{
"document": {
"aggregate_severity": {
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "TuxCare License Agreement",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Cloud Linux Inc. and provide a link to the original.",
"title": "Terms of Use"
},
{
"category": "details",
"text": "ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices {CVE-2024-53197}\n- Bluetooth: L2CAP: Fix slab-use-after-free Read in l2cap_send_cmd {CVE-2025-21969}\n- ext4: fix OOB read when checking dotdot dir {CVE-2025-37785}\n- iscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic() {CVE-2025-21993}\n- vlan: enforce underlying device type {CVE-2025-21920}",
"title": "Details"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://tuxcare.com/contact/",
"name": "TuxCare",
"namespace": "https://tuxcare.com/"
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.tuxcare.com/csaf/v2/els_os/oraclelinux7els/advisories/2025/clsa-2025_1747251218.json"
},
{
"category": "self",
"summary": "https://cve.tuxcare.com/els/releases/CLSA-2025:1747251218",
"url": "https://cve.tuxcare.com/els/releases/CLSA-2025:1747251218"
}
],
"tracking": {
"current_release_date": "2025-05-19T15:27:02Z",
"generator": {
"date": "2025-05-19T15:27:02Z",
"engine": {
"name": "pyCSAF"
}
},
"id": "CLSA-2025:1747251218",
"initial_release_date": "2025-05-14T19:33:41Z",
"revision_history": [
{
"date": "2025-05-14T19:33:41Z",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-05-19T15:27:02Z",
"number": "2",
"summary": "Official Publication"
}
],
"status": "final",
"version": "2"
},
"title": "kernel: Fix of 5 CVEs"
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux 7",
"product": {
"name": "Oracle Linux 7",
"product_id": "Oracle-Linux-7",
"product_identification_helper": {
"cpe": "cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_family",
"name": "Oracle Linux"
}
],
"category": "vendor",
"name": "Oracle Corporation"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "perf-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"product": {
"name": "perf-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"product_id": "perf-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/tuxcare/perf@3.10.0-1160.119.1.0.5.el7.tuxcare.els20?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"product": {
"name": "kernel-debug-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"product_id": "kernel-debug-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/tuxcare/kernel-debug@3.10.0-1160.119.1.0.5.el7.tuxcare.els20?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"product": {
"name": "kernel-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"product_id": "kernel-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/tuxcare/kernel@3.10.0-1160.119.1.0.5.el7.tuxcare.els20?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"product": {
"name": "kernel-tools-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"product_id": "kernel-tools-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/tuxcare/kernel-tools@3.10.0-1160.119.1.0.5.el7.tuxcare.els20?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-devel-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"product": {
"name": "kernel-devel-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"product_id": "kernel-devel-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/tuxcare/kernel-devel@3.10.0-1160.119.1.0.5.el7.tuxcare.els20?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-headers-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"product": {
"name": "kernel-headers-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"product_id": "kernel-headers-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/tuxcare/kernel-headers@3.10.0-1160.119.1.0.5.el7.tuxcare.els20?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "bpftool-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"product": {
"name": "bpftool-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"product_id": "bpftool-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/tuxcare/bpftool@3.10.0-1160.119.1.0.5.el7.tuxcare.els20?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-libs-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"product": {
"name": "kernel-tools-libs-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"product_id": "kernel-tools-libs-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/tuxcare/kernel-tools-libs@3.10.0-1160.119.1.0.5.el7.tuxcare.els20?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"product": {
"name": "kernel-debug-devel-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"product_id": "kernel-debug-devel-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/tuxcare/kernel-debug-devel@3.10.0-1160.119.1.0.5.el7.tuxcare.els20?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python-perf-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"product": {
"name": "python-perf-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"product_id": "python-perf-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/tuxcare/python-perf@3.10.0-1160.119.1.0.5.el7.tuxcare.els20?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "TuxCare"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64 as a component of Oracle Linux 7",
"product_id": "Oracle-Linux-7:perf-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64"
},
"product_reference": "perf-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"relates_to_product_reference": "Oracle-Linux-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64 as a component of Oracle Linux 7",
"product_id": "Oracle-Linux-7:kernel-debug-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64"
},
"product_reference": "kernel-debug-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"relates_to_product_reference": "Oracle-Linux-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64 as a component of Oracle Linux 7",
"product_id": "Oracle-Linux-7:kernel-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64"
},
"product_reference": "kernel-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"relates_to_product_reference": "Oracle-Linux-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64 as a component of Oracle Linux 7",
"product_id": "Oracle-Linux-7:kernel-tools-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64"
},
"product_reference": "kernel-tools-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"relates_to_product_reference": "Oracle-Linux-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64 as a component of Oracle Linux 7",
"product_id": "Oracle-Linux-7:kernel-devel-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64"
},
"product_reference": "kernel-devel-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"relates_to_product_reference": "Oracle-Linux-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-headers-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64 as a component of Oracle Linux 7",
"product_id": "Oracle-Linux-7:kernel-headers-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64"
},
"product_reference": "kernel-headers-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"relates_to_product_reference": "Oracle-Linux-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bpftool-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64 as a component of Oracle Linux 7",
"product_id": "Oracle-Linux-7:bpftool-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64"
},
"product_reference": "bpftool-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"relates_to_product_reference": "Oracle-Linux-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-libs-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64 as a component of Oracle Linux 7",
"product_id": "Oracle-Linux-7:kernel-tools-libs-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64"
},
"product_reference": "kernel-tools-libs-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"relates_to_product_reference": "Oracle-Linux-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64 as a component of Oracle Linux 7",
"product_id": "Oracle-Linux-7:kernel-debug-devel-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64"
},
"product_reference": "kernel-debug-devel-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"relates_to_product_reference": "Oracle-Linux-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-perf-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64 as a component of Oracle Linux 7",
"product_id": "Oracle-Linux-7:python-perf-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64"
},
"product_reference": "python-perf-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"relates_to_product_reference": "Oracle-Linux-7"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-53197",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\nALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices\nA bogus device can provide a bNumConfigurations value that exceeds the\ninitial value used in usb_get_configuration for allocating dev->config.\nThis can lead to out-of-bounds accesses later, e.g. in\nusb_destroy_configuration.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Oracle-Linux-7:perf-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:kernel-debug-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:kernel-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:kernel-tools-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:kernel-devel-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:kernel-headers-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:bpftool-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:kernel-tools-libs-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:kernel-debug-devel-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:python-perf-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2024-53197"
}
],
"release_date": "2024-12-27T00:00:00",
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"Oracle-Linux-7:perf-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:kernel-debug-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:kernel-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:kernel-tools-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:kernel-devel-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:kernel-headers-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:bpftool-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:kernel-tools-libs-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:kernel-debug-devel-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:python-perf-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Medium"
}
]
},
{
"cve": "CVE-2025-21969",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: L2CAP: Fix slab-use-after-free Read in l2cap_send_cmd\n\nAfter the hci sync command releases l2cap_conn, the hci receive data work\nqueue references the released l2cap_conn when sending to the upper layer.\nAdd hci dev lock to the hci receive data work queue to synchronize the two.\n\n[1]\nBUG: KASAN: slab-use-after-free in l2cap_send_cmd+0x187/0x8d0 net/bluetooth/l2cap_core.c:954\nRead of size 8 at addr ffff8880271a4000 by task kworker/u9:2/5837\n\nCPU: 0 UID: 0 PID: 5837 Comm: kworker/u9:2 Not tainted 6.13.0-rc5-syzkaller-00163-gab75170520d4 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nWorkqueue: hci1 hci_rx_work\nCall Trace:\n \n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:489\n kasan_report+0x143/0x180 mm/kasan/report.c:602\n l2cap_build_cmd net/bluetooth/l2cap_core.c:2964 [inline]\n l2cap_send_cmd+0x187/0x8d0 net/bluetooth/l2cap_core.c:954\n l2cap_sig_send_rej net/bluetooth/l2cap_core.c:5502 [inline]\n l2cap_sig_channel net/bluetooth/l2cap_core.c:5538 [inline]\n l2cap_recv_frame+0x221f/0x10db0 net/bluetooth/l2cap_core.c:6817\n hci_acldata_packet net/bluetooth/hci_core.c:3797 [inline]\n hci_rx_work+0x508/0xdb0 net/bluetooth/hci_core.c:4040\n process_one_work kernel/workqueue.c:3229 [inline]\n process_scheduled_works+0xa66/0x1840 kernel/workqueue.c:3310\n worker_thread+0x870/0xd30 kernel/workqueue.c:3391\n kthread+0x2f0/0x390 kernel/kthread.c:389\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n \n\nAllocated by task 5837:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __kmalloc_cache_noprof+0x243/0x390 mm/slub.c:4329\n kmalloc_noprof include/linux/slab.h:901 [inline]\n kzalloc_noprof include/linux/slab.h:1037 [inline]\n l2cap_conn_add+0xa9/0x8e0 net/bluetooth/l2cap_core.c:6860\n l2cap_connect_cfm+0x115/0x1090 net/bluetooth/l2cap_core.c:7239\n hci_connect_cfm include/net/bluetooth/hci_core.h:2057 [inline]\n hci_remote_features_evt+0x68e/0xac0 net/bluetooth/hci_event.c:3726\n hci_event_func net/bluetooth/hci_event.c:7473 [inline]\n hci_event_packet+0xac2/0x1540 net/bluetooth/hci_event.c:7525\n hci_rx_work+0x3f3/0xdb0 net/bluetooth/hci_core.c:4035\n process_one_work kernel/workqueue.c:3229 [inline]\n process_scheduled_works+0xa66/0x1840 kernel/workqueue.c:3310\n worker_thread+0x870/0xd30 kernel/workqueue.c:3391\n kthread+0x2f0/0x390 kernel/kthread.c:389\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n\nFreed by task 54:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n kasan_save_free_info+0x40/0x50 mm/kasan/generic.c:582\n poison_slab_object mm/kasan/common.c:247 [inline]\n __kasan_slab_free+0x59/0x70 mm/kasan/common.c:264\n kasan_slab_free include/linux/kasan.h:233 [inline]\n slab_free_hook mm/slub.c:2353 [inline]\n slab_free mm/slub.c:4613 [inline]\n kfree+0x196/0x430 mm/slub.c:4761\n l2cap_connect_cfm+0xcc/0x1090 net/bluetooth/l2cap_core.c:7235\n hci_connect_cfm include/net/bluetooth/hci_core.h:2057 [inline]\n hci_conn_failed+0x287/0x400 net/bluetooth/hci_conn.c:1266\n hci_abort_conn_sync+0x56c/0x11f0 net/bluetooth/hci_sync.c:5603\n hci_cmd_sync_work+0x22b/0x400 net/bluetooth/hci_sync.c:332\n process_one_work kernel/workqueue.c:3229 [inline]\n process_scheduled_works+0xa66/0x1840 kernel/workqueue.c:3310\n worker_thread+0x870/0xd30 kernel/workqueue.c:3391\n kthread+0x2f0/0x390 kernel/kthread.c:389\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entr\n---truncated---",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Oracle-Linux-7:perf-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:kernel-debug-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:kernel-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:kernel-tools-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:kernel-devel-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:kernel-headers-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:bpftool-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:kernel-tools-libs-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:kernel-debug-devel-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:python-perf-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2025-21969"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/7790a79c6fce8d5d552bc64f5c82819f719e4f28",
"url": "https://git.kernel.org/stable/c/7790a79c6fce8d5d552bc64f5c82819f719e4f28"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/b4f82f9ed43aefa79bec2504ae8c29be0c0f5d1d",
"url": "https://git.kernel.org/stable/c/b4f82f9ed43aefa79bec2504ae8c29be0c0f5d1d"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/c96cce853542b3b13da3738f35ef1be8cfcc9d1d",
"url": "https://git.kernel.org/stable/c/c96cce853542b3b13da3738f35ef1be8cfcc9d1d"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/f8094625a591eeb0b75b1bd9e713fac1d93f5ca9",
"url": "https://git.kernel.org/stable/c/f8094625a591eeb0b75b1bd9e713fac1d93f5ca9"
}
],
"release_date": "2025-04-01T16:15:00",
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Oracle-Linux-7:perf-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:kernel-debug-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:kernel-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:kernel-tools-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:kernel-devel-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:kernel-headers-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:bpftool-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:kernel-tools-libs-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:kernel-debug-devel-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:python-perf-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "High"
}
]
},
{
"cve": "CVE-2025-37785",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix OOB read when checking dotdot dir\n\nMounting a corrupted filesystem with directory which contains '.' dir\nentry with rec_len == block size results in out-of-bounds read (later\non, when the corrupted directory is removed).\n\next4_empty_dir() assumes every ext4 directory contains at least '.'\nand '..' as directory entries in the first data block. It first loads\nthe '.' dir entry, performs sanity checks by calling ext4_check_dir_entry()\nand then uses its rec_len member to compute the location of '..' dir\nentry (in ext4_next_entry). It assumes the '..' dir entry fits into the\nsame data block.\n\nIf the rec_len of '.' is precisely one block (4KB), it slips through the\nsanity checks (it is considered the last directory entry in the data\nblock) and leaves \"struct ext4_dir_entry_2 *de\" point exactly past the\nmemory slot allocated to the data block. The following call to\next4_check_dir_entry() on new value of de then dereferences this pointer\nwhich results in out-of-bounds mem access.\n\nFix this by extending __ext4_check_dir_entry() to check for '.' dir\nentries that reach the end of data block. Make sure to ignore the phony\ndir entries for checksum (by checking name_len for non-zero).\n\nNote: This is reported by KASAN as use-after-free in case another\nstructure was recently freed from the slot past the bound, but it is\nreally an OOB read.\n\nThis issue was found by syzkaller tool.\n\nCall Trace:\n[ 38.594108] BUG: KASAN: slab-use-after-free in __ext4_check_dir_entry+0x67e/0x710\n[ 38.594649] Read of size 2 at addr ffff88802b41a004 by task syz-executor/5375\n[ 38.595158]\n[ 38.595288] CPU: 0 UID: 0 PID: 5375 Comm: syz-executor Not tainted 6.14.0-rc7 #1\n[ 38.595298] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014\n[ 38.595304] Call Trace:\n[ 38.595308] \n[ 38.595311] dump_stack_lvl+0xa7/0xd0\n[ 38.595325] print_address_description.constprop.0+0x2c/0x3f0\n[ 38.595339] ? __ext4_check_dir_entry+0x67e/0x710\n[ 38.595349] print_report+0xaa/0x250\n[ 38.595359] ? __ext4_check_dir_entry+0x67e/0x710\n[ 38.595368] ? kasan_addr_to_slab+0x9/0x90\n[ 38.595378] kasan_report+0xab/0xe0\n[ 38.595389] ? __ext4_check_dir_entry+0x67e/0x710\n[ 38.595400] __ext4_check_dir_entry+0x67e/0x710\n[ 38.595410] ext4_empty_dir+0x465/0x990\n[ 38.595421] ? __pfx_ext4_empty_dir+0x10/0x10\n[ 38.595432] ext4_rmdir.part.0+0x29a/0xd10\n[ 38.595441] ? __dquot_initialize+0x2a7/0xbf0\n[ 38.595455] ? __pfx_ext4_rmdir.part.0+0x10/0x10\n[ 38.595464] ? __pfx___dquot_initialize+0x10/0x10\n[ 38.595478] ? down_write+0xdb/0x140\n[ 38.595487] ? __pfx_down_write+0x10/0x10\n[ 38.595497] ext4_rmdir+0xee/0x140\n[ 38.595506] vfs_rmdir+0x209/0x670\n[ 38.595517] ? lookup_one_qstr_excl+0x3b/0x190\n[ 38.595529] do_rmdir+0x363/0x3c0\n[ 38.595537] ? __pfx_do_rmdir+0x10/0x10\n[ 38.595544] ? strncpy_from_user+0x1ff/0x2e0\n[ 38.595561] __x64_sys_unlinkat+0xf0/0x130\n[ 38.595570] do_syscall_64+0x5b/0x180\n[ 38.595583] entry_SYSCALL_64_after_hwframe+0x76/0x7e",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Oracle-Linux-7:perf-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:kernel-debug-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:kernel-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:kernel-tools-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:kernel-devel-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:kernel-headers-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:bpftool-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:kernel-tools-libs-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:kernel-debug-devel-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:python-perf-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2025-37785"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/14da7dbecb430e35b5889da8dae7bef33173b351",
"url": "https://git.kernel.org/stable/c/14da7dbecb430e35b5889da8dae7bef33173b351"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/52a5509ab19a5d3afe301165d9b5787bba34d842",
"url": "https://git.kernel.org/stable/c/52a5509ab19a5d3afe301165d9b5787bba34d842"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/53bc45da8d8da92ec07877f5922b130562eb4b00",
"url": "https://git.kernel.org/stable/c/53bc45da8d8da92ec07877f5922b130562eb4b00"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/89503e5eae64637d0fa2218912b54660effe7d93",
"url": "https://git.kernel.org/stable/c/89503e5eae64637d0fa2218912b54660effe7d93"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/ac28c5684c1cdab650a7e5065b19e91577d37a4b",
"url": "https://git.kernel.org/stable/c/ac28c5684c1cdab650a7e5065b19e91577d37a4b"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/b47584c556444cf7acb66b26a62cbc348eb92b78",
"url": "https://git.kernel.org/stable/c/b47584c556444cf7acb66b26a62cbc348eb92b78"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/b7531a4f99c3887439d778afaf418d1a01a5f01b",
"url": "https://git.kernel.org/stable/c/b7531a4f99c3887439d778afaf418d1a01a5f01b"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/d5e206778e96e8667d3bde695ad372c296dc9353",
"url": "https://git.kernel.org/stable/c/d5e206778e96e8667d3bde695ad372c296dc9353"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/e47f472a664d70a3d104a6c2a035cdff55a719b4",
"url": "https://git.kernel.org/stable/c/e47f472a664d70a3d104a6c2a035cdff55a719b4"
}
],
"release_date": "2025-04-18T07:15:00",
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"Oracle-Linux-7:perf-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:kernel-debug-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:kernel-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:kernel-tools-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:kernel-devel-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:kernel-headers-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:bpftool-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:kernel-tools-libs-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:kernel-debug-devel-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:python-perf-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "High"
}
]
},
{
"cve": "CVE-2025-21920",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvlan: enforce underlying device type\n\nCurrently, VLAN devices can be created on top of non-ethernet devices.\n\nBesides the fact that it doesn't make much sense, this also causes a\nbug which leaks the address of a kernel function to usermode.\n\nWhen creating a VLAN device, we initialize GARP (garp_init_applicant)\nand MRP (mrp_init_applicant) for the underlying device.\n\nAs part of the initialization process, we add the multicast address of\neach applicant to the underlying device, by calling dev_mc_add.\n\n__dev_mc_add uses dev->addr_len to determine the length of the new\nmulticast address.\n\nThis causes an out-of-bounds read if dev->addr_len is greater than 6,\nsince the multicast addresses provided by GARP and MRP are only 6\nbytes long.\n\nThis behaviour can be reproduced using the following commands:\n\nip tunnel add gretest mode ip6gre local ::1 remote ::2 dev lo\nip l set up dev gretest\nip link add link gretest name vlantest type vlan id 100\n\nThen, the following command will display the address of garp_pdu_rcv:\n\nip maddr show | grep 01:80:c2:00:00:21\n\nFix the bug by enforcing the type of the underlying device during VLAN\ndevice initialization.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Oracle-Linux-7:perf-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:kernel-debug-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:kernel-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:kernel-tools-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:kernel-devel-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:kernel-headers-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:bpftool-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:kernel-tools-libs-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:kernel-debug-devel-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:python-perf-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2025-21920"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/0fb7aa04c19eac4417f360a9f7611a60637bdacc",
"url": "https://git.kernel.org/stable/c/0fb7aa04c19eac4417f360a9f7611a60637bdacc"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/30e8aee77899173a82ae5ed89f536c096f20aaeb",
"url": "https://git.kernel.org/stable/c/30e8aee77899173a82ae5ed89f536c096f20aaeb"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/3561442599804905c3defca241787cd4546e99a7",
"url": "https://git.kernel.org/stable/c/3561442599804905c3defca241787cd4546e99a7"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/5a515d13e15536e82c5c7c83eb6cf5bc4827fee5",
"url": "https://git.kernel.org/stable/c/5a515d13e15536e82c5c7c83eb6cf5bc4827fee5"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/7f1564b2b2072b7aa1ac75350e9560a07c7a44fd",
"url": "https://git.kernel.org/stable/c/7f1564b2b2072b7aa1ac75350e9560a07c7a44fd"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/b33a534610067ade2bdaf2052900aaad99701353",
"url": "https://git.kernel.org/stable/c/b33a534610067ade2bdaf2052900aaad99701353"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/b6c72479748b7ea09f53ed64b223cee6463dc278",
"url": "https://git.kernel.org/stable/c/b6c72479748b7ea09f53ed64b223cee6463dc278"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/fa40ebef69234e39ec2d26930d045f2fb9a8cb2b",
"url": "https://git.kernel.org/stable/c/fa40ebef69234e39ec2d26930d045f2fb9a8cb2b"
}
],
"release_date": "2025-04-01T16:15:00",
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"Oracle-Linux-7:perf-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:kernel-debug-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:kernel-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:kernel-tools-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:kernel-devel-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:kernel-headers-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:bpftool-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:kernel-tools-libs-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:kernel-debug-devel-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:python-perf-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "High"
}
]
},
{
"cve": "CVE-2025-21993",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic()\n\nWhen performing an iSCSI boot using IPv6, iscsistart still reads the\n/sys/firmware/ibft/ethernetX/subnet-mask entry. Since the IPv6 prefix\nlength is 64, this causes the shift exponent to become negative,\ntriggering a UBSAN warning. As the concept of a subnet mask does not\napply to IPv6, the value is set to ~0 to suppress the warning message.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Oracle-Linux-7:perf-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:kernel-debug-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:kernel-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:kernel-tools-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:kernel-devel-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:kernel-headers-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:bpftool-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:kernel-tools-libs-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:kernel-debug-devel-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:python-perf-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2025-21993"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/07e0d99a2f701123ad3104c0f1a1e66bce74d6e5",
"url": "https://git.kernel.org/stable/c/07e0d99a2f701123ad3104c0f1a1e66bce74d6e5"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/2d1eef248107bdf3d5a69d0fde04c30a79a7bf5d",
"url": "https://git.kernel.org/stable/c/2d1eef248107bdf3d5a69d0fde04c30a79a7bf5d"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/9bfa80c8aa4e06dff55a953c3fffbfc68a3a3b1c",
"url": "https://git.kernel.org/stable/c/9bfa80c8aa4e06dff55a953c3fffbfc68a3a3b1c"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/a858cd58dea06cf85b142673deea8c5d87f11e70",
"url": "https://git.kernel.org/stable/c/a858cd58dea06cf85b142673deea8c5d87f11e70"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/b253660fac5e0e9080d2c95e3a029e1898d49afb",
"url": "https://git.kernel.org/stable/c/b253660fac5e0e9080d2c95e3a029e1898d49afb"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/b388e185bfad32bfed6a97a6817f74ca00a4318f",
"url": "https://git.kernel.org/stable/c/b388e185bfad32bfed6a97a6817f74ca00a4318f"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/c1c6e527470e5eab0b2d57bd073530fbace39eab",
"url": "https://git.kernel.org/stable/c/c1c6e527470e5eab0b2d57bd073530fbace39eab"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/f763c82db8166e28f45b7cc4a5398a7859665940",
"url": "https://git.kernel.org/stable/c/f763c82db8166e28f45b7cc4a5398a7859665940"
}
],
"release_date": "2025-04-02T13:15:00",
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"Oracle-Linux-7:perf-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:kernel-debug-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:kernel-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:kernel-tools-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:kernel-devel-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:kernel-headers-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:bpftool-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:kernel-tools-libs-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:kernel-debug-devel-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64",
"Oracle-Linux-7:python-perf-0:3.10.0-1160.119.1.0.5.el7.tuxcare.els20.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "High"
}
]
}
]
}