{ "document": { "aggregate_severity": { "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "TuxCare License Agreement", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Cloud Linux Inc. and provide a link to the original.", "title": "Terms of Use" }, { "category": "details", "text": "fs/proc: fix uaf in proc_readdir_de() {CVE-2025-40271}\n- fs: fix UAF/GPF bug in nilfs_mdt_destroy {CVE-2022-2978}\n- Bluetooth: L2CAP: fix \"bad unlock balance\" in l2cap_disconnect_rsp {CVE-2023-53297}\n- net: sched: sfb: fix null pointer access issue when sfb_init() fails {CVE-2022-50356}\n- ALSA: usb-audio: Fix size validation in convert_chmap_v3()\n- nfsd: don't ignore the return code of svc_proc_register() {CVE-2025-22026}\n- net: usb: smsc75xx: Move packet length check to prevent kernel panic in skb_pull {CVE-2023-53104}\n- net/sched: sch_qfq: Avoid triggering might_sleep in atomic context in qfq_delete_class\n- HID: stop exporting hid_snto32()\n- HID: simplify snto32()\n- HID: core: fix shift-out-of-bounds in hid_report_raw_event {CVE-2022-48978}\n- HID: core: detect and skip invalid inputs to snto32()\n- HID: core: don't use negative operands when shift", "title": "Details" } ], "publisher": { "category": "vendor", "contact_details": "https://tuxcare.com/contact/", "name": "TuxCare", "namespace": "https://tuxcare.com/" }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://security.tuxcare.com/csaf/v2/els_os/oraclelinux7els/advisories/2026/clsa-2026_1768824748.json" }, { "category": "self", "summary": "https://cve.tuxcare.com/els/releases/CLSA-2026:1768824748", "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1768824748" } ], "tracking": { "current_release_date": "2026-01-19T12:13:56Z", "generator": { "date": "2026-01-19T12:13:56Z", "engine": { "name": "pyCSAF" } }, "id": "CLSA-2026:1768824748", "initial_release_date": "2026-01-19T12:13:56Z", "revision_history": [ { "date": "2026-01-19T12:13:56Z", "number": "1", "summary": "Initial version" } ], "status": "final", "version": "1" }, "title": "kernel: Fix of 7 CVEs" }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Oracle Linux 7", "product": { "name": "Oracle Linux 7", "product_id": "Oracle-Linux-7", "product_identification_helper": { "cpe": "cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*" } } } ], "category": "product_family", "name": "Oracle Linux" } ], "category": "vendor", "name": "Oracle Corporation" }, { "branches": [ { "branches": [ { "category": "product_version", "name": "perf-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "product": { "name": "perf-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "product_id": "perf-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/perf@3.10.0-1160.142.1.el7.tuxcare.els1?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-debug-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "product": { "name": "kernel-debug-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "product_id": "kernel-debug-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/kernel-debug@3.10.0-1160.142.1.el7.tuxcare.els1?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "product": { "name": "kernel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "product_id": "kernel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/kernel@3.10.0-1160.142.1.el7.tuxcare.els1?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-tools-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "product": { "name": "kernel-tools-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "product_id": "kernel-tools-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/kernel-tools@3.10.0-1160.142.1.el7.tuxcare.els1?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "product": { "name": "kernel-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "product_id": "kernel-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/kernel-devel@3.10.0-1160.142.1.el7.tuxcare.els1?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-headers-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "product": { "name": "kernel-headers-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "product_id": "kernel-headers-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/kernel-headers@3.10.0-1160.142.1.el7.tuxcare.els1?arch=x86_64" } } }, { "category": "product_version", "name": "bpftool-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "product": { "name": "bpftool-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "product_id": "bpftool-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/bpftool@3.10.0-1160.142.1.el7.tuxcare.els1?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-tools-libs-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "product": { "name": "kernel-tools-libs-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "product_id": "kernel-tools-libs-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/kernel-tools-libs@3.10.0-1160.142.1.el7.tuxcare.els1?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-debug-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "product": { "name": "kernel-debug-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "product_id": "kernel-debug-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/kernel-debug-devel@3.10.0-1160.142.1.el7.tuxcare.els1?arch=x86_64" } } }, { "category": "product_version", "name": "python-perf-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "product": { "name": "python-perf-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "product_id": "python-perf-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/python-perf@3.10.0-1160.142.1.el7.tuxcare.els1?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-tools-libs-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "product": { "name": "kernel-tools-libs-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "product_id": "kernel-tools-libs-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/kernel-tools-libs-devel@3.10.0-1160.142.1.el7.tuxcare.els1?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" } ], "category": "vendor", "name": "TuxCare" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "perf-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64 as a component of Oracle Linux 7", "product_id": "Oracle-Linux-7:perf-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64" }, "product_reference": "perf-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "relates_to_product_reference": "Oracle-Linux-7" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64 as a component of Oracle Linux 7", "product_id": "Oracle-Linux-7:kernel-debug-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64" }, "product_reference": "kernel-debug-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "relates_to_product_reference": "Oracle-Linux-7" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64 as a component of Oracle Linux 7", "product_id": "Oracle-Linux-7:kernel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64" }, "product_reference": "kernel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "relates_to_product_reference": "Oracle-Linux-7" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64 as a component of Oracle Linux 7", "product_id": "Oracle-Linux-7:kernel-tools-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64" }, "product_reference": "kernel-tools-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "relates_to_product_reference": "Oracle-Linux-7" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64 as a component of Oracle Linux 7", "product_id": "Oracle-Linux-7:kernel-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64" }, "product_reference": "kernel-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "relates_to_product_reference": "Oracle-Linux-7" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-headers-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64 as a component of Oracle Linux 7", "product_id": "Oracle-Linux-7:kernel-headers-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64" }, "product_reference": "kernel-headers-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "relates_to_product_reference": "Oracle-Linux-7" }, { "category": "default_component_of", "full_product_name": { "name": "bpftool-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64 as a component of Oracle Linux 7", "product_id": "Oracle-Linux-7:bpftool-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64" }, "product_reference": "bpftool-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "relates_to_product_reference": "Oracle-Linux-7" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-libs-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64 as a component of Oracle Linux 7", "product_id": "Oracle-Linux-7:kernel-tools-libs-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64" }, "product_reference": "kernel-tools-libs-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "relates_to_product_reference": "Oracle-Linux-7" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64 as a component of Oracle Linux 7", "product_id": "Oracle-Linux-7:kernel-debug-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64" }, "product_reference": "kernel-debug-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "relates_to_product_reference": "Oracle-Linux-7" }, { "category": "default_component_of", "full_product_name": { "name": "python-perf-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64 as a component of Oracle Linux 7", "product_id": "Oracle-Linux-7:python-perf-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64" }, "product_reference": "python-perf-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "relates_to_product_reference": "Oracle-Linux-7" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-libs-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64 as a component of Oracle Linux 7", "product_id": "Oracle-Linux-7:kernel-tools-libs-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64" }, "product_reference": "kernel-tools-libs-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "relates_to_product_reference": "Oracle-Linux-7" } ] }, "vulnerabilities": [ { "cve": "CVE-2022-48978", "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: core: fix shift-out-of-bounds in hid_report_raw_event\n\nSyzbot reported shift-out-of-bounds in hid_report_raw_event.\n\nmicrosoft 0003:045E:07DA.0001: hid_field_extract() called with n (128) >\n32! (swapper/0)\n======================================================================\nUBSAN: shift-out-of-bounds in drivers/hid/hid-core.c:1323:20\nshift exponent 127 is too large for 32-bit type 'int'\nCPU: 0 PID: 0 Comm: swapper/0 Not tainted\n6.1.0-rc4-syzkaller-00159-g4bbf3422df78 #0\nHardware name: Google Compute Engine/Google Compute Engine, BIOS\nGoogle 10/26/2022\nCall Trace:\n \n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x1e3/0x2cb lib/dump_stack.c:106\n ubsan_epilogue lib/ubsan.c:151 [inline]\n __ubsan_handle_shift_out_of_bounds+0x3a6/0x420 lib/ubsan.c:322\n snto32 drivers/hid/hid-core.c:1323 [inline]\n hid_input_fetch_field drivers/hid/hid-core.c:1572 [inline]\n hid_process_report drivers/hid/hid-core.c:1665 [inline]\n hid_report_raw_event+0xd56/0x18b0 drivers/hid/hid-core.c:1998\n hid_input_report+0x408/0x4f0 drivers/hid/hid-core.c:2066\n hid_irq_in+0x459/0x690 drivers/hid/usbhid/hid-core.c:284\n __usb_hcd_giveback_urb+0x369/0x530 drivers/usb/core/hcd.c:1671\n dummy_timer+0x86b/0x3110 drivers/usb/gadget/udc/dummy_hcd.c:1988\n call_timer_fn+0xf5/0x210 kernel/time/timer.c:1474\n expire_timers kernel/time/timer.c:1519 [inline]\n __run_timers+0x76a/0x980 kernel/time/timer.c:1790\n run_timer_softirq+0x63/0xf0 kernel/time/timer.c:1803\n __do_softirq+0x277/0x75b kernel/softirq.c:571\n __irq_exit_rcu+0xec/0x170 kernel/softirq.c:650\n irq_exit_rcu+0x5/0x20 kernel/softirq.c:662\n sysvec_apic_timer_interrupt+0x91/0xb0 arch/x86/kernel/apic/apic.c:1107\n======================================================================\n\nIf the size of the integer (unsigned n) is bigger than 32 in snto32(),\nshift exponent will be too large for 32-bit type 'int', resulting in a\nshift-out-of-bounds bug.\nFix this by adding a check on the size of the integer (unsigned n) in\nsnto32(). To add support for n greater than 32 bits, set n to 32, if n\nis greater than 32.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Oracle-Linux-7:bpftool-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-debug-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-debug-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-headers-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-tools-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-tools-libs-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-tools-libs-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:perf-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:python-perf-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-48978" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/151493fe5a6ed1a88decc929a7368a3f2a246914", "url": "https://git.kernel.org/stable/c/151493fe5a6ed1a88decc929a7368a3f2a246914" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/2b3b4d7aadaa1b6b58d0f34823bf86cfe8a31b4d", "url": "https://git.kernel.org/stable/c/2b3b4d7aadaa1b6b58d0f34823bf86cfe8a31b4d" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/809783f8b4b600c7fb3bccb10fefef822601ea3b", "url": "https://git.kernel.org/stable/c/809783f8b4b600c7fb3bccb10fefef822601ea3b" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/8e14f20e12224ee2429f75a5c9418a700e26a8d3", "url": "https://git.kernel.org/stable/c/8e14f20e12224ee2429f75a5c9418a700e26a8d3" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/bc03f809da78fc79e4aee132d4e5c6a2b3aeec73", "url": "https://git.kernel.org/stable/c/bc03f809da78fc79e4aee132d4e5c6a2b3aeec73" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/db1ed1b3fb4ec0d19080a102956255769bc45c79", "url": "https://git.kernel.org/stable/c/db1ed1b3fb4ec0d19080a102956255769bc45c79" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/ec61b41918587be530398b0d1c9a0d16619397e5", "url": "https://git.kernel.org/stable/c/ec61b41918587be530398b0d1c9a0d16619397e5" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/f755d11c55b29049b77da5cd9ab2faae96eb33c3", "url": "https://git.kernel.org/stable/c/f755d11c55b29049b77da5cd9ab2faae96eb33c3" } ], "release_date": "2024-10-21T20:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-01-19T12:12:30.121619Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1768824748", "product_ids": [ "Oracle-Linux-7:bpftool-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-debug-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-debug-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-headers-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-tools-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-tools-libs-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-tools-libs-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:perf-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:python-perf-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1768824748" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "Oracle-Linux-7:bpftool-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-debug-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-debug-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-headers-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-tools-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-tools-libs-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-tools-libs-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:perf-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:python-perf-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ] }, { "cve": "CVE-2022-2978", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "A flaw use after free in the Linux kernel NILFS file system was found in the way user triggers function security_inode_alloc to fail with following call to function nilfs_mdt_destroy. A local user could use this flaw to crash the system or potentially escalate their privileges on the system.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Oracle-Linux-7:bpftool-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-debug-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-debug-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-headers-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-tools-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-tools-libs-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-tools-libs-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:perf-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:python-perf-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-2978" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2022/12/msg00034.html", "url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00034.html" }, { "category": "external", "summary": "https://lore.kernel.org/linux-fsdevel/20220816040859.659129-1-dzm91%40hust.edu.cn/T/#u", "url": "https://lore.kernel.org/linux-fsdevel/20220816040859.659129-1-dzm91%40hust.edu.cn/T/#u" } ], "release_date": "2022-08-24T16:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-01-19T12:12:30.121619Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1768824748", "product_ids": [ "Oracle-Linux-7:bpftool-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-debug-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-debug-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-headers-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-tools-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-tools-libs-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-tools-libs-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:perf-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:python-perf-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1768824748" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Oracle-Linux-7:bpftool-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-debug-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-debug-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-headers-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-tools-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-tools-libs-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-tools-libs-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:perf-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:python-perf-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2023-53297", "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: L2CAP: fix \"bad unlock balance\" in l2cap_disconnect_rsp\n\nconn->chan_lock isn't acquired before l2cap_get_chan_by_scid,\nif l2cap_get_chan_by_scid returns NULL, then 'bad unlock balance'\nis triggered.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Oracle-Linux-7:bpftool-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-debug-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-debug-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-headers-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-tools-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-tools-libs-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-tools-libs-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:perf-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:python-perf-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2023-53297" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/116b9c002c894097adc2b8684db2d1da4229ed46", "url": "https://git.kernel.org/stable/c/116b9c002c894097adc2b8684db2d1da4229ed46" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/2112c4c47d36bc5aba3ddeb9afedce6ae6a67e7d", "url": "https://git.kernel.org/stable/c/2112c4c47d36bc5aba3ddeb9afedce6ae6a67e7d" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/25e97f7b1866e6b8503be349eeea44bb52d661ce", "url": "https://git.kernel.org/stable/c/25e97f7b1866e6b8503be349eeea44bb52d661ce" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/5134556c9be582793f30695c09d18a26fe1ff2d7", "url": "https://git.kernel.org/stable/c/5134556c9be582793f30695c09d18a26fe1ff2d7" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/55410a9144c76ecda126e6cdec556dfcd8f343b2", "url": "https://git.kernel.org/stable/c/55410a9144c76ecda126e6cdec556dfcd8f343b2" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/5f352a56f0e607e6ff539cbf12156bfd8af232be", "url": "https://git.kernel.org/stable/c/5f352a56f0e607e6ff539cbf12156bfd8af232be" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/6a27762340ad08643de3bc17fe1646ea489ca2e2", "url": "https://git.kernel.org/stable/c/6a27762340ad08643de3bc17fe1646ea489ca2e2" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/fd269a0435f8e9943b7a57c5a59688848d42d449", "url": "https://git.kernel.org/stable/c/fd269a0435f8e9943b7a57c5a59688848d42d449" } ], "release_date": "2025-09-16T08:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-01-19T12:12:30.121619Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1768824748", "product_ids": [ "Oracle-Linux-7:bpftool-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-debug-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-debug-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-headers-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-tools-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-tools-libs-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-tools-libs-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:perf-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:python-perf-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1768824748" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "Oracle-Linux-7:bpftool-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-debug-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-debug-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-headers-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-tools-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-tools-libs-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-tools-libs-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:perf-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:python-perf-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ] }, { "cve": "CVE-2022-50356", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: sched: sfb: fix null pointer access issue when sfb_init() fails\n\nWhen the default qdisc is sfb, if the qdisc of dev_queue fails to be\ninited during mqprio_init(), sfb_reset() is invoked to clear resources.\nIn this case, the q->qdisc is NULL, and it will cause gpf issue.\n\nThe process is as follows:\nqdisc_create_dflt()\n\tsfb_init()\n\t\ttcf_block_get() --->failed, q->qdisc is NULL\n\t...\n\tqdisc_put()\n\t\t...\n\t\tsfb_reset()\n\t\t\tqdisc_reset(q->qdisc) --->q->qdisc is NULL\n\t\t\t\tops = qdisc->ops\n\nThe following is the Call Trace information:\ngeneral protection fault, probably for non-canonical address\n0xdffffc0000000003: 0000 [#1] PREEMPT SMP KASAN\nKASAN: null-ptr-deref in range [0x0000000000000018-0x000000000000001f]\nRIP: 0010:qdisc_reset+0x2b/0x6f0\nCall Trace:\n\nsfb_reset+0x37/0xd0\nqdisc_reset+0xed/0x6f0\nqdisc_destroy+0x82/0x4c0\nqdisc_put+0x9e/0xb0\nqdisc_create_dflt+0x2c3/0x4a0\nmqprio_init+0xa71/0x1760\nqdisc_create+0x3eb/0x1000\ntc_modify_qdisc+0x408/0x1720\nrtnetlink_rcv_msg+0x38e/0xac0\nnetlink_rcv_skb+0x12d/0x3a0\nnetlink_unicast+0x4a2/0x740\nnetlink_sendmsg+0x826/0xcc0\nsock_sendmsg+0xc5/0x100\n____sys_sendmsg+0x583/0x690\n___sys_sendmsg+0xe8/0x160\n__sys_sendmsg+0xbf/0x160\ndo_syscall_64+0x35/0x80\nentry_SYSCALL_64_after_hwframe+0x46/0xb0\nRIP: 0033:0x7f2164122d04\n", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Oracle-Linux-7:bpftool-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-debug-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-debug-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-headers-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-tools-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-tools-libs-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-tools-libs-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:perf-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:python-perf-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-50356" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/2a3fc78210b9f0e85372a2435368962009f480fc", "url": "https://git.kernel.org/stable/c/2a3fc78210b9f0e85372a2435368962009f480fc" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/723399af2795fb95687a531c9480464b5f489333", "url": "https://git.kernel.org/stable/c/723399af2795fb95687a531c9480464b5f489333" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c2e1e59d59fafe297779ceae1fe0e6fbebc3e745", "url": "https://git.kernel.org/stable/c/c2e1e59d59fafe297779ceae1fe0e6fbebc3e745" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/ded86c4191a3c17f8200d17a7d8a6f63b74554ae", "url": "https://git.kernel.org/stable/c/ded86c4191a3c17f8200d17a7d8a6f63b74554ae" } ], "release_date": "2025-09-17T15:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-01-19T12:12:30.121619Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1768824748", "product_ids": [ "Oracle-Linux-7:bpftool-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-debug-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-debug-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-headers-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-tools-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-tools-libs-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-tools-libs-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:perf-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:python-perf-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1768824748" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "Oracle-Linux-7:bpftool-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-debug-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-debug-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-headers-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-tools-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-tools-libs-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-tools-libs-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:perf-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:python-perf-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ] }, { "cve": "CVE-2023-53104", "cwe": { "id": "CWE-131", "name": "Incorrect Calculation of Buffer Size" }, "notes": [ { "category": "description", "text": "[REJECTED CVE] In the Linux kernel, the following vulnerability has been resolved:\nnet: usb: smsc75xx: Move packet length check to prevent kernel panic in skb_pull", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Oracle-Linux-7:bpftool-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-debug-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-debug-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-headers-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-tools-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-tools-libs-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-tools-libs-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:perf-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:python-perf-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2023-53104" } ], "release_date": "2025-05-02T00:00:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-01-19T12:12:30.121619Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1768824748", "product_ids": [ "Oracle-Linux-7:bpftool-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-debug-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-debug-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-headers-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-tools-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-tools-libs-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-tools-libs-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:perf-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:python-perf-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1768824748" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "Oracle-Linux-7:bpftool-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-debug-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-debug-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-headers-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-tools-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-tools-libs-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-tools-libs-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:perf-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:python-perf-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ] }, { "cve": "CVE-2025-22026", "cwe": { "id": "CWE-252", "name": "Unchecked Return Value" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: don't ignore the return code of svc_proc_register()\n\nCurrently, nfsd_proc_stat_init() ignores the return value of\nsvc_proc_register(). If the procfile creation fails, then the kernel\nwill WARN when it tries to remove the entry later.\n\nFix nfsd_proc_stat_init() to return the same type of pointer as\nsvc_proc_register(), and fix up nfsd_net_init() to check that and fail\nthe nfsd_net construction if it occurs.\n\nsvc_proc_register() can fail if the dentry can't be allocated, or if an\nidentical dentry already exists. The second case is pretty unlikely in\nthe nfsd_net construction codepath, so if this happens, return -ENOMEM.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Oracle-Linux-7:bpftool-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-debug-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-debug-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-headers-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-tools-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-tools-libs-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-tools-libs-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:perf-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:python-perf-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-22026" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/6a59b70fe71ec66c0dd19e2c279c71846a3fb2f0", "url": "https://git.kernel.org/stable/c/6a59b70fe71ec66c0dd19e2c279c71846a3fb2f0" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/930b64ca0c511521f0abdd1d57ce52b2a6e3476b", "url": "https://git.kernel.org/stable/c/930b64ca0c511521f0abdd1d57ce52b2a6e3476b" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/9d9456185fd5f1891c74354ee297f19538141ead", "url": "https://git.kernel.org/stable/c/9d9456185fd5f1891c74354ee297f19538141ead" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/e31957a819e60cf0bc9a49408765e6095fd3d046", "url": "https://git.kernel.org/stable/c/e31957a819e60cf0bc9a49408765e6095fd3d046" } ], "release_date": "2025-04-16T15:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-01-19T12:12:30.121619Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1768824748", "product_ids": [ "Oracle-Linux-7:bpftool-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-debug-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-debug-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-headers-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-tools-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-tools-libs-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-tools-libs-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:perf-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:python-perf-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1768824748" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "Oracle-Linux-7:bpftool-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-debug-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-debug-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-headers-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-tools-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-tools-libs-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-tools-libs-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:perf-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:python-perf-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ] }, { "cve": "CVE-2025-40271", "cwe": { "id": "CWE-825", "name": "Expired Pointer Dereference" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\nfs/proc: fix uaf in proc_readdir_de()\nPde is erased from subdir rbtree through rb_erase(), but not set the node\nto EMPTY, which may result in uaf access. We should use RB_CLEAR_NODE()\nset the erased node to EMPTY, then pde_subdir_next() will return NULL to\navoid uaf access.\nWe found an uaf issue while using stress-ng testing, need to run testcase\ngetdent and tun in the same time. The steps of the issue is as follows:\n1) use getdent to traverse dir /proc/pid/net/dev_snmp6/, and current\npde is tun3;\n2) in the [time windows] unregister netdevice tun3 and tun2, and erase\nthem from rbtree. erase tun3 first, and then erase tun2. the\npde(tun2) will be released to slab;\n3) continue to getdent process, then pde_subdir_next() will return\npde(tun2) which is released, it will case uaf access.\nCPU 0 | CPU 1\n-------------------------------------------------------------------------\ntraverse dir /proc/pid/net/dev_snmp6/ | unregister_netdevice(tun->dev) //tun3 tun2\nsys_getdents64() |\niterate_dir() |\nproc_readdir() |\nproc_readdir_de() | snmp6_unregister_dev()\npde_get(de); | proc_remove()\nread_unlock(&proc_subdir_lock); | remove_proc_subtree()\n| write_lock(&proc_subdir_lock);\n[time window] | rb_erase(&root->subdir_node, &parent->subdir);\n| write_unlock(&proc_subdir_lock);\nread_lock(&proc_subdir_lock); |\nnext = pde_subdir_next(de); |\npde_put(de); |\nde = next; //UAF |\nrbtree of dev_snmp6\n|\npde(tun3)\n/ \\\nNULL pde(tun2)", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Oracle-Linux-7:bpftool-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-debug-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-debug-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-headers-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-tools-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-tools-libs-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-tools-libs-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:perf-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:python-perf-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-40271" } ], "release_date": "2025-12-06T00:00:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-01-19T12:12:30.121619Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1768824748", "product_ids": [ "Oracle-Linux-7:bpftool-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-debug-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-debug-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-headers-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-tools-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-tools-libs-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-tools-libs-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:perf-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:python-perf-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1768824748" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Oracle-Linux-7:bpftool-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-debug-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-debug-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-headers-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-tools-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-tools-libs-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-tools-libs-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:perf-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:python-perf-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2022-50367", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs: fix UAF/GPF bug in nilfs_mdt_destroy\n\nIn alloc_inode, inode_init_always() could return -ENOMEM if\nsecurity_inode_alloc() fails, which causes inode->i_private\nuninitialized. Then nilfs_is_metadata_file_inode() returns\ntrue and nilfs_free_inode() wrongly calls nilfs_mdt_destroy(),\nwhich frees the uninitialized inode->i_private\nand leads to crashes(e.g., UAF/GPF).\n\nFix this by moving security_inode_alloc just prior to\nthis_cpu_inc(nr_inodes)", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Oracle-Linux-7:bpftool-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-debug-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-debug-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-headers-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-tools-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-tools-libs-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-tools-libs-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:perf-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:python-perf-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-50367" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/1e555c3ed1fce4b278aaebe18a64a934cece57d8", "url": "https://git.kernel.org/stable/c/1e555c3ed1fce4b278aaebe18a64a934cece57d8" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/2a96b532098284ecf8e4849b8b9e5fc7a28bdee9", "url": "https://git.kernel.org/stable/c/2a96b532098284ecf8e4849b8b9e5fc7a28bdee9" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/2e488f13755ffbb60f307e991b27024716a33b29", "url": "https://git.kernel.org/stable/c/2e488f13755ffbb60f307e991b27024716a33b29" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/64b79e632869ad3ef6c098a4731d559381da1115", "url": "https://git.kernel.org/stable/c/64b79e632869ad3ef6c098a4731d559381da1115" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/70e4f70d54e0225f91814e8610477d65f33cefe4", "url": "https://git.kernel.org/stable/c/70e4f70d54e0225f91814e8610477d65f33cefe4" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/81de80330fa6907aec32eb54c5619059e6e36452", "url": "https://git.kernel.org/stable/c/81de80330fa6907aec32eb54c5619059e6e36452" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c0aa76b0f17f59dd9c9d3463550a2986a1d592e4", "url": "https://git.kernel.org/stable/c/c0aa76b0f17f59dd9c9d3463550a2986a1d592e4" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/d1ff475d7c83289d0a7faef346ea3bbf90818bad", "url": "https://git.kernel.org/stable/c/d1ff475d7c83289d0a7faef346ea3bbf90818bad" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/ec2aab115eb38ac4992ea2fcc2a02fbe7af5cf48", "url": "https://git.kernel.org/stable/c/ec2aab115eb38ac4992ea2fcc2a02fbe7af5cf48" } ], "release_date": "2025-09-17T15:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-01-19T12:12:30.121619Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1768824748", "product_ids": [ "Oracle-Linux-7:bpftool-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-debug-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-debug-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-headers-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-tools-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-tools-libs-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-tools-libs-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:perf-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:python-perf-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1768824748" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Oracle-Linux-7:bpftool-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-debug-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-debug-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-headers-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-tools-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-tools-libs-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:kernel-tools-libs-devel-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:perf-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64", "Oracle-Linux-7:python-perf-0:3.10.0-1160.142.1.el7.tuxcare.els1.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] } ] }