungtaskd Kdump: loaded Tainted: G S E 5.18.0-04958-ga54ce3703613-dirty #1\n[ 5267.208726] Hardware name: Dell Inc. PowerEdge R730/0WCJNT, BIOS 2.11.0 11/02/2019\n[ 5267.209623] Call Trace:\n[ 5267.210569] \n[ 5267.211480] dump_stack_lvl+0x33/0x42\n[ 5267.212472] panic+0x107/0x294\n[ 5267.213467] watchdog.cold.8+0xc/0xbb\n[ 5267.214413] ? proc_dohung_task_timeout_secs+0x30/0x30\n[ 5267.215511] kthread+0xf4/0x120\n[ 5267.216459] ? kthread_complete_and_exit+0x20/0x20\n[ 5267.217505] ret_from_fork+0x22/0x30\n[ 5267.218459] ", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-50053" } ], "release_date": "2025-06-18T00:00:00", "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64" ] } ], "threats": [ { "category": "impact", "details": "High" } ] }, { "cve": "CVE-2022-49962", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\nxhci: Fix null pointer dereference in remove if xHC has only one roothub\nThe remove path in xhci platform driver tries to remove and put both main\nand shared hcds even if only a main hcd exists (one roothub)\nThis causes a null pointer dereference in reboot for those controllers.\nCheck that the shared_hcd exists before trying to remove it.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-49962" } ], "release_date": "2025-06-18T00:00:00", "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64" ] } ], "threats": [ { "category": "impact", "details": "High" } ] }, { "cve": "CVE-2022-49788", "cwe": { "id": "CWE-401", "name": "Missing Release of Memory after Effective Lifetime" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\nmisc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram()\n`struct vmci_event_qp` allocated by qp_notify_peer() contains padding,\nwhich may carry uninitialized data to the userspace, as observed by\nKMSAN:\nBUG: KMSAN: kernel-infoleak in instrument_copy_to_user ./include/linux/instrumented.h:121\ninstrument_copy_to_user ./include/linux/instrumented.h:121\n_copy_to_user+0x5f/0xb0 lib/usercopy.c:33\ncopy_to_user ./include/linux/uaccess.h:169\nvmci_host_do_receive_datagram drivers/misc/vmw_vmci/vmci_host.c:431\nvmci_host_unlocked_ioctl+0x33d/0x43d0 drivers/misc/vmw_vmci/vmci_host.c:925\nvfs_ioctl fs/ioctl.c:51\n...\nUninit was stored to memory at:\nkmemdup+0x74/0xb0 mm/util.c:131\ndg_dispatch_as_host drivers/misc/vmw_vmci/vmci_datagram.c:271\nvmci_datagram_dispatch+0x4f8/0xfc0 drivers/misc/vmw_vmci/vmci_datagram.c:339\nqp_notify_peer+0x19a/0x290 drivers/misc/vmw_vmci/vmci_queue_pair.c:1479\nqp_broker_attach drivers/misc/vmw_vmci/vmci_queue_pair.c:1662\nqp_broker_alloc+0x2977/0x2f30 drivers/misc/vmw_vmci/vmci_queue_pair.c:1750\nvmci_qp_broker_alloc+0x96/0xd0 drivers/misc/vmw_vmci/vmci_queue_pair.c:1940\nvmci_host_do_alloc_queuepair drivers/misc/vmw_vmci/vmci_host.c:488\nvmci_host_unlocked_ioctl+0x24fd/0x43d0 drivers/misc/vmw_vmci/vmci_host.c:927\n...\nLocal variable ev created at:\nqp_notify_peer+0x54/0x290 drivers/misc/vmw_vmci/vmci_queue_pair.c:1456\nqp_broker_attach drivers/misc/vmw_vmci/vmci_queue_pair.c:1662\nqp_broker_alloc+0x2977/0x2f30 drivers/misc/vmw_vmci/vmci_queue_pair.c:1750\nBytes 28-31 of 48 are uninitialized\nMemory access of size 48 starts at ffff888035155e00\nData copied to user address 0000000020000100\nUse memset() to prevent the infoleaks.\nAlso speculatively fix qp_notify_peer_local(), which may suffer from the\nsame problem.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-49788" } ], "release_date": "2025-05-01T00:00:00", "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64" ] } ], "threats": [ { "category": "impact", "details": "High" } ] }, { "cve": "CVE-2025-22004", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\nnet: atm: fix use after free in lec_send()\nThe ->send() operation frees skb so save the length before calling\n->send() to avoid a use after free.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-22004" } ], "release_date": "2025-04-03T00:00:00", "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64" ] } ], "threats": [ { "category": "impact", "details": "High" } ] }, { "cve": "CVE-2024-58002", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: uvcvideo: Remove dangling pointers\n\nWhen an async control is written, we copy a pointer to the file handle\nthat started the operation. That pointer will be used when the device is\ndone. Which could be anytime in the future.\n\nIf the user closes that file descriptor, its structure will be freed,\nand there will be one dangling pointer per pending async control, that\nthe driver will try to use.\n\nClean all the dangling pointers during release().\n\nTo avoid adding a performance penalty in the most common case (no async\noperation), a counter has been introduced with some logic to make sure\nthat it is properly handled.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2024-58002" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/117f7a2975baa4b7d702d3f4830d5a4ebd0c6d50", "url": "https://git.kernel.org/stable/c/117f7a2975baa4b7d702d3f4830d5a4ebd0c6d50" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/221cd51efe4565501a3dbf04cc011b537dcce7fb", "url": "https://git.kernel.org/stable/c/221cd51efe4565501a3dbf04cc011b537dcce7fb" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/2a29413ace64627e178fd422dd8a5d95219a2c0b", "url": "https://git.kernel.org/stable/c/2a29413ace64627e178fd422dd8a5d95219a2c0b" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/438bda062b2c40ddd7df23b932e29ffe0a448cac", "url": "https://git.kernel.org/stable/c/438bda062b2c40ddd7df23b932e29ffe0a448cac" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/4dbaa738c583a0e947803c69e8996e88cf98d971", "url": "https://git.kernel.org/stable/c/4dbaa738c583a0e947803c69e8996e88cf98d971" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/653993f46861f2971e95e9a0e36a34b49dec542c", "url": "https://git.kernel.org/stable/c/653993f46861f2971e95e9a0e36a34b49dec542c" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/9edc7d25f7e49c33a1ce7a5ffadea2222065516c", "url": "https://git.kernel.org/stable/c/9edc7d25f7e49c33a1ce7a5ffadea2222065516c" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/ac18d781466252cd35a3e311e0a4b264260fd927", "url": "https://git.kernel.org/stable/c/ac18d781466252cd35a3e311e0a4b264260fd927" } ], "release_date": "2025-02-27T03:15:00", "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64" ] } ], "threats": [ { "category": "impact", "details": "High" } ] }, { "cve": "CVE-2022-50136", "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\nRDMA/siw: Fix duplicated reported IW_CM_EVENT_CONNECT_REPLY event\nIf siw_recv_mpa_rr returns -EAGAIN, it means that the MPA reply hasn't\nbeen received completely, and should not report IW_CM_EVENT_CONNECT_REPLY\nin this case. This may trigger a call trace in iw_cm. A simple way to\ntrigger this:\nserver: ib_send_lat\nclient: ib_send_lat -R \nThe call trace looks like this:\nkernel BUG at drivers/infiniband/core/iwcm.c:894!\ninvalid opcode: 0000 [#1] PREEMPT SMP NOPTI\n<...>\nWorkqueue: iw_cm_wq cm_work_handler [iw_cm]\nCall Trace:\n\ncm_work_handler+0x1dd/0x370 [iw_cm]\nprocess_one_work+0x1e2/0x3b0\nworker_thread+0x49/0x2e0\n? rescuer_thread+0x370/0x370\nkthread+0xe5/0x110\n? kthread_complete_and_exit+0x20/0x20\nret_from_fork+0x1f/0x30\n", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-50136" } ], "release_date": "2025-06-18T00:00:00", "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64" ] } ], "threats": [ { "category": "impact", "details": "High" } ] }, { "cve": "CVE-2022-50022", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\ndrivers:md:fix a potential use-after-free bug\nIn line 2884, \"raid5_release_stripe(sh);\" drops the reference to sh and\nmay cause sh to be released. However, sh is subsequently used in lines\n2886 \"if (sh->batch_head && sh != sh->batch_head)\". This may result in an\nuse-after-free bug.\nIt can be fixed by moving \"raid5_release_stripe(sh);\" to the bottom of\nthe function.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-50022" } ], "release_date": "2025-06-18T00:00:00", "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64" ] } ], "threats": [ { "category": "impact", "details": "High" } ] }, { "cve": "CVE-2022-49983", "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\nudmabuf: Set the DMA mask for the udmabuf device (v2)\nIf the DMA mask is not set explicitly, the following warning occurs\nwhen the userspace tries to access the dma-buf via the CPU as\nreported by syzbot here:\nWARNING: CPU: 1 PID: 3595 at kernel/dma/mapping.c:188\n__dma_map_sg_attrs+0x181/0x1f0 kernel/dma/mapping.c:188\nModules linked in:\nCPU: 0 PID: 3595 Comm: syz-executor249 Not tainted\n5.17.0-rc2-syzkaller-00316-g0457e5153e0e #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS\nGoogle 01/01/2011\nRIP: 0010:__dma_map_sg_attrs+0x181/0x1f0 kernel/dma/mapping.c:188\nCode: 00 00 00 00 00 fc ff df 48 c1 e8 03 80 3c 10 00 75 71 4c 8b 3d c0\n83 b5 0d e9 db fe ff ff e8 b6 0f 13 00 0f 0b e8 af 0f 13 00 <0f> 0b 45\n31 e4 e9 54 ff ff ff e8 a0 0f 13 00 49 8d 7f 50 48 b8 00\nRSP: 0018:ffffc90002a07d68 EFLAGS: 00010293\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000\nRDX: ffff88807e25e2c0 RSI: ffffffff81649e91 RDI: ffff88801b848408\nRBP: ffff88801b848000 R08: 0000000000000002 R09: ffff88801d86c74f\nR10: ffffffff81649d72 R11: 0000000000000001 R12: 0000000000000002\nR13: ffff88801d86c680 R14: 0000000000000001 R15: 0000000000000000\nFS: 0000555556e30300(0000) GS:ffff8880b9d00000(0000)\nknlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00000000200000cc CR3: 000000001d74a000 CR4: 00000000003506e0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n\ndma_map_sgtable+0x70/0xf0 kernel/dma/mapping.c:264\nget_sg_table.isra.0+0xe0/0x160 drivers/dma-buf/udmabuf.c:72\nbegin_cpu_udmabuf+0x130/0x1d0 drivers/dma-buf/udmabuf.c:126\ndma_buf_begin_cpu_access+0xfd/0x1d0 drivers/dma-buf/dma-buf.c:1164\ndma_buf_ioctl+0x259/0x2b0 drivers/dma-buf/dma-buf.c:363\nvfs_ioctl fs/ioctl.c:51 [inline]\n__do_sys_ioctl fs/ioctl.c:874 [inline]\n__se_sys_ioctl fs/ioctl.c:860 [inline]\n__x64_sys_ioctl+0x193/0x200 fs/ioctl.c:860\ndo_syscall_x64 arch/x86/entry/common.c:50 [inline]\ndo_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80\nentry_SYSCALL_64_after_hwframe+0x44/0xae\nRIP: 0033:0x7f62fcf530f9\nCode: 28 c3 e8 2a 14 00 00 66 2e 0f 1f 84 00 00 00 00 00 48 89 f8 48 89\nf7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01\nf0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007ffe3edab9b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f62fcf530f9\nRDX: 0000000020000200 RSI: 0000000040086200 RDI: 0000000000000006\nRBP: 00007f62fcf170e0 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 00007f62fcf17170\nR13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000\n\nv2: Dont't forget to deregister if DMA mask setup fails.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-49983" } ], "release_date": "2025-06-18T00:00:00", "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64" ] } ], "threats": [ { "category": "impact", "details": "High" } ] }, { "cve": "CVE-2022-50126", "cwe": { "id": "CWE-617", "name": "Reachable Assertion" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\njbd2: fix assertion 'jh->b_frozen_data == NULL' failure when journal aborted\nFollowing process will fail assertion 'jh->b_frozen_data == NULL' in\njbd2_journal_dirty_metadata():\njbd2_journal_commit_transaction\nunlink(dir/a)\njh->b_transaction = trans1\njh->b_jlist = BJ_Metadata\njournal->j_running_transaction = NULL\ntrans1->t_state = T_COMMIT\nunlink(dir/b)\nhandle->h_trans = trans2\ndo_get_write_access\njh->b_modified = 0\njh->b_frozen_data = frozen_buffer\njh->b_next_transaction = trans2\njbd2_journal_dirty_metadata\nis_handle_aborted\nis_journal_aborted // return false\n--> jbd2 abort <--\nwhile (commit_transaction->t_buffers)\nif (is_journal_aborted)\njbd2_journal_refile_buffer\n__jbd2_journal_refile_buffer\nWRITE_ONCE(jh->b_transaction,\njh->b_next_transaction)\nWRITE_ONCE(jh->b_next_transaction, NULL)\n__jbd2_journal_file_buffer(jh, BJ_Reserved)\nJ_ASSERT_JH(jh, jh->b_frozen_data == NULL) // assertion failure !\nThe reproducer (See detail in [Link]) reports:\n------------[ cut here ]------------\nkernel BUG at fs/jbd2/transaction.c:1629!\ninvalid opcode: 0000 [#1] PREEMPT SMP\nCPU: 2 PID: 584 Comm: unlink Tainted: G W\n5.19.0-rc6-00115-g4a57a8400075-dirty #697\nRIP: 0010:jbd2_journal_dirty_metadata+0x3c5/0x470\nRSP: 0018:ffffc90000be7ce0 EFLAGS: 00010202\nCall Trace:\n\n__ext4_handle_dirty_metadata+0xa0/0x290\next4_handle_dirty_dirblock+0x10c/0x1d0\next4_delete_entry+0x104/0x200\n__ext4_unlink+0x22b/0x360\next4_unlink+0x275/0x390\nvfs_unlink+0x20b/0x4c0\ndo_unlinkat+0x42f/0x4c0\n__x64_sys_unlink+0x37/0x50\ndo_syscall_64+0x35/0x80\nAfter journal aborting, __jbd2_journal_refile_buffer() is executed with\nholding @jh->b_state_lock, we can fix it by moving 'is_handle_aborted()'\ninto the area protected by @jh->b_state_lock.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-50126" } ], "release_date": "2025-06-18T00:00:00", "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Medium" } ] }, { "cve": "CVE-2025-21905", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: limit printed string from FW file\n\nThere's no guarantee here that the file is always with a\nNUL-termination, so reading the string may read beyond the\nend of the TLV. If that's the last TLV in the file, it can\nperhaps even read beyond the end of the file buffer.\n\nFix that by limiting the print format to the size of the\nbuffer we have.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-21905" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/38f0d398b6d7640d223db69df022c4a232f24774", "url": "https://git.kernel.org/stable/c/38f0d398b6d7640d223db69df022c4a232f24774" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/47616b82f2d42ea2060334746fed9a2988d845c9", "url": "https://git.kernel.org/stable/c/47616b82f2d42ea2060334746fed9a2988d845c9" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/59cdda202829d1d6a095d233386870a59aff986f", "url": "https://git.kernel.org/stable/c/59cdda202829d1d6a095d233386870a59aff986f" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/88ed69f924638c7503644e1f8eed1e976f3ffa7a", "url": "https://git.kernel.org/stable/c/88ed69f924638c7503644e1f8eed1e976f3ffa7a" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/b02f8d5a71c8571ccf77f285737c566db73ef5e5", "url": "https://git.kernel.org/stable/c/b02f8d5a71c8571ccf77f285737c566db73ef5e5" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c0e626f2b2390472afac52dfe72b29daf9ed8e1d", "url": "https://git.kernel.org/stable/c/c0e626f2b2390472afac52dfe72b29daf9ed8e1d" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/e0dc2c1bef722cbf16ae557690861e5f91208129", "url": "https://git.kernel.org/stable/c/e0dc2c1bef722cbf16ae557690861e5f91208129" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/f265e6031d0bc4fc40c4619cb42466722b46eaa9", "url": "https://git.kernel.org/stable/c/f265e6031d0bc4fc40c4619cb42466722b46eaa9" } ], "release_date": "2025-04-01T16:15:00", "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64", "CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els30.x86_64" ] } ], "threats": [ { "category": "impact", "details": "High" } ] } ] }