{
"document": {
"aggregate_severity": {
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "TuxCare License Agreement",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Cloud Linux Inc. and provide a link to the original.",
"title": "Terms of Use"
},
{
"category": "details",
"text": "xhci: Remove device endpoints from bandwidth list when freeing the device {CVE-2022-50470}\n- HID: multitouch: Add NULL check in mt_input_configured {CVE-2024-58020}\n- netfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAX {CVE-2025-38201}\n- fs: writeback: fix use-after-free in __mark_inode_dirty() {CVE-2025-39866}\n- tracing/histograms: Add histograms to hist_vars if they have referenced variables {CVE-2023-53560}\n- netfilter: conntrack: Avoid nf_ct_helper_hash uses after free {CVE-2023-53619}\n- scsi: ses: Fix slab-out-of-bounds in ses_intf_remove() {CVE-2023-53521}\n- dm cache: Fix UAF in destroy() {CVE-2022-50496}\n- Bluetooth: L2CAP: Fix user-after-free {CVE-2022-50386}\n- VMCI: fix race between vmci_host_setup_notify and vmci_ctx_unset_notify {CVE-2025-38102}\n- sctp: avoid NULL dereference when chunk data buffer is missing {CVE-2025-40240}\n- wifi: iwlwifi: pcie: Fix integer overflow in iwl_write_to_user_buf {CVE-2023-53524}\n- xfrm: fix slab-use-after-free in decode_session6 {CVE-2023-53500}\n- ring-buffer: Sync IRQ works before buffer destruction {CVE-2023-53587}\n- Bluetooth: RFCOMM: Fix not validating setsockopt user input {CVE-2024-35966}\n- Bluetooth: L2CAP: Fix not validating setsockopt user input {CVE-2024-35965}\n- Bluetooth: SCO: Fix not validating setsockopt user input {CVE-2024-35967}\n- NFSD: Fix the behavior of READ near OFFSET_MAX {CVE-2022-48827}\n- NFSD: Avoid calling OPDESC() with ops->opnum == OP_ILLEGAL {CVE-2023-53680}\n- mm/memory-failure: fix VM_BUG_ON_PAGE(PagePoisoned(page)) when unpoison memory {CVE-2025-39883}\n- fbdev: Fix vmalloc out-of-bounds write in fast_imageblit {CVE-2025-38685}\n- erspan: do not use skb_mac_header() in ndo_start_xmit() {CVE-2023-53053}\n- net/mlx5e: Avoid field-overflowing memcpy() {CVE-2022-48744}\n- usb: core: config: Prevent OOB read in SS endpoint companion parsing {CVE-2025-39760}\n- i40e: fix IRQ freeing in i40e_vsi_request_irq_msix error path {CVE-2025-39911}\n- scsi: libsas: Fix use-after-free bug in smp_execute_task_sg() {CVE-2022-50422}\n- i40e: remove read access to debugfs files {CVE-2025-39901}\n- Bluetooth: hci_sock: Prevent race in socket write iter and sock bind {CVE-2025-68305}\n- RDMA/core: Fix \"KASAN: slab-use-after-free Read in ib_register_device\" problem {CVE-2025-38022}\n- usb: xhci: Apply the link chain quirk on NEC isoc endpoints {CVE-2025-22022}\n- netfilter: allow exp not to be removed in nf_ct_find_expectation {CVE-2023-52927}\n- dm-bufio: don't schedule in atomic context {CVE-2025-37928}\n- ACPI: EC: Fix oops when removing custom query handlers {CVE-2023-54244}\n- mlxsw: spectrum_mr: Fix use-after-free when updating multicast route stats {CVE-2025-68800}\n- net/sched: Enforce that teql can only be used as root qdisc {CVE-2026-23074}\n- net: nsh: Use correct mac_offset to unwind gso skb in nsh_gso_segment() {CVE-2023-54114}\n- igb: Do not bring the device up after non-fatal error {CVE-2024-50040}\n- HID: core: do not bypass hid_hw_raw_request {CVE-2025-38494}\n- drm/amdgpu/gfx: disable gfx9 cp_ecc_error_irq only when enabling legacy gfx ras {CVE-2023-53471}\n- wifi: mwifiex: Initialize the chan_stats array to zero {CVE-2025-39891}\n- HID: asus: fix UAF via HID_CLAIMED_INPUT validation {CVE-2025-39824}\n- fbdev: Add bounds checking in bit_putcs to fix vmalloc-out-of-bounds {CVE-2025-40304}\n- HID: multitouch: Correct devm device reference for hidinput input_dev name {CVE-2023-53454}\n- udf: Do not bother merging very long extents {CVE-2023-53506}\n- wifi: brcmfmac: Fix potential shift-out-of-bounds in brcmf_fw_alloc_request() {CVE-2022-50551}\n- dm integrity: call kmem_cache_destroy() in dm_integrity_init() error path {CVE-2023-53604}\n- gfs2: Fix possible data races in gfs2_show_options() {CVE-2023-53622}\n- iavf: Fix use-after-free in free_netdev {CVE-2023-53556}\n- cnic: Fix use-after-free bugs in cnic_delete_task {CVE-2025-39945}\n- kernfs: fix use-after-free in __kernfs_remove {CVE-2022-50432}\n- net/sched: act_mirred: don't override retval if we already lost the skb {CVE-2024-26739}\n- tcp_bpf: Call sk_msg_free() when tcp_bpf_send_verdict() fails to allocate psock->cork. {CVE-2025-39913}\n- igb: Fix igb_down hung on surprise removal {CVE-2023-53148}",
"title": "Details"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://tuxcare.com/contact/",
"name": "TuxCare",
"namespace": "https://tuxcare.com/"
},
"references": [
{
"category": "self",
"summary": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865",
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.tuxcare.com/csaf/v2/els_os/centos8.4els/advisories/2026/clsa-2026_1773048865.json"
}
],
"tracking": {
"current_release_date": "2026-03-09T09:41:01Z",
"generator": {
"date": "2026-03-09T09:41:01Z",
"engine": {
"name": "pyCSAF"
}
},
"id": "CLSA-2026:1773048865",
"initial_release_date": "2026-03-09T09:41:01Z",
"revision_history": [
{
"date": "2026-03-09T09:41:01Z",
"number": "1",
"summary": "Initial version"
}
],
"status": "final",
"version": "1"
},
"title": "kernel: Fix of 53 CVEs"
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Community Enterprise Operating System 8.4",
"product": {
"name": "Community Enterprise Operating System 8.4",
"product_id": "CentOS-8.4",
"product_identification_helper": {
"cpe": "cpe:2.3:o:centos:centos:8.4:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_family",
"name": "Community Enterprise Operating System"
}
],
"category": "vendor",
"name": "Red Hat, Inc."
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"product": {
"name": "kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"product_id": "kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/cloudlinux/kernel-modules-internal@4.18.0-305.25.1.el8_4.tuxcare.els35?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"product": {
"name": "kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"product_id": "kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/cloudlinux/kernel-tools-libs@4.18.0-305.25.1.el8_4.tuxcare.els35?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"product": {
"name": "kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"product_id": "kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/cloudlinux/kernel-headers@4.18.0-305.25.1.el8_4.tuxcare.els35?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"product": {
"name": "kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"product_id": "kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/cloudlinux/kernel-tools@4.18.0-305.25.1.el8_4.tuxcare.els35?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"product": {
"name": "kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"product_id": "kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/cloudlinux/kernel@4.18.0-305.25.1.el8_4.tuxcare.els35?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"product": {
"name": "kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"product_id": "kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/cloudlinux/kernel-debug-core@4.18.0-305.25.1.el8_4.tuxcare.els35?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"product": {
"name": "kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"product_id": "kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/cloudlinux/kernel-devel@4.18.0-305.25.1.el8_4.tuxcare.els35?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"product": {
"name": "kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"product_id": "kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/cloudlinux/kernel-tools-libs-devel@4.18.0-305.25.1.el8_4.tuxcare.els35?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"product": {
"name": "python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"product_id": "python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/cloudlinux/python3-perf@4.18.0-305.25.1.el8_4.tuxcare.els35?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"product": {
"name": "kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"product_id": "kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/cloudlinux/kernel-modules-extra@4.18.0-305.25.1.el8_4.tuxcare.els35?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"product": {
"name": "kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"product_id": "kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/cloudlinux/kernel-debug-modules-internal@4.18.0-305.25.1.el8_4.tuxcare.els35?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"product": {
"name": "kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"product_id": "kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/cloudlinux/kernel-core@4.18.0-305.25.1.el8_4.tuxcare.els35?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"product": {
"name": "kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"product_id": "kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/cloudlinux/kernel-debug@4.18.0-305.25.1.el8_4.tuxcare.els35?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"product": {
"name": "kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"product_id": "kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/cloudlinux/kernel-cross-headers@4.18.0-305.25.1.el8_4.tuxcare.els35?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"product": {
"name": "kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"product_id": "kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/cloudlinux/kernel-selftests-internal@4.18.0-305.25.1.el8_4.tuxcare.els35?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"product": {
"name": "kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"product_id": "kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/cloudlinux/kernel-debug-modules@4.18.0-305.25.1.el8_4.tuxcare.els35?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"product": {
"name": "perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"product_id": "perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/cloudlinux/perf@4.18.0-305.25.1.el8_4.tuxcare.els35?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"product": {
"name": "kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"product_id": "kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/cloudlinux/kernel-debug-devel@4.18.0-305.25.1.el8_4.tuxcare.els35?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"product": {
"name": "kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"product_id": "kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/cloudlinux/kernel-modules@4.18.0-305.25.1.el8_4.tuxcare.els35?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"product": {
"name": "bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"product_id": "bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/cloudlinux/bpftool@4.18.0-305.25.1.el8_4.tuxcare.els35?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"product": {
"name": "kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"product_id": "kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/cloudlinux/kernel-debug-modules-extra@4.18.0-305.25.1.el8_4.tuxcare.els35?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"product": {
"name": "kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"product_id": "kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/cloudlinux/kernel-ipaclones-internal@4.18.0-305.25.1.el8_4.tuxcare.els35?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "CloudLinux"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64 as a component of Community Enterprise Operating System 8.4",
"product_id": "CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
},
"product_reference": "kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"relates_to_product_reference": "CentOS-8.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64 as a component of Community Enterprise Operating System 8.4",
"product_id": "CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
},
"product_reference": "kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"relates_to_product_reference": "CentOS-8.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64 as a component of Community Enterprise Operating System 8.4",
"product_id": "CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
},
"product_reference": "kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"relates_to_product_reference": "CentOS-8.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64 as a component of Community Enterprise Operating System 8.4",
"product_id": "CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
},
"product_reference": "kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"relates_to_product_reference": "CentOS-8.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64 as a component of Community Enterprise Operating System 8.4",
"product_id": "CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
},
"product_reference": "kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"relates_to_product_reference": "CentOS-8.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64 as a component of Community Enterprise Operating System 8.4",
"product_id": "CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
},
"product_reference": "kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"relates_to_product_reference": "CentOS-8.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64 as a component of Community Enterprise Operating System 8.4",
"product_id": "CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
},
"product_reference": "kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"relates_to_product_reference": "CentOS-8.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64 as a component of Community Enterprise Operating System 8.4",
"product_id": "CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
},
"product_reference": "kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"relates_to_product_reference": "CentOS-8.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64 as a component of Community Enterprise Operating System 8.4",
"product_id": "CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
},
"product_reference": "python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"relates_to_product_reference": "CentOS-8.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64 as a component of Community Enterprise Operating System 8.4",
"product_id": "CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
},
"product_reference": "kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"relates_to_product_reference": "CentOS-8.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64 as a component of Community Enterprise Operating System 8.4",
"product_id": "CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
},
"product_reference": "kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"relates_to_product_reference": "CentOS-8.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64 as a component of Community Enterprise Operating System 8.4",
"product_id": "CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
},
"product_reference": "kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"relates_to_product_reference": "CentOS-8.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64 as a component of Community Enterprise Operating System 8.4",
"product_id": "CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
},
"product_reference": "kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"relates_to_product_reference": "CentOS-8.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64 as a component of Community Enterprise Operating System 8.4",
"product_id": "CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
},
"product_reference": "kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"relates_to_product_reference": "CentOS-8.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64 as a component of Community Enterprise Operating System 8.4",
"product_id": "CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
},
"product_reference": "kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"relates_to_product_reference": "CentOS-8.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64 as a component of Community Enterprise Operating System 8.4",
"product_id": "CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
},
"product_reference": "kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"relates_to_product_reference": "CentOS-8.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64 as a component of Community Enterprise Operating System 8.4",
"product_id": "CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
},
"product_reference": "perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"relates_to_product_reference": "CentOS-8.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64 as a component of Community Enterprise Operating System 8.4",
"product_id": "CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
},
"product_reference": "kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"relates_to_product_reference": "CentOS-8.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64 as a component of Community Enterprise Operating System 8.4",
"product_id": "CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
},
"product_reference": "kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"relates_to_product_reference": "CentOS-8.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64 as a component of Community Enterprise Operating System 8.4",
"product_id": "CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
},
"product_reference": "bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"relates_to_product_reference": "CentOS-8.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64 as a component of Community Enterprise Operating System 8.4",
"product_id": "CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
},
"product_reference": "kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"relates_to_product_reference": "CentOS-8.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64 as a component of Community Enterprise Operating System 8.4",
"product_id": "CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
},
"product_reference": "kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"relates_to_product_reference": "CentOS-8.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-53454",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: multitouch: Correct devm device reference for hidinput input_dev name\n\nReference the HID device rather than the input device for the devm\nallocation of the input_dev name. Referencing the input_dev would lead to a\nuse-after-free when the input_dev was unregistered and subsequently fires a\nuevent that depends on the name. At the point of firing the uevent, the\nname would be freed by devres management.\n\nUse devm_kasprintf to simplify the logic for allocating memory and\nformatting the input_dev name string.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2023-53454"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/15ec7cb55e7d88755aa01d44a7a1015a42bfce86",
"url": "https://git.kernel.org/stable/c/15ec7cb55e7d88755aa01d44a7a1015a42bfce86"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/1d7833db9fd118415dace2ca157bfa603dec9c8c",
"url": "https://git.kernel.org/stable/c/1d7833db9fd118415dace2ca157bfa603dec9c8c"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/2763732ec1e68910719c75b6b896e11b6d3d622b",
"url": "https://git.kernel.org/stable/c/2763732ec1e68910719c75b6b896e11b6d3d622b"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/39c70c19456e50dcb3abfe53539220dff0490f1d",
"url": "https://git.kernel.org/stable/c/39c70c19456e50dcb3abfe53539220dff0490f1d"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/4794394635293a3e74591351fff469cea7ad15a2",
"url": "https://git.kernel.org/stable/c/4794394635293a3e74591351fff469cea7ad15a2"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/ac0d389402a6ff9ad92cea02c2d8c711483b91ab",
"url": "https://git.kernel.org/stable/c/ac0d389402a6ff9ad92cea02c2d8c711483b91ab"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/b70ac7849248ec8128fa12f86e3655ba38838f29",
"url": "https://git.kernel.org/stable/c/b70ac7849248ec8128fa12f86e3655ba38838f29"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/dde88ab4e45beb60b217026207aa9c14c88d71ab",
"url": "https://git.kernel.org/stable/c/dde88ab4e45beb60b217026207aa9c14c88d71ab"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/df7ca43fe090e1a56c216c8ebc106ef5fd49afc6",
"url": "https://git.kernel.org/stable/c/df7ca43fe090e1a56c216c8ebc106ef5fd49afc6"
}
],
"release_date": "2025-10-01T12:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-09T09:34:27.201962Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865",
"product_ids": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2025-39911",
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni40e: fix IRQ freeing in i40e_vsi_request_irq_msix error path\n\nIf request_irq() in i40e_vsi_request_irq_msix() fails in an iteration\nlater than the first, the error path wants to free the IRQs requested\nso far. However, it uses the wrong dev_id argument for free_irq(), so\nit does not free the IRQs correctly and instead triggers the warning:\n\n Trying to free already-free IRQ 173\n WARNING: CPU: 25 PID: 1091 at kernel/irq/manage.c:1829 __free_irq+0x192/0x2c0\n Modules linked in: i40e(+) [...]\n CPU: 25 UID: 0 PID: 1091 Comm: NetworkManager Not tainted 6.17.0-rc1+ #1 PREEMPT(lazy)\n Hardware name: [...]\n RIP: 0010:__free_irq+0x192/0x2c0\n [...]\n Call Trace:\n \n free_irq+0x32/0x70\n i40e_vsi_request_irq_msix.cold+0x63/0x8b [i40e]\n i40e_vsi_request_irq+0x79/0x80 [i40e]\n i40e_vsi_open+0x21f/0x2f0 [i40e]\n i40e_open+0x63/0x130 [i40e]\n __dev_open+0xfc/0x210\n __dev_change_flags+0x1fc/0x240\n netif_change_flags+0x27/0x70\n do_setlink.isra.0+0x341/0xc70\n rtnl_newlink+0x468/0x860\n rtnetlink_rcv_msg+0x375/0x450\n netlink_rcv_skb+0x5c/0x110\n netlink_unicast+0x288/0x3c0\n netlink_sendmsg+0x20d/0x430\n ____sys_sendmsg+0x3a2/0x3d0\n ___sys_sendmsg+0x99/0xe0\n __sys_sendmsg+0x8a/0xf0\n do_syscall_64+0x82/0x2c0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n [...]\n \n ---[ end trace 0000000000000000 ]---\n\nUse the same dev_id for free_irq() as for request_irq().\n\nI tested this with inserting code to fail intentionally.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2025-39911"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/13ab9adef3cd386511c930a9660ae06595007f89",
"url": "https://git.kernel.org/stable/c/13ab9adef3cd386511c930a9660ae06595007f89"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/23431998a37764c464737b855c71a81d50992e98",
"url": "https://git.kernel.org/stable/c/23431998a37764c464737b855c71a81d50992e98"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/6e4016c0dca53afc71e3b99e24252b63417395df",
"url": "https://git.kernel.org/stable/c/6e4016c0dca53afc71e3b99e24252b63417395df"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/915470e1b44e71d1dd07ee067276f003c3521ee3",
"url": "https://git.kernel.org/stable/c/915470e1b44e71d1dd07ee067276f003c3521ee3"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/a30afd6617c30aaa338d1dbcb1e34e7a1890085c",
"url": "https://git.kernel.org/stable/c/a30afd6617c30aaa338d1dbcb1e34e7a1890085c"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/b905b2acb3a0bbb08ad9be9984d8cdabdf827315",
"url": "https://git.kernel.org/stable/c/b905b2acb3a0bbb08ad9be9984d8cdabdf827315"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/b9721a023df38cf44a88f2739b4cf51efd051f85",
"url": "https://git.kernel.org/stable/c/b9721a023df38cf44a88f2739b4cf51efd051f85"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/c62580674ce5feb1be4f90b5873ff3ce50e0a1db",
"url": "https://git.kernel.org/stable/c/c62580674ce5feb1be4f90b5873ff3ce50e0a1db"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html",
"url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html"
}
],
"release_date": "2025-10-01T08:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-09T09:34:27.201962Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865",
"product_ids": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2023-53622",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngfs2: Fix possible data races in gfs2_show_options()\n\nSome fields such as gt_logd_secs of the struct gfs2_tune are accessed\nwithout holding the lock gt_spin in gfs2_show_options():\n\n val = sdp->sd_tune.gt_logd_secs;\n if (val != 30)\n seq_printf(s, \",commit=%d\", val);\n\nAnd thus can cause data races when gfs2_show_options() and other functions\nsuch as gfs2_reconfigure() are concurrently executed:\n\n spin_lock(>->gt_spin);\n gt->gt_logd_secs = newargs->ar_commit;\n\nTo fix these possible data races, the lock sdp->sd_tune.gt_spin is\nacquired before accessing the fields of gfs2_tune and released after these\naccesses.\n\nFurther changes by Andreas:\n\n- Don't hold the spin lock over the seq_printf operations.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2023-53622"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/235a5ae73cea29109a3e06f100493f17857e6a93",
"url": "https://git.kernel.org/stable/c/235a5ae73cea29109a3e06f100493f17857e6a93"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/42077d4de49e4d9c773c97c42d5383b4899a8f9d",
"url": "https://git.kernel.org/stable/c/42077d4de49e4d9c773c97c42d5383b4899a8f9d"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/6fa0a72cbbe45db4ed967a51f9e6f4e3afe61d20",
"url": "https://git.kernel.org/stable/c/6fa0a72cbbe45db4ed967a51f9e6f4e3afe61d20"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/7c5b2649f6a37d45bfb7abf34c9b71d08677139f",
"url": "https://git.kernel.org/stable/c/7c5b2649f6a37d45bfb7abf34c9b71d08677139f"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/7e5bbeb7eb813bb2568e1d5d02587df943272e57",
"url": "https://git.kernel.org/stable/c/7e5bbeb7eb813bb2568e1d5d02587df943272e57"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/85e888150075cb221270b64bf772341fc6bd11d9",
"url": "https://git.kernel.org/stable/c/85e888150075cb221270b64bf772341fc6bd11d9"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/a4f71523ed2123d63b431cc0cea4e9f363a0f054",
"url": "https://git.kernel.org/stable/c/a4f71523ed2123d63b431cc0cea4e9f363a0f054"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/b4a7ab57effbed42624842f2ab2a49b177c21a47",
"url": "https://git.kernel.org/stable/c/b4a7ab57effbed42624842f2ab2a49b177c21a47"
}
],
"release_date": "2025-10-07T16:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-09T09:34:27.201962Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865",
"product_ids": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2022-48827",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFSD: Fix the behavior of READ near OFFSET_MAX\n\nDan Aloni reports:\n> Due to commit 8cfb9015280d (\"NFS: Always provide aligned buffers to\n> the RPC read layers\") on the client, a read of 0xfff is aligned up\n> to server rsize of 0x1000.\n>\n> As a result, in a test where the server has a file of size\n> 0x7fffffffffffffff, and the client tries to read from the offset\n> 0x7ffffffffffff000, the read causes loff_t overflow in the server\n> and it returns an NFS code of EINVAL to the client. The client as\n> a result indefinitely retries the request.\n\nThe Linux NFS client does not handle NFS?ERR_INVAL, even though all\nNFS specifications permit servers to return that status code for a\nREAD.\n\nInstead of NFS?ERR_INVAL, have out-of-range READ requests succeed\nand return a short result. Set the EOF flag in the result to prevent\nthe client from retrying the READ request. This behavior appears to\nbe consistent with Solaris NFS servers.\n\nNote that NFSv3 and NFSv4 use u64 offset values on the wire. These\nmust be converted to loff_t internally before use -- an implicit\ntype cast is not adequate for this purpose. Otherwise VFS checks\nagainst sb->s_maxbytes do not work properly.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2022-48827"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/0cb4d23ae08c48f6bf3c29a8e5c4a74b8388b960",
"url": "https://git.kernel.org/stable/c/0cb4d23ae08c48f6bf3c29a8e5c4a74b8388b960"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/1726a39b0879acfb490b22dca643f26f4f907da9",
"url": "https://git.kernel.org/stable/c/1726a39b0879acfb490b22dca643f26f4f907da9"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/44502aca8e02ab32d6b0eb52e006a5ec9402719b",
"url": "https://git.kernel.org/stable/c/44502aca8e02ab32d6b0eb52e006a5ec9402719b"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/c6eff5c4277146a78b4fb8c9b668dd64542c41b0",
"url": "https://git.kernel.org/stable/c/c6eff5c4277146a78b4fb8c9b668dd64542c41b0"
}
],
"release_date": "2024-07-16T12:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-09T09:34:27.201962Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865",
"product_ids": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2025-40304",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\nfbdev: Add bounds checking in bit_putcs to fix vmalloc-out-of-bounds\nAdd bounds checking to prevent writes past framebuffer boundaries when\nrendering text near screen edges. Return early if the Y position is off-screen\nand clip image height to screen boundary. Break from the rendering loop if the\nX position is off-screen. When clipping image width to fit the screen, update\nthe character count to match the clipped width to prevent buffer size\nmismatches.\nWithout the character count update, bit_putcs_aligned and bit_putcs_unaligned\nreceive mismatched parameters where the buffer is allocated for the clipped\nwidth but cnt reflects the original larger count, causing out-of-bounds writes.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2025-40304"
}
],
"release_date": "2025-12-08T00:00:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-09T09:34:27.201962Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865",
"product_ids": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H",
"version": "3.1"
},
"products": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2025-39866",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs: writeback: fix use-after-free in __mark_inode_dirty()\n\nAn use-after-free issue occurred when __mark_inode_dirty() get the\nbdi_writeback that was in the progress of switching.\n\nCPU: 1 PID: 562 Comm: systemd-random- Not tainted 6.6.56-gb4403bd46a8e #1\n......\npstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : __mark_inode_dirty+0x124/0x418\nlr : __mark_inode_dirty+0x118/0x418\nsp : ffffffc08c9dbbc0\n........\nCall trace:\n __mark_inode_dirty+0x124/0x418\n generic_update_time+0x4c/0x60\n file_modified+0xcc/0xd0\n ext4_buffered_write_iter+0x58/0x124\n ext4_file_write_iter+0x54/0x704\n vfs_write+0x1c0/0x308\n ksys_write+0x74/0x10c\n __arm64_sys_write+0x1c/0x28\n invoke_syscall+0x48/0x114\n el0_svc_common.constprop.0+0xc0/0xe0\n do_el0_svc+0x1c/0x28\n el0_svc+0x40/0xe4\n el0t_64_sync_handler+0x120/0x12c\n el0t_64_sync+0x194/0x198\n\nRoot cause is:\n\nsystemd-random-seed kworker\n----------------------------------------------------------------------\n___mark_inode_dirty inode_switch_wbs_work_fn\n\n spin_lock(&inode->i_lock);\n inode_attach_wb\n locked_inode_to_wb_and_lock_list\n get inode->i_wb\n spin_unlock(&inode->i_lock);\n spin_lock(&wb->list_lock)\n spin_lock(&inode->i_lock)\n inode_io_list_move_locked\n spin_unlock(&wb->list_lock)\n spin_unlock(&inode->i_lock)\n spin_lock(&old_wb->list_lock)\n inode_do_switch_wbs\n spin_lock(&inode->i_lock)\n inode->i_wb = new_wb\n spin_unlock(&inode->i_lock)\n spin_unlock(&old_wb->list_lock)\n wb_put_many(old_wb, nr_switched)\n cgwb_release\n old wb released\n wb_wakeup_delayed() accesses wb,\n then trigger the use-after-free\n issue\n\nFix this race condition by holding inode spinlock until\nwb_wakeup_delayed() finished.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2025-39866"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/1edc2feb9c759a9883dfe81cb5ed231412d8b2e4",
"url": "https://git.kernel.org/stable/c/1edc2feb9c759a9883dfe81cb5ed231412d8b2e4"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/b187c976111960e6e54a6b1fff724f6e3d39406c",
"url": "https://git.kernel.org/stable/c/b187c976111960e6e54a6b1fff724f6e3d39406c"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/bf89b1f87c72df79cf76203f71fbf8349cd5c9de",
"url": "https://git.kernel.org/stable/c/bf89b1f87c72df79cf76203f71fbf8349cd5c9de"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/c8c14adf80bd1a6e4a1d7ee9c2a816881c26d17a",
"url": "https://git.kernel.org/stable/c/c8c14adf80bd1a6e4a1d7ee9c2a816881c26d17a"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/d02d2c98d25793902f65803ab853b592c7a96b29",
"url": "https://git.kernel.org/stable/c/d02d2c98d25793902f65803ab853b592c7a96b29"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/e2a14bbae5d8bacaa301362744a110e2be40a3a3",
"url": "https://git.kernel.org/stable/c/e2a14bbae5d8bacaa301362744a110e2be40a3a3"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/e63052921f1b25a836feb1500b841bff7a4a0456",
"url": "https://git.kernel.org/stable/c/e63052921f1b25a836feb1500b841bff7a4a0456"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html",
"url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html"
}
],
"release_date": "2025-09-19T16:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-09T09:34:27.201962Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865",
"product_ids": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2022-50551",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcmfmac: Fix potential shift-out-of-bounds in brcmf_fw_alloc_request()\n\nThis patch fixes a shift-out-of-bounds in brcmfmac that occurs in\nBIT(chiprev) when a 'chiprev' provided by the device is too large.\nIt should also not be equal to or greater than BITS_PER_TYPE(u32)\nas we do bitwise AND with a u32 variable and BIT(chiprev). The patch\nadds a check that makes the function return NULL if that is the case.\nNote that the NULL case is later handled by the bus-specific caller,\nbrcmf_usb_probe_cb() or brcmf_usb_reset_resume(), for example.\n\nFound by a modified version of syzkaller.\n\nUBSAN: shift-out-of-bounds in drivers/net/wireless/broadcom/brcm80211/brcmfmac/firmware.c\nshift exponent 151055786 is too large for 64-bit type 'long unsigned int'\nCPU: 0 PID: 1885 Comm: kworker/0:2 Tainted: G O 5.14.0+ #132\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.12.1-0-ga5cab58e9a3f-prebuilt.qemu.org 04/01/2014\nWorkqueue: usb_hub_wq hub_event\nCall Trace:\n dump_stack_lvl+0x57/0x7d\n ubsan_epilogue+0x5/0x40\n __ubsan_handle_shift_out_of_bounds.cold+0x53/0xdb\n ? lock_chain_count+0x20/0x20\n brcmf_fw_alloc_request.cold+0x19/0x3ea\n ? brcmf_fw_get_firmwares+0x250/0x250\n ? brcmf_usb_ioctl_resp_wait+0x1a7/0x1f0\n brcmf_usb_get_fwname+0x114/0x1a0\n ? brcmf_usb_reset_resume+0x120/0x120\n ? number+0x6c4/0x9a0\n brcmf_c_process_clm_blob+0x168/0x590\n ? put_dec+0x90/0x90\n ? enable_ptr_key_workfn+0x20/0x20\n ? brcmf_common_pd_remove+0x50/0x50\n ? rcu_read_lock_sched_held+0xa1/0xd0\n brcmf_c_preinit_dcmds+0x673/0xc40\n ? brcmf_c_set_joinpref_default+0x100/0x100\n ? rcu_read_lock_sched_held+0xa1/0xd0\n ? rcu_read_lock_bh_held+0xb0/0xb0\n ? lock_acquire+0x19d/0x4e0\n ? find_held_lock+0x2d/0x110\n ? brcmf_usb_deq+0x1cc/0x260\n ? mark_held_locks+0x9f/0xe0\n ? lockdep_hardirqs_on_prepare+0x273/0x3e0\n ? _raw_spin_unlock_irqrestore+0x47/0x50\n ? trace_hardirqs_on+0x1c/0x120\n ? brcmf_usb_deq+0x1a7/0x260\n ? brcmf_usb_rx_fill_all+0x5a/0xf0\n brcmf_attach+0x246/0xd40\n ? wiphy_new_nm+0x1476/0x1d50\n ? kmemdup+0x30/0x40\n brcmf_usb_probe+0x12de/0x1690\n ? brcmf_usbdev_qinit.constprop.0+0x470/0x470\n usb_probe_interface+0x25f/0x710\n really_probe+0x1be/0xa90\n __driver_probe_device+0x2ab/0x460\n ? usb_match_id.part.0+0x88/0xc0\n driver_probe_device+0x49/0x120\n __device_attach_driver+0x18a/0x250\n ? driver_allows_async_probing+0x120/0x120\n bus_for_each_drv+0x123/0x1a0\n ? bus_rescan_devices+0x20/0x20\n ? lockdep_hardirqs_on_prepare+0x273/0x3e0\n ? trace_hardirqs_on+0x1c/0x120\n __device_attach+0x207/0x330\n ? device_bind_driver+0xb0/0xb0\n ? kobject_uevent_env+0x230/0x12c0\n bus_probe_device+0x1a2/0x260\n device_add+0xa61/0x1ce0\n ? __mutex_unlock_slowpath+0xe7/0x660\n ? __fw_devlink_link_to_suppliers+0x550/0x550\n usb_set_configuration+0x984/0x1770\n ? kernfs_create_link+0x175/0x230\n usb_generic_driver_probe+0x69/0x90\n usb_probe_device+0x9c/0x220\n really_probe+0x1be/0xa90\n __driver_probe_device+0x2ab/0x460\n driver_probe_device+0x49/0x120\n __device_attach_driver+0x18a/0x250\n ? driver_allows_async_probing+0x120/0x120\n bus_for_each_drv+0x123/0x1a0\n ? bus_rescan_devices+0x20/0x20\n ? lockdep_hardirqs_on_prepare+0x273/0x3e0\n ? trace_hardirqs_on+0x1c/0x120\n __device_attach+0x207/0x330\n ? device_bind_driver+0xb0/0xb0\n ? kobject_uevent_env+0x230/0x12c0\n bus_probe_device+0x1a2/0x260\n device_add+0xa61/0x1ce0\n ? __fw_devlink_link_to_suppliers+0x550/0x550\n usb_new_device.cold+0x463/0xf66\n ? hub_disconnect+0x400/0x400\n ? _raw_spin_unlock_irq+0x24/0x30\n hub_event+0x10d5/0x3330\n ? hub_port_debounce+0x280/0x280\n ? __lock_acquire+0x1671/0x5790\n ? wq_calc_node_cpumask+0x170/0x2a0\n ? lock_release+0x640/0x640\n ? rcu_read_lock_sched_held+0xa1/0xd0\n ? rcu_read_lock_bh_held+0xb0/0xb0\n ? lockdep_hardirqs_on_prepare+0x273/0x3e0\n process_one_work+0x873/0x13e0\n ? lock_release+0x640/0x640\n ? pwq_dec_nr_in_flight+0x320/0x320\n ? rwlock_bug.part.0+0x90/0x90\n worker_thread+0x8b/0xd10\n ? __kthread_parkme+0xd9/0x1d0\n ? pr\n---truncated---",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2022-50551"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/0b12d2aa264bac35bff9b5399bb162262b2b8949",
"url": "https://git.kernel.org/stable/c/0b12d2aa264bac35bff9b5399bb162262b2b8949"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/1db036d13e10809943c2dce553e2fa7fc9c6cd80",
"url": "https://git.kernel.org/stable/c/1db036d13e10809943c2dce553e2fa7fc9c6cd80"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/4c8fc44c44b97854623c56363c359f711fc0b887",
"url": "https://git.kernel.org/stable/c/4c8fc44c44b97854623c56363c359f711fc0b887"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/579c9b9838e8a73f6e93ddece07972c241514dcc",
"url": "https://git.kernel.org/stable/c/579c9b9838e8a73f6e93ddece07972c241514dcc"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/5b06a8a25eba07628313aa3c5496522eff97be53",
"url": "https://git.kernel.org/stable/c/5b06a8a25eba07628313aa3c5496522eff97be53"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/81d17f6f3331f03c8eafdacea68ab773426c1e3c",
"url": "https://git.kernel.org/stable/c/81d17f6f3331f03c8eafdacea68ab773426c1e3c"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/87792567d9ed93fd336d2c3b8d7870f44e141e6d",
"url": "https://git.kernel.org/stable/c/87792567d9ed93fd336d2c3b8d7870f44e141e6d"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/9d2f70fa2c7cc6c73a420ff15682454782d3d6f6",
"url": "https://git.kernel.org/stable/c/9d2f70fa2c7cc6c73a420ff15682454782d3d6f6"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/bc45aa1911bf699b9905f12414e3c1879d6b784f",
"url": "https://git.kernel.org/stable/c/bc45aa1911bf699b9905f12414e3c1879d6b784f"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/ffb589963df103caaf062081a32db0b9e1798660",
"url": "https://git.kernel.org/stable/c/ffb589963df103caaf062081a32db0b9e1798660"
}
],
"release_date": "2025-10-07T16:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-09T09:34:27.201962Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865",
"product_ids": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2025-39901",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni40e: remove read access to debugfs files\n\nThe 'command' and 'netdev_ops' debugfs files are a legacy debugging\ninterface supported by the i40e driver since its early days by commit\n02e9c290814c (\"i40e: debugfs interface\").\n\nBoth of these debugfs files provide a read handler which is mostly useless,\nand which is implemented with questionable logic. They both use a static\n256 byte buffer which is initialized to the empty string. In the case of\nthe 'command' file this buffer is literally never used and simply wastes\nspace. In the case of the 'netdev_ops' file, the last command written is\nsaved here.\n\nOn read, the files contents are presented as the name of the device\nfollowed by a colon and then the contents of their respective static\nbuffer. For 'command' this will always be \": \". For 'netdev_ops',\nthis will be \": \". But note the buffer is\nshared between all devices operated by this module. At best, it is mostly\nmeaningless information, and at worse it could be accessed simultaneously\nas there doesn't appear to be any locking mechanism.\n\nWe have also recently received multiple reports for both read functions\nabout their use of snprintf and potential overflow that could result in\nreading arbitrary kernel memory. For the 'command' file, this is definitely\nimpossible, since the static buffer is always zero and never written to.\nFor the 'netdev_ops' file, it does appear to be possible, if the user\ncarefully crafts the command input, it will be copied into the buffer,\nwhich could be large enough to cause snprintf to truncate, which then\ncauses the copy_to_user to read beyond the length of the buffer allocated\nby kzalloc.\n\nA minimal fix would be to replace snprintf() with scnprintf() which would\ncap the return to the number of bytes written, preventing an overflow. A\nmore involved fix would be to drop the mostly useless static buffers,\nsaving 512 bytes and modifying the read functions to stop needing those as\ninput.\n\nInstead, lets just completely drop the read access to these files. These\nare debug interfaces exposed as part of debugfs, and I don't believe that\ndropping read access will break any script, as the provided output is\npretty useless. You can find the netdev name through other more standard\ninterfaces, and the 'netdev_ops' interface can easily result in garbage if\nyou issue simultaneous writes to multiple devices at once.\n\nIn order to properly remove the i40e_dbg_netdev_ops_buf, we need to\nrefactor its write function to avoid using the static buffer. Instead, use\nthe same logic as the i40e_dbg_command_write, with an allocated buffer.\nUpdate the code to use this instead of the static buffer, and ensure we\nfree the buffer on exit. This fixes simultaneous writes to 'netdev_ops' on\nmultiple devices, and allows us to remove the now unused static buffer\nalong with removing the read access.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2025-39901"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/70d3dad7d5ad077965d7a63eed1942b7ba49bfb4",
"url": "https://git.kernel.org/stable/c/70d3dad7d5ad077965d7a63eed1942b7ba49bfb4"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/7d190963b80f4cd99d7008615600aa7cc993c6ba",
"url": "https://git.kernel.org/stable/c/7d190963b80f4cd99d7008615600aa7cc993c6ba"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/9fcdb1c3c4ba134434694c001dbff343f1ffa319",
"url": "https://git.kernel.org/stable/c/9fcdb1c3c4ba134434694c001dbff343f1ffa319"
}
],
"release_date": "2025-10-01T08:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-09T09:34:27.201962Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865",
"product_ids": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2025-39883",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/memory-failure: fix VM_BUG_ON_PAGE(PagePoisoned(page)) when unpoison memory\n\nWhen I did memory failure tests, below panic occurs:\n\npage dumped because: VM_BUG_ON_PAGE(PagePoisoned(page))\nkernel BUG at include/linux/page-flags.h:616!\nOops: invalid opcode: 0000 [#1] PREEMPT SMP NOPTI\nCPU: 3 PID: 720 Comm: bash Not tainted 6.10.0-rc1-00195-g148743902568 #40\nRIP: 0010:unpoison_memory+0x2f3/0x590\nRSP: 0018:ffffa57fc8787d60 EFLAGS: 00000246\nRAX: 0000000000000037 RBX: 0000000000000009 RCX: ffff9be25fcdc9c8\nRDX: 0000000000000000 RSI: 0000000000000027 RDI: ffff9be25fcdc9c0\nRBP: 0000000000300000 R08: ffffffffb4956f88 R09: 0000000000009ffb\nR10: 0000000000000284 R11: ffffffffb4926fa0 R12: ffffe6b00c000000\nR13: ffff9bdb453dfd00 R14: 0000000000000000 R15: fffffffffffffffe\nFS: 00007f08f04e4740(0000) GS:ffff9be25fcc0000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000564787a30410 CR3: 000000010d4e2000 CR4: 00000000000006f0\nCall Trace:\n \n unpoison_memory+0x2f3/0x590\n simple_attr_write_xsigned.constprop.0.isra.0+0xb3/0x110\n debugfs_attr_write+0x42/0x60\n full_proxy_write+0x5b/0x80\n vfs_write+0xd5/0x540\n ksys_write+0x64/0xe0\n do_syscall_64+0xb9/0x1d0\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7f08f0314887\nRSP: 002b:00007ffece710078 EFLAGS: 00000246 ORIG_RAX: 0000000000000001\nRAX: ffffffffffffffda RBX: 0000000000000009 RCX: 00007f08f0314887\nRDX: 0000000000000009 RSI: 0000564787a30410 RDI: 0000000000000001\nRBP: 0000564787a30410 R08: 000000000000fefe R09: 000000007fffffff\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000009\nR13: 00007f08f041b780 R14: 00007f08f0417600 R15: 00007f08f0416a00\n \nModules linked in: hwpoison_inject\n---[ end trace 0000000000000000 ]---\nRIP: 0010:unpoison_memory+0x2f3/0x590\nRSP: 0018:ffffa57fc8787d60 EFLAGS: 00000246\nRAX: 0000000000000037 RBX: 0000000000000009 RCX: ffff9be25fcdc9c8\nRDX: 0000000000000000 RSI: 0000000000000027 RDI: ffff9be25fcdc9c0\nRBP: 0000000000300000 R08: ffffffffb4956f88 R09: 0000000000009ffb\nR10: 0000000000000284 R11: ffffffffb4926fa0 R12: ffffe6b00c000000\nR13: ffff9bdb453dfd00 R14: 0000000000000000 R15: fffffffffffffffe\nFS: 00007f08f04e4740(0000) GS:ffff9be25fcc0000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000564787a30410 CR3: 000000010d4e2000 CR4: 00000000000006f0\nKernel panic - not syncing: Fatal exception\nKernel Offset: 0x31c00000 from 0xffffffff81000000 (relocation range: 0xffffffff80000000-0xffffffffbfffffff)\n---[ end Kernel panic - not syncing: Fatal exception ]---\n\nThe root cause is that unpoison_memory() tries to check the PG_HWPoison\nflags of an uninitialized page. So VM_BUG_ON_PAGE(PagePoisoned(page)) is\ntriggered. This can be reproduced by below steps:\n\n1.Offline memory block:\n\n echo offline > /sys/devices/system/memory/memory12/state\n\n2.Get offlined memory pfn:\n\n page-types -b n -rlN\n\n3.Write pfn to unpoison-pfn\n\n echo > /sys/kernel/debug/hwpoison/unpoison-pfn\n\nThis scenario can be identified by pfn_to_online_page() returning NULL. \nAnd ZONE_DEVICE pages are never expected, so we can simply fail if\npfn_to_online_page() == NULL to fix the bug.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2025-39883"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/3d278e89c2ea62b1aaa4b0d8a9766a35b3a3164a",
"url": "https://git.kernel.org/stable/c/3d278e89c2ea62b1aaa4b0d8a9766a35b3a3164a"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/63a327a2375a8ce7a47dec5aaa4d8a9ae0a00b96",
"url": "https://git.kernel.org/stable/c/63a327a2375a8ce7a47dec5aaa4d8a9ae0a00b96"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/7618fd443aa4cfa553a64cacf5721581653ee7b0",
"url": "https://git.kernel.org/stable/c/7618fd443aa4cfa553a64cacf5721581653ee7b0"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/8e01ea186a52c90694c08a9ff57bea1b0e78256a",
"url": "https://git.kernel.org/stable/c/8e01ea186a52c90694c08a9ff57bea1b0e78256a"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/99f7048957f5ae3cee1c01189147e73a9a96de02",
"url": "https://git.kernel.org/stable/c/99f7048957f5ae3cee1c01189147e73a9a96de02"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/d613f53c83ec47089c4e25859d5e8e0359f6f8da",
"url": "https://git.kernel.org/stable/c/d613f53c83ec47089c4e25859d5e8e0359f6f8da"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/e4ec6def5643a1c9511115b3884eb879572294c6",
"url": "https://git.kernel.org/stable/c/e4ec6def5643a1c9511115b3884eb879572294c6"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/fb65803ccff37cf9123c50c1c02efd1ed73c4ed5",
"url": "https://git.kernel.org/stable/c/fb65803ccff37cf9123c50c1c02efd1ed73c4ed5"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html",
"url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html"
}
],
"release_date": "2025-09-23T06:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-09T09:34:27.201962Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865",
"product_ids": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2024-35965",
"cwe": {
"id": "CWE-1284",
"name": "Improper Validation of Specified Quantity in Input"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: L2CAP: Fix not validating setsockopt user input\n\nCheck user input length before copying data.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2024-35965"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/28234f8ab69c522ba447f3e041bbfbb284c5959a",
"url": "https://git.kernel.org/stable/c/28234f8ab69c522ba447f3e041bbfbb284c5959a"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/4f3951242ace5efc7131932e2e01e6ac6baed846",
"url": "https://git.kernel.org/stable/c/4f3951242ace5efc7131932e2e01e6ac6baed846"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/8ee0c132a61df9723813c40e742dc5321824daa9",
"url": "https://git.kernel.org/stable/c/8ee0c132a61df9723813c40e742dc5321824daa9"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/9d42f373391211c7c8af66a3a316533a32b8a607",
"url": "https://git.kernel.org/stable/c/9d42f373391211c7c8af66a3a316533a32b8a607"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/f13b04cf65a86507ff15a9bbf37969d25be3e2a0",
"url": "https://git.kernel.org/stable/c/f13b04cf65a86507ff15a9bbf37969d25be3e2a0"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html",
"url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html"
}
],
"release_date": "2024-05-20T10:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-09T09:34:27.201962Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865",
"product_ids": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2023-53148",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nigb: Fix igb_down hung on surprise removal\n\nIn a setup where a Thunderbolt hub connects to Ethernet and a display\nthrough USB Type-C, users may experience a hung task timeout when they\nremove the cable between the PC and the Thunderbolt hub.\nThis is because the igb_down function is called multiple times when\nthe Thunderbolt hub is unplugged. For example, the igb_io_error_detected\ntriggers the first call, and the igb_remove triggers the second call.\nThe second call to igb_down will block at napi_synchronize.\nHere's the call trace:\n __schedule+0x3b0/0xddb\n ? __mod_timer+0x164/0x5d3\n schedule+0x44/0xa8\n schedule_timeout+0xb2/0x2a4\n ? run_local_timers+0x4e/0x4e\n msleep+0x31/0x38\n igb_down+0x12c/0x22a [igb 6615058754948bfde0bf01429257eb59f13030d4]\n __igb_close+0x6f/0x9c [igb 6615058754948bfde0bf01429257eb59f13030d4]\n igb_close+0x23/0x2b [igb 6615058754948bfde0bf01429257eb59f13030d4]\n __dev_close_many+0x95/0xec\n dev_close_many+0x6e/0x103\n unregister_netdevice_many+0x105/0x5b1\n unregister_netdevice_queue+0xc2/0x10d\n unregister_netdev+0x1c/0x23\n igb_remove+0xa7/0x11c [igb 6615058754948bfde0bf01429257eb59f13030d4]\n pci_device_remove+0x3f/0x9c\n device_release_driver_internal+0xfe/0x1b4\n pci_stop_bus_device+0x5b/0x7f\n pci_stop_bus_device+0x30/0x7f\n pci_stop_bus_device+0x30/0x7f\n pci_stop_and_remove_bus_device+0x12/0x19\n pciehp_unconfigure_device+0x76/0xe9\n pciehp_disable_slot+0x6e/0x131\n pciehp_handle_presence_or_link_change+0x7a/0x3f7\n pciehp_ist+0xbe/0x194\n irq_thread_fn+0x22/0x4d\n ? irq_thread+0x1fd/0x1fd\n irq_thread+0x17b/0x1fd\n ? irq_forced_thread_fn+0x5f/0x5f\n kthread+0x142/0x153\n ? __irq_get_irqchip_state+0x46/0x46\n ? kthread_associate_blkcg+0x71/0x71\n ret_from_fork+0x1f/0x30\n\nIn this case, igb_io_error_detected detaches the network interface\nand requests a PCIE slot reset, however, the PCIE reset callback is\nnot being invoked and thus the Ethernet connection breaks down.\nAs the PCIE error in this case is a non-fatal one, requesting a\nslot reset can be avoided.\nThis patch fixes the task hung issue and preserves Ethernet\nconnection by ignoring non-fatal PCIE errors.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2023-53148"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/004d25060c78fc31f66da0fa439c544dda1ac9d5",
"url": "https://git.kernel.org/stable/c/004d25060c78fc31f66da0fa439c544dda1ac9d5"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/124e39a734cb90658b8f0dc110847bbfc6e33792",
"url": "https://git.kernel.org/stable/c/124e39a734cb90658b8f0dc110847bbfc6e33792"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/39695e87d86f0e7d897fba1d2559f825aa20caeb",
"url": "https://git.kernel.org/stable/c/39695e87d86f0e7d897fba1d2559f825aa20caeb"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/41f63b72a01c0e0ac59ab83fd2d921fcce0f602d",
"url": "https://git.kernel.org/stable/c/41f63b72a01c0e0ac59ab83fd2d921fcce0f602d"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/994c2ceb70ea99264ccc6f09e6703ca267dad63c",
"url": "https://git.kernel.org/stable/c/994c2ceb70ea99264ccc6f09e6703ca267dad63c"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/c2312e1d12b1c3ee4100c173131b102e2aed4d04",
"url": "https://git.kernel.org/stable/c/c2312e1d12b1c3ee4100c173131b102e2aed4d04"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/c9f56f3c7bc908caa772112d3ae71cdd5d18c257",
"url": "https://git.kernel.org/stable/c/c9f56f3c7bc908caa772112d3ae71cdd5d18c257"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/fa92c463eba75dcedbd8d689ffdcb83293aaa0c3",
"url": "https://git.kernel.org/stable/c/fa92c463eba75dcedbd8d689ffdcb83293aaa0c3"
}
],
"release_date": "2025-09-15T14:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-09T09:34:27.201962Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865",
"product_ids": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2024-50040",
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nigb: Do not bring the device up after non-fatal error\n\nCommit 004d25060c78 (\"igb: Fix igb_down hung on surprise removal\")\nchanged igb_io_error_detected() to ignore non-fatal pcie errors in order\nto avoid hung task that can happen when igb_down() is called multiple\ntimes. This caused an issue when processing transient non-fatal errors.\nigb_io_resume(), which is called after igb_io_error_detected(), assumes\nthat device is brought down by igb_io_error_detected() if the interface\nis up. This resulted in panic with stacktrace below.\n\n[ T3256] igb 0000:09:00.0 haeth0: igb: haeth0 NIC Link is Down\n[ T292] pcieport 0000:00:1c.5: AER: Uncorrected (Non-Fatal) error received: 0000:09:00.0\n[ T292] igb 0000:09:00.0: PCIe Bus Error: severity=Uncorrected (Non-Fatal), type=Transaction Layer, (Requester ID)\n[ T292] igb 0000:09:00.0: device [8086:1537] error status/mask=00004000/00000000\n[ T292] igb 0000:09:00.0: [14] CmpltTO [ 200.105524,009][ T292] igb 0000:09:00.0: AER: TLP Header: 00000000 00000000 00000000 00000000\n[ T292] pcieport 0000:00:1c.5: AER: broadcast error_detected message\n[ T292] igb 0000:09:00.0: Non-correctable non-fatal error reported.\n[ T292] pcieport 0000:00:1c.5: AER: broadcast mmio_enabled message\n[ T292] pcieport 0000:00:1c.5: AER: broadcast resume message\n[ T292] ------------[ cut here ]------------\n[ T292] kernel BUG at net/core/dev.c:6539!\n[ T292] invalid opcode: 0000 [#1] PREEMPT SMP\n[ T292] RIP: 0010:napi_enable+0x37/0x40\n[ T292] Call Trace:\n[ T292] \n[ T292] ? die+0x33/0x90\n[ T292] ? do_trap+0xdc/0x110\n[ T292] ? napi_enable+0x37/0x40\n[ T292] ? do_error_trap+0x70/0xb0\n[ T292] ? napi_enable+0x37/0x40\n[ T292] ? napi_enable+0x37/0x40\n[ T292] ? exc_invalid_op+0x4e/0x70\n[ T292] ? napi_enable+0x37/0x40\n[ T292] ? asm_exc_invalid_op+0x16/0x20\n[ T292] ? napi_enable+0x37/0x40\n[ T292] igb_up+0x41/0x150\n[ T292] igb_io_resume+0x25/0x70\n[ T292] report_resume+0x54/0x70\n[ T292] ? report_frozen_detected+0x20/0x20\n[ T292] pci_walk_bus+0x6c/0x90\n[ T292] ? aer_print_port_info+0xa0/0xa0\n[ T292] pcie_do_recovery+0x22f/0x380\n[ T292] aer_process_err_devices+0x110/0x160\n[ T292] aer_isr+0x1c1/0x1e0\n[ T292] ? disable_irq_nosync+0x10/0x10\n[ T292] irq_thread_fn+0x1a/0x60\n[ T292] irq_thread+0xe3/0x1a0\n[ T292] ? irq_set_affinity_notifier+0x120/0x120\n[ T292] ? irq_affinity_notify+0x100/0x100\n[ T292] kthread+0xe2/0x110\n[ T292] ? kthread_complete_and_exit+0x20/0x20\n[ T292] ret_from_fork+0x2d/0x50\n[ T292] ? kthread_complete_and_exit+0x20/0x20\n[ T292] ret_from_fork_asm+0x11/0x20\n[ T292] \n\nTo fix this issue igb_io_resume() checks if the interface is running and\nthe device is not down this means igb_io_error_detected() did not bring\nthe device down and there is no need to bring it up.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2024-50040"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/0a94079e3841d00ea5abb05e3233d019a86745f6",
"url": "https://git.kernel.org/stable/c/0a94079e3841d00ea5abb05e3233d019a86745f6"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/330a699ecbfc9c26ec92c6310686da1230b4e7eb",
"url": "https://git.kernel.org/stable/c/330a699ecbfc9c26ec92c6310686da1230b4e7eb"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/500be93c5d53b7e2c5314292012185f0207bad0c",
"url": "https://git.kernel.org/stable/c/500be93c5d53b7e2c5314292012185f0207bad0c"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/57c5053eaa5f9a8a99e34732e37a86615318e464",
"url": "https://git.kernel.org/stable/c/57c5053eaa5f9a8a99e34732e37a86615318e464"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/6a39c8f5c8aae74c5ab2ba466791f59ffaab0178",
"url": "https://git.kernel.org/stable/c/6a39c8f5c8aae74c5ab2ba466791f59ffaab0178"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/c92cbd283ddcf55fd85a9a9b0ba13298213f3dd7",
"url": "https://git.kernel.org/stable/c/c92cbd283ddcf55fd85a9a9b0ba13298213f3dd7"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/d79af3af2f49c6aae9add3d492c04d60c1b85ce4",
"url": "https://git.kernel.org/stable/c/d79af3af2f49c6aae9add3d492c04d60c1b85ce4"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/dca2ca65a8695d9593e2cf1b40848e073ad75413",
"url": "https://git.kernel.org/stable/c/dca2ca65a8695d9593e2cf1b40848e073ad75413"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html",
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html",
"url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html"
}
],
"release_date": "2024-10-21T20:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-09T09:34:27.201962Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865",
"product_ids": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
]
},
{
"cve": "CVE-2023-54114",
"cwe": {
"id": "CWE-253",
"name": "Incorrect Check of Function Return Value"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\nnet: nsh: Use correct mac_offset to unwind gso skb in nsh_gso_segment()\nAs the call trace shows, skb_panic was caused by wrong skb->mac_header\nin nsh_gso_segment():\ninvalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI\nCPU: 3 PID: 2737 Comm: syz Not tainted 6.3.0-next-20230505 #1\nRIP: 0010:skb_panic+0xda/0xe0\ncall Trace:\nskb_push+0x91/0xa0\nnsh_gso_segment+0x4f3/0x570\nskb_mac_gso_segment+0x19e/0x270\n__skb_gso_segment+0x1e8/0x3c0\nvalidate_xmit_skb+0x452/0x890\nvalidate_xmit_skb_list+0x99/0xd0\nsch_direct_xmit+0x294/0x7c0\n__dev_queue_xmit+0x16f0/0x1d70\npacket_xmit+0x185/0x210\npacket_snd+0xc15/0x1170\npacket_sendmsg+0x7b/0xa0\nsock_sendmsg+0x14f/0x160\nThe root cause is:\nnsh_gso_segment() use skb->network_header - nhoff to reset mac_header\nin skb_gso_error_unwind() if inner-layer protocol gso fails.\nHowever, skb->network_header may be reset by inner-layer protocol\ngso function e.g. mpls_gso_segment. skb->mac_header reset by the\ninaccurate network_header will be larger than skb headroom.\nnsh_gso_segment\nnhoff = skb->network_header - skb->mac_header;\n__skb_pull(skb,nsh_len)\nskb_mac_gso_segment\nmpls_gso_segment\nskb_reset_network_header(skb);//skb->network_header+=nsh_len\nreturn -EINVAL;\nskb_gso_error_unwind\nskb_push(skb, nsh_len);\nskb->mac_header = skb->network_header - nhoff;\n// skb->mac_header > skb->headroom, cause skb_push panic\nUse correct mac_offset to restore mac_header and get rid of nhoff.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2023-54114"
}
],
"release_date": "2025-12-24T00:00:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-09T09:34:27.201962Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865",
"product_ids": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
]
},
{
"cve": "CVE-2023-53680",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFSD: Avoid calling OPDESC() with ops->opnum == OP_ILLEGAL\n\nOPDESC() simply indexes into nfsd4_ops[] by the op's operation\nnumber, without range checking that value. It assumes callers are\ncareful to avoid calling it with an out-of-bounds opnum value.\n\nnfsd4_decode_compound() is not so careful, and can invoke OPDESC()\nwith opnum set to OP_ILLEGAL, which is 10044 -- well beyond the end\nof nfsd4_ops[].",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2023-53680"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/50827896c365e0f6c8b55ed56d444dafd87c92c5",
"url": "https://git.kernel.org/stable/c/50827896c365e0f6c8b55ed56d444dafd87c92c5"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/804d8e0a6e54427268790472781e03bc243f4ee3",
"url": "https://git.kernel.org/stable/c/804d8e0a6e54427268790472781e03bc243f4ee3"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/a64160124d5a078be0c380b1e8a0bad2d040d3a1",
"url": "https://git.kernel.org/stable/c/a64160124d5a078be0c380b1e8a0bad2d040d3a1"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/f352c41fa718482979e7e6b71b4da2b718e381cc",
"url": "https://git.kernel.org/stable/c/f352c41fa718482979e7e6b71b4da2b718e381cc"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/ffcbcf087581ae68ddc0a21460f7ecd4315bdd0e",
"url": "https://git.kernel.org/stable/c/ffcbcf087581ae68ddc0a21460f7ecd4315bdd0e"
}
],
"release_date": "2025-10-07T16:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-09T09:34:27.201962Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865",
"product_ids": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2023-54244",
"cwe": {
"id": "CWE-366",
"name": "Race Condition within a Thread"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\nACPI: EC: Fix oops when removing custom query handlers\nWhen removing custom query handlers, the handler might still\nbe used inside the EC query workqueue, causing a kernel oops\nif the module holding the callback function was already unloaded.\nFix this by flushing the EC query workqueue when removing\ncustom query handlers.\nTested on a Acer Travelmate 4002WLMi",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2023-54244"
}
],
"release_date": "2025-12-30T00:00:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-09T09:34:27.201962Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865",
"product_ids": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
]
},
{
"cve": "CVE-2022-48744",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: Avoid field-overflowing memcpy()\n\nIn preparation for FORTIFY_SOURCE performing compile-time and run-time\nfield bounds checking for memcpy(), memmove(), and memset(), avoid\nintentionally writing across neighboring fields.\n\nUse flexible arrays instead of zero-element arrays (which look like they\nare always overflowing) and split the cross-field memcpy() into two halves\nthat can be appropriately bounds-checked by the compiler.\n\nWe were doing:\n\n\t#define ETH_HLEN 14\n\t#define VLAN_HLEN 4\n\t...\n\t#define MLX5E_XDP_MIN_INLINE (ETH_HLEN + VLAN_HLEN)\n\t...\n struct mlx5e_tx_wqe *wqe = mlx5_wq_cyc_get_wqe(wq, pi);\n\t...\n struct mlx5_wqe_eth_seg *eseg = &wqe->eth;\n struct mlx5_wqe_data_seg *dseg = wqe->data;\n\t...\n\tmemcpy(eseg->inline_hdr.start, xdptxd->data, MLX5E_XDP_MIN_INLINE);\n\ntarget is wqe->eth.inline_hdr.start (which the compiler sees as being\n2 bytes in size), but copying 18, intending to write across start\n(really vlan_tci, 2 bytes). The remaining 16 bytes get written into\nwqe->data[0], covering byte_count (4 bytes), lkey (4 bytes), and addr\n(8 bytes).\n\nstruct mlx5e_tx_wqe {\n struct mlx5_wqe_ctrl_seg ctrl; /* 0 16 */\n struct mlx5_wqe_eth_seg eth; /* 16 16 */\n struct mlx5_wqe_data_seg data[]; /* 32 0 */\n\n /* size: 32, cachelines: 1, members: 3 */\n /* last cacheline: 32 bytes */\n};\n\nstruct mlx5_wqe_eth_seg {\n u8 swp_outer_l4_offset; /* 0 1 */\n u8 swp_outer_l3_offset; /* 1 1 */\n u8 swp_inner_l4_offset; /* 2 1 */\n u8 swp_inner_l3_offset; /* 3 1 */\n u8 cs_flags; /* 4 1 */\n u8 swp_flags; /* 5 1 */\n __be16 mss; /* 6 2 */\n __be32 flow_table_metadata; /* 8 4 */\n union {\n struct {\n __be16 sz; /* 12 2 */\n u8 start[2]; /* 14 2 */\n } inline_hdr; /* 12 4 */\n struct {\n __be16 type; /* 12 2 */\n __be16 vlan_tci; /* 14 2 */\n } insert; /* 12 4 */\n __be32 trailer; /* 12 4 */\n }; /* 12 4 */\n\n /* size: 16, cachelines: 1, members: 9 */\n /* last cacheline: 16 bytes */\n};\n\nstruct mlx5_wqe_data_seg {\n __be32 byte_count; /* 0 4 */\n __be32 lkey; /* 4 4 */\n __be64 addr; /* 8 8 */\n\n /* size: 16, cachelines: 1, members: 3 */\n /* last cacheline: 16 bytes */\n};\n\nSo, split the memcpy() so the compiler can reason about the buffer\nsizes.\n\n\"pahole\" shows no size nor member offset changes to struct mlx5e_tx_wqe\nnor struct mlx5e_umr_wqe. \"objdump -d\" shows no meaningful object\ncode changes (i.e. only source line number induced differences and\noptimizations).",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2022-48744"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/49bcbe531f79fc35bb10020f7695f9f01e4f0ca8",
"url": "https://git.kernel.org/stable/c/49bcbe531f79fc35bb10020f7695f9f01e4f0ca8"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/8fbdf8c8b8ab82beab882175157650452c46493e",
"url": "https://git.kernel.org/stable/c/8fbdf8c8b8ab82beab882175157650452c46493e"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/ad5185735f7dab342fdd0dd41044da4c9ccfef67",
"url": "https://git.kernel.org/stable/c/ad5185735f7dab342fdd0dd41044da4c9ccfef67"
}
],
"release_date": "2024-06-20T12:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-09T09:34:27.201962Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865",
"product_ids": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2023-53619",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: conntrack: Avoid nf_ct_helper_hash uses after free\n\nIf nf_conntrack_init_start() fails (for example due to a\nregister_nf_conntrack_bpf() failure), the nf_conntrack_helper_fini()\nclean-up path frees the nf_ct_helper_hash map.\n\nWhen built with NF_CONNTRACK=y, further netfilter modules (e.g:\nnetfilter_conntrack_ftp) can still be loaded and call\nnf_conntrack_helpers_register(), independently of whether nf_conntrack\ninitialized correctly. This accesses the nf_ct_helper_hash dangling\npointer and causes a uaf, possibly leading to random memory corruption.\n\nThis patch guards nf_conntrack_helper_register() from accessing a freed\nor uninitialized nf_ct_helper_hash pointer and fixes possible\nuses-after-free when loading a conntrack module.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2023-53619"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/00716f25f9697d02a0d9bd622575c7c7321ba3d0",
"url": "https://git.kernel.org/stable/c/00716f25f9697d02a0d9bd622575c7c7321ba3d0"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/05561f822f27b9fa88fa5504ddec34bf38833034",
"url": "https://git.kernel.org/stable/c/05561f822f27b9fa88fa5504ddec34bf38833034"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/4ee69c91cb8f9ca144bc0861969e5a1a3c6152a7",
"url": "https://git.kernel.org/stable/c/4ee69c91cb8f9ca144bc0861969e5a1a3c6152a7"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/61c7a5256543ae7d24cd9d21853d514c8632e1e9",
"url": "https://git.kernel.org/stable/c/61c7a5256543ae7d24cd9d21853d514c8632e1e9"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/6eef7a2b933885a17679eb8ed0796ddf0ee5309b",
"url": "https://git.kernel.org/stable/c/6eef7a2b933885a17679eb8ed0796ddf0ee5309b"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/6f03ce2f1abcb9f9d0511e3659ca6eb60e39f566",
"url": "https://git.kernel.org/stable/c/6f03ce2f1abcb9f9d0511e3659ca6eb60e39f566"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/8289d422f5e484efe4a565fe18e862ecd621c175",
"url": "https://git.kernel.org/stable/c/8289d422f5e484efe4a565fe18e862ecd621c175"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/fce5cc7cbd4b92f979bf02c9ec5fb69aaeba92d7",
"url": "https://git.kernel.org/stable/c/fce5cc7cbd4b92f979bf02c9ec5fb69aaeba92d7"
}
],
"release_date": "2025-10-07T16:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-09T09:34:27.201962Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865",
"product_ids": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2025-38201",
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAX\n\nOtherwise, it is possible to hit WARN_ON_ONCE in __kvmalloc_node_noprof()\nwhen resizing hashtable because __GFP_NOWARN is unset.\n\nSimilar to:\n\n b541ba7d1f5a (\"netfilter: conntrack: clamp maximum hashtable size to INT_MAX\")",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2025-38201"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/0ab3de047808f375a36cd345225572eb3366f3c6",
"url": "https://git.kernel.org/stable/c/0ab3de047808f375a36cd345225572eb3366f3c6"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/1fe27f97944017a9d3c5af4d6d95282bff0f1147",
"url": "https://git.kernel.org/stable/c/1fe27f97944017a9d3c5af4d6d95282bff0f1147"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/4abccfb61f422300be014b8e734c63344306f009",
"url": "https://git.kernel.org/stable/c/4abccfb61f422300be014b8e734c63344306f009"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/80417057ac60dd80f4816eb426e4e4a5bf696534",
"url": "https://git.kernel.org/stable/c/80417057ac60dd80f4816eb426e4e4a5bf696534"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/b85e3367a5716ed3662a4fe266525190d2af76df",
"url": "https://git.kernel.org/stable/c/b85e3367a5716ed3662a4fe266525190d2af76df"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/d2768016f091f8a5264076b433fd7c3fabb6eb97",
"url": "https://git.kernel.org/stable/c/d2768016f091f8a5264076b433fd7c3fabb6eb97"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/df524a68d9021c1401965d610bb6e42ee5d9611e",
"url": "https://git.kernel.org/stable/c/df524a68d9021c1401965d610bb6e42ee5d9611e"
}
],
"release_date": "2025-07-04T14:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-09T09:34:27.201962Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865",
"product_ids": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2024-35967",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: SCO: Fix not validating setsockopt user input\n\nsyzbot reported sco_sock_setsockopt() is copying data without\nchecking user input length.\n\nBUG: KASAN: slab-out-of-bounds in copy_from_sockptr_offset\ninclude/linux/sockptr.h:49 [inline]\nBUG: KASAN: slab-out-of-bounds in copy_from_sockptr\ninclude/linux/sockptr.h:55 [inline]\nBUG: KASAN: slab-out-of-bounds in sco_sock_setsockopt+0xc0b/0xf90\nnet/bluetooth/sco.c:893\nRead of size 4 at addr ffff88805f7b15a3 by task syz-executor.5/12578",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2024-35967"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/2c2dc87cdebef3fe3b9d7a711a984c70e376e32e",
"url": "https://git.kernel.org/stable/c/2c2dc87cdebef3fe3b9d7a711a984c70e376e32e"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/419a0ffca7010216f0fc265b08558d7394fa0ba7",
"url": "https://git.kernel.org/stable/c/419a0ffca7010216f0fc265b08558d7394fa0ba7"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/51eda36d33e43201e7a4fd35232e069b2c850b01",
"url": "https://git.kernel.org/stable/c/51eda36d33e43201e7a4fd35232e069b2c850b01"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/72473db90900da970a16ee50ad23c2c38d107d8c",
"url": "https://git.kernel.org/stable/c/72473db90900da970a16ee50ad23c2c38d107d8c"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/7bc65d23ba20dcd7ecc094a12c181e594e5eb315",
"url": "https://git.kernel.org/stable/c/7bc65d23ba20dcd7ecc094a12c181e594e5eb315"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/b0e30c37695b614bee69187f86eaf250e36606ce",
"url": "https://git.kernel.org/stable/c/b0e30c37695b614bee69187f86eaf250e36606ce"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html",
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
}
],
"release_date": "2024-05-20T10:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-09T09:34:27.201962Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865",
"product_ids": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2025-38022",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/core: Fix \"KASAN: slab-use-after-free Read in ib_register_device\" problem\n\nCall Trace:\n\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:408 [inline]\n print_report+0xc3/0x670 mm/kasan/report.c:521\n kasan_report+0xe0/0x110 mm/kasan/report.c:634\n strlen+0x93/0xa0 lib/string.c:420\n __fortify_strlen include/linux/fortify-string.h:268 [inline]\n get_kobj_path_length lib/kobject.c:118 [inline]\n kobject_get_path+0x3f/0x2a0 lib/kobject.c:158\n kobject_uevent_env+0x289/0x1870 lib/kobject_uevent.c:545\n ib_register_device drivers/infiniband/core/device.c:1472 [inline]\n ib_register_device+0x8cf/0xe00 drivers/infiniband/core/device.c:1393\n rxe_register_device+0x275/0x320 drivers/infiniband/sw/rxe/rxe_verbs.c:1552\n rxe_net_add+0x8e/0xe0 drivers/infiniband/sw/rxe/rxe_net.c:550\n rxe_newlink+0x70/0x190 drivers/infiniband/sw/rxe/rxe.c:225\n nldev_newlink+0x3a3/0x680 drivers/infiniband/core/nldev.c:1796\n rdma_nl_rcv_msg+0x387/0x6e0 drivers/infiniband/core/netlink.c:195\n rdma_nl_rcv_skb.constprop.0.isra.0+0x2e5/0x450\n netlink_unicast_kernel net/netlink/af_netlink.c:1313 [inline]\n netlink_unicast+0x53a/0x7f0 net/netlink/af_netlink.c:1339\n netlink_sendmsg+0x8d1/0xdd0 net/netlink/af_netlink.c:1883\n sock_sendmsg_nosec net/socket.c:712 [inline]\n __sock_sendmsg net/socket.c:727 [inline]\n ____sys_sendmsg+0xa95/0xc70 net/socket.c:2566\n ___sys_sendmsg+0x134/0x1d0 net/socket.c:2620\n __sys_sendmsg+0x16d/0x220 net/socket.c:2652\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xcd/0x260 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nThis problem is similar to the problem that the\ncommit 1d6a9e7449e2 (\"RDMA/core: Fix use-after-free when rename device name\")\nfixes.\n\nThe root cause is: the function ib_device_rename() renames the name with\nlock. But in the function kobject_uevent(), this name is accessed without\nlock protection at the same time.\n\nThe solution is to add the lock protection when this name is accessed in\nthe function kobject_uevent().",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2025-38022"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/03df57ad4b0ff9c5a93ff981aba0b42578ad1571",
"url": "https://git.kernel.org/stable/c/03df57ad4b0ff9c5a93ff981aba0b42578ad1571"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/10c7f1c647da3b77ef8827d974a97b6530b64df0",
"url": "https://git.kernel.org/stable/c/10c7f1c647da3b77ef8827d974a97b6530b64df0"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/17d3103325e891e10994e7aa28d12bea04dc2c60",
"url": "https://git.kernel.org/stable/c/17d3103325e891e10994e7aa28d12bea04dc2c60"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/312dae3499106ec8cb7442ada12be080aa9fbc3b",
"url": "https://git.kernel.org/stable/c/312dae3499106ec8cb7442ada12be080aa9fbc3b"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/5629064f92f0de6d6b3572055cd35361c3ad953c",
"url": "https://git.kernel.org/stable/c/5629064f92f0de6d6b3572055cd35361c3ad953c"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/ba467b6870ea2a73590478d9612d6ea1dcdd68b7",
"url": "https://git.kernel.org/stable/c/ba467b6870ea2a73590478d9612d6ea1dcdd68b7"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/d0706bfd3ee40923c001c6827b786a309e2a8713",
"url": "https://git.kernel.org/stable/c/d0706bfd3ee40923c001c6827b786a309e2a8713"
}
],
"release_date": "2025-06-18T10:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-09T09:34:27.201962Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865",
"product_ids": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2022-50470",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxhci: Remove device endpoints from bandwidth list when freeing the device\n\nEndpoints are normally deleted from the bandwidth list when they are\ndropped, before the virt device is freed.\n\nIf xHC host is dying or being removed then the endpoints aren't dropped\ncleanly due to functions returning early to avoid interacting with a\nnon-accessible host controller.\n\nSo check and delete endpoints that are still on the bandwidth list when\nfreeing the virt device.\n\nSolves a list_del corruption kernel crash when unbinding xhci-pci,\ncaused by xhci_mem_cleanup() when it later tried to delete already freed\nendpoints from the bandwidth list.\n\nThis only affects hosts that use software bandwidth checking, which\ncurrenty is only the xHC in intel Panther Point PCH (Ivy Bridge)",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2022-50470"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/3bf860a41e0f2fcea0ac3aae8f7ef887a7994b70",
"url": "https://git.kernel.org/stable/c/3bf860a41e0f2fcea0ac3aae8f7ef887a7994b70"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/5aed5b7c2430ce318a8e62f752f181e66f0d1053",
"url": "https://git.kernel.org/stable/c/5aed5b7c2430ce318a8e62f752f181e66f0d1053"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/5e4ce28ad907aa54f13b21d5f1dc490525957b0c",
"url": "https://git.kernel.org/stable/c/5e4ce28ad907aa54f13b21d5f1dc490525957b0c"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/678d2cc2041cc6ce05030852dce9ad42719abcfc",
"url": "https://git.kernel.org/stable/c/678d2cc2041cc6ce05030852dce9ad42719abcfc"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/8f1cd9633d1f21efc13e8fc75be8f2b6bb85e38c",
"url": "https://git.kernel.org/stable/c/8f1cd9633d1f21efc13e8fc75be8f2b6bb85e38c"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/c892a81c7424b4f6a660cb9c249d354ccf3afeca",
"url": "https://git.kernel.org/stable/c/c892a81c7424b4f6a660cb9c249d354ccf3afeca"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/cebbc8d335d6bcc1316584f779c08f80287c6af8",
"url": "https://git.kernel.org/stable/c/cebbc8d335d6bcc1316584f779c08f80287c6af8"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/f0de39474078adef6ece7a183e34c15ce2c1d8d1",
"url": "https://git.kernel.org/stable/c/f0de39474078adef6ece7a183e34c15ce2c1d8d1"
}
],
"release_date": "2025-10-04T16:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-09T09:34:27.201962Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865",
"product_ids": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2023-53524",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: pcie: Fix integer overflow in iwl_write_to_user_buf\n\nAn integer overflow occurs in the iwl_write_to_user_buf() function,\nwhich is called by the iwl_dbgfs_monitor_data_read() function.\n\nstatic bool iwl_write_to_user_buf(char __user *user_buf, ssize_t count,\n\t\t\t\t void *buf, ssize_t *size,\n\t\t\t\t ssize_t *bytes_copied)\n{\n\tint buf_size_left = count - *bytes_copied;\n\n\tbuf_size_left = buf_size_left - (buf_size_left % sizeof(u32));\n\tif (*size > buf_size_left)\n\t\t*size = buf_size_left;\n\nIf the user passes a SIZE_MAX value to the \"ssize_t count\" parameter,\nthe ssize_t count parameter is assigned to \"int buf_size_left\".\nThen compare \"*size\" with \"buf_size_left\" . Here, \"buf_size_left\" is a\nnegative number, so \"*size\" is assigned \"buf_size_left\" and goes into\nthe third argument of the copy_to_user function, causing a heap overflow.\n\nThis is not a security vulnerability because iwl_dbgfs_monitor_data_read()\nis a debugfs operation with 0400 privileges.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2023-53524"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/059e426d666a41e26b184c177c1ca3ee2d6fa1b6",
"url": "https://git.kernel.org/stable/c/059e426d666a41e26b184c177c1ca3ee2d6fa1b6"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/0ad8dd870aa187d0c21d032bb2c6433559075eec",
"url": "https://git.kernel.org/stable/c/0ad8dd870aa187d0c21d032bb2c6433559075eec"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/58d1b717879bfeabe09b35e41ad667c79933eb2e",
"url": "https://git.kernel.org/stable/c/58d1b717879bfeabe09b35e41ad667c79933eb2e"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/82f877ec9b041edc4c7c509c605cc3393d837bf0",
"url": "https://git.kernel.org/stable/c/82f877ec9b041edc4c7c509c605cc3393d837bf0"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/de78456976026102babe66258c228691ca5677c0",
"url": "https://git.kernel.org/stable/c/de78456976026102babe66258c228691ca5677c0"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/eb1ef44efac797b384d361a76e33f77027c29a14",
"url": "https://git.kernel.org/stable/c/eb1ef44efac797b384d361a76e33f77027c29a14"
}
],
"release_date": "2025-10-01T12:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-09T09:34:27.201962Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865",
"product_ids": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2025-68800",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\nmlxsw: spectrum_mr: Fix use-after-free when updating multicast route stats\nCited commit added a dedicated mutex (instead of RTNL) to protect the\nmulticast route list, so that it will not change while the driver\nperiodically traverses it in order to update the kernel about multicast\nroute stats that were queried from the device.\nOne instance of list entry deletion (during route replace) was missed\nand it can result in a use-after-free [1].\nFix by acquiring the mutex before deleting the entry from the list and\nreleasing it afterwards.\n[1]\nBUG: KASAN: slab-use-after-free in mlxsw_sp_mr_stats_update+0x4a5/0x540 drivers/net/ethernet/mellanox/mlxsw/spectrum_mr.c:1006 [mlxsw_spectrum]\nRead of size 8 at addr ffff8881523c2fa8 by task kworker/2:5/22043\nCPU: 2 UID: 0 PID: 22043 Comm: kworker/2:5 Not tainted 6.18.0-rc1-custom-g1a3d6d7cd014 #1 PREEMPT(full)\nHardware name: Mellanox Technologies Ltd. MSN2010/SA002610, BIOS 5.6.5 08/24/2017\nWorkqueue: mlxsw_core mlxsw_sp_mr_stats_update [mlxsw_spectrum]\nCall Trace:\n\ndump_stack_lvl+0xba/0x110\nprint_report+0x174/0x4f5\nkasan_report+0xdf/0x110\nmlxsw_sp_mr_stats_update+0x4a5/0x540 drivers/net/ethernet/mellanox/mlxsw/spectrum_mr.c:1006 [mlxsw_spectrum]\nprocess_one_work+0x9cc/0x18e0\nworker_thread+0x5df/0xe40\nkthread+0x3b8/0x730\nret_from_fork+0x3e9/0x560\nret_from_fork_asm+0x1a/0x30\n\nAllocated by task 29933:\nkasan_save_stack+0x30/0x50\nkasan_save_track+0x14/0x30\n__kasan_kmalloc+0x8f/0xa0\nmlxsw_sp_mr_route_add+0xd8/0x4770 [mlxsw_spectrum]\nmlxsw_sp_router_fibmr_event_work+0x371/0xad0 drivers/net/ethernet/mellanox/mlxsw/spectrum_router.c:7965 [mlxsw_spectrum]\nprocess_one_work+0x9cc/0x18e0\nworker_thread+0x5df/0xe40\nkthread+0x3b8/0x730\nret_from_fork+0x3e9/0x560\nret_from_fork_asm+0x1a/0x30\nFreed by task 29933:\nkasan_save_stack+0x30/0x50\nkasan_save_track+0x14/0x30\n__kasan_save_free_info+0x3b/0x70\n__kasan_slab_free+0x43/0x70\nkfree+0x14e/0x700\nmlxsw_sp_mr_route_add+0x2dea/0x4770 drivers/net/ethernet/mellanox/mlxsw/spectrum_mr.c:444 [mlxsw_spectrum]\nmlxsw_sp_router_fibmr_event_work+0x371/0xad0 drivers/net/ethernet/mellanox/mlxsw/spectrum_router.c:7965 [mlxsw_spectrum]\nprocess_one_work+0x9cc/0x18e0\nworker_thread+0x5df/0xe40\nkthread+0x3b8/0x730\nret_from_fork+0x3e9/0x560\nret_from_fork_asm+0x1a/0x30",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2025-68800"
}
],
"release_date": "2026-01-13T00:00:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-09T09:34:27.201962Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865",
"product_ids": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H",
"version": "3.1"
},
"products": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2022-50496",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm cache: Fix UAF in destroy()\n\nDm_cache also has the same UAF problem when dm_resume()\nand dm_destroy() are concurrent.\n\nTherefore, cancelling timer again in destroy().",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2022-50496"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/034cbc8d3b47a56acd89453c29632a9c117de09d",
"url": "https://git.kernel.org/stable/c/034cbc8d3b47a56acd89453c29632a9c117de09d"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/2b17026685a270b2beaf1cdd9857fcedd3505c7e",
"url": "https://git.kernel.org/stable/c/2b17026685a270b2beaf1cdd9857fcedd3505c7e"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/2f097dfac7579fd84ff98eb1d3acd41d53a485f3",
"url": "https://git.kernel.org/stable/c/2f097dfac7579fd84ff98eb1d3acd41d53a485f3"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/4d20032dd90664de09f2902a7ea49ae2f7771746",
"url": "https://git.kernel.org/stable/c/4d20032dd90664de09f2902a7ea49ae2f7771746"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/6a3e412c2ab131c54945327a7676b006f000a209",
"url": "https://git.kernel.org/stable/c/6a3e412c2ab131c54945327a7676b006f000a209"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/6a459d8edbdbe7b24db42a5a9f21e6aa9e00c2aa",
"url": "https://git.kernel.org/stable/c/6a459d8edbdbe7b24db42a5a9f21e6aa9e00c2aa"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/6ac4f36910764cb510bafc4c3768544f86ca48ca",
"url": "https://git.kernel.org/stable/c/6ac4f36910764cb510bafc4c3768544f86ca48ca"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/993406104d2b28fe470126a062ad37a1e21e792e",
"url": "https://git.kernel.org/stable/c/993406104d2b28fe470126a062ad37a1e21e792e"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/d2a0b298ebf83ab6236f66788a3541e91ce75a70",
"url": "https://git.kernel.org/stable/c/d2a0b298ebf83ab6236f66788a3541e91ce75a70"
}
],
"release_date": "2025-10-04T16:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-09T09:34:27.201962Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865",
"product_ids": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2023-53556",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niavf: Fix use-after-free in free_netdev\n\nWe do netif_napi_add() for all allocated q_vectors[], but potentially\ndo netif_napi_del() for part of them, then kfree q_vectors and leave\ninvalid pointers at dev->napi_list.\n\nReproducer:\n\n [root@host ~]# cat repro.sh\n #!/bin/bash\n\n pf_dbsf=\"0000:41:00.0\"\n vf0_dbsf=\"0000:41:02.0\"\n g_pids=()\n\n function do_set_numvf()\n {\n echo 2 >/sys/bus/pci/devices/${pf_dbsf}/sriov_numvfs\n sleep $((RANDOM%3+1))\n echo 0 >/sys/bus/pci/devices/${pf_dbsf}/sriov_numvfs\n sleep $((RANDOM%3+1))\n }\n\n function do_set_channel()\n {\n local nic=$(ls -1 --indicator-style=none /sys/bus/pci/devices/${vf0_dbsf}/net/)\n [ -z \"$nic\" ] && { sleep $((RANDOM%3)) ; return 1; }\n ifconfig $nic 192.168.18.5 netmask 255.255.255.0\n ifconfig $nic up\n ethtool -L $nic combined 1\n ethtool -L $nic combined 4\n sleep $((RANDOM%3))\n }\n\n function on_exit()\n {\n local pid\n for pid in \"${g_pids[@]}\"; do\n kill -0 \"$pid\" &>/dev/null && kill \"$pid\" &>/dev/null\n done\n g_pids=()\n }\n\n trap \"on_exit; exit\" EXIT\n\n while :; do do_set_numvf ; done &\n g_pids+=($!)\n while :; do do_set_channel ; done &\n g_pids+=($!)\n\n wait\n\nResult:\n\n[ 4093.900222] ==================================================================\n[ 4093.900230] BUG: KASAN: use-after-free in free_netdev+0x308/0x390\n[ 4093.900232] Read of size 8 at addr ffff88b4dc145640 by task repro.sh/6699\n[ 4093.900233]\n[ 4093.900236] CPU: 10 PID: 6699 Comm: repro.sh Kdump: loaded Tainted: G O --------- -t - 4.18.0 #1\n[ 4093.900238] Hardware name: Powerleader PR2008AL/H12DSi-N6, BIOS 2.0 04/09/2021\n[ 4093.900239] Call Trace:\n[ 4093.900244] dump_stack+0x71/0xab\n[ 4093.900249] print_address_description+0x6b/0x290\n[ 4093.900251] ? free_netdev+0x308/0x390\n[ 4093.900252] kasan_report+0x14a/0x2b0\n[ 4093.900254] free_netdev+0x308/0x390\n[ 4093.900261] iavf_remove+0x825/0xd20 [iavf]\n[ 4093.900265] pci_device_remove+0xa8/0x1f0\n[ 4093.900268] device_release_driver_internal+0x1c6/0x460\n[ 4093.900271] pci_stop_bus_device+0x101/0x150\n[ 4093.900273] pci_stop_and_remove_bus_device+0xe/0x20\n[ 4093.900275] pci_iov_remove_virtfn+0x187/0x420\n[ 4093.900277] ? pci_iov_add_virtfn+0xe10/0xe10\n[ 4093.900278] ? pci_get_subsys+0x90/0x90\n[ 4093.900280] sriov_disable+0xed/0x3e0\n[ 4093.900282] ? bus_find_device+0x12d/0x1a0\n[ 4093.900290] i40e_free_vfs+0x754/0x1210 [i40e]\n[ 4093.900298] ? i40e_reset_all_vfs+0x880/0x880 [i40e]\n[ 4093.900299] ? pci_get_device+0x7c/0x90\n[ 4093.900300] ? pci_get_subsys+0x90/0x90\n[ 4093.900306] ? pci_vfs_assigned.part.7+0x144/0x210\n[ 4093.900309] ? __mutex_lock_slowpath+0x10/0x10\n[ 4093.900315] i40e_pci_sriov_configure+0x1fa/0x2e0 [i40e]\n[ 4093.900318] sriov_numvfs_store+0x214/0x290\n[ 4093.900320] ? sriov_totalvfs_show+0x30/0x30\n[ 4093.900321] ? __mutex_lock_slowpath+0x10/0x10\n[ 4093.900323] ? __check_object_size+0x15a/0x350\n[ 4093.900326] kernfs_fop_write+0x280/0x3f0\n[ 4093.900329] vfs_write+0x145/0x440\n[ 4093.900330] ksys_write+0xab/0x160\n[ 4093.900332] ? __ia32_sys_read+0xb0/0xb0\n[ 4093.900334] ? fput_many+0x1a/0x120\n[ 4093.900335] ? filp_close+0xf0/0x130\n[ 4093.900338] do_syscall_64+0xa0/0x370\n[ 4093.900339] ? page_fault+0x8/0x30\n[ 4093.900341] entry_SYSCALL_64_after_hwframe+0x65/0xca\n[ 4093.900357] RIP: 0033:0x7f16ad4d22c0\n[ 4093.900359] Code: 73 01 c3 48 8b 0d d8 cb 2c 00 f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 83 3d 89 24 2d 00 00 75 10 b8 01 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 fe dd 01 00 48 89 04 24\n[ 4093.900360] RSP: 002b:00007ffd6491b7f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001\n[ 4093.900362] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f16ad4d22c0\n[ 4093.900363] RDX: 0000000000000002 RSI: 0000000001a41408 RDI: 0000000000000001\n[ 4093.900364] RBP: 0000000001a41408 R08: 00007f16ad7a1780 R09: 00007f16ae1f2700\n[ 4093.9003\n---truncated---",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2023-53556"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/17046107ca15d7571551539d94e76aba2bf71fd3",
"url": "https://git.kernel.org/stable/c/17046107ca15d7571551539d94e76aba2bf71fd3"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/345c44e18cc10cded85cb9134830e1684495c866",
"url": "https://git.kernel.org/stable/c/345c44e18cc10cded85cb9134830e1684495c866"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/5f4fa1672d98fe99d2297b03add35346f1685d6b",
"url": "https://git.kernel.org/stable/c/5f4fa1672d98fe99d2297b03add35346f1685d6b"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/8d781a9c53034813c3194b7d94409c7d24ac73eb",
"url": "https://git.kernel.org/stable/c/8d781a9c53034813c3194b7d94409c7d24ac73eb"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/a4635f190f332304db4a49e827ece790b804b5db",
"url": "https://git.kernel.org/stable/c/a4635f190f332304db4a49e827ece790b804b5db"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/ca12b98e04b5d1902ac08fe826d3500cb4b6e891",
"url": "https://git.kernel.org/stable/c/ca12b98e04b5d1902ac08fe826d3500cb4b6e891"
}
],
"release_date": "2025-10-04T16:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-09T09:34:27.201962Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865",
"product_ids": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2025-22022",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: xhci: Apply the link chain quirk on NEC isoc endpoints\n\nTwo clearly different specimens of NEC uPD720200 (one with start/stop\nbug, one without) were seen to cause IOMMU faults after some Missed\nService Errors. Faulting address is immediately after a transfer ring\nsegment and patched dynamic debug messages revealed that the MSE was\nreceived when waiting for a TD near the end of that segment:\n\n[ 1.041954] xhci_hcd: Miss service interval error for slot 1 ep 2 expected TD DMA ffa08fe0\n[ 1.042120] xhci_hcd: AMD-Vi: Event logged [IO_PAGE_FAULT domain=0x0005 address=0xffa09000 flags=0x0000]\n[ 1.042146] xhci_hcd: AMD-Vi: Event logged [IO_PAGE_FAULT domain=0x0005 address=0xffa09040 flags=0x0000]\n\nIt gets even funnier if the next page is a ring segment accessible to\nthe HC. Below, it reports MSE in segment at ff1e8000, plows through a\nzero-filled page at ff1e9000 and starts reporting events for TRBs in\npage at ff1ea000 every microframe, instead of jumping to seg ff1e6000.\n\n[ 7.041671] xhci_hcd: Miss service interval error for slot 1 ep 2 expected TD DMA ff1e8fe0\n[ 7.041999] xhci_hcd: Miss service interval error for slot 1 ep 2 expected TD DMA ff1e8fe0\n[ 7.042011] xhci_hcd: WARN: buffer overrun event for slot 1 ep 2 on endpoint\n[ 7.042028] xhci_hcd: All TDs skipped for slot 1 ep 2. Clear skip flag.\n[ 7.042134] xhci_hcd: WARN: buffer overrun event for slot 1 ep 2 on endpoint\n[ 7.042138] xhci_hcd: ERROR Transfer event TRB DMA ptr not part of current TD ep_index 2 comp_code 31\n[ 7.042144] xhci_hcd: Looking for event-dma 00000000ff1ea040 trb-start 00000000ff1e6820 trb-end 00000000ff1e6820\n[ 7.042259] xhci_hcd: WARN: buffer overrun event for slot 1 ep 2 on endpoint\n[ 7.042262] xhci_hcd: ERROR Transfer event TRB DMA ptr not part of current TD ep_index 2 comp_code 31\n[ 7.042266] xhci_hcd: Looking for event-dma 00000000ff1ea050 trb-start 00000000ff1e6820 trb-end 00000000ff1e6820\n\nAt some point completion events change from Isoch Buffer Overrun to\nShort Packet and the HC finally finds cycle bit mismatch in ff1ec000.\n\n[ 7.098130] xhci_hcd: ERROR Transfer event TRB DMA ptr not part of current TD ep_index 2 comp_code 13\n[ 7.098132] xhci_hcd: Looking for event-dma 00000000ff1ecc50 trb-start 00000000ff1e6820 trb-end 00000000ff1e6820\n[ 7.098254] xhci_hcd: ERROR Transfer event TRB DMA ptr not part of current TD ep_index 2 comp_code 13\n[ 7.098256] xhci_hcd: Looking for event-dma 00000000ff1ecc60 trb-start 00000000ff1e6820 trb-end 00000000ff1e6820\n[ 7.098379] xhci_hcd: Overrun event on slot 1 ep 2\n\nIt's possible that data from the isochronous device were written to\nrandom buffers of pending TDs on other endpoints (either IN or OUT),\nother devices or even other HCs in the same IOMMU domain.\n\nLastly, an error from a different USB device on another HC. Was it\ncaused by the above? I don't know, but it may have been. The disk\nwas working without any other issues and generated PCIe traffic to\nstarve the NEC of upstream BW and trigger those MSEs. The two HCs\nshared one x1 slot by means of a commercial \"PCIe splitter\" board.\n\n[ 7.162604] usb 10-2: reset SuperSpeed USB device number 3 using xhci_hcd\n[ 7.178990] sd 9:0:0:0: [sdb] tag#0 UNKNOWN(0x2003) Result: hostbyte=0x07 driverbyte=DRIVER_OK cmd_age=0s\n[ 7.179001] sd 9:0:0:0: [sdb] tag#0 CDB: opcode=0x28 28 00 04 02 ae 00 00 02 00 00\n[ 7.179004] I/O error, dev sdb, sector 67284480 op 0x0:(READ) flags 0x80700 phys_seg 5 prio class 0\n\nFortunately, it appears that this ridiculous bug is avoided by setting\nthe chain bit of Link TRBs on isochronous rings. Other ancient HCs are\nknown which also expect the bit to be set and they ignore Link TRBs if\nit's not. Reportedly, 0.95 spec guaranteed that the bit is set.\n\nThe bandwidth-starved NEC HC running a 32KB/uframe UVC endpoint reports\ntens of MSEs per second and runs into the bug within seconds. Chaining\nLink TRBs allows the same workload to run for many minutes, many times.\n\nNo ne\n---truncated---",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2025-22022"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/061a1683bae6ef56ab8fa392725ba7495515cd1d",
"url": "https://git.kernel.org/stable/c/061a1683bae6ef56ab8fa392725ba7495515cd1d"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/1143f790a6316201dc8f067eba4c94ea97ecb6ca",
"url": "https://git.kernel.org/stable/c/1143f790a6316201dc8f067eba4c94ea97ecb6ca"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/43a18225150ce874d23b37761c302a5dffee1595",
"url": "https://git.kernel.org/stable/c/43a18225150ce874d23b37761c302a5dffee1595"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/8b586de6f03c850ff48d42e539b4708d1f3f8f1a",
"url": "https://git.kernel.org/stable/c/8b586de6f03c850ff48d42e539b4708d1f3f8f1a"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/a4931d9fb99eb5462f3eaa231999d279c40afb21",
"url": "https://git.kernel.org/stable/c/a4931d9fb99eb5462f3eaa231999d279c40afb21"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/abf2df229b6a9172cc1827749c1a446d28e00a2e",
"url": "https://git.kernel.org/stable/c/abf2df229b6a9172cc1827749c1a446d28e00a2e"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/bb0ba4cb1065e87f9cc75db1fa454e56d0894d01",
"url": "https://git.kernel.org/stable/c/bb0ba4cb1065e87f9cc75db1fa454e56d0894d01"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/dbf427663ce272070d3004b5fca63a4a537d781c",
"url": "https://git.kernel.org/stable/c/dbf427663ce272070d3004b5fca63a4a537d781c"
}
],
"release_date": "2025-04-16T11:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-09T09:34:27.201962Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865",
"product_ids": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2026-23074",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\nnet/sched: Enforce that teql can only be used as root qdisc\nDesign intent of teql is that it is only supposed to be used as root qdisc.\nWe need to check for that constraint.\nAlthough not important, I will describe the scenario that unearthed this\nissue for the curious.\nGangMin Kim managed to concot a scenario as follows:\nROOT qdisc 1:0 (QFQ)\n├── class 1:1 (weight=15, lmax=16384) netem with delay 6.4s\n└── class 1:2 (weight=1, lmax=1514) teql\nGangMin sends a packet which is enqueued to 1:1 (netem).\nAny invocation of dequeue by QFQ from this class will not return a packet\nuntil after 6.4s. In the meantime, a second packet is sent and it lands on\n1:2. teql's enqueue will return success and this will activate class 1:2.\nMain issue is that teql only updates the parent visible qlen (sch->q.qlen)\nat dequeue. Since QFQ will only call dequeue if peek succeeds (and teql's\npeek always returns NULL), dequeue will never be called and thus the qlen\nwill remain as 0. With that in mind, when GangMin updates 1:2's lmax value,\nthe qfq_change_class calls qfq_deact_rm_from_agg. Since the child qdisc's\nqlen was not incremented, qfq fails to deactivate the class, but still\nfrees its pointers from the aggregate. So when the first packet is\nrescheduled after 6.4 seconds (netem's delay), a dangling pointer is\naccessed causing GangMin's causing a UAF.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2026-23074"
}
],
"release_date": "2026-02-04T00:00:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-09T09:34:27.201962Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865",
"product_ids": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2023-53560",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing/histograms: Add histograms to hist_vars if they have referenced variables\n\nHist triggers can have referenced variables without having direct\nvariables fields. This can be the case if referenced variables are added\nfor trigger actions. In this case the newly added references will not\nhave field variables. Not taking such referenced variables into\nconsideration can result in a bug where it would be possible to remove\nhist trigger with variables being refenced. This will result in a bug\nthat is easily reproducable like so\n\n$ cd /sys/kernel/tracing\n$ echo 'synthetic_sys_enter char[] comm; long id' >> synthetic_events\n$ echo 'hist:keys=common_pid.execname,id.syscall:vals=hitcount:comm=common_pid.execname' >> events/raw_syscalls/sys_enter/trigger\n$ echo 'hist:keys=common_pid.execname,id.syscall:onmatch(raw_syscalls.sys_enter).synthetic_sys_enter($comm, id)' >> events/raw_syscalls/sys_enter/trigger\n$ echo '!hist:keys=common_pid.execname,id.syscall:vals=hitcount:comm=common_pid.execname' >> events/raw_syscalls/sys_enter/trigger\n\n[ 100.263533] ==================================================================\n[ 100.264634] BUG: KASAN: slab-use-after-free in resolve_var_refs+0xc7/0x180\n[ 100.265520] Read of size 8 at addr ffff88810375d0f0 by task bash/439\n[ 100.266320]\n[ 100.266533] CPU: 2 PID: 439 Comm: bash Not tainted 6.5.0-rc1 #4\n[ 100.267277] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.0-20220807_005459-localhost 04/01/2014\n[ 100.268561] Call Trace:\n[ 100.268902] \n[ 100.269189] dump_stack_lvl+0x4c/0x70\n[ 100.269680] print_report+0xc5/0x600\n[ 100.270165] ? resolve_var_refs+0xc7/0x180\n[ 100.270697] ? kasan_complete_mode_report_info+0x80/0x1f0\n[ 100.271389] ? resolve_var_refs+0xc7/0x180\n[ 100.271913] kasan_report+0xbd/0x100\n[ 100.272380] ? resolve_var_refs+0xc7/0x180\n[ 100.272920] __asan_load8+0x71/0xa0\n[ 100.273377] resolve_var_refs+0xc7/0x180\n[ 100.273888] event_hist_trigger+0x749/0x860\n[ 100.274505] ? kasan_save_stack+0x2a/0x50\n[ 100.275024] ? kasan_set_track+0x29/0x40\n[ 100.275536] ? __pfx_event_hist_trigger+0x10/0x10\n[ 100.276138] ? ksys_write+0xd1/0x170\n[ 100.276607] ? do_syscall_64+0x3c/0x90\n[ 100.277099] ? entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n[ 100.277771] ? destroy_hist_data+0x446/0x470\n[ 100.278324] ? event_hist_trigger_parse+0xa6c/0x3860\n[ 100.278962] ? __pfx_event_hist_trigger_parse+0x10/0x10\n[ 100.279627] ? __kasan_check_write+0x18/0x20\n[ 100.280177] ? mutex_unlock+0x85/0xd0\n[ 100.280660] ? __pfx_mutex_unlock+0x10/0x10\n[ 100.281200] ? kfree+0x7b/0x120\n[ 100.281619] ? ____kasan_slab_free+0x15d/0x1d0\n[ 100.282197] ? event_trigger_write+0xac/0x100\n[ 100.282764] ? __kasan_slab_free+0x16/0x20\n[ 100.283293] ? __kmem_cache_free+0x153/0x2f0\n[ 100.283844] ? sched_mm_cid_remote_clear+0xb1/0x250\n[ 100.284550] ? __pfx_sched_mm_cid_remote_clear+0x10/0x10\n[ 100.285221] ? event_trigger_write+0xbc/0x100\n[ 100.285781] ? __kasan_check_read+0x15/0x20\n[ 100.286321] ? __bitmap_weight+0x66/0xa0\n[ 100.286833] ? _find_next_bit+0x46/0xe0\n[ 100.287334] ? task_mm_cid_work+0x37f/0x450\n[ 100.287872] event_triggers_call+0x84/0x150\n[ 100.288408] trace_event_buffer_commit+0x339/0x430\n[ 100.289073] ? ring_buffer_event_data+0x3f/0x60\n[ 100.292189] trace_event_raw_event_sys_enter+0x8b/0xe0\n[ 100.295434] syscall_trace_enter.constprop.0+0x18f/0x1b0\n[ 100.298653] syscall_enter_from_user_mode+0x32/0x40\n[ 100.301808] do_syscall_64+0x1a/0x90\n[ 100.304748] entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n[ 100.307775] RIP: 0033:0x7f686c75c1cb\n[ 100.310617] Code: 73 01 c3 48 8b 0d 65 3c 10 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa b8 21 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 35 3c 10 00 f7 d8 64 89 01 48\n[ 100.317847] RSP: 002b:00007ffc60137a38 EFLAGS: 00000246 ORIG_RAX: 0000000000000021\n[ 100.321200] RA\n---truncated---",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2023-53560"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/1576f0df7b4d1f82db588d6654b89d796fa06929",
"url": "https://git.kernel.org/stable/c/1576f0df7b4d1f82db588d6654b89d796fa06929"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/4815359056083c555f97a5ee3af86519be5166de",
"url": "https://git.kernel.org/stable/c/4815359056083c555f97a5ee3af86519be5166de"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/4a540f63618e525e433b37d2b5522cda08e321d7",
"url": "https://git.kernel.org/stable/c/4a540f63618e525e433b37d2b5522cda08e321d7"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/4ffad1528e81c91769d9da1f8436080861c8ec67",
"url": "https://git.kernel.org/stable/c/4ffad1528e81c91769d9da1f8436080861c8ec67"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/5fd32eb6fa0ac795aa5a64bc004ab68d7b44196a",
"url": "https://git.kernel.org/stable/c/5fd32eb6fa0ac795aa5a64bc004ab68d7b44196a"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/6018b585e8c6fa7d85d4b38d9ce49a5b67be7078",
"url": "https://git.kernel.org/stable/c/6018b585e8c6fa7d85d4b38d9ce49a5b67be7078"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/97f54b330c797ed27fba8791baeaa38ace886cbd",
"url": "https://git.kernel.org/stable/c/97f54b330c797ed27fba8791baeaa38ace886cbd"
}
],
"release_date": "2025-10-04T16:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-09T09:34:27.201962Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865",
"product_ids": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2023-53604",
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm integrity: call kmem_cache_destroy() in dm_integrity_init() error path\n\nOtherwise the journal_io_cache will leak if dm_register_target() fails.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2023-53604"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/3877b5c1509b16eeb1f275228fd91789cd88cf17",
"url": "https://git.kernel.org/stable/c/3877b5c1509b16eeb1f275228fd91789cd88cf17"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/44f29e93a55b544dc961b6f8b4e93abaeaafb9ee",
"url": "https://git.kernel.org/stable/c/44f29e93a55b544dc961b6f8b4e93abaeaafb9ee"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/6b79a428c02769f2a11f8ae76bf866226d134887",
"url": "https://git.kernel.org/stable/c/6b79a428c02769f2a11f8ae76bf866226d134887"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/6d126899b0747305c9d39a0bcf87e0df9c3f555b",
"url": "https://git.kernel.org/stable/c/6d126899b0747305c9d39a0bcf87e0df9c3f555b"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/a5d8c6bf58e5b2e70fbc15f3b08dfc1ba6f269ac",
"url": "https://git.kernel.org/stable/c/a5d8c6bf58e5b2e70fbc15f3b08dfc1ba6f269ac"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/c8c9c50268729bf35f6c9bb1205f490db920454e",
"url": "https://git.kernel.org/stable/c/c8c9c50268729bf35f6c9bb1205f490db920454e"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/ca8b634fdf07dee3f6dfde57079c4511480b525e",
"url": "https://git.kernel.org/stable/c/ca8b634fdf07dee3f6dfde57079c4511480b525e"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/e09a592fdd6c716506774bdbebb5f6c537b47767",
"url": "https://git.kernel.org/stable/c/e09a592fdd6c716506774bdbebb5f6c537b47767"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/ff4d6b5b38429a7731e5593680d2138bf74dd546",
"url": "https://git.kernel.org/stable/c/ff4d6b5b38429a7731e5593680d2138bf74dd546"
}
],
"release_date": "2025-10-04T16:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-09T09:34:27.201962Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865",
"product_ids": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2025-39824",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: asus: fix UAF via HID_CLAIMED_INPUT validation\n\nAfter hid_hw_start() is called hidinput_connect() will eventually be\ncalled to set up the device with the input layer since the\nHID_CONNECT_DEFAULT connect mask is used. During hidinput_connect()\nall input and output reports are processed and corresponding hid_inputs\nare allocated and configured via hidinput_configure_usages(). This\nprocess involves slot tagging report fields and configuring usages\nby setting relevant bits in the capability bitmaps. However it is possible\nthat the capability bitmaps are not set at all leading to the subsequent\nhidinput_has_been_populated() check to fail leading to the freeing of the\nhid_input and the underlying input device.\n\nThis becomes problematic because a malicious HID device like a\nASUS ROG N-Key keyboard can trigger the above scenario via a\nspecially crafted descriptor which then leads to a user-after-free\nwhen the name of the freed input device is written to later on after\nhid_hw_start(). Below, report 93 intentionally utilises the\nHID_UP_UNDEFINED Usage Page which is skipped during usage\nconfiguration, leading to the frees.\n\n0x05, 0x0D, // Usage Page (Digitizer)\n0x09, 0x05, // Usage (Touch Pad)\n0xA1, 0x01, // Collection (Application)\n0x85, 0x0D, // Report ID (13)\n0x06, 0x00, 0xFF, // Usage Page (Vendor Defined 0xFF00)\n0x09, 0xC5, // Usage (0xC5)\n0x15, 0x00, // Logical Minimum (0)\n0x26, 0xFF, 0x00, // Logical Maximum (255)\n0x75, 0x08, // Report Size (8)\n0x95, 0x04, // Report Count (4)\n0xB1, 0x02, // Feature (Data,Var,Abs)\n0x85, 0x5D, // Report ID (93)\n0x06, 0x00, 0x00, // Usage Page (Undefined)\n0x09, 0x01, // Usage (0x01)\n0x15, 0x00, // Logical Minimum (0)\n0x26, 0xFF, 0x00, // Logical Maximum (255)\n0x75, 0x08, // Report Size (8)\n0x95, 0x1B, // Report Count (27)\n0x81, 0x02, // Input (Data,Var,Abs)\n0xC0, // End Collection\n\nBelow is the KASAN splat after triggering the UAF:\n\n[ 21.672709] ==================================================================\n[ 21.673700] BUG: KASAN: slab-use-after-free in asus_probe+0xeeb/0xf80\n[ 21.673700] Write of size 8 at addr ffff88810a0ac000 by task kworker/1:2/54\n[ 21.673700]\n[ 21.673700] CPU: 1 UID: 0 PID: 54 Comm: kworker/1:2 Not tainted 6.16.0-rc4-g9773391cf4dd-dirty #36 PREEMPT(voluntary)\n[ 21.673700] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.2-debian-1.16.2-1 04/01/2014\n[ 21.673700] Call Trace:\n[ 21.673700] \n[ 21.673700] dump_stack_lvl+0x5f/0x80\n[ 21.673700] print_report+0xd1/0x660\n[ 21.673700] kasan_report+0xe5/0x120\n[ 21.673700] __asan_report_store8_noabort+0x1b/0x30\n[ 21.673700] asus_probe+0xeeb/0xf80\n[ 21.673700] hid_device_probe+0x2ee/0x700\n[ 21.673700] really_probe+0x1c6/0x6b0\n[ 21.673700] __driver_probe_device+0x24f/0x310\n[ 21.673700] driver_probe_device+0x4e/0x220\n[...]\n[ 21.673700]\n[ 21.673700] Allocated by task 54:\n[ 21.673700] kasan_save_stack+0x3d/0x60\n[ 21.673700] kasan_save_track+0x18/0x40\n[ 21.673700] kasan_save_alloc_info+0x3b/0x50\n[ 21.673700] __kasan_kmalloc+0x9c/0xa0\n[ 21.673700] __kmalloc_cache_noprof+0x139/0x340\n[ 21.673700] input_allocate_device+0x44/0x370\n[ 21.673700] hidinput_connect+0xcb6/0x2630\n[ 21.673700] hid_connect+0xf74/0x1d60\n[ 21.673700] hid_hw_start+0x8c/0x110\n[ 21.673700] asus_probe+0x5a3/0xf80\n[ 21.673700] hid_device_probe+0x2ee/0x700\n[ 21.673700] really_probe+0x1c6/0x6b0\n[ 21.673700] __driver_probe_device+0x24f/0x310\n[ 21.673700] driver_probe_device+0x4e/0x220\n[...]\n[ 21.673700]\n[ 21.673700] Freed by task 54:\n[ 21.673700] kasan_save_stack+0x3d/0x60\n[ 21.673700] kasan_save_track+0x18/0x40\n[ 21.673700] kasan_save_free_info+0x3f/0x60\n[ 21.673700] __kasan_slab_free+0x3c/0x50\n[ 21.673700] kfre\n---truncated---",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2025-39824"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/5f3c0839b173f7f33415eb098331879e547d1d2d",
"url": "https://git.kernel.org/stable/c/5f3c0839b173f7f33415eb098331879e547d1d2d"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/7170122e2ae4ab378c9cdf7cc54dea8b0abbbca5",
"url": "https://git.kernel.org/stable/c/7170122e2ae4ab378c9cdf7cc54dea8b0abbbca5"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/72a4ec018c9e9bc52f4f80eb3afb5d6a6b752275",
"url": "https://git.kernel.org/stable/c/72a4ec018c9e9bc52f4f80eb3afb5d6a6b752275"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/9a9e4a8317437bf944fa017c66e1e23a0368b5c7",
"url": "https://git.kernel.org/stable/c/9a9e4a8317437bf944fa017c66e1e23a0368b5c7"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/a8ca8fe7f516d27ece3afb995c3bd4d07dcbe62c",
"url": "https://git.kernel.org/stable/c/a8ca8fe7f516d27ece3afb995c3bd4d07dcbe62c"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/c0d77e3441a92d0b4958193c9ac1c3f81c6f1d1c",
"url": "https://git.kernel.org/stable/c/c0d77e3441a92d0b4958193c9ac1c3f81c6f1d1c"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/d3af6ca9a8c34bbd8cff32b469b84c9021c9e7e4",
"url": "https://git.kernel.org/stable/c/d3af6ca9a8c34bbd8cff32b469b84c9021c9e7e4"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/eaae728e7335b5dbad70966e2bd520a731fdf7b2",
"url": "https://git.kernel.org/stable/c/eaae728e7335b5dbad70966e2bd520a731fdf7b2"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html",
"url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html",
"url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html"
}
],
"release_date": "2025-09-16T13:16:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-09T09:34:27.201962Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865",
"product_ids": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2025-39913",
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp_bpf: Call sk_msg_free() when tcp_bpf_send_verdict() fails to allocate psock->cork.\n\nsyzbot reported the splat below. [0]\n\nThe repro does the following:\n\n 1. Load a sk_msg prog that calls bpf_msg_cork_bytes(msg, cork_bytes)\n 2. Attach the prog to a SOCKMAP\n 3. Add a socket to the SOCKMAP\n 4. Activate fault injection\n 5. Send data less than cork_bytes\n\nAt 5., the data is carried over to the next sendmsg() as it is\nsmaller than the cork_bytes specified by bpf_msg_cork_bytes().\n\nThen, tcp_bpf_send_verdict() tries to allocate psock->cork to hold\nthe data, but this fails silently due to fault injection + __GFP_NOWARN.\n\nIf the allocation fails, we need to revert the sk->sk_forward_alloc\nchange done by sk_msg_alloc().\n\nLet's call sk_msg_free() when tcp_bpf_send_verdict fails to allocate\npsock->cork.\n\nThe \"*copied\" also needs to be updated such that a proper error can\nbe returned to the caller, sendmsg. It fails to allocate psock->cork.\nNothing has been corked so far, so this patch simply sets \"*copied\"\nto 0.\n\n[0]:\nWARNING: net/ipv4/af_inet.c:156 at inet_sock_destruct+0x623/0x730 net/ipv4/af_inet.c:156, CPU#1: syz-executor/5983\nModules linked in:\nCPU: 1 UID: 0 PID: 5983 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025\nRIP: 0010:inet_sock_destruct+0x623/0x730 net/ipv4/af_inet.c:156\nCode: 0f 0b 90 e9 62 fe ff ff e8 7a db b5 f7 90 0f 0b 90 e9 95 fe ff ff e8 6c db b5 f7 90 0f 0b 90 e9 bb fe ff ff e8 5e db b5 f7 90 <0f> 0b 90 e9 e1 fe ff ff 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c 9f fc\nRSP: 0018:ffffc90000a08b48 EFLAGS: 00010246\nRAX: ffffffff8a09d0b2 RBX: dffffc0000000000 RCX: ffff888024a23c80\nRDX: 0000000000000100 RSI: 0000000000000fff RDI: 0000000000000000\nRBP: 0000000000000fff R08: ffff88807e07c627 R09: 1ffff1100fc0f8c4\nR10: dffffc0000000000 R11: ffffed100fc0f8c5 R12: ffff88807e07c380\nR13: dffffc0000000000 R14: ffff88807e07c60c R15: 1ffff1100fc0f872\nFS: 00005555604c4500(0000) GS:ffff888125af1000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00005555604df5c8 CR3: 0000000032b06000 CR4: 00000000003526f0\nCall Trace:\n \n __sk_destruct+0x86/0x660 net/core/sock.c:2339\n rcu_do_batch kernel/rcu/tree.c:2605 [inline]\n rcu_core+0xca8/0x1770 kernel/rcu/tree.c:2861\n handle_softirqs+0x286/0x870 kernel/softirq.c:579\n __do_softirq kernel/softirq.c:613 [inline]\n invoke_softirq kernel/softirq.c:453 [inline]\n __irq_exit_rcu+0xca/0x1f0 kernel/softirq.c:680\n irq_exit_rcu+0x9/0x30 kernel/softirq.c:696\n instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1052 [inline]\n sysvec_apic_timer_interrupt+0xa6/0xc0 arch/x86/kernel/apic/apic.c:1052\n ",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2025-39913"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/05366527f44cf4b884f3d9462ae8009be9665856",
"url": "https://git.kernel.org/stable/c/05366527f44cf4b884f3d9462ae8009be9665856"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/08f58d10f5abf11d297cc910754922498c921f91",
"url": "https://git.kernel.org/stable/c/08f58d10f5abf11d297cc910754922498c921f91"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/539920180c55f5e13a2488a2339f94e6b8cb69e0",
"url": "https://git.kernel.org/stable/c/539920180c55f5e13a2488a2339f94e6b8cb69e0"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/66bcb04a441fbf15d66834b7e3eefb313dd750c8",
"url": "https://git.kernel.org/stable/c/66bcb04a441fbf15d66834b7e3eefb313dd750c8"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/7429b8b9bfbc276fd304fbaebc405f46b421fedf",
"url": "https://git.kernel.org/stable/c/7429b8b9bfbc276fd304fbaebc405f46b421fedf"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/9c2a6456bdf9794474460d885c359b6c4522d6e3",
"url": "https://git.kernel.org/stable/c/9c2a6456bdf9794474460d885c359b6c4522d6e3"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/a3967baad4d533dc254c31e0d221e51c8d223d58",
"url": "https://git.kernel.org/stable/c/a3967baad4d533dc254c31e0d221e51c8d223d58"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/de89e58368f8f07df005ecc1c86ad94898a999f2",
"url": "https://git.kernel.org/stable/c/de89e58368f8f07df005ecc1c86ad94898a999f2"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html",
"url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html"
}
],
"release_date": "2025-10-01T08:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-09T09:34:27.201962Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865",
"product_ids": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2025-39945",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncnic: Fix use-after-free bugs in cnic_delete_task\n\nThe original code uses cancel_delayed_work() in cnic_cm_stop_bnx2x_hw(),\nwhich does not guarantee that the delayed work item 'delete_task' has\nfully completed if it was already running. Additionally, the delayed work\nitem is cyclic, the flush_workqueue() in cnic_cm_stop_bnx2x_hw() only\nblocks and waits for work items that were already queued to the\nworkqueue prior to its invocation. Any work items submitted after\nflush_workqueue() is called are not included in the set of tasks that the\nflush operation awaits. This means that after the cyclic work items have\nfinished executing, a delayed work item may still exist in the workqueue.\nThis leads to use-after-free scenarios where the cnic_dev is deallocated\nby cnic_free_dev(), while delete_task remains active and attempt to\ndereference cnic_dev in cnic_delete_task().\n\nA typical race condition is illustrated below:\n\nCPU 0 (cleanup) | CPU 1 (delayed work callback)\ncnic_netdev_event() |\n cnic_stop_hw() | cnic_delete_task()\n cnic_cm_stop_bnx2x_hw() | ...\n cancel_delayed_work() | /* the queue_delayed_work()\n flush_workqueue() | executes after flush_workqueue()*/\n | queue_delayed_work()\n cnic_free_dev(dev)//free | cnic_delete_task() //new instance\n | dev = cp->dev; //use\n\nReplace cancel_delayed_work() with cancel_delayed_work_sync() to ensure\nthat the cyclic delayed work item is properly canceled and that any\nongoing execution of the work item completes before the cnic_dev is\ndeallocated. Furthermore, since cancel_delayed_work_sync() uses\n__flush_work(work, true) to synchronously wait for any currently\nexecuting instance of the work item to finish, the flush_workqueue()\nbecomes redundant and should be removed.\n\nThis bug was identified through static analysis. To reproduce the issue\nand validate the fix, I simulated the cnic PCI device in QEMU and\nintroduced intentional delays — such as inserting calls to ssleep()\nwithin the cnic_delete_task() function — to increase the likelihood\nof triggering the bug.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2025-39945"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/0405055930264ea8fd26f4131466fa7652e5e47d",
"url": "https://git.kernel.org/stable/c/0405055930264ea8fd26f4131466fa7652e5e47d"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/0627e1481676669cae2df0d85b5ff13e7d24c390",
"url": "https://git.kernel.org/stable/c/0627e1481676669cae2df0d85b5ff13e7d24c390"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/6e33a7eed587062ca8161ad1f4584882a860d697",
"url": "https://git.kernel.org/stable/c/6e33a7eed587062ca8161ad1f4584882a860d697"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/7b6a5b0a6b392263c3767fc945b311ea04b34bbd",
"url": "https://git.kernel.org/stable/c/7b6a5b0a6b392263c3767fc945b311ea04b34bbd"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/8eeb2091e72d75df8ceaa2172638d61b4cf8929a",
"url": "https://git.kernel.org/stable/c/8eeb2091e72d75df8ceaa2172638d61b4cf8929a"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/cfa7d9b1e3a8604afc84e9e51d789c29574fb216",
"url": "https://git.kernel.org/stable/c/cfa7d9b1e3a8604afc84e9e51d789c29574fb216"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/e1fcd4a9c09feac0902a65615e866dbf22616125",
"url": "https://git.kernel.org/stable/c/e1fcd4a9c09feac0902a65615e866dbf22616125"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/fde6e73189f40ebcf0633aed2b68e731c25f3aa3",
"url": "https://git.kernel.org/stable/c/fde6e73189f40ebcf0633aed2b68e731c25f3aa3"
}
],
"release_date": "2025-10-04T08:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-09T09:34:27.201962Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865",
"product_ids": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2025-38102",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nVMCI: fix race between vmci_host_setup_notify and vmci_ctx_unset_notify\n\nDuring our test, it is found that a warning can be trigger in try_grab_folio\nas follow:\n\n ------------[ cut here ]------------\n WARNING: CPU: 0 PID: 1678 at mm/gup.c:147 try_grab_folio+0x106/0x130\n Modules linked in:\n CPU: 0 UID: 0 PID: 1678 Comm: syz.3.31 Not tainted 6.15.0-rc5 #163 PREEMPT(undef)\n RIP: 0010:try_grab_folio+0x106/0x130\n Call Trace:\n \n follow_huge_pmd+0x240/0x8e0\n follow_pmd_mask.constprop.0.isra.0+0x40b/0x5c0\n follow_pud_mask.constprop.0.isra.0+0x14a/0x170\n follow_page_mask+0x1c2/0x1f0\n __get_user_pages+0x176/0x950\n __gup_longterm_locked+0x15b/0x1060\n ? gup_fast+0x120/0x1f0\n gup_fast_fallback+0x17e/0x230\n get_user_pages_fast+0x5f/0x80\n vmci_host_unlocked_ioctl+0x21c/0xf80\n RIP: 0033:0x54d2cd\n ---[ end trace 0000000000000000 ]---\n\nDigging into the source, context->notify_page may init by get_user_pages_fast\nand can be seen in vmci_ctx_unset_notify which will try to put_page. However\nget_user_pages_fast is not finished here and lead to following\ntry_grab_folio warning. The race condition is shown as follow:\n\ncpu0\t\t\tcpu1\nvmci_host_do_set_notify\nvmci_host_setup_notify\nget_user_pages_fast(uva, 1, FOLL_WRITE, &context->notify_page);\nlockless_pages_from_mm\ngup_pgd_range\ngup_huge_pmd // update &context->notify_page\n\t\t\tvmci_host_do_set_notify\n\t\t\tvmci_ctx_unset_notify\n\t\t\tnotify_page = context->notify_page;\n\t\t\tif (notify_page)\n\t\t\tput_page(notify_page);\t// page is freed\n__gup_longterm_locked\n__get_user_pages\nfollow_trans_huge_pmd\ntry_grab_folio // warn here\n\nTo slove this, use local variable page to make notify_page can be seen\nafter finish get_user_pages_fast.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2025-38102"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/00ddc7dad55b7bbb78df80d6e174d0c4764dea0c",
"url": "https://git.kernel.org/stable/c/00ddc7dad55b7bbb78df80d6e174d0c4764dea0c"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/1bd6406fb5f36c2bb1e96e27d4c3e9f4d09edde4",
"url": "https://git.kernel.org/stable/c/1bd6406fb5f36c2bb1e96e27d4c3e9f4d09edde4"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/468aec888f838ce5174b96e0cb4396790d6f60ca",
"url": "https://git.kernel.org/stable/c/468aec888f838ce5174b96e0cb4396790d6f60ca"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/58a90db70aa6616411e5f69d1982d9b1dd97d774",
"url": "https://git.kernel.org/stable/c/58a90db70aa6616411e5f69d1982d9b1dd97d774"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/6e3af836805ed1d7a699f76ec798626198917aa4",
"url": "https://git.kernel.org/stable/c/6e3af836805ed1d7a699f76ec798626198917aa4"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/74095bbbb19ca74a0368d857603a2438c88ca86c",
"url": "https://git.kernel.org/stable/c/74095bbbb19ca74a0368d857603a2438c88ca86c"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/75b5313c80c39a26d27cbb602f968a05576c36f9",
"url": "https://git.kernel.org/stable/c/75b5313c80c39a26d27cbb602f968a05576c36f9"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/b4209e4b778e4e57d0636e1c9fc07a924dbc6043",
"url": "https://git.kernel.org/stable/c/b4209e4b778e4e57d0636e1c9fc07a924dbc6043"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html",
"url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html",
"url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html"
}
],
"release_date": "2025-07-03T09:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-09T09:34:27.201962Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865",
"product_ids": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2025-38494",
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: core: do not bypass hid_hw_raw_request\n\nhid_hw_raw_request() is actually useful to ensure the provided buffer\nand length are valid. Directly calling in the low level transport driver\nfunction bypassed those checks and allowed invalid paramto be used.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2025-38494"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/0e5017d84d650ca0eeaf4a3fe9264c5dbc886b81",
"url": "https://git.kernel.org/stable/c/0e5017d84d650ca0eeaf4a3fe9264c5dbc886b81"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/19d1314d46c0d8a5c08ab53ddeb62280c77698c0",
"url": "https://git.kernel.org/stable/c/19d1314d46c0d8a5c08ab53ddeb62280c77698c0"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/40e25aa7e4e0f2440c73a683ee448e41c7c344ed",
"url": "https://git.kernel.org/stable/c/40e25aa7e4e0f2440c73a683ee448e41c7c344ed"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/a62a895edb2bfebffa865b5129a66e3b4287f34f",
"url": "https://git.kernel.org/stable/c/a62a895edb2bfebffa865b5129a66e3b4287f34f"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/c2ca42f190b6714d6c481dfd3d9b62ea091c946b",
"url": "https://git.kernel.org/stable/c/c2ca42f190b6714d6c481dfd3d9b62ea091c946b"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/d18f63e848840100dbc351a82e7042eac5a28cf5",
"url": "https://git.kernel.org/stable/c/d18f63e848840100dbc351a82e7042eac5a28cf5"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/dd8e8314f2ce225dade5248dcfb9e2ac0edda624",
"url": "https://git.kernel.org/stable/c/dd8e8314f2ce225dade5248dcfb9e2ac0edda624"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/f10923b8d32a473b229477b63f23bbd72b1e9910",
"url": "https://git.kernel.org/stable/c/f10923b8d32a473b229477b63f23bbd72b1e9910"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html",
"url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html",
"url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html"
}
],
"release_date": "2025-07-28T12:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-09T09:34:27.201962Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865",
"product_ids": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2022-50432",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nkernfs: fix use-after-free in __kernfs_remove\n\nSyzkaller managed to trigger concurrent calls to\nkernfs_remove_by_name_ns() for the same file resulting in\na KASAN detected use-after-free. The race occurs when the root\nnode is freed during kernfs_drain().\n\nTo prevent this acquire an additional reference for the root\nof the tree that is removed before calling __kernfs_remove().\n\nFound by syzkaller with the following reproducer (slab_nomerge is\nrequired):\n\nsyz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\\x00', 0x100000, 0x0, 0x0, 0x0, 0x0)\nr0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\\x00', 0x0, 0x0)\nclose(r0)\npipe2(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800)\nmount$9p_fd(0x0, &(0x7f0000000040)='./file0\\x00', &(0x7f00000000c0), 0x408, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@mmap}, {@loose}, {@loose}, {@mmap}], [{@mask={'mask', 0x3d, '^MAY_EXEC'}}, {@fsmagic={'fsmagic', 0x3d, 0x10001}}, {@dont_hash}]}})\n\nSample report:\n\n==================================================================\nBUG: KASAN: use-after-free in kernfs_type include/linux/kernfs.h:335 [inline]\nBUG: KASAN: use-after-free in kernfs_leftmost_descendant fs/kernfs/dir.c:1261 [inline]\nBUG: KASAN: use-after-free in __kernfs_remove.part.0+0x843/0x960 fs/kernfs/dir.c:1369\nRead of size 2 at addr ffff8880088807f0 by task syz-executor.2/857\n\nCPU: 0 PID: 857 Comm: syz-executor.2 Not tainted 6.0.0-rc3-00363-g7726d4c3e60b #5\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\nCall Trace:\n \n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x6e/0x91 lib/dump_stack.c:106\n print_address_description mm/kasan/report.c:317 [inline]\n print_report.cold+0x5e/0x5e5 mm/kasan/report.c:433\n kasan_report+0xa3/0x130 mm/kasan/report.c:495\n kernfs_type include/linux/kernfs.h:335 [inline]\n kernfs_leftmost_descendant fs/kernfs/dir.c:1261 [inline]\n __kernfs_remove.part.0+0x843/0x960 fs/kernfs/dir.c:1369\n __kernfs_remove fs/kernfs/dir.c:1356 [inline]\n kernfs_remove_by_name_ns+0x108/0x190 fs/kernfs/dir.c:1589\n sysfs_slab_add+0x133/0x1e0 mm/slub.c:5943\n __kmem_cache_create+0x3e0/0x550 mm/slub.c:4899\n create_cache mm/slab_common.c:229 [inline]\n kmem_cache_create_usercopy+0x167/0x2a0 mm/slab_common.c:335\n p9_client_create+0xd4d/0x1190 net/9p/client.c:993\n v9fs_session_init+0x1e6/0x13c0 fs/9p/v9fs.c:408\n v9fs_mount+0xb9/0xbd0 fs/9p/vfs_super.c:126\n legacy_get_tree+0xf1/0x200 fs/fs_context.c:610\n vfs_get_tree+0x85/0x2e0 fs/super.c:1530\n do_new_mount fs/namespace.c:3040 [inline]\n path_mount+0x675/0x1d00 fs/namespace.c:3370\n do_mount fs/namespace.c:3383 [inline]\n __do_sys_mount fs/namespace.c:3591 [inline]\n __se_sys_mount fs/namespace.c:3568 [inline]\n __x64_sys_mount+0x282/0x300 fs/namespace.c:3568\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x38/0x90 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\nRIP: 0033:0x7f725f983aed\nCode: 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f725f0f7028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5\nRAX: ffffffffffffffda RBX: 00007f725faa3f80 RCX: 00007f725f983aed\nRDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000\nRBP: 00007f725f9f419c R08: 0000000020000280 R09: 0000000000000000\nR10: 0000000000000408 R11: 0000000000000246 R12: 0000000000000000\nR13: 0000000000000006 R14: 00007f725faa3f80 R15: 00007f725f0d7000\n \n\nAllocated by task 855:\n kasan_save_stack+0x1e/0x40 mm/kasan/common.c:38\n kasan_set_track mm/kasan/common.c:45 [inline]\n set_alloc_info mm/kasan/common.c:437 [inline]\n __kasan_slab_alloc+0x66/0x80 mm/kasan/common.c:470\n kasan_slab_alloc include/linux/kasan.h:224 [inline]\n slab_post_alloc_hook mm/slab.h:7\n---truncated---",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2022-50432"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/028cf780743eea79abffa7206b9dcfc080ad3546",
"url": "https://git.kernel.org/stable/c/028cf780743eea79abffa7206b9dcfc080ad3546"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/02eb35131050735332658029082f61515b7dfe38",
"url": "https://git.kernel.org/stable/c/02eb35131050735332658029082f61515b7dfe38"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/4abc99652812a2ddf932f137515d5c5a04723538",
"url": "https://git.kernel.org/stable/c/4abc99652812a2ddf932f137515d5c5a04723538"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/4dfd6a477a1525773469feaf3c514b2c0fef76b5",
"url": "https://git.kernel.org/stable/c/4dfd6a477a1525773469feaf3c514b2c0fef76b5"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/6f72a3977ba9d0e5491a5c01315204272e7f9c44",
"url": "https://git.kernel.org/stable/c/6f72a3977ba9d0e5491a5c01315204272e7f9c44"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/94d2643df1e70a4c310ebb5e2c493eec33df1a06",
"url": "https://git.kernel.org/stable/c/94d2643df1e70a4c310ebb5e2c493eec33df1a06"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/af1b57cc39beca203559576b3046094fc9e5eb32",
"url": "https://git.kernel.org/stable/c/af1b57cc39beca203559576b3046094fc9e5eb32"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/c78b0dc6fb7fb389d674e491fd376388cdfb1d53",
"url": "https://git.kernel.org/stable/c/c78b0dc6fb7fb389d674e491fd376388cdfb1d53"
}
],
"release_date": "2025-10-01T12:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-09T09:34:27.201962Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865",
"product_ids": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2024-35966",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: RFCOMM: Fix not validating setsockopt user input\n\nsyzbot reported rfcomm_sock_setsockopt_old() is copying data without\nchecking user input length.\n\nBUG: KASAN: slab-out-of-bounds in copy_from_sockptr_offset\ninclude/linux/sockptr.h:49 [inline]\nBUG: KASAN: slab-out-of-bounds in copy_from_sockptr\ninclude/linux/sockptr.h:55 [inline]\nBUG: KASAN: slab-out-of-bounds in rfcomm_sock_setsockopt_old\nnet/bluetooth/rfcomm/sock.c:632 [inline]\nBUG: KASAN: slab-out-of-bounds in rfcomm_sock_setsockopt+0x893/0xa70\nnet/bluetooth/rfcomm/sock.c:673\nRead of size 4 at addr ffff8880209a8bc3 by task syz-executor632/5064",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2024-35966"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/00767fbd67af70d7a550caa5b12d9515fa978bab",
"url": "https://git.kernel.org/stable/c/00767fbd67af70d7a550caa5b12d9515fa978bab"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/4ea65e2095e9bd151d0469328dd7fc2858feb546",
"url": "https://git.kernel.org/stable/c/4ea65e2095e9bd151d0469328dd7fc2858feb546"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/a97de7bff13b1cc825c1b1344eaed8d6c2d3e695",
"url": "https://git.kernel.org/stable/c/a97de7bff13b1cc825c1b1344eaed8d6c2d3e695"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/c3f787a3eafe519c93df9abbb0ca5145861c8d0f",
"url": "https://git.kernel.org/stable/c/c3f787a3eafe519c93df9abbb0ca5145861c8d0f"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/d072ea24748189cd8f4a9c3f585ca9af073a0838",
"url": "https://git.kernel.org/stable/c/d072ea24748189cd8f4a9c3f585ca9af073a0838"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/eea40d33bf936a5c7fb03c190e61e0cfee00e872",
"url": "https://git.kernel.org/stable/c/eea40d33bf936a5c7fb03c190e61e0cfee00e872"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html",
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html",
"url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html"
}
],
"release_date": "2024-05-20T10:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-09T09:34:27.201962Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865",
"product_ids": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2023-52927",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: allow exp not to be removed in nf_ct_find_expectation\n\nCurrently nf_conntrack_in() calling nf_ct_find_expectation() will\nremove the exp from the hash table. However, in some scenario, we\nexpect the exp not to be removed when the created ct will not be\nconfirmed, like in OVS and TC conntrack in the following patches.\n\nThis patch allows exp not to be removed by setting IPS_CONFIRMED\nin the status of the tmpl.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2023-52927"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/3fa58a6fbd1e9e5682d09cdafb08fba004cb12ec",
"url": "https://git.kernel.org/stable/c/3fa58a6fbd1e9e5682d09cdafb08fba004cb12ec"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/4914109a8e1e494c6aa9852f9e84ec77a5fc643f",
"url": "https://git.kernel.org/stable/c/4914109a8e1e494c6aa9852f9e84ec77a5fc643f"
},
{
"category": "external",
"summary": "https://seadragnol.github.io/posts/CVE-2023-52927/",
"url": "https://seadragnol.github.io/posts/CVE-2023-52927/"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html",
"url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html"
}
],
"release_date": "2025-03-14T15:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-09T09:34:27.201962Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865",
"product_ids": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2023-53521",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ses: Fix slab-out-of-bounds in ses_intf_remove()\n\nA fix for:\n\nBUG: KASAN: slab-out-of-bounds in ses_intf_remove+0x23f/0x270 [ses]\nRead of size 8 at addr ffff88a10d32e5d8 by task rmmod/12013\n\nWhen edev->components is zero, accessing edev->component[0] members is\nwrong.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2023-53521"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/0595cdb587726b4f0fa780eb7462e3679d141e82",
"url": "https://git.kernel.org/stable/c/0595cdb587726b4f0fa780eb7462e3679d141e82"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/2fb1fa8425cce2dc4dce298275d22d7077694b73",
"url": "https://git.kernel.org/stable/c/2fb1fa8425cce2dc4dce298275d22d7077694b73"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/40af9a6deed723485e05b7d3255a28750692e8db",
"url": "https://git.kernel.org/stable/c/40af9a6deed723485e05b7d3255a28750692e8db"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/578797f0c8cbc2e3ec5fc0dab87087b4c7073686",
"url": "https://git.kernel.org/stable/c/578797f0c8cbc2e3ec5fc0dab87087b4c7073686"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/76f7050537476ac062ec23a544fbca8270f2d08b",
"url": "https://git.kernel.org/stable/c/76f7050537476ac062ec23a544fbca8270f2d08b"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/82143faf01dda831b89eccef60c39ef8575ab08a",
"url": "https://git.kernel.org/stable/c/82143faf01dda831b89eccef60c39ef8575ab08a"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/87e47be38d205df338c52ead43f23b2864567423",
"url": "https://git.kernel.org/stable/c/87e47be38d205df338c52ead43f23b2864567423"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/8f9542cad6c27297c8391de3a659f0b7948495d0",
"url": "https://git.kernel.org/stable/c/8f9542cad6c27297c8391de3a659f0b7948495d0"
}
],
"release_date": "2025-10-01T12:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-09T09:34:27.201962Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865",
"product_ids": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2023-53471",
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu/gfx: disable gfx9 cp_ecc_error_irq only when enabling legacy gfx ras\n\ngfx9 cp_ecc_error_irq is only enabled when legacy gfx ras is assert.\nSo in gfx_v9_0_hw_fini, interrupt disablement for cp_ecc_error_irq\nshould be executed under such condition, otherwise, an amdgpu_irq_put\ncalltrace will occur.\n\n[ 7283.170322] RIP: 0010:amdgpu_irq_put+0x45/0x70 [amdgpu]\n[ 7283.170964] RSP: 0018:ffff9a5fc3967d00 EFLAGS: 00010246\n[ 7283.170967] RAX: ffff98d88afd3040 RBX: ffff98d89da20000 RCX: 0000000000000000\n[ 7283.170969] RDX: 0000000000000000 RSI: ffff98d89da2bef8 RDI: ffff98d89da20000\n[ 7283.170971] RBP: ffff98d89da20000 R08: ffff98d89da2ca18 R09: 0000000000000006\n[ 7283.170973] R10: ffffd5764243c008 R11: 0000000000000000 R12: 0000000000001050\n[ 7283.170975] R13: ffff98d89da38978 R14: ffffffff999ae15a R15: ffff98d880130105\n[ 7283.170978] FS: 0000000000000000(0000) GS:ffff98d996f00000(0000) knlGS:0000000000000000\n[ 7283.170981] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 7283.170983] CR2: 00000000f7a9d178 CR3: 00000001c42ea000 CR4: 00000000003506e0\n[ 7283.170986] Call Trace:\n[ 7283.170988] \n[ 7283.170989] gfx_v9_0_hw_fini+0x1c/0x6d0 [amdgpu]\n[ 7283.171655] amdgpu_device_ip_suspend_phase2+0x101/0x1a0 [amdgpu]\n[ 7283.172245] amdgpu_device_suspend+0x103/0x180 [amdgpu]\n[ 7283.172823] amdgpu_pmops_freeze+0x21/0x60 [amdgpu]\n[ 7283.173412] pci_pm_freeze+0x54/0xc0\n[ 7283.173419] ? __pfx_pci_pm_freeze+0x10/0x10\n[ 7283.173425] dpm_run_callback+0x98/0x200\n[ 7283.173430] __device_suspend+0x164/0x5f0\n\nv2: drop gfx11 as it's fixed in a different solution by retiring cp_ecc_irq funcs(Hawking)",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2023-53471"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/20ca90ceda71ed90a4d6960acbe7d5e120b40c0d",
"url": "https://git.kernel.org/stable/c/20ca90ceda71ed90a4d6960acbe7d5e120b40c0d"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/3d28af21a874c5123d1681c2d686627f7ff7e488",
"url": "https://git.kernel.org/stable/c/3d28af21a874c5123d1681c2d686627f7ff7e488"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/4a76680311330aefe5074bed8f06afa354b85c48",
"url": "https://git.kernel.org/stable/c/4a76680311330aefe5074bed8f06afa354b85c48"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/625d4112ea25dbad7ddf749fd5c1287ceffb2339",
"url": "https://git.kernel.org/stable/c/625d4112ea25dbad7ddf749fd5c1287ceffb2339"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/cd3c0f7013c37cd24fc40b601319007f136c1201",
"url": "https://git.kernel.org/stable/c/cd3c0f7013c37cd24fc40b601319007f136c1201"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/efce310db74fdc6d2acd959f3582972ae4a8d7d5",
"url": "https://git.kernel.org/stable/c/efce310db74fdc6d2acd959f3582972ae4a8d7d5"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/f661ad53658a1ea35c004af1f5fbe25c4d1cdb08",
"url": "https://git.kernel.org/stable/c/f661ad53658a1ea35c004af1f5fbe25c4d1cdb08"
}
],
"release_date": "2025-10-01T12:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-09T09:34:27.201962Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865",
"product_ids": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2025-37928",
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm-bufio: don't schedule in atomic context\n\nA BUG was reported as below when CONFIG_DEBUG_ATOMIC_SLEEP and\ntry_verify_in_tasklet are enabled.\n[ 129.444685][ T934] BUG: sleeping function called from invalid context at drivers/md/dm-bufio.c:2421\n[ 129.444723][ T934] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 934, name: kworker/1:4\n[ 129.444740][ T934] preempt_count: 201, expected: 0\n[ 129.444756][ T934] RCU nest depth: 0, expected: 0\n[ 129.444781][ T934] Preemption disabled at:\n[ 129.444789][ T934] [] shrink_work+0x21c/0x248\n[ 129.445167][ T934] kernel BUG at kernel/sched/walt/walt_debug.c:16!\n[ 129.445183][ T934] Internal error: Oops - BUG: 00000000f2000800 [#1] PREEMPT SMP\n[ 129.445204][ T934] Skip md ftrace buffer dump for: 0x1609e0\n[ 129.447348][ T934] CPU: 1 PID: 934 Comm: kworker/1:4 Tainted: G W OE 6.6.56-android15-8-o-g6f82312b30b9-debug #1 1400000003000000474e5500b3187743670464e8\n[ 129.447362][ T934] Hardware name: Qualcomm Technologies, Inc. Parrot QRD, Alpha-M (DT)\n[ 129.447373][ T934] Workqueue: dm_bufio_cache shrink_work\n[ 129.447394][ T934] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 129.447406][ T934] pc : android_rvh_schedule_bug+0x0/0x8 [sched_walt_debug]\n[ 129.447435][ T934] lr : __traceiter_android_rvh_schedule_bug+0x44/0x6c\n[ 129.447451][ T934] sp : ffffffc0843dbc90\n[ 129.447459][ T934] x29: ffffffc0843dbc90 x28: ffffffffffffffff x27: 0000000000000c8b\n[ 129.447479][ T934] x26: 0000000000000040 x25: ffffff804b3d6260 x24: ffffffd816232b68\n[ 129.447497][ T934] x23: ffffff805171c5b4 x22: 0000000000000000 x21: ffffffd816231900\n[ 129.447517][ T934] x20: ffffff80306ba898 x19: 0000000000000000 x18: ffffffc084159030\n[ 129.447535][ T934] x17: 00000000d2b5dd1f x16: 00000000d2b5dd1f x15: ffffffd816720358\n[ 129.447554][ T934] x14: 0000000000000004 x13: ffffff89ef978000 x12: 0000000000000003\n[ 129.447572][ T934] x11: ffffffd817a823c4 x10: 0000000000000202 x9 : 7e779c5735de9400\n[ 129.447591][ T934] x8 : ffffffd81560d004 x7 : 205b5d3938373434 x6 : ffffffd8167397c8\n[ 129.447610][ T934] x5 : 0000000000000000 x4 : 0000000000000001 x3 : ffffffc0843db9e0\n[ 129.447629][ T934] x2 : 0000000000002f15 x1 : 0000000000000000 x0 : 0000000000000000\n[ 129.447647][ T934] Call trace:\n[ 129.447655][ T934] android_rvh_schedule_bug+0x0/0x8 [sched_walt_debug 1400000003000000474e550080cce8a8a78606b6]\n[ 129.447681][ T934] __might_resched+0x190/0x1a8\n[ 129.447694][ T934] shrink_work+0x180/0x248\n[ 129.447706][ T934] process_one_work+0x260/0x624\n[ 129.447718][ T934] worker_thread+0x28c/0x454\n[ 129.447729][ T934] kthread+0x118/0x158\n[ 129.447742][ T934] ret_from_fork+0x10/0x20\n[ 129.447761][ T934] Code: ???????? ???????? ???????? d2b5dd1f (d4210000)\n[ 129.447772][ T934] ---[ end trace 0000000000000000 ]---\n\ndm_bufio_lock will call spin_lock_bh when try_verify_in_tasklet\nis enabled, and __scan will be called in atomic context.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2025-37928"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/69a37b3ba85088fc6b903b8e1db7f0a1d4d0b52d",
"url": "https://git.kernel.org/stable/c/69a37b3ba85088fc6b903b8e1db7f0a1d4d0b52d"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/a3d8f0a7f5e8b193db509c7191fefeed3533fc44",
"url": "https://git.kernel.org/stable/c/a3d8f0a7f5e8b193db509c7191fefeed3533fc44"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/a99f5bf4f7197009859dbce14c12f8e2ce5a5a69",
"url": "https://git.kernel.org/stable/c/a99f5bf4f7197009859dbce14c12f8e2ce5a5a69"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/c8c83052283bcf2fdd467a33d1d2bd5ba36e935a",
"url": "https://git.kernel.org/stable/c/c8c83052283bcf2fdd467a33d1d2bd5ba36e935a"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/f45108257280e0a1cc951ce254853721b40c0812",
"url": "https://git.kernel.org/stable/c/f45108257280e0a1cc951ce254853721b40c0812"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2025/08/msg00010.html",
"url": "https://lists.debian.org/debian-lts-announce/2025/08/msg00010.html"
}
],
"release_date": "2025-05-20T16:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-09T09:34:27.201962Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865",
"product_ids": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2022-50422",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: libsas: Fix use-after-free bug in smp_execute_task_sg()\n\nWhen executing SMP task failed, the smp_execute_task_sg() calls del_timer()\nto delete \"slow_task->timer\". However, if the timer handler\nsas_task_internal_timedout() is running, the del_timer() in\nsmp_execute_task_sg() will not stop it and a UAF will happen. The process\nis shown below:\n\n (thread 1) | (thread 2)\nsmp_execute_task_sg() | sas_task_internal_timedout()\n ... |\n del_timer() |\n ... | ...\n sas_free_task(task) |\n kfree(task->slow_task) //FREE|\n | task->slow_task->... //USE\n\nFix by calling del_timer_sync() in smp_execute_task_sg(), which makes sure\nthe timer handler have finished before the \"task->slow_task\" is\ndeallocated.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2022-50422"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/117331a2a5227fb4369c2a1f321d3e3e2e2ef8fe",
"url": "https://git.kernel.org/stable/c/117331a2a5227fb4369c2a1f321d3e3e2e2ef8fe"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/2e12ce270f0d926085c1209cc90397e307deef97",
"url": "https://git.kernel.org/stable/c/2e12ce270f0d926085c1209cc90397e307deef97"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/46ba53c30666717cb06c2b3c5d896301cd00d0c0",
"url": "https://git.kernel.org/stable/c/46ba53c30666717cb06c2b3c5d896301cd00d0c0"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/a9e5176ead6de64f572ad5c87a72825d9d3c82ae",
"url": "https://git.kernel.org/stable/c/a9e5176ead6de64f572ad5c87a72825d9d3c82ae"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/e45a1516d2933703a4823d9db71e17c3abeba24f",
"url": "https://git.kernel.org/stable/c/e45a1516d2933703a4823d9db71e17c3abeba24f"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/f7a785177611ffc97d645fcbc196e6de6ad2421d",
"url": "https://git.kernel.org/stable/c/f7a785177611ffc97d645fcbc196e6de6ad2421d"
}
],
"release_date": "2025-10-01T12:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-09T09:34:27.201962Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865",
"product_ids": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2023-53587",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nring-buffer: Sync IRQ works before buffer destruction\n\nIf something was written to the buffer just before destruction,\nit may be possible (maybe not in a real system, but it did\nhappen in ARCH=um with time-travel) to destroy the ringbuffer\nbefore the IRQ work ran, leading this KASAN report (or a crash\nwithout KASAN):\n\n BUG: KASAN: slab-use-after-free in irq_work_run_list+0x11a/0x13a\n Read of size 8 at addr 000000006d640a48 by task swapper/0\n\n CPU: 0 PID: 0 Comm: swapper Tainted: G W O 6.3.0-rc1 #7\n Stack:\n 60c4f20f 0c203d48 41b58ab3 60f224fc\n 600477fa 60f35687 60c4f20f 601273dd\n 00000008 6101eb00 6101eab0 615be548\n Call Trace:\n [<60047a58>] show_stack+0x25e/0x282\n [<60c609e0>] dump_stack_lvl+0x96/0xfd\n [<60c50d4c>] print_report+0x1a7/0x5a8\n [<603078d3>] kasan_report+0xc1/0xe9\n [<60308950>] __asan_report_load8_noabort+0x1b/0x1d\n [<60232844>] irq_work_run_list+0x11a/0x13a\n [<602328b4>] irq_work_tick+0x24/0x34\n [<6017f9dc>] update_process_times+0x162/0x196\n [<6019f335>] tick_sched_handle+0x1a4/0x1c3\n [<6019fd9e>] tick_sched_timer+0x79/0x10c\n [<601812b9>] __hrtimer_run_queues.constprop.0+0x425/0x695\n [<60182913>] hrtimer_interrupt+0x16c/0x2c4\n [<600486a3>] um_timer+0x164/0x183\n [...]\n\n Allocated by task 411:\n save_stack_trace+0x99/0xb5\n stack_trace_save+0x81/0x9b\n kasan_save_stack+0x2d/0x54\n kasan_set_track+0x34/0x3e\n kasan_save_alloc_info+0x25/0x28\n ____kasan_kmalloc+0x8b/0x97\n __kasan_kmalloc+0x10/0x12\n __kmalloc+0xb2/0xe8\n load_elf_phdrs+0xee/0x182\n [...]\n\n The buggy address belongs to the object at 000000006d640800\n which belongs to the cache kmalloc-1k of size 1024\n The buggy address is located 584 bytes inside of\n freed 1024-byte region [000000006d640800, 000000006d640c00)\n\nAdd the appropriate irq_work_sync() so the work finishes before\nthe buffers are destroyed.\n\nPrior to the commit in the Fixes tag below, there was only a\nsingle global IRQ work, so this issue didn't exist.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2023-53587"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/0a65165bd24ee9231191597b7c232376fcd70cdb",
"url": "https://git.kernel.org/stable/c/0a65165bd24ee9231191597b7c232376fcd70cdb"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/1c99f65d6af2a454bfd5207b4f6a97c8474a1191",
"url": "https://git.kernel.org/stable/c/1c99f65d6af2a454bfd5207b4f6a97c8474a1191"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/2399b1fda025e939b6fb1ac94505bcf718534e65",
"url": "https://git.kernel.org/stable/c/2399b1fda025e939b6fb1ac94505bcf718534e65"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/2702b67f59d455072a08dc40312f9b090d4dec04",
"url": "https://git.kernel.org/stable/c/2702b67f59d455072a08dc40312f9b090d4dec04"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/372c5ee537b8366b64b691ba29e9335525e1655e",
"url": "https://git.kernel.org/stable/c/372c5ee537b8366b64b691ba29e9335525e1655e"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/675751bb20634f981498c7d66161584080cc061e",
"url": "https://git.kernel.org/stable/c/675751bb20634f981498c7d66161584080cc061e"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/c63741e872fcfb10e153517750f7908f0c00f60d",
"url": "https://git.kernel.org/stable/c/c63741e872fcfb10e153517750f7908f0c00f60d"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/d9834abd8b24d1fe8092859e436fe1e0fd467c61",
"url": "https://git.kernel.org/stable/c/d9834abd8b24d1fe8092859e436fe1e0fd467c61"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/fc6858b7f8e1221f62ce8c6ff8a13a349c32cd76",
"url": "https://git.kernel.org/stable/c/fc6858b7f8e1221f62ce8c6ff8a13a349c32cd76"
}
],
"release_date": "2025-10-04T16:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-09T09:34:27.201962Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865",
"product_ids": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2025-38685",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: Fix vmalloc out-of-bounds write in fast_imageblit\n\nThis issue triggers when a userspace program does an ioctl\nFBIOPUT_CON2FBMAP by passing console number and frame buffer number.\nIdeally this maps console to frame buffer and updates the screen if\nconsole is visible.\n\nAs part of mapping it has to do resize of console according to frame\nbuffer info. if this resize fails and returns from vc_do_resize() and\ncontinues further. At this point console and new frame buffer are mapped\nand sets display vars. Despite failure still it continue to proceed\nupdating the screen at later stages where vc_data is related to previous\nframe buffer and frame buffer info and display vars are mapped to new\nframe buffer and eventully leading to out-of-bounds write in\nfast_imageblit(). This bheviour is excepted only when fg_console is\nequal to requested console which is a visible console and updates screen\nwith invalid struct references in fbcon_putcs().",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2025-38685"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/078e62bffca4b7e72e8f3550eb063ab981c36c7a",
"url": "https://git.kernel.org/stable/c/078e62bffca4b7e72e8f3550eb063ab981c36c7a"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/27b118aebdd84161c8ff5ce49d9d536f2af10754",
"url": "https://git.kernel.org/stable/c/27b118aebdd84161c8ff5ce49d9d536f2af10754"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/4c4d7ddaf1d43780b106bedc692679f965dc5a3a",
"url": "https://git.kernel.org/stable/c/4c4d7ddaf1d43780b106bedc692679f965dc5a3a"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/56701bf9eeb63219e378cb7fcbd066ea4eaeeb50",
"url": "https://git.kernel.org/stable/c/56701bf9eeb63219e378cb7fcbd066ea4eaeeb50"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/af0db3c1f898144846d4c172531a199bb3ca375d",
"url": "https://git.kernel.org/stable/c/af0db3c1f898144846d4c172531a199bb3ca375d"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/cfec17721265e72e50cc69c6004fe3475cd38df2",
"url": "https://git.kernel.org/stable/c/cfec17721265e72e50cc69c6004fe3475cd38df2"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/ed9b8e5016230868c8d813d9179523f729fec8c6",
"url": "https://git.kernel.org/stable/c/ed9b8e5016230868c8d813d9179523f729fec8c6"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html",
"url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html"
}
],
"release_date": "2025-09-04T16:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-09T09:34:27.201962Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865",
"product_ids": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2024-26739",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: act_mirred: don't override retval if we already lost the skb\n\nIf we're redirecting the skb, and haven't called tcf_mirred_forward(),\nyet, we need to tell the core to drop the skb by setting the retcode\nto SHOT. If we have called tcf_mirred_forward(), however, the skb\nis out of our hands and returning SHOT will lead to UaF.\n\nMove the retval override to the error path which actually need it.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2024-26739"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/0117fe0a4615a7c8d30d6ebcbf87332fbe63e6fd",
"url": "https://git.kernel.org/stable/c/0117fe0a4615a7c8d30d6ebcbf87332fbe63e6fd"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/166c2c8a6a4dc2e4ceba9e10cfe81c3e469e3210",
"url": "https://git.kernel.org/stable/c/166c2c8a6a4dc2e4ceba9e10cfe81c3e469e3210"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/28cdbbd38a4413b8eff53399b3f872fd4e80db9d",
"url": "https://git.kernel.org/stable/c/28cdbbd38a4413b8eff53399b3f872fd4e80db9d"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/9d3ef89b6a5e9f2e940de2cef3d543be0be8dec5",
"url": "https://git.kernel.org/stable/c/9d3ef89b6a5e9f2e940de2cef3d543be0be8dec5"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/e873e8f7d03a2ee5b77fb1a305c782fed98e2754",
"url": "https://git.kernel.org/stable/c/e873e8f7d03a2ee5b77fb1a305c782fed98e2754"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/f4e294bbdca8ac8757db436fc82214f3882fc7e7",
"url": "https://git.kernel.org/stable/c/f4e294bbdca8ac8757db436fc82214f3882fc7e7"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html",
"url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html",
"url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html"
}
],
"release_date": "2024-04-03T17:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-09T09:34:27.201962Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865",
"product_ids": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2022-50386",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: L2CAP: Fix user-after-free\n\nThis uses l2cap_chan_hold_unless_zero() after calling\n__l2cap_get_chan_blah() to prevent the following trace:\n\nBluetooth: l2cap_core.c:static void l2cap_chan_destroy(struct kref\n*kref)\nBluetooth: chan 0000000023c4974d\nBluetooth: parent 00000000ae861c08\n==================================================================\nBUG: KASAN: use-after-free in __mutex_waiter_is_first\nkernel/locking/mutex.c:191 [inline]\nBUG: KASAN: use-after-free in __mutex_lock_common\nkernel/locking/mutex.c:671 [inline]\nBUG: KASAN: use-after-free in __mutex_lock+0x278/0x400\nkernel/locking/mutex.c:729\nRead of size 8 at addr ffff888006a49b08 by task kworker/u3:2/389",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2022-50386"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/0c108cf3ad386e0084277093b55a351c49e0be27",
"url": "https://git.kernel.org/stable/c/0c108cf3ad386e0084277093b55a351c49e0be27"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/11e40d6c0823f699d8ad501e48d1c3ae4be386cd",
"url": "https://git.kernel.org/stable/c/11e40d6c0823f699d8ad501e48d1c3ae4be386cd"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/15fc21695eb606bdc5d483b92118ee42610a952d",
"url": "https://git.kernel.org/stable/c/15fc21695eb606bdc5d483b92118ee42610a952d"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/35fcbc4243aad7e7d020b7c1dfb14bb888b20a4f",
"url": "https://git.kernel.org/stable/c/35fcbc4243aad7e7d020b7c1dfb14bb888b20a4f"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/6ffde6e03085874ae22263ff4cef4869f797e84f",
"url": "https://git.kernel.org/stable/c/6ffde6e03085874ae22263ff4cef4869f797e84f"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/7d6f9cb24d2b2f6b6370eac074e2e6b1bafdad45",
"url": "https://git.kernel.org/stable/c/7d6f9cb24d2b2f6b6370eac074e2e6b1bafdad45"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/843fc4e386dd84b806a7f07fb062d8c3a44e5364",
"url": "https://git.kernel.org/stable/c/843fc4e386dd84b806a7f07fb062d8c3a44e5364"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/d1e894f950ad48897d1a7cb05909ea29d8c3810e",
"url": "https://git.kernel.org/stable/c/d1e894f950ad48897d1a7cb05909ea29d8c3810e"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/d91fc2836562f299f34e361e089e9fe154da4f73",
"url": "https://git.kernel.org/stable/c/d91fc2836562f299f34e361e089e9fe154da4f73"
}
],
"release_date": "2025-09-18T14:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-09T09:34:27.201962Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865",
"product_ids": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2025-39760",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: core: config: Prevent OOB read in SS endpoint companion parsing\n\nusb_parse_ss_endpoint_companion() checks descriptor type before length,\nenabling a potentially odd read outside of the buffer size.\n\nFix this up by checking the size first before looking at any of the\nfields in the descriptor.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2025-39760"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/058ad2b722812708fe90567875704ae36563e33b",
"url": "https://git.kernel.org/stable/c/058ad2b722812708fe90567875704ae36563e33b"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/4fe6f472f0beef4281e6f03bc38a910a33be663f",
"url": "https://git.kernel.org/stable/c/4fe6f472f0beef4281e6f03bc38a910a33be663f"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/5badd56c711e2c8371d1670f9bd486697575423c",
"url": "https://git.kernel.org/stable/c/5badd56c711e2c8371d1670f9bd486697575423c"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/5c3097ede7835d3caf6543eb70ff689af4550cd2",
"url": "https://git.kernel.org/stable/c/5c3097ede7835d3caf6543eb70ff689af4550cd2"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/9512510cee7d1becdb0e9413fdd3ab783e4e30ee",
"url": "https://git.kernel.org/stable/c/9512510cee7d1becdb0e9413fdd3ab783e4e30ee"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/9843bcb187cb933861f7805022e6873905f669e4",
"url": "https://git.kernel.org/stable/c/9843bcb187cb933861f7805022e6873905f669e4"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/b10e0f868067c6f25bbfabdcf3e1e6432c24ca55",
"url": "https://git.kernel.org/stable/c/b10e0f868067c6f25bbfabdcf3e1e6432c24ca55"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/cf16f408364efd8a68f39011a3b073c83a03612d",
"url": "https://git.kernel.org/stable/c/cf16f408364efd8a68f39011a3b073c83a03612d"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html",
"url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html",
"url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html"
}
],
"release_date": "2025-09-11T17:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-09T09:34:27.201962Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865",
"product_ids": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2023-53506",
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nudf: Do not bother merging very long extents\n\nWhen merging very long extents we try to push as much length as possible\nto the first extent. However this is unnecessarily complicated and not\nreally worth the trouble. Furthermore there was a bug in the logic\nresulting in corrupting extents in the file as syzbot reproducer shows.\nSo just don't bother with the merging of extents that are too long\ntogether.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2023-53506"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/3d20e3b768aff32112bdce8d3219d923ae75f9f1",
"url": "https://git.kernel.org/stable/c/3d20e3b768aff32112bdce8d3219d923ae75f9f1"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/53cafe1d6d8ef9f93318e5bfccc0d24f27d41ced",
"url": "https://git.kernel.org/stable/c/53cafe1d6d8ef9f93318e5bfccc0d24f27d41ced"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/5d029799d381a9ee06209a222cae75f04c5d5304",
"url": "https://git.kernel.org/stable/c/5d029799d381a9ee06209a222cae75f04c5d5304"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/7a965da79f2d22601f329cbfce588386b0847544",
"url": "https://git.kernel.org/stable/c/7a965da79f2d22601f329cbfce588386b0847544"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/965982feb333aefa9256c0fe188b5f1b958aef63",
"url": "https://git.kernel.org/stable/c/965982feb333aefa9256c0fe188b5f1b958aef63"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/9a8d602f0723586e668bae7e65c832ceb9bcc8bc",
"url": "https://git.kernel.org/stable/c/9a8d602f0723586e668bae7e65c832ceb9bcc8bc"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/adac9ac6d2e04ea0782b91a00ba10706002f3ec4",
"url": "https://git.kernel.org/stable/c/adac9ac6d2e04ea0782b91a00ba10706002f3ec4"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/d52252a1de4cf96a34f722b0cd8902d8ff78eb57",
"url": "https://git.kernel.org/stable/c/d52252a1de4cf96a34f722b0cd8902d8ff78eb57"
}
],
"release_date": "2025-10-01T12:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-09T09:34:27.201962Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865",
"product_ids": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2023-53500",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: fix slab-use-after-free in decode_session6\n\nWhen the xfrm device is set to the qdisc of the sfb type, the cb field\nof the sent skb may be modified during enqueuing. Then,\nslab-use-after-free may occur when the xfrm device sends IPv6 packets.\n\nThe stack information is as follows:\nBUG: KASAN: slab-use-after-free in decode_session6+0x103f/0x1890\nRead of size 1 at addr ffff8881111458ef by task swapper/3/0\nCPU: 3 PID: 0 Comm: swapper/3 Not tainted 6.4.0-next-20230707 #409\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.14.0-1.fc33 04/01/2014\nCall Trace:\n\ndump_stack_lvl+0xd9/0x150\nprint_address_description.constprop.0+0x2c/0x3c0\nkasan_report+0x11d/0x130\ndecode_session6+0x103f/0x1890\n__xfrm_decode_session+0x54/0xb0\nxfrmi_xmit+0x173/0x1ca0\ndev_hard_start_xmit+0x187/0x700\nsch_direct_xmit+0x1a3/0xc30\n__qdisc_run+0x510/0x17a0\n__dev_queue_xmit+0x2215/0x3b10\nneigh_connected_output+0x3c2/0x550\nip6_finish_output2+0x55a/0x1550\nip6_finish_output+0x6b9/0x1270\nip6_output+0x1f1/0x540\nndisc_send_skb+0xa63/0x1890\nndisc_send_rs+0x132/0x6f0\naddrconf_rs_timer+0x3f1/0x870\ncall_timer_fn+0x1a0/0x580\nexpire_timers+0x29b/0x4b0\nrun_timer_softirq+0x326/0x910\n__do_softirq+0x1d4/0x905\nirq_exit_rcu+0xb7/0x120\nsysvec_apic_timer_interrupt+0x97/0xc0\n\n\nasm_sysvec_apic_timer_interrupt+0x1a/0x20\nRIP: 0010:intel_idle_hlt+0x23/0x30\nCode: 1f 84 00 00 00 00 00 f3 0f 1e fa 41 54 41 89 d4 0f 1f 44 00 00 66 90 0f 1f 44 00 00 0f 00 2d c4 9f ab 00 0f 1f 44 00 00 fb f4 44 89 e0 41 5c c3 66 0f 1f 44 00 00 f3 0f 1e fa 41 54 41 89 d4\nRSP: 0018:ffffc90000197d78 EFLAGS: 00000246\nRAX: 00000000000a83c3 RBX: ffffe8ffffd09c50 RCX: ffffffff8a22d8e5\nRDX: 0000000000000001 RSI: ffffffff8d3f8080 RDI: ffffe8ffffd09c50\nRBP: ffffffff8d3f8080 R08: 0000000000000001 R09: ffffed1026ba6d9d\nR10: ffff888135d36ceb R11: 0000000000000001 R12: 0000000000000001\nR13: ffffffff8d3f8100 R14: 0000000000000001 R15: 0000000000000000\ncpuidle_enter_state+0xd3/0x6f0\ncpuidle_enter+0x4e/0xa0\ndo_idle+0x2fe/0x3c0\ncpu_startup_entry+0x18/0x20\nstart_secondary+0x200/0x290\nsecondary_startup_64_no_verify+0x167/0x16b\n\nAllocated by task 939:\nkasan_save_stack+0x22/0x40\nkasan_set_track+0x25/0x30\n__kasan_slab_alloc+0x7f/0x90\nkmem_cache_alloc_node+0x1cd/0x410\nkmalloc_reserve+0x165/0x270\n__alloc_skb+0x129/0x330\ninet6_ifa_notify+0x118/0x230\n__ipv6_ifa_notify+0x177/0xbe0\naddrconf_dad_completed+0x133/0xe00\naddrconf_dad_work+0x764/0x1390\nprocess_one_work+0xa32/0x16f0\nworker_thread+0x67d/0x10c0\nkthread+0x344/0x440\nret_from_fork+0x1f/0x30\nThe buggy address belongs to the object at ffff888111145800\nwhich belongs to the cache skbuff_small_head of size 640\nThe buggy address is located 239 bytes inside of\nfreed 640-byte region [ffff888111145800, ffff888111145a80)\n\nAs commit f855691975bb (\"xfrm6: Fix the nexthdr offset in\n_decode_session6.\") showed, xfrm_decode_session was originally intended\nonly for the receive path. IP6CB(skb)->nhoff is not set during\ntransmission. Therefore, set the cb field in the skb to 0 before\nsending packets.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2023-53500"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/0d27567fde5be5f0edc2db5c110142b7915b8fa8",
"url": "https://git.kernel.org/stable/c/0d27567fde5be5f0edc2db5c110142b7915b8fa8"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/44b3d40967009304617a7a6486490c1d6c12f899",
"url": "https://git.kernel.org/stable/c/44b3d40967009304617a7a6486490c1d6c12f899"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/53223f2ed1ef5c90dad814daaaefea4e68a933c8",
"url": "https://git.kernel.org/stable/c/53223f2ed1ef5c90dad814daaaefea4e68a933c8"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/86f15300a22656db3fa8c8967defbcd24fac4d37",
"url": "https://git.kernel.org/stable/c/86f15300a22656db3fa8c8967defbcd24fac4d37"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/bafa236380816b41b2c4c6970d9067fefa4a6c9e",
"url": "https://git.kernel.org/stable/c/bafa236380816b41b2c4c6970d9067fefa4a6c9e"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/da4cbaa75ed088b6d70db77b9103a27e2359e243",
"url": "https://git.kernel.org/stable/c/da4cbaa75ed088b6d70db77b9103a27e2359e243"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/db0e50741f0387f388e9ec824ea7ae8456554d5b",
"url": "https://git.kernel.org/stable/c/db0e50741f0387f388e9ec824ea7ae8456554d5b"
}
],
"release_date": "2025-10-01T12:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-09T09:34:27.201962Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865",
"product_ids": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2025-39891",
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mwifiex: Initialize the chan_stats array to zero\n\nThe adapter->chan_stats[] array is initialized in\nmwifiex_init_channel_scan_gap() with vmalloc(), which doesn't zero out\nmemory. The array is filled in mwifiex_update_chan_statistics()\nand then the user can query the data in mwifiex_cfg80211_dump_survey().\n\nThere are two potential issues here. What if the user calls\nmwifiex_cfg80211_dump_survey() before the data has been filled in.\nAlso the mwifiex_update_chan_statistics() function doesn't necessarily\ninitialize the whole array. Since the array was not initialized at\nthe start that could result in an information leak.\n\nAlso this array is pretty small. It's a maximum of 900 bytes so it's\nmore appropriate to use kcalloc() instead vmalloc().",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2025-39891"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/05daef0442d28350a1a0d6d0e2cab4a7a91df475",
"url": "https://git.kernel.org/stable/c/05daef0442d28350a1a0d6d0e2cab4a7a91df475"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/06616410a3e5e6cd1de5b7cbc668f1a7edeedad9",
"url": "https://git.kernel.org/stable/c/06616410a3e5e6cd1de5b7cbc668f1a7edeedad9"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/0e20450829ca3c1dbc2db536391537c57a40fe0b",
"url": "https://git.kernel.org/stable/c/0e20450829ca3c1dbc2db536391537c57a40fe0b"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/32c124c9c03aa755cbaf60ef7f76afd918d47659",
"url": "https://git.kernel.org/stable/c/32c124c9c03aa755cbaf60ef7f76afd918d47659"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/5285b7009dc1e09d5bb9e05fae82e1a807882dbc",
"url": "https://git.kernel.org/stable/c/5285b7009dc1e09d5bb9e05fae82e1a807882dbc"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/9df29aa5637d94d24f7c5f054ef4feaa7b766111",
"url": "https://git.kernel.org/stable/c/9df29aa5637d94d24f7c5f054ef4feaa7b766111"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/9eb0118b3470b4d2e4e3bbb1fc088b30c0285d65",
"url": "https://git.kernel.org/stable/c/9eb0118b3470b4d2e4e3bbb1fc088b30c0285d65"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/acdf26a912190fc6746e2a890d7d0338190527b4",
"url": "https://git.kernel.org/stable/c/acdf26a912190fc6746e2a890d7d0338190527b4"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html",
"url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html",
"url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html"
}
],
"release_date": "2025-10-01T08:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-09T09:34:27.201962Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865",
"product_ids": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2023-53053",
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nerspan: do not use skb_mac_header() in ndo_start_xmit()\n\nDrivers should not assume skb_mac_header(skb) == skb->data in their\nndo_start_xmit().\n\nUse skb_network_offset() and skb_transport_offset() which\nbetter describe what is needed in erspan_fb_xmit() and\nip6erspan_tunnel_xmit()\n\nsyzbot reported:\nWARNING: CPU: 0 PID: 5083 at include/linux/skbuff.h:2873 skb_mac_header include/linux/skbuff.h:2873 [inline]\nWARNING: CPU: 0 PID: 5083 at include/linux/skbuff.h:2873 ip6erspan_tunnel_xmit+0x1d9c/0x2d90 net/ipv6/ip6_gre.c:962\nModules linked in:\nCPU: 0 PID: 5083 Comm: syz-executor406 Not tainted 6.3.0-rc2-syzkaller-00866-gd4671cb96fa3 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023\nRIP: 0010:skb_mac_header include/linux/skbuff.h:2873 [inline]\nRIP: 0010:ip6erspan_tunnel_xmit+0x1d9c/0x2d90 net/ipv6/ip6_gre.c:962\nCode: 04 02 41 01 de 84 c0 74 08 3c 03 0f 8e 1c 0a 00 00 45 89 b4 24 c8 00 00 00 c6 85 77 fe ff ff 01 e9 33 e7 ff ff e8 b4 27 a1 f8 <0f> 0b e9 b6 e7 ff ff e8 a8 27 a1 f8 49 8d bf f0 0c 00 00 48 b8 00\nRSP: 0018:ffffc90003b2f830 EFLAGS: 00010293\nRAX: 0000000000000000 RBX: 000000000000ffff RCX: 0000000000000000\nRDX: ffff888021273a80 RSI: ffffffff88e1bd4c RDI: 0000000000000003\nRBP: ffffc90003b2f9d8 R08: 0000000000000003 R09: 000000000000ffff\nR10: 000000000000ffff R11: 0000000000000000 R12: ffff88802b28da00\nR13: 00000000000000d0 R14: ffff88807e25b6d0 R15: ffff888023408000\nFS: 0000555556a61300(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 000055e5b11eb6e8 CR3: 0000000027c1b000 CR4: 00000000003506f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n\n__netdev_start_xmit include/linux/netdevice.h:4900 [inline]\nnetdev_start_xmit include/linux/netdevice.h:4914 [inline]\n__dev_direct_xmit+0x504/0x730 net/core/dev.c:4300\ndev_direct_xmit include/linux/netdevice.h:3088 [inline]\npacket_xmit+0x20a/0x390 net/packet/af_packet.c:285\npacket_snd net/packet/af_packet.c:3075 [inline]\npacket_sendmsg+0x31a0/0x5150 net/packet/af_packet.c:3107\nsock_sendmsg_nosec net/socket.c:724 [inline]\nsock_sendmsg+0xde/0x190 net/socket.c:747\n__sys_sendto+0x23a/0x340 net/socket.c:2142\n__do_sys_sendto net/socket.c:2154 [inline]\n__se_sys_sendto net/socket.c:2150 [inline]\n__x64_sys_sendto+0xe1/0x1b0 net/socket.c:2150\ndo_syscall_x64 arch/x86/entry/common.c:50 [inline]\ndo_syscall_64+0x39/0xb0 arch/x86/entry/common.c:80\nentry_SYSCALL_64_after_hwframe+0x63/0xcd\nRIP: 0033:0x7f123aaa1039\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007ffc15d12058 EFLAGS: 00000246 ORIG_RAX: 000000000000002c\nRAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f123aaa1039\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003\nRBP: 0000000000000000 R08: 0000000020000040 R09: 0000000000000014\nR10: 0000000000000000 R11: 0000000000000246 R12: 00007f123aa648c0\nR13: 431bde82d7b634db R14: 0000000000000000 R15: 0000000000000000",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2023-53053"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/5d4172732f0ee1639a361a6cc5c3114bbb397386",
"url": "https://git.kernel.org/stable/c/5d4172732f0ee1639a361a6cc5c3114bbb397386"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/8e50ed774554f93d55426039b27b1e38d7fa64d8",
"url": "https://git.kernel.org/stable/c/8e50ed774554f93d55426039b27b1e38d7fa64d8"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/9c7d6803689c99d55bbb862260d0ba486ff23c0b",
"url": "https://git.kernel.org/stable/c/9c7d6803689c99d55bbb862260d0ba486ff23c0b"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/b41f37dbd9cdb60000e3b0dfad6df787591c2265",
"url": "https://git.kernel.org/stable/c/b41f37dbd9cdb60000e3b0dfad6df787591c2265"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/b72f453e886af532bde1fd049a2d2421999630d3",
"url": "https://git.kernel.org/stable/c/b72f453e886af532bde1fd049a2d2421999630d3"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/da149daf821a3c05cd04f7c60776c86c5ee9685c",
"url": "https://git.kernel.org/stable/c/da149daf821a3c05cd04f7c60776c86c5ee9685c"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/f8cec30541f5c5cc218e9a32138d45d227727f2f",
"url": "https://git.kernel.org/stable/c/f8cec30541f5c5cc218e9a32138d45d227727f2f"
}
],
"release_date": "2025-05-02T16:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-09T09:34:27.201962Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865",
"product_ids": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2025-40240",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\nsctp: avoid NULL dereference when chunk data buffer is missing\nchunk->skb pointer is dereferenced in the if-block where it's supposed\nto be NULL only.\nchunk->skb can only be NULL if chunk->head_skb is not. Check for frag_list\ninstead and do it just before replacing chunk->skb. We're sure that\notherwise chunk->skb is non-NULL because of outer if() condition.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2025-40240"
}
],
"release_date": "2025-12-04T00:00:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-09T09:34:27.201962Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865",
"product_ids": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773048865"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CentOS-8.4:bpftool-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-core-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-debug-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-headers-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-ipaclones-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-modules-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-selftests-internal-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64",
"CentOS-8.4:python3-perf-0:4.18.0-305.25.1.el8_4.tuxcare.els35.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
}
]
}