{ "document": { "aggregate_severity": { "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "TuxCare License Agreement", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Cloud Linux Inc. and provide a link to the original.", "title": "Terms of Use" }, { "category": "details", "text": "ACPICA: Add AML_NO_OPERAND_RESOLVE flag to Timer {CVE-2023-53395}\n- net: ppp: Add bound checking for skb data on ppp_sync_txmung {CVE-2025-37749}\n- ata: ahci: Match EM_MAX_SLOTS with SATA_PMP_MAX_PORTS {CVE-2022-50315}\n- ext2: Check block size validity during mount {CVE-2023-53569}\n- gfs2: Fix possible data races in gfs2_show_options() {CVE-2023-53622}\n- netfilter: allow exp not to be removed in nf_ct_find_expectation {CVE-2023-52927}\n- bna: ensure the copied buf is NUL terminated {CVE-2024-36934}\n- new helper: memdup_user_nul() {CVE-2024-36934}\n- udf: Do not bother merging very long extents {CVE-2023-53506}\n- ipv6: addrlabel: fix infoleak when sending struct ifaddrlblmsg to network {CVE-2022-49865}\n- binfmt_misc: fix shift-out-of-bounds in check_special_flags {CVE-2022-50497}", "title": "Details" } ], "publisher": { "category": "vendor", "contact_details": "https://tuxcare.com/contact/", "name": "TuxCare", "namespace": "https://tuxcare.com/" }, "references": [ { "category": "self", "summary": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773044010", "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773044010" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.tuxcare.com/csaf/v2/els_os/oraclelinux6els/advisories/2026/clsa-2026_1773044010.json" } ], "tracking": { "current_release_date": "2026-03-09T08:15:14Z", "generator": { "date": "2026-03-09T08:15:14Z", "engine": { "name": "pyCSAF" } }, "id": "CLSA-2026:1773044010", "initial_release_date": "2026-03-09T08:15:14Z", "revision_history": [ { "date": "2026-03-09T08:15:14Z", "number": "1", "summary": "Initial version" } ], "status": "final", "version": "1" }, "title": "kernel: Fix of 10 CVEs" }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Oracle Linux 6", "product": { "name": "Oracle Linux 6", "product_id": "Oracle-Linux-6", "product_identification_helper": { "cpe": "cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*" } } } ], "category": "product_family", "name": "Oracle Linux" } ], "category": "vendor", "name": "Oracle Corporation" }, { "branches": [ { "branches": [ { "category": "product_version", "name": "kernel-debug-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "product": { "name": "kernel-debug-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "product_id": "kernel-debug-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/kernel-debug@2.6.32-754.35.8.el6.tuxcare.els30?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "product": { "name": "kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "product_id": "kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/kernel-debug-devel@2.6.32-754.35.8.el6.tuxcare.els30?arch=x86_64" } } }, { "category": "product_version", "name": "python-perf-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "product": { "name": "python-perf-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "product_id": "python-perf-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/python-perf@2.6.32-754.35.8.el6.tuxcare.els30?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "product": { "name": "kernel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "product_id": "kernel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/kernel@2.6.32-754.35.8.el6.tuxcare.els30?arch=x86_64" } } }, { "category": "product_version", "name": "perf-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "product": { "name": "perf-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "product_id": "perf-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/perf@2.6.32-754.35.8.el6.tuxcare.els30?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "product": { "name": "kernel-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "product_id": "kernel-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/kernel-devel@2.6.32-754.35.8.el6.tuxcare.els30?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-headers-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "product": { "name": "kernel-headers-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "product_id": "kernel-headers-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/kernel-headers@2.6.32-754.35.8.el6.tuxcare.els30?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "kernel-doc-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "product": { "name": "kernel-doc-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "product_id": "kernel-doc-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/kernel-doc@2.6.32-754.35.8.el6.tuxcare.els30?arch=noarch" } } }, { "category": "product_version", "name": "kernel-firmware-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "product": { "name": "kernel-firmware-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "product_id": "kernel-firmware-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/kernel-firmware@2.6.32-754.35.8.el6.tuxcare.els30?arch=noarch" } } }, { "category": "product_version", "name": "kernel-abi-whitelists-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "product": { "name": "kernel-abi-whitelists-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "product_id": "kernel-abi-whitelists-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/kernel-abi-whitelists@2.6.32-754.35.8.el6.tuxcare.els30?arch=noarch" } } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.i686", "product": { "name": "kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.i686", "product_id": "kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.i686", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/kernel-debug-devel@2.6.32-754.35.8.el6.tuxcare.els30?arch=i686" } } } ], "category": "architecture", "name": "i686" } ], "category": "vendor", "name": "CloudLinux" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64 as a component of Oracle Linux 6", "product_id": "Oracle-Linux-6:kernel-debug-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64" }, "product_reference": "kernel-debug-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "relates_to_product_reference": "Oracle-Linux-6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-doc-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch as a component of Oracle Linux 6", "product_id": "Oracle-Linux-6:kernel-doc-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch" }, "product_reference": "kernel-doc-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "relates_to_product_reference": "Oracle-Linux-6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-firmware-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch as a component of Oracle Linux 6", "product_id": "Oracle-Linux-6:kernel-firmware-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch" }, "product_reference": "kernel-firmware-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "relates_to_product_reference": "Oracle-Linux-6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.i686 as a component of Oracle Linux 6", "product_id": "Oracle-Linux-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.i686" }, "product_reference": "kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.i686", "relates_to_product_reference": "Oracle-Linux-6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64 as a component of Oracle Linux 6", "product_id": "Oracle-Linux-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64" }, "product_reference": "kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "relates_to_product_reference": "Oracle-Linux-6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-abi-whitelists-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch as a component of Oracle Linux 6", "product_id": "Oracle-Linux-6:kernel-abi-whitelists-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch" }, "product_reference": "kernel-abi-whitelists-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "relates_to_product_reference": "Oracle-Linux-6" }, { "category": "default_component_of", "full_product_name": { "name": "python-perf-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64 as a component of Oracle Linux 6", "product_id": "Oracle-Linux-6:python-perf-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64" }, "product_reference": "python-perf-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "relates_to_product_reference": "Oracle-Linux-6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64 as a component of Oracle Linux 6", "product_id": "Oracle-Linux-6:kernel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64" }, "product_reference": "kernel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "relates_to_product_reference": "Oracle-Linux-6" }, { "category": "default_component_of", "full_product_name": { "name": "perf-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64 as a component of Oracle Linux 6", "product_id": "Oracle-Linux-6:perf-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64" }, "product_reference": "perf-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "relates_to_product_reference": "Oracle-Linux-6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64 as a component of Oracle Linux 6", "product_id": "Oracle-Linux-6:kernel-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64" }, "product_reference": "kernel-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "relates_to_product_reference": "Oracle-Linux-6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-headers-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64 as a component of Oracle Linux 6", "product_id": "Oracle-Linux-6:kernel-headers-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64" }, "product_reference": "kernel-headers-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "relates_to_product_reference": "Oracle-Linux-6" } ] }, "vulnerabilities": [ { "cve": "CVE-2022-50497", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbinfmt_misc: fix shift-out-of-bounds in check_special_flags\n\nUBSAN reported a shift-out-of-bounds warning:\n\n left shift of 1 by 31 places cannot be represented in type 'int'\n Call Trace:\n \n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x8d/0xcf lib/dump_stack.c:106\n ubsan_epilogue+0xa/0x44 lib/ubsan.c:151\n __ubsan_handle_shift_out_of_bounds+0x1e7/0x208 lib/ubsan.c:322\n check_special_flags fs/binfmt_misc.c:241 [inline]\n create_entry fs/binfmt_misc.c:456 [inline]\n bm_register_write+0x9d3/0xa20 fs/binfmt_misc.c:654\n vfs_write+0x11e/0x580 fs/read_write.c:582\n ksys_write+0xcf/0x120 fs/read_write.c:637\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x34/0x80 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n RIP: 0033:0x4194e1\n\nSince the type of Node's flags is unsigned long, we should define these\nmacros with same type too.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Oracle-Linux-6:kernel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-abi-whitelists-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-debug-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.i686", "Oracle-Linux-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-doc-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-firmware-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-headers-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:perf-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:python-perf-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-50497" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/0f1a48994b3e516d5c7fd5d12204fdba7a604771", "url": "https://git.kernel.org/stable/c/0f1a48994b3e516d5c7fd5d12204fdba7a604771" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/419b808504c26b3e3342365f34ccd0843e09a7f8", "url": "https://git.kernel.org/stable/c/419b808504c26b3e3342365f34ccd0843e09a7f8" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/6a46bf558803dd2b959ca7435a5c143efe837217", "url": "https://git.kernel.org/stable/c/6a46bf558803dd2b959ca7435a5c143efe837217" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/88cea1676a09f7c45a1438153a126610c33b1590", "url": "https://git.kernel.org/stable/c/88cea1676a09f7c45a1438153a126610c33b1590" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/97382a2639b1cd9631f6069061e9d7062cd2b098", "url": "https://git.kernel.org/stable/c/97382a2639b1cd9631f6069061e9d7062cd2b098" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a651bb5ff997b9f02662bcdef3d8b4e6f0d79656", "url": "https://git.kernel.org/stable/c/a651bb5ff997b9f02662bcdef3d8b4e6f0d79656" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a91123d4bda463469f68f0427adabf8108001f94", "url": "https://git.kernel.org/stable/c/a91123d4bda463469f68f0427adabf8108001f94" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/dcbc51d31d0afbd45e830e3cf565a7b3ca7bf0d8", "url": "https://git.kernel.org/stable/c/dcbc51d31d0afbd45e830e3cf565a7b3ca7bf0d8" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/ea6145370be8016755c43aca799815fc4b8c88b1", "url": "https://git.kernel.org/stable/c/ea6145370be8016755c43aca799815fc4b8c88b1" } ], "release_date": "2025-10-04T16:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-09T08:13:32.530942Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773044010", "product_ids": [ "Oracle-Linux-6:kernel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-abi-whitelists-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-debug-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.i686", "Oracle-Linux-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-doc-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-firmware-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-headers-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:perf-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:python-perf-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773044010" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "Oracle-Linux-6:kernel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-abi-whitelists-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-debug-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.i686", "Oracle-Linux-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-doc-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-firmware-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-headers-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:perf-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:python-perf-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2023-53622", "cwe": { "id": "CWE-362", "name": "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngfs2: Fix possible data races in gfs2_show_options()\n\nSome fields such as gt_logd_secs of the struct gfs2_tune are accessed\nwithout holding the lock gt_spin in gfs2_show_options():\n\n val = sdp->sd_tune.gt_logd_secs;\n if (val != 30)\n seq_printf(s, \",commit=%d\", val);\n\nAnd thus can cause data races when gfs2_show_options() and other functions\nsuch as gfs2_reconfigure() are concurrently executed:\n\n spin_lock(>->gt_spin);\n gt->gt_logd_secs = newargs->ar_commit;\n\nTo fix these possible data races, the lock sdp->sd_tune.gt_spin is\nacquired before accessing the fields of gfs2_tune and released after these\naccesses.\n\nFurther changes by Andreas:\n\n- Don't hold the spin lock over the seq_printf operations.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Oracle-Linux-6:kernel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-abi-whitelists-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-debug-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.i686", "Oracle-Linux-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-doc-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-firmware-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-headers-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:perf-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:python-perf-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2023-53622" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/235a5ae73cea29109a3e06f100493f17857e6a93", "url": "https://git.kernel.org/stable/c/235a5ae73cea29109a3e06f100493f17857e6a93" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/42077d4de49e4d9c773c97c42d5383b4899a8f9d", "url": "https://git.kernel.org/stable/c/42077d4de49e4d9c773c97c42d5383b4899a8f9d" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/6fa0a72cbbe45db4ed967a51f9e6f4e3afe61d20", "url": "https://git.kernel.org/stable/c/6fa0a72cbbe45db4ed967a51f9e6f4e3afe61d20" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/7c5b2649f6a37d45bfb7abf34c9b71d08677139f", "url": "https://git.kernel.org/stable/c/7c5b2649f6a37d45bfb7abf34c9b71d08677139f" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/7e5bbeb7eb813bb2568e1d5d02587df943272e57", "url": "https://git.kernel.org/stable/c/7e5bbeb7eb813bb2568e1d5d02587df943272e57" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/85e888150075cb221270b64bf772341fc6bd11d9", "url": "https://git.kernel.org/stable/c/85e888150075cb221270b64bf772341fc6bd11d9" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a4f71523ed2123d63b431cc0cea4e9f363a0f054", "url": "https://git.kernel.org/stable/c/a4f71523ed2123d63b431cc0cea4e9f363a0f054" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/b4a7ab57effbed42624842f2ab2a49b177c21a47", "url": "https://git.kernel.org/stable/c/b4a7ab57effbed42624842f2ab2a49b177c21a47" } ], "release_date": "2025-10-07T16:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-09T08:13:32.530942Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773044010", "product_ids": [ "Oracle-Linux-6:kernel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-abi-whitelists-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-debug-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.i686", "Oracle-Linux-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-doc-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-firmware-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-headers-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:perf-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:python-perf-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773044010" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Oracle-Linux-6:kernel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-abi-whitelists-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-debug-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.i686", "Oracle-Linux-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-doc-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-firmware-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-headers-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:perf-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:python-perf-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2022-49865", "cwe": { "id": "CWE-909", "name": "Missing Initialization of Resource" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: addrlabel: fix infoleak when sending struct ifaddrlblmsg to network\n\nWhen copying a `struct ifaddrlblmsg` to the network, __ifal_reserved\nremained uninitialized, resulting in a 1-byte infoleak:\n\n BUG: KMSAN: kernel-network-infoleak in __netdev_start_xmit ./include/linux/netdevice.h:4841\n __netdev_start_xmit ./include/linux/netdevice.h:4841\n netdev_start_xmit ./include/linux/netdevice.h:4857\n xmit_one net/core/dev.c:3590\n dev_hard_start_xmit+0x1dc/0x800 net/core/dev.c:3606\n __dev_queue_xmit+0x17e8/0x4350 net/core/dev.c:4256\n dev_queue_xmit ./include/linux/netdevice.h:3009\n __netlink_deliver_tap_skb net/netlink/af_netlink.c:307\n __netlink_deliver_tap+0x728/0xad0 net/netlink/af_netlink.c:325\n netlink_deliver_tap net/netlink/af_netlink.c:338\n __netlink_sendskb net/netlink/af_netlink.c:1263\n netlink_sendskb+0x1d9/0x200 net/netlink/af_netlink.c:1272\n netlink_unicast+0x56d/0xf50 net/netlink/af_netlink.c:1360\n nlmsg_unicast ./include/net/netlink.h:1061\n rtnl_unicast+0x5a/0x80 net/core/rtnetlink.c:758\n ip6addrlbl_get+0xfad/0x10f0 net/ipv6/addrlabel.c:628\n rtnetlink_rcv_msg+0xb33/0x1570 net/core/rtnetlink.c:6082\n ...\n Uninit was created at:\n slab_post_alloc_hook+0x118/0xb00 mm/slab.h:742\n slab_alloc_node mm/slub.c:3398\n __kmem_cache_alloc_node+0x4f2/0x930 mm/slub.c:3437\n __do_kmalloc_node mm/slab_common.c:954\n __kmalloc_node_track_caller+0x117/0x3d0 mm/slab_common.c:975\n kmalloc_reserve net/core/skbuff.c:437\n __alloc_skb+0x27a/0xab0 net/core/skbuff.c:509\n alloc_skb ./include/linux/skbuff.h:1267\n nlmsg_new ./include/net/netlink.h:964\n ip6addrlbl_get+0x490/0x10f0 net/ipv6/addrlabel.c:608\n rtnetlink_rcv_msg+0xb33/0x1570 net/core/rtnetlink.c:6082\n netlink_rcv_skb+0x299/0x550 net/netlink/af_netlink.c:2540\n rtnetlink_rcv+0x26/0x30 net/core/rtnetlink.c:6109\n netlink_unicast_kernel net/netlink/af_netlink.c:1319\n netlink_unicast+0x9ab/0xf50 net/netlink/af_netlink.c:1345\n netlink_sendmsg+0xebc/0x10f0 net/netlink/af_netlink.c:1921\n ...\n\nThis patch ensures that the reserved field is always initialized.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Oracle-Linux-6:kernel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-abi-whitelists-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-debug-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.i686", "Oracle-Linux-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-doc-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-firmware-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-headers-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:perf-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:python-perf-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-49865" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/0f85b7ae7c4b5d7b4bbf7ac653a733c181a8a2bf", "url": "https://git.kernel.org/stable/c/0f85b7ae7c4b5d7b4bbf7ac653a733c181a8a2bf" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/2acb2779b147decd300c117683d5a32ce61c75d6", "url": "https://git.kernel.org/stable/c/2acb2779b147decd300c117683d5a32ce61c75d6" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/49e92ba5ecd7d72ba369dde2ccff738edd028a47", "url": "https://git.kernel.org/stable/c/49e92ba5ecd7d72ba369dde2ccff738edd028a47" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/568a47ff756f913e8b374c2af9d22cd2c772c744", "url": "https://git.kernel.org/stable/c/568a47ff756f913e8b374c2af9d22cd2c772c744" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/58cd7fdc8c1e6c7873acc08f190069fed88d1c12", "url": "https://git.kernel.org/stable/c/58cd7fdc8c1e6c7873acc08f190069fed88d1c12" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/6d26d0587abccb9835382a0b53faa7b9b1cd83e3", "url": "https://git.kernel.org/stable/c/6d26d0587abccb9835382a0b53faa7b9b1cd83e3" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a033b86c7f7621fde31f0364af8986f43b44914f", "url": "https://git.kernel.org/stable/c/a033b86c7f7621fde31f0364af8986f43b44914f" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c23fb2c82267638f9d206cb96bb93e1f93ad7828", "url": "https://git.kernel.org/stable/c/c23fb2c82267638f9d206cb96bb93e1f93ad7828" } ], "release_date": "2025-05-01T15:16:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-09T08:13:32.530942Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773044010", "product_ids": [ "Oracle-Linux-6:kernel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-abi-whitelists-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-debug-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.i686", "Oracle-Linux-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-doc-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-firmware-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-headers-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:perf-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:python-perf-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773044010" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "Oracle-Linux-6:kernel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-abi-whitelists-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-debug-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.i686", "Oracle-Linux-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-doc-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-firmware-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-headers-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:perf-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:python-perf-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2023-53569", "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\next2: Check block size validity during mount\n\nCheck that log of block size stored in the superblock has sensible\nvalue. Otherwise the shift computing the block size can overflow leading\nto undefined behavior.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Oracle-Linux-6:kernel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-abi-whitelists-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-debug-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.i686", "Oracle-Linux-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-doc-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-firmware-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-headers-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:perf-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:python-perf-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2023-53569" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/0ebfaf14150f55550cffb1148ed3920143c7a69c", "url": "https://git.kernel.org/stable/c/0ebfaf14150f55550cffb1148ed3920143c7a69c" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/22ab5fed07ad4b206ea910fd0132d1a0d4831584", "url": "https://git.kernel.org/stable/c/22ab5fed07ad4b206ea910fd0132d1a0d4831584" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/451b98155be5dfee05bc6e7c8b30c0be4add3f71", "url": "https://git.kernel.org/stable/c/451b98155be5dfee05bc6e7c8b30c0be4add3f71" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/62aeb94433fcec80241754b70d0d1836d5926b0a", "url": "https://git.kernel.org/stable/c/62aeb94433fcec80241754b70d0d1836d5926b0a" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/99f8a15af6c9f0653193104a9e70891f950c6001", "url": "https://git.kernel.org/stable/c/99f8a15af6c9f0653193104a9e70891f950c6001" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c2e7776843a953fd7e48895c3880c277f996193e", "url": "https://git.kernel.org/stable/c/c2e7776843a953fd7e48895c3880c277f996193e" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c4813f858e5c3e4c4659ce95385c1c400c593e1e", "url": "https://git.kernel.org/stable/c/c4813f858e5c3e4c4659ce95385c1c400c593e1e" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/e6f4fb28890c1361e0db9eb1adee3fc04e7fe7f5", "url": "https://git.kernel.org/stable/c/e6f4fb28890c1361e0db9eb1adee3fc04e7fe7f5" } ], "release_date": "2025-10-04T16:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-09T08:13:32.530942Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773044010", "product_ids": [ "Oracle-Linux-6:kernel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-abi-whitelists-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-debug-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.i686", "Oracle-Linux-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-doc-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-firmware-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-headers-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:perf-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:python-perf-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773044010" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Oracle-Linux-6:kernel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-abi-whitelists-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-debug-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.i686", "Oracle-Linux-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-doc-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-firmware-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-headers-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:perf-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:python-perf-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-37749", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ppp: Add bound checking for skb data on ppp_sync_txmung\n\nEnsure we have enough data in linear buffer from skb before accessing\ninitial bytes. This prevents potential out-of-bounds accesses\nwhen processing short packets.\n\nWhen ppp_sync_txmung receives an incoming package with an empty\npayload:\n(remote) gef➤ p *(struct pppoe_hdr *) (skb->head + skb->network_header)\n$18 = {\n\ttype = 0x1,\n\tver = 0x1,\n\tcode = 0x0,\n\tsid = 0x2,\n length = 0x0,\n\ttag = 0xffff8880371cdb96\n}\n\nfrom the skb struct (trimmed)\n tail = 0x16,\n end = 0x140,\n head = 0xffff88803346f400 \"4\",\n data = 0xffff88803346f416 \":\\377\",\n truesize = 0x380,\n len = 0x0,\n data_len = 0x0,\n mac_len = 0xe,\n hdr_len = 0x0,\n\nit is not safe to access data[2].\n\n[pabeni@redhat.com: fixed subj typo]", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Oracle-Linux-6:kernel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-abi-whitelists-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-debug-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.i686", "Oracle-Linux-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-doc-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-firmware-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-headers-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:perf-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:python-perf-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-37749" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/1f6eb9fa87a781d5370c0de7794ae242f1a95ee5", "url": "https://git.kernel.org/stable/c/1f6eb9fa87a781d5370c0de7794ae242f1a95ee5" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/529401c8f12ecc35f9ea5d946d5a5596cf172b48", "url": "https://git.kernel.org/stable/c/529401c8f12ecc35f9ea5d946d5a5596cf172b48" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/6e8a6bf43cea4347121ab21bb1ed8d7bef7e732e", "url": "https://git.kernel.org/stable/c/6e8a6bf43cea4347121ab21bb1ed8d7bef7e732e" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/99aa698dec342a07125d733e39aab4394b3b7e05", "url": "https://git.kernel.org/stable/c/99aa698dec342a07125d733e39aab4394b3b7e05" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/aabc6596ffb377c4c9c8f335124b92ea282c9821", "url": "https://git.kernel.org/stable/c/aabc6596ffb377c4c9c8f335124b92ea282c9821" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/b4c836d33ca888695b2f2665f948bc1b34fbd533", "url": "https://git.kernel.org/stable/c/b4c836d33ca888695b2f2665f948bc1b34fbd533" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/b78f2b458f56a5a4d976c8e01c43dbf58d3ea2ca", "url": "https://git.kernel.org/stable/c/b78f2b458f56a5a4d976c8e01c43dbf58d3ea2ca" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/de5a4f0cba58625e88b7bebd88f780c8c0150997", "url": "https://git.kernel.org/stable/c/de5a4f0cba58625e88b7bebd88f780c8c0150997" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/fbaffe8bccf148ece8ad67eb5d7aa852cabf59c8", "url": "https://git.kernel.org/stable/c/fbaffe8bccf148ece8ad67eb5d7aa852cabf59c8" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html", "url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html", "url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html" } ], "release_date": "2025-05-01T13:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-09T08:13:32.530942Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773044010", "product_ids": [ "Oracle-Linux-6:kernel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-abi-whitelists-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-debug-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.i686", "Oracle-Linux-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-doc-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-firmware-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-headers-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:perf-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:python-perf-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773044010" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "Oracle-Linux-6:kernel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-abi-whitelists-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-debug-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.i686", "Oracle-Linux-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-doc-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-firmware-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-headers-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:perf-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:python-perf-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2022-50315", "cwe": { "id": "CWE-129", "name": "Improper Validation of Array Index" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nata: ahci: Match EM_MAX_SLOTS with SATA_PMP_MAX_PORTS\n\nUBSAN complains about array-index-out-of-bounds:\n[ 1.980703] kernel: UBSAN: array-index-out-of-bounds in /build/linux-9H675w/linux-5.15.0/drivers/ata/libahci.c:968:41\n[ 1.980709] kernel: index 15 is out of range for type 'ahci_em_priv [8]'\n[ 1.980713] kernel: CPU: 0 PID: 209 Comm: scsi_eh_8 Not tainted 5.15.0-25-generic #25-Ubuntu\n[ 1.980716] kernel: Hardware name: System manufacturer System Product Name/P5Q3, BIOS 1102 06/11/2010\n[ 1.980718] kernel: Call Trace:\n[ 1.980721] kernel: \n[ 1.980723] kernel: show_stack+0x52/0x58\n[ 1.980729] kernel: dump_stack_lvl+0x4a/0x5f\n[ 1.980734] kernel: dump_stack+0x10/0x12\n[ 1.980736] kernel: ubsan_epilogue+0x9/0x45\n[ 1.980739] kernel: __ubsan_handle_out_of_bounds.cold+0x44/0x49\n[ 1.980742] kernel: ahci_qc_issue+0x166/0x170 [libahci]\n[ 1.980748] kernel: ata_qc_issue+0x135/0x240\n[ 1.980752] kernel: ata_exec_internal_sg+0x2c4/0x580\n[ 1.980754] kernel: ? vprintk_default+0x1d/0x20\n[ 1.980759] kernel: ata_exec_internal+0x67/0xa0\n[ 1.980762] kernel: sata_pmp_read+0x8d/0xc0\n[ 1.980765] kernel: sata_pmp_read_gscr+0x3c/0x90\n[ 1.980768] kernel: sata_pmp_attach+0x8b/0x310\n[ 1.980771] kernel: ata_eh_revalidate_and_attach+0x28c/0x4b0\n[ 1.980775] kernel: ata_eh_recover+0x6b6/0xb30\n[ 1.980778] kernel: ? ahci_do_hardreset+0x180/0x180 [libahci]\n[ 1.980783] kernel: ? ahci_stop_engine+0xb0/0xb0 [libahci]\n[ 1.980787] kernel: ? ahci_do_softreset+0x290/0x290 [libahci]\n[ 1.980792] kernel: ? trace_event_raw_event_ata_eh_link_autopsy_qc+0xe0/0xe0\n[ 1.980795] kernel: sata_pmp_eh_recover.isra.0+0x214/0x560\n[ 1.980799] kernel: sata_pmp_error_handler+0x23/0x40\n[ 1.980802] kernel: ahci_error_handler+0x43/0x80 [libahci]\n[ 1.980806] kernel: ata_scsi_port_error_handler+0x2b1/0x600\n[ 1.980810] kernel: ata_scsi_error+0x9c/0xd0\n[ 1.980813] kernel: scsi_error_handler+0xa1/0x180\n[ 1.980817] kernel: ? scsi_unjam_host+0x1c0/0x1c0\n[ 1.980820] kernel: kthread+0x12a/0x150\n[ 1.980823] kernel: ? set_kthread_struct+0x50/0x50\n[ 1.980826] kernel: ret_from_fork+0x22/0x30\n[ 1.980831] kernel: \n\nThis happens because sata_pmp_init_links() initialize link->pmp up to\nSATA_PMP_MAX_PORTS while em_priv is declared as 8 elements array.\n\nI can't find the maximum Enclosure Management ports specified in AHCI\nspec v1.3.1, but \"12.2.1 LED message type\" states that \"Port Multiplier\nInformation\" can utilize 4 bits, which implies it can support up to 16\nports. Hence, use SATA_PMP_MAX_PORTS as EM_MAX_SLOTS to resolve the\nissue.\n\nBugLink: https://bugs.launchpad.net/bugs/1970074", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Oracle-Linux-6:kernel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-abi-whitelists-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-debug-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.i686", "Oracle-Linux-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-doc-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-firmware-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-headers-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:perf-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:python-perf-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-50315" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/1e41e693f458eef2d5728207dbd327cd3b16580a", "url": "https://git.kernel.org/stable/c/1e41e693f458eef2d5728207dbd327cd3b16580a" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/303d0f761431d848dd8d7ff9fd9b8c101879cabe", "url": "https://git.kernel.org/stable/c/303d0f761431d848dd8d7ff9fd9b8c101879cabe" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/383b7c50f5445ff8dbbf03080905648d6980c39d", "url": "https://git.kernel.org/stable/c/383b7c50f5445ff8dbbf03080905648d6980c39d" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/67a00c299c5c143817c948fbc7de1a2fa1af38fb", "url": "https://git.kernel.org/stable/c/67a00c299c5c143817c948fbc7de1a2fa1af38fb" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/8fbe13de1cc7cef2564be3cbf60400b33eee023b", "url": "https://git.kernel.org/stable/c/8fbe13de1cc7cef2564be3cbf60400b33eee023b" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/d6314d5f68764550c84d732ce901ddd3ac6b415f", "url": "https://git.kernel.org/stable/c/d6314d5f68764550c84d732ce901ddd3ac6b415f" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/da2ea4a961d9f89ed248734e7032350c260dc3a3", "url": "https://git.kernel.org/stable/c/da2ea4a961d9f89ed248734e7032350c260dc3a3" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/f70bd4339cb68bc7e206af4c922bc0d249244403", "url": "https://git.kernel.org/stable/c/f70bd4339cb68bc7e206af4c922bc0d249244403" } ], "release_date": "2025-09-15T15:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-09T08:13:32.530942Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773044010", "product_ids": [ "Oracle-Linux-6:kernel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-abi-whitelists-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-debug-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.i686", "Oracle-Linux-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-doc-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-firmware-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-headers-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:perf-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:python-perf-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773044010" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Oracle-Linux-6:kernel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-abi-whitelists-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-debug-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.i686", "Oracle-Linux-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-doc-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-firmware-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-headers-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:perf-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:python-perf-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2023-52927", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: allow exp not to be removed in nf_ct_find_expectation\n\nCurrently nf_conntrack_in() calling nf_ct_find_expectation() will\nremove the exp from the hash table. However, in some scenario, we\nexpect the exp not to be removed when the created ct will not be\nconfirmed, like in OVS and TC conntrack in the following patches.\n\nThis patch allows exp not to be removed by setting IPS_CONFIRMED\nin the status of the tmpl.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Oracle-Linux-6:kernel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-abi-whitelists-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-debug-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.i686", "Oracle-Linux-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-doc-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-firmware-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-headers-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:perf-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:python-perf-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2023-52927" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/3fa58a6fbd1e9e5682d09cdafb08fba004cb12ec", "url": "https://git.kernel.org/stable/c/3fa58a6fbd1e9e5682d09cdafb08fba004cb12ec" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/4914109a8e1e494c6aa9852f9e84ec77a5fc643f", "url": "https://git.kernel.org/stable/c/4914109a8e1e494c6aa9852f9e84ec77a5fc643f" }, { "category": "external", "summary": "https://seadragnol.github.io/posts/CVE-2023-52927/", "url": "https://seadragnol.github.io/posts/CVE-2023-52927/" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html", "url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html" } ], "release_date": "2025-03-14T15:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-09T08:13:32.530942Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773044010", "product_ids": [ "Oracle-Linux-6:kernel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-abi-whitelists-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-debug-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.i686", "Oracle-Linux-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-doc-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-firmware-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-headers-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:perf-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:python-perf-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773044010" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Oracle-Linux-6:kernel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-abi-whitelists-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-debug-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.i686", "Oracle-Linux-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-doc-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-firmware-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-headers-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:perf-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:python-perf-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2023-53395", "cwe": { "id": "CWE-129", "name": "Improper Validation of Array Index" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nACPICA: Add AML_NO_OPERAND_RESOLVE flag to Timer\n\nACPICA commit 90310989a0790032f5a0140741ff09b545af4bc5\n\nAccording to the ACPI specification 19.6.134, no argument is required to be passed for ASL Timer instruction. For taking care of no argument, AML_NO_OPERAND_RESOLVE flag is added to ASL Timer instruction opcode.\n\nWhen ASL timer instruction interpreted by ACPI interpreter, getting error. After adding AML_NO_OPERAND_RESOLVE flag to ASL Timer instruction opcode, issue is not observed.\n\n=============================================================\nUBSAN: array-index-out-of-bounds in acpica/dswexec.c:401:12 index -1 is out of range for type 'union acpi_operand_object *[9]'\nCPU: 37 PID: 1678 Comm: cat Not tainted\n6.0.0-dev-th500-6.0.y-1+bcf8c46459e407-generic-64k\nHW name: NVIDIA BIOS v1.1.1-d7acbfc-dirty 12/19/2022 Call trace:\n dump_backtrace+0xe0/0x130\n show_stack+0x20/0x60\n dump_stack_lvl+0x68/0x84\n dump_stack+0x18/0x34\n ubsan_epilogue+0x10/0x50\n __ubsan_handle_out_of_bounds+0x80/0x90\n acpi_ds_exec_end_op+0x1bc/0x6d8\n acpi_ps_parse_loop+0x57c/0x618\n acpi_ps_parse_aml+0x1e0/0x4b4\n acpi_ps_execute_method+0x24c/0x2b8\n acpi_ns_evaluate+0x3a8/0x4bc\n acpi_evaluate_object+0x15c/0x37c\n acpi_evaluate_integer+0x54/0x15c\n show_power+0x8c/0x12c [acpi_power_meter]", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Oracle-Linux-6:kernel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-abi-whitelists-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-debug-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.i686", "Oracle-Linux-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-doc-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-firmware-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-headers-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:perf-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:python-perf-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2023-53395" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/23c67fa615c52712bfa02a6dfadbd4656c87c066", "url": "https://git.kernel.org/stable/c/23c67fa615c52712bfa02a6dfadbd4656c87c066" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/2f2a5905303ae230b5159fcd8cdcd5b3e7ad5e2d", "url": "https://git.kernel.org/stable/c/2f2a5905303ae230b5159fcd8cdcd5b3e7ad5e2d" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/3a21ffdbc825e0919db9da0e27ee5ff2cc8a863e", "url": "https://git.kernel.org/stable/c/3a21ffdbc825e0919db9da0e27ee5ff2cc8a863e" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/3bf4463e40a17a23f2f261dfd7fe23129bdd04a4", "url": "https://git.kernel.org/stable/c/3bf4463e40a17a23f2f261dfd7fe23129bdd04a4" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/430787056dd3c591eb553d5c3b2717efcf307d4e", "url": "https://git.kernel.org/stable/c/430787056dd3c591eb553d5c3b2717efcf307d4e" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/625c12dc04a607b79f180ef3ee5a12bf2e3324c0", "url": "https://git.kernel.org/stable/c/625c12dc04a607b79f180ef3ee5a12bf2e3324c0" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/b102113469487b460e9e77fe9e00d49c50fe8c86", "url": "https://git.kernel.org/stable/c/b102113469487b460e9e77fe9e00d49c50fe8c86" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/e1f686930ee4b059c7baa3c3904b2401829f2589", "url": "https://git.kernel.org/stable/c/e1f686930ee4b059c7baa3c3904b2401829f2589" } ], "release_date": "2025-09-18T14:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-09T08:13:32.530942Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773044010", "product_ids": [ "Oracle-Linux-6:kernel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-abi-whitelists-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-debug-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.i686", "Oracle-Linux-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-doc-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-firmware-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-headers-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:perf-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:python-perf-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773044010" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Oracle-Linux-6:kernel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-abi-whitelists-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-debug-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.i686", "Oracle-Linux-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-doc-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-firmware-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-headers-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:perf-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:python-perf-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2024-36934", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbna: ensure the copied buf is NUL terminated\n\nCurrently, we allocate a nbytes-sized kernel buffer and copy nbytes from\nuserspace to that buffer. Later, we use sscanf on this buffer but we don't\nensure that the string is terminated inside the buffer, this can lead to\nOOB read when using sscanf. Fix this issue by using memdup_user_nul\ninstead of memdup_user.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Oracle-Linux-6:kernel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-abi-whitelists-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-debug-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.i686", "Oracle-Linux-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-doc-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-firmware-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-headers-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:perf-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:python-perf-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2024-36934" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/06cb37e2ba6441888f24566a997481d4197b4e32", "url": "https://git.kernel.org/stable/c/06cb37e2ba6441888f24566a997481d4197b4e32" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/0f560240b4cc25d3de527deb257cdf072c0102a9", "url": "https://git.kernel.org/stable/c/0f560240b4cc25d3de527deb257cdf072c0102a9" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/1518b2b498a0109eb6b15755169d3b6607356b35", "url": "https://git.kernel.org/stable/c/1518b2b498a0109eb6b15755169d3b6607356b35" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/6f0f19b79c085cc891c418b768f26f7004bd51a4", "url": "https://git.kernel.org/stable/c/6f0f19b79c085cc891c418b768f26f7004bd51a4" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/80578ec10335bc15ac35fd1703c22aab34e39fdd", "url": "https://git.kernel.org/stable/c/80578ec10335bc15ac35fd1703c22aab34e39fdd" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/8c34096c7fdf272fd4c0c37fe411cd2e3ed0ee9f", "url": "https://git.kernel.org/stable/c/8c34096c7fdf272fd4c0c37fe411cd2e3ed0ee9f" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/bd502ba81cd1d515deddad7dbc6b812b14b97147", "url": "https://git.kernel.org/stable/c/bd502ba81cd1d515deddad7dbc6b812b14b97147" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/e19478763154674c084defc62ae0d64d79657f91", "url": "https://git.kernel.org/stable/c/e19478763154674c084defc62ae0d64d79657f91" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2024/06/msg00019.html", "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00019.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html", "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html" }, { "category": "external", "summary": "https://security.netapp.com/advisory/ntap-20240912-0007/", "url": "https://security.netapp.com/advisory/ntap-20240912-0007/" } ], "release_date": "2024-05-30T16:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-09T08:13:32.530942Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773044010", "product_ids": [ "Oracle-Linux-6:kernel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-abi-whitelists-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-debug-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.i686", "Oracle-Linux-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-doc-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-firmware-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-headers-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:perf-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:python-perf-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773044010" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Oracle-Linux-6:kernel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-abi-whitelists-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-debug-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.i686", "Oracle-Linux-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-doc-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-firmware-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-headers-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:perf-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:python-perf-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2023-53506", "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nudf: Do not bother merging very long extents\n\nWhen merging very long extents we try to push as much length as possible\nto the first extent. However this is unnecessarily complicated and not\nreally worth the trouble. Furthermore there was a bug in the logic\nresulting in corrupting extents in the file as syzbot reproducer shows.\nSo just don't bother with the merging of extents that are too long\ntogether.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Oracle-Linux-6:kernel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-abi-whitelists-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-debug-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.i686", "Oracle-Linux-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-doc-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-firmware-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-headers-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:perf-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:python-perf-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2023-53506" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/3d20e3b768aff32112bdce8d3219d923ae75f9f1", "url": "https://git.kernel.org/stable/c/3d20e3b768aff32112bdce8d3219d923ae75f9f1" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/53cafe1d6d8ef9f93318e5bfccc0d24f27d41ced", "url": "https://git.kernel.org/stable/c/53cafe1d6d8ef9f93318e5bfccc0d24f27d41ced" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/5d029799d381a9ee06209a222cae75f04c5d5304", "url": "https://git.kernel.org/stable/c/5d029799d381a9ee06209a222cae75f04c5d5304" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/7a965da79f2d22601f329cbfce588386b0847544", "url": "https://git.kernel.org/stable/c/7a965da79f2d22601f329cbfce588386b0847544" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/965982feb333aefa9256c0fe188b5f1b958aef63", "url": "https://git.kernel.org/stable/c/965982feb333aefa9256c0fe188b5f1b958aef63" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/9a8d602f0723586e668bae7e65c832ceb9bcc8bc", "url": "https://git.kernel.org/stable/c/9a8d602f0723586e668bae7e65c832ceb9bcc8bc" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/adac9ac6d2e04ea0782b91a00ba10706002f3ec4", "url": "https://git.kernel.org/stable/c/adac9ac6d2e04ea0782b91a00ba10706002f3ec4" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/d52252a1de4cf96a34f722b0cd8902d8ff78eb57", "url": "https://git.kernel.org/stable/c/d52252a1de4cf96a34f722b0cd8902d8ff78eb57" } ], "release_date": "2025-10-01T12:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-09T08:13:32.530942Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773044010", "product_ids": [ "Oracle-Linux-6:kernel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-abi-whitelists-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-debug-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.i686", "Oracle-Linux-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-doc-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-firmware-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-headers-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:perf-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:python-perf-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773044010" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Oracle-Linux-6:kernel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-abi-whitelists-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-debug-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.i686", "Oracle-Linux-6:kernel-debug-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-devel-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:kernel-doc-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-firmware-0:2.6.32-754.35.8.el6.tuxcare.els30.noarch", "Oracle-Linux-6:kernel-headers-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:perf-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64", "Oracle-Linux-6:python-perf-0:2.6.32-754.35.8.el6.tuxcare.els30.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] } ] }