{
"document": {
"aggregate_severity": {
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "TuxCare License Agreement",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Cloud Linux Inc. and provide a link to the original.",
"title": "Terms of Use"
},
{
"category": "details",
"text": "ALSA: usb-audio: Fix use-after-free in snd_usb_mixer_free() {CVE-2026-23089}\n- HID: core: Harden s32ton() against conversion to 0 bits {CVE-2025-38556}\n- KVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory {CVE-2024-50115}\n- KVM: x86: Reset IRTE to host control if *new* route isn't postable {CVE-2025-37885}\n- NFSD: Protect against send buffer overflow in NFSv2 READ {CVE-2022-43945}\n- NFSv4/pNFS: Clear NFS_INO_LAYOUTCOMMIT in pnfs_mark_layout_stateid_invalid {CVE-2025-68349}\n- Revert \"IB/core: Implement clear counters\"\n- Revert \"IB/mlx5: Implement clear counters\"\n- Revert \"ib/core: add SET_DEVICE_OP call for clear_hw_stats()\"\n- Revert \"perf/x86: Always store regs->ip in perf_callchain_kernel()\"\n- Revert \"xfrm: destroy xfrm_state synchronously on net exit path\"\n- bpf, sockmap: Fix race between element replace and close() {CVE-2024-56664}\n- can: kvaser_usb: kvaser_usb_read_bulk_callback(): fix URB memory leak {CVE-2026-23061}\n- crypto: authencesn - reject too-short AAD (assoclen<8) to match ESP/ESN spec {CVE-2026-23060}\n- crypto: lzo - Fix compression buffer overrun {CVE-2025-38068}\n- drm/amd/pm: fix the Out-of-bounds read warning {CVE-2024-46731}\n- drm/amdgpu: Fix out-of-bounds read of df_v1_7_channel_number {CVE-2024-46724}\n- drm/amdkfd: amdkfd_free_gtt_mem clear the correct pointer {CVE-2024-49991}\n- ext4/jbd2: skip sb flush when EIO happened\n- ext4: save the error code which triggered an\n- fou: remove warn in gue_gro_receive on unsupported protocol {CVE-2024-44940}\n- fs: proc: inode: delay put_pid() by RCU\n- fs: writeback: fix use-after-free in __mark_inode_dirty() {CVE-2025-39866}\n- genirq/cpuhotplug: Notify about affinity changes breaking the affinity mask\n- io_uring: fix filename leak in __io_openat_prep() {CVE-2025-68814}\n- jbd2: store more accurate errno in superblock\n- libceph: fix potential use-after-free in have_mon_and_osd_map() {CVE-2025-68285}\n- libceph: make free_choose_arg_map() resilient to partial allocation {CVE-2026-22991}\n- macvlan: Add nodst option to macvlan type source\n- macvlan: Use 'hash' iterators to simplify code\n- macvlan: fix error recovery in macvlan_common_newlink() {CVE-2026-23209}\n- macvlan: fix possible UAF in macvlan_forward_source() {CVE-2026-23001}\n- macvlan: observe an RCU grace period in macvlan_common_newlink() error path {CVE-2026-23273}\n- media: xc2028: avoid use-after-free in load_firmware_cb() {CVE-2024-43900}\n- mm: call the security_mmap_file() LSM hook in remap_file_pages() {CVE-2024-47745}\n- net/sched: sch_qfq: do not free existing class in qfq_change_class() {CVE-2026-22999}\n- net: sock: fix hardened usercopy panic in sock_recv_errqueue {CVE-2026-22977}\n- net: usb: rtl8150: fix memory leak on usb_submit_urb() failure {CVE-2025-71154}\n- rds: Add state field to RDS trace logs.\n- rds: Drop rds conn in connect worker if not in down state.\n- scsi: mpi3mr: Sanitise num_phys {CVE-2024-42159}\n- scsi: target: iscsi: Fix use-after-free in iscsit_dec_session_usage_count() {CVE-2026-23193}\n- tty: n_gsm: Fix use-after-free in gsm_cleanup_mux {CVE-2024-50073}\n- usb: core: config: Prevent OOB read in SS endpoint companion parsing {CVE-2025-39760}\n- vhost-scsi: Fix handling of multiple calls to vhost_scsi_set_endpoint {CVE-2025-22083}\n- wifi: iwlwifi: mvm: check n_ssids before accessing the ssids {CVE-2024-40929}\n- xfrm: also call xfrm_state_delete_tunnel at destroy time for states that were never added {CVE-2025-40256}\n- xfrm: delete x->tunnel as we delete x {CVE-2025-40215}\n- xfrm: flush all states in xfrm_state_fini",
"title": "Details"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://tuxcare.com/contact/",
"name": "TuxCare",
"namespace": "https://tuxcare.com/"
},
"references": [
{
"category": "self",
"summary": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775655705",
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775655705"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.tuxcare.com/csaf/v2/els_os/oraclelinux7els/advisories/2026/clsa-2026_1775655705.json"
}
],
"tracking": {
"current_release_date": "2026-04-08T13:44:53Z",
"generator": {
"date": "2026-04-08T13:44:53Z",
"engine": {
"name": "pyCSAF"
}
},
"id": "CLSA-2026:1775655705",
"initial_release_date": "2026-04-08T13:44:53Z",
"revision_history": [
{
"date": "2026-04-08T13:44:53Z",
"number": "1",
"summary": "Initial version"
}
],
"status": "final",
"version": "1"
},
"title": "kernel-uek: Fix of 34 CVEs"
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux 7",
"product": {
"name": "Oracle Linux 7",
"product_id": "Oracle-Linux-7",
"product_identification_helper": {
"cpe": "cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_family",
"name": "Oracle Linux"
}
],
"category": "vendor",
"name": "Oracle Corporation"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"product": {
"name": "kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"product_id": "kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/tuxcare/kernel-uek-devel@5.4.17-2136.354.4.el7uek.tuxcare.els1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"product": {
"name": "kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"product_id": "kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/tuxcare/kernel-uek-container@5.4.17-2136.354.4.el7uek.tuxcare.els1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"product": {
"name": "python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"product_id": "python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/tuxcare/python-perf@5.4.17-2136.354.4.el7uek.tuxcare.els1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"product": {
"name": "kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"product_id": "kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/tuxcare/kernel-uek-debug-devel@5.4.17-2136.354.4.el7uek.tuxcare.els1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"product": {
"name": "kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"product_id": "kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/tuxcare/kernel-uek-tools@5.4.17-2136.354.4.el7uek.tuxcare.els1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"product": {
"name": "bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"product_id": "bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/tuxcare/bpftool@5.4.17-2136.354.4.el7uek.tuxcare.els1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"product": {
"name": "kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"product_id": "kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/tuxcare/kernel-uek-headers@5.4.17-2136.354.4.el7uek.tuxcare.els1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"product": {
"name": "kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"product_id": "kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/tuxcare/kernel-uek@5.4.17-2136.354.4.el7uek.tuxcare.els1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"product": {
"name": "kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"product_id": "kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/tuxcare/kernel-uek-debug@5.4.17-2136.354.4.el7uek.tuxcare.els1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"product": {
"name": "perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"product_id": "perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/tuxcare/perf@5.4.17-2136.354.4.el7uek.tuxcare.els1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"product": {
"name": "kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"product_id": "kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/tuxcare/kernel-uek-container-debug@5.4.17-2136.354.4.el7uek.tuxcare.els1?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "TuxCare"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64 as a component of Oracle Linux 7",
"product_id": "Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
},
"product_reference": "kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"relates_to_product_reference": "Oracle-Linux-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64 as a component of Oracle Linux 7",
"product_id": "Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
},
"product_reference": "kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"relates_to_product_reference": "Oracle-Linux-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64 as a component of Oracle Linux 7",
"product_id": "Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
},
"product_reference": "python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"relates_to_product_reference": "Oracle-Linux-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64 as a component of Oracle Linux 7",
"product_id": "Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
},
"product_reference": "kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"relates_to_product_reference": "Oracle-Linux-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64 as a component of Oracle Linux 7",
"product_id": "Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
},
"product_reference": "kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"relates_to_product_reference": "Oracle-Linux-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64 as a component of Oracle Linux 7",
"product_id": "Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
},
"product_reference": "bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"relates_to_product_reference": "Oracle-Linux-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64 as a component of Oracle Linux 7",
"product_id": "Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
},
"product_reference": "kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"relates_to_product_reference": "Oracle-Linux-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64 as a component of Oracle Linux 7",
"product_id": "Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
},
"product_reference": "kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"relates_to_product_reference": "Oracle-Linux-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64 as a component of Oracle Linux 7",
"product_id": "Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
},
"product_reference": "kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"relates_to_product_reference": "Oracle-Linux-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64 as a component of Oracle Linux 7",
"product_id": "Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
},
"product_reference": "perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"relates_to_product_reference": "Oracle-Linux-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64 as a component of Oracle Linux 7",
"product_id": "Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
},
"product_reference": "kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"relates_to_product_reference": "Oracle-Linux-7"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-23089",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: usb-audio: Fix use-after-free in snd_usb_mixer_free()\n\nWhen snd_usb_create_mixer() fails, snd_usb_mixer_free() frees\nmixer->id_elems but the controls already added to the card still\nreference the freed memory. Later when snd_card_register() runs,\nthe OSS mixer layer calls their callbacks and hits a use-after-free read.\n\nCall trace:\n get_ctl_value+0x63f/0x820 sound/usb/mixer.c:411\n get_min_max_with_quirks.isra.0+0x240/0x1f40 sound/usb/mixer.c:1241\n mixer_ctl_feature_info+0x26b/0x490 sound/usb/mixer.c:1381\n snd_mixer_oss_build_test+0x174/0x3a0 sound/core/oss/mixer_oss.c:887\n ...\n snd_card_register+0x4ed/0x6d0 sound/core/init.c:923\n usb_audio_probe+0x5ef/0x2a90 sound/usb/card.c:1025\n\nFix by calling snd_ctl_remove() for all mixer controls before freeing\nid_elems. We save the next pointer first because snd_ctl_remove()\nfrees the current element.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2026-23089"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/51b1aa6fe7dc87356ba58df06afb9677c9b841ea",
"url": "https://git.kernel.org/stable/c/51b1aa6fe7dc87356ba58df06afb9677c9b841ea"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/56fb6efd5d04caf6f14994d51ec85393b9a896c6",
"url": "https://git.kernel.org/stable/c/56fb6efd5d04caf6f14994d51ec85393b9a896c6"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/7009daeefa945973a530b2f605fe445fc03747af",
"url": "https://git.kernel.org/stable/c/7009daeefa945973a530b2f605fe445fc03747af"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/7bff0156d13f0ad9436e5178b979b063d59f572a",
"url": "https://git.kernel.org/stable/c/7bff0156d13f0ad9436e5178b979b063d59f572a"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/930e69757b74c3ae083b0c3c7419bfe7f0edc7b2",
"url": "https://git.kernel.org/stable/c/930e69757b74c3ae083b0c3c7419bfe7f0edc7b2"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/dc1a5dd80af1ee1f29d8375b12dd7625f6294dad",
"url": "https://git.kernel.org/stable/c/dc1a5dd80af1ee1f29d8375b12dd7625f6294dad"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/e6f103a22b08daf5df2f4aa158081840e5910963",
"url": "https://git.kernel.org/stable/c/e6f103a22b08daf5df2f4aa158081840e5910963"
}
],
"release_date": "2026-02-04T17:16:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T13:41:48.045205Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775655705",
"product_ids": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775655705"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2025-39866",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs: writeback: fix use-after-free in __mark_inode_dirty()\n\nAn use-after-free issue occurred when __mark_inode_dirty() get the\nbdi_writeback that was in the progress of switching.\n\nCPU: 1 PID: 562 Comm: systemd-random- Not tainted 6.6.56-gb4403bd46a8e #1\n......\npstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : __mark_inode_dirty+0x124/0x418\nlr : __mark_inode_dirty+0x118/0x418\nsp : ffffffc08c9dbbc0\n........\nCall trace:\n __mark_inode_dirty+0x124/0x418\n generic_update_time+0x4c/0x60\n file_modified+0xcc/0xd0\n ext4_buffered_write_iter+0x58/0x124\n ext4_file_write_iter+0x54/0x704\n vfs_write+0x1c0/0x308\n ksys_write+0x74/0x10c\n __arm64_sys_write+0x1c/0x28\n invoke_syscall+0x48/0x114\n el0_svc_common.constprop.0+0xc0/0xe0\n do_el0_svc+0x1c/0x28\n el0_svc+0x40/0xe4\n el0t_64_sync_handler+0x120/0x12c\n el0t_64_sync+0x194/0x198\n\nRoot cause is:\n\nsystemd-random-seed kworker\n----------------------------------------------------------------------\n___mark_inode_dirty inode_switch_wbs_work_fn\n\n spin_lock(&inode->i_lock);\n inode_attach_wb\n locked_inode_to_wb_and_lock_list\n get inode->i_wb\n spin_unlock(&inode->i_lock);\n spin_lock(&wb->list_lock)\n spin_lock(&inode->i_lock)\n inode_io_list_move_locked\n spin_unlock(&wb->list_lock)\n spin_unlock(&inode->i_lock)\n spin_lock(&old_wb->list_lock)\n inode_do_switch_wbs\n spin_lock(&inode->i_lock)\n inode->i_wb = new_wb\n spin_unlock(&inode->i_lock)\n spin_unlock(&old_wb->list_lock)\n wb_put_many(old_wb, nr_switched)\n cgwb_release\n old wb released\n wb_wakeup_delayed() accesses wb,\n then trigger the use-after-free\n issue\n\nFix this race condition by holding inode spinlock until\nwb_wakeup_delayed() finished.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2025-39866"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/1edc2feb9c759a9883dfe81cb5ed231412d8b2e4",
"url": "https://git.kernel.org/stable/c/1edc2feb9c759a9883dfe81cb5ed231412d8b2e4"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/b187c976111960e6e54a6b1fff724f6e3d39406c",
"url": "https://git.kernel.org/stable/c/b187c976111960e6e54a6b1fff724f6e3d39406c"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/bf89b1f87c72df79cf76203f71fbf8349cd5c9de",
"url": "https://git.kernel.org/stable/c/bf89b1f87c72df79cf76203f71fbf8349cd5c9de"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/c8c14adf80bd1a6e4a1d7ee9c2a816881c26d17a",
"url": "https://git.kernel.org/stable/c/c8c14adf80bd1a6e4a1d7ee9c2a816881c26d17a"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/d02d2c98d25793902f65803ab853b592c7a96b29",
"url": "https://git.kernel.org/stable/c/d02d2c98d25793902f65803ab853b592c7a96b29"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/e2a14bbae5d8bacaa301362744a110e2be40a3a3",
"url": "https://git.kernel.org/stable/c/e2a14bbae5d8bacaa301362744a110e2be40a3a3"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/e63052921f1b25a836feb1500b841bff7a4a0456",
"url": "https://git.kernel.org/stable/c/e63052921f1b25a836feb1500b841bff7a4a0456"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html",
"url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html"
}
],
"release_date": "2025-09-19T16:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T13:41:48.045205Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775655705",
"product_ids": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775655705"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2026-22999",
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: sch_qfq: do not free existing class in qfq_change_class()\n\nFixes qfq_change_class() error case.\n\ncl->qdisc and cl should only be freed if a new class and qdisc\nwere allocated, or we risk various UAF.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2026-22999"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/0a234660dc70ce45d771cbc76b20d925b73ec160",
"url": "https://git.kernel.org/stable/c/0a234660dc70ce45d771cbc76b20d925b73ec160"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/2a64fb9b47afffeb5dbab5fd3a518e1436dcc90e",
"url": "https://git.kernel.org/stable/c/2a64fb9b47afffeb5dbab5fd3a518e1436dcc90e"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/362e269bb03f7076ba9990e518aeddb898232e50",
"url": "https://git.kernel.org/stable/c/362e269bb03f7076ba9990e518aeddb898232e50"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/3879cffd9d07aa0377c4b8835c4f64b4fb24ac78",
"url": "https://git.kernel.org/stable/c/3879cffd9d07aa0377c4b8835c4f64b4fb24ac78"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/cff6cd703f41d8071995956142729e4bba160363",
"url": "https://git.kernel.org/stable/c/cff6cd703f41d8071995956142729e4bba160363"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/e9d8f11652fa08c647bf7bba7dd8163241a332cd",
"url": "https://git.kernel.org/stable/c/e9d8f11652fa08c647bf7bba7dd8163241a332cd"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/f06f7635499bc806cbe2bbc8805c7cef8b1edddf",
"url": "https://git.kernel.org/stable/c/f06f7635499bc806cbe2bbc8805c7cef8b1edddf"
}
],
"release_date": "2026-01-25T15:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T13:41:48.045205Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775655705",
"product_ids": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775655705"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
]
},
{
"cve": "CVE-2024-49991",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: amdkfd_free_gtt_mem clear the correct pointer\n\nPass pointer reference to amdgpu_bo_unref to clear the correct pointer,\notherwise amdgpu_bo_unref clear the local variable, the original pointer\nnot set to NULL, this could cause use-after-free bug.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2024-49991"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/30ceb873cc2e97348d9da2265b2d1ddf07f682e1",
"url": "https://git.kernel.org/stable/c/30ceb873cc2e97348d9da2265b2d1ddf07f682e1"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/6c9289806591807e4e3be9a23df8ee2069180055",
"url": "https://git.kernel.org/stable/c/6c9289806591807e4e3be9a23df8ee2069180055"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/71f3240f82987f0f070ea5bed559033de7d4c0e1",
"url": "https://git.kernel.org/stable/c/71f3240f82987f0f070ea5bed559033de7d4c0e1"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/c86ad39140bbcb9dc75a10046c2221f657e8083b",
"url": "https://git.kernel.org/stable/c/c86ad39140bbcb9dc75a10046c2221f657e8083b"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/e7831613cbbcd9058d3658fbcdc5d5884ceb2e0c",
"url": "https://git.kernel.org/stable/c/e7831613cbbcd9058d3658fbcdc5d5884ceb2e0c"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html",
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
}
],
"release_date": "2024-10-21T18:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T13:41:48.045205Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775655705",
"product_ids": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775655705"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2024-47745",
"cwe": {
"id": "CWE-670",
"name": "Always-Incorrect Control Flow Implementation"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: call the security_mmap_file() LSM hook in remap_file_pages()\n\nThe remap_file_pages syscall handler calls do_mmap() directly, which\ndoesn't contain the LSM security check. And if the process has called\npersonality(READ_IMPLIES_EXEC) before and remap_file_pages() is called for\nRW pages, this will actually result in remapping the pages to RWX,\nbypassing a W^X policy enforced by SELinux.\n\nSo we should check prot by security_mmap_file LSM hook in the\nremap_file_pages syscall handler before do_mmap() is called. Otherwise, it\npotentially permits an attacker to bypass a W^X policy enforced by\nSELinux.\n\nThe bypass is similar to CVE-2016-10044, which bypass the same thing via\nAIO and can be found in [1].\n\nThe PoC:\n\n$ cat > test.c\n\nint main(void) {\n\tsize_t pagesz = sysconf(_SC_PAGE_SIZE);\n\tint mfd = syscall(SYS_memfd_create, \"test\", 0);\n\tconst char *buf = mmap(NULL, 4 * pagesz, PROT_READ | PROT_WRITE,\n\t\tMAP_SHARED, mfd, 0);\n\tunsigned int old = syscall(SYS_personality, 0xffffffff);\n\tsyscall(SYS_personality, READ_IMPLIES_EXEC | old);\n\tsyscall(SYS_remap_file_pages, buf, pagesz, 0, 2, 0);\n\tsyscall(SYS_personality, old);\n\t// show the RWX page exists even if W^X policy is enforced\n\tint fd = open(\"/proc/self/maps\", O_RDONLY);\n\tunsigned char buf2[1024];\n\twhile (1) {\n\t\tint ret = read(fd, buf2, 1024);\n\t\tif (ret <= 0) break;\n\t\twrite(1, buf2, ret);\n\t}\n\tclose(fd);\n}\n\n$ gcc test.c -o test\n$ ./test | grep rwx\n7f1836c34000-7f1836c35000 rwxs 00002000 00:01 2050 /memfd:test (deleted)\n\n[PM: subject line tweaks]",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2024-47745"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/0f910dbf2f2a4a7820ba4bac7b280f7108aa05b1",
"url": "https://git.kernel.org/stable/c/0f910dbf2f2a4a7820ba4bac7b280f7108aa05b1"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/3393fddbfa947c8e1fdcc4509226905ffffd8b89",
"url": "https://git.kernel.org/stable/c/3393fddbfa947c8e1fdcc4509226905ffffd8b89"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/49d3a4ad57c57227c3b0fd6cd4188b2a5ebd6178",
"url": "https://git.kernel.org/stable/c/49d3a4ad57c57227c3b0fd6cd4188b2a5ebd6178"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/ce14f38d6ee9e88e37ec28427b4b93a7c33c70d3",
"url": "https://git.kernel.org/stable/c/ce14f38d6ee9e88e37ec28427b4b93a7c33c70d3"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/ea7e2d5e49c05e5db1922387b09ca74aa40f46e2",
"url": "https://git.kernel.org/stable/c/ea7e2d5e49c05e5db1922387b09ca74aa40f46e2"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html",
"url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html"
}
],
"release_date": "2024-10-21T13:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T13:41:48.045205Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775655705",
"product_ids": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775655705"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2024-50115",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory\n\nIgnore nCR3[4:0] when loading PDPTEs from memory for nested SVM, as bits\n4:0 of CR3 are ignored when PAE paging is used, and thus VMRUN doesn't\nenforce 32-byte alignment of nCR3.\n\nIn the absolute worst case scenario, failure to ignore bits 4:0 can result\nin an out-of-bounds read, e.g. if the target page is at the end of a\nmemslot, and the VMM isn't using guard pages.\n\nPer the APM:\n\n The CR3 register points to the base address of the page-directory-pointer\n table. The page-directory-pointer table is aligned on a 32-byte boundary,\n with the low 5 address bits 4:0 assumed to be 0.\n\nAnd the SDM's much more explicit:\n\n 4:0 Ignored\n\nNote, KVM gets this right when loading PDPTRs, it's only the nSVM flow\nthat is broken.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2024-50115"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/2c4adc9b192a0815fe58a62bc0709449416cc884",
"url": "https://git.kernel.org/stable/c/2c4adc9b192a0815fe58a62bc0709449416cc884"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/426682afec71ea3f889b972d038238807b9443e4",
"url": "https://git.kernel.org/stable/c/426682afec71ea3f889b972d038238807b9443e4"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/58cb697d80e669c56197f703e188867c8c54c494",
"url": "https://git.kernel.org/stable/c/58cb697d80e669c56197f703e188867c8c54c494"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/6876793907cbe19d42e9edc8c3315a21e06c32ae",
"url": "https://git.kernel.org/stable/c/6876793907cbe19d42e9edc8c3315a21e06c32ae"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/76ce386feb14ec9a460784fcd495d8432acce7a5",
"url": "https://git.kernel.org/stable/c/76ce386feb14ec9a460784fcd495d8432acce7a5"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/f559b2e9c5c5308850544ab59396b7d53cfc67bd",
"url": "https://git.kernel.org/stable/c/f559b2e9c5c5308850544ab59396b7d53cfc67bd"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html",
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html",
"url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html"
}
],
"release_date": "2024-11-05T18:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T13:41:48.045205Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775655705",
"product_ids": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775655705"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2025-68285",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\nlibceph: fix potential use-after-free in have_mon_and_osd_map()\nThe wait loop in __ceph_open_session() can race with the client\nreceiving a new monmap or osdmap shortly after the initial map is\nreceived. Both ceph_monc_handle_map() and handle_one_map() install\na new map immediately after freeing the old one\nkfree(monc->monmap);\nmonc->monmap = monmap;\nceph_osdmap_destroy(osdc->osdmap);\nosdc->osdmap = newmap;\nunder client->monc.mutex and client->osdc.lock respectively, but\nbecause neither is taken in have_mon_and_osd_map() it's possible for\nclient->monc.monmap->epoch and client->osdc.osdmap->epoch arms in\nclient->monc.monmap && client->monc.monmap->epoch &&\nclient->osdc.osdmap && client->osdc.osdmap->epoch;\ncondition to dereference an already freed map. This happens to be\nreproducible with generic/395 and generic/397 with KASAN enabled:\nBUG: KASAN: slab-use-after-free in have_mon_and_osd_map+0x56/0x70\nRead of size 4 at addr ffff88811012d810 by task mount.ceph/13305\nCPU: 2 UID: 0 PID: 13305 Comm: mount.ceph Not tainted 6.14.0-rc2-build2+ #1266\n...\nCall Trace:\n\nhave_mon_and_osd_map+0x56/0x70\nceph_open_session+0x182/0x290\nceph_get_tree+0x333/0x680\nvfs_get_tree+0x49/0x180\ndo_new_mount+0x1a3/0x2d0\npath_mount+0x6dd/0x730\ndo_mount+0x99/0xe0\n__do_sys_mount+0x141/0x180\ndo_syscall_64+0x9f/0x100\nentry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nAllocated by task 13305:\nceph_osdmap_alloc+0x16/0x130\nceph_osdc_init+0x27a/0x4c0\nceph_create_client+0x153/0x190\ncreate_fs_client+0x50/0x2a0\nceph_get_tree+0xff/0x680\nvfs_get_tree+0x49/0x180\ndo_new_mount+0x1a3/0x2d0\npath_mount+0x6dd/0x730\ndo_mount+0x99/0xe0\n__do_sys_mount+0x141/0x180\ndo_syscall_64+0x9f/0x100\nentry_SYSCALL_64_after_hwframe+0x76/0x7e\nFreed by task 9475:\nkfree+0x212/0x290\nhandle_one_map+0x23c/0x3b0\nceph_osdc_handle_map+0x3c9/0x590\nmon_dispatch+0x655/0x6f0\nceph_con_process_message+0xc3/0xe0\nceph_con_v1_try_read+0x614/0x760\nceph_con_workfn+0x2de/0x650\nprocess_one_work+0x486/0x7c0\nprocess_scheduled_works+0x73/0x90\nworker_thread+0x1c8/0x2a0\nkthread+0x2ec/0x300\nret_from_fork+0x24/0x40\nret_from_fork_asm+0x1a/0x30\nRewrite the wait loop to check the above condition directly with\nclient->monc.mutex and client->osdc.lock taken as appropriate. While\nat it, improve the timeout handling (previously mount_timeout could be\nexceeded in case wait_event_interruptible_timeout() slept more than\nonce) and access client->auth_err under client->monc.mutex to match\nhow it's set in finish_auth().\nmonmap_show() and osdmap_show() now take the respective lock before\naccessing the map as well.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2025-68285"
}
],
"release_date": "2025-12-16T00:00:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T13:41:48.045205Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775655705",
"product_ids": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775655705"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2024-44940",
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfou: remove warn in gue_gro_receive on unsupported protocol\n\nDrop the WARN_ON_ONCE inn gue_gro_receive if the encapsulated type is\nnot known or does not have a GRO handler.\n\nSuch a packet is easily constructed. Syzbot generates them and sets\noff this warning.\n\nRemove the warning as it is expected and not actionable.\n\nThe warning was previously reduced from WARN_ON to WARN_ON_ONCE in\ncommit 270136613bf7 (\"fou: Do WARN_ON_ONCE in gue_gro_receive for bad\nproto callbacks\").",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2024-44940"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/3db4395332e7050ef9ddeb3052e6b5019f2a2a59",
"url": "https://git.kernel.org/stable/c/3db4395332e7050ef9ddeb3052e6b5019f2a2a59"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/440ab7f97261bc28501636a13998e1b1946d2e79",
"url": "https://git.kernel.org/stable/c/440ab7f97261bc28501636a13998e1b1946d2e79"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/5a2e37bc648a2503bf6d687aed27b9f4455d82eb",
"url": "https://git.kernel.org/stable/c/5a2e37bc648a2503bf6d687aed27b9f4455d82eb"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/a925a200299a6dfc7c172f54da6f374edc930053",
"url": "https://git.kernel.org/stable/c/a925a200299a6dfc7c172f54da6f374edc930053"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/b1453a5616c7bd8acd90633ceba4e59105ba3b51",
"url": "https://git.kernel.org/stable/c/b1453a5616c7bd8acd90633ceba4e59105ba3b51"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/dd89a81d850fa9a65f67b4527c0e420d15bf836c",
"url": "https://git.kernel.org/stable/c/dd89a81d850fa9a65f67b4527c0e420d15bf836c"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html",
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html",
"url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html"
}
],
"release_date": "2024-08-26T12:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T13:41:48.045205Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775655705",
"product_ids": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775655705"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2024-43900",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: xc2028: avoid use-after-free in load_firmware_cb()\n\nsyzkaller reported use-after-free in load_firmware_cb() [1].\nThe reason is because the module allocated a struct tuner in tuner_probe(),\nand then the module initialization failed, the struct tuner was released.\nA worker which created during module initialization accesses this struct\ntuner later, it caused use-after-free.\n\nThe process is as follows:\n\ntask-6504 worker_thread\ntuner_probe <= alloc dvb_frontend [2]\n...\nrequest_firmware_nowait <= create a worker\n...\ntuner_remove <= free dvb_frontend\n...\n request_firmware_work_func <= the firmware is ready\n load_firmware_cb <= but now the dvb_frontend has been freed\n\nTo fix the issue, check the dvd_frontend in load_firmware_cb(), if it is\nnull, report a warning and just return.\n\n[1]:\n ==================================================================\n BUG: KASAN: use-after-free in load_firmware_cb+0x1310/0x17a0\n Read of size 8 at addr ffff8000d7ca2308 by task kworker/2:3/6504\n\n Call trace:\n load_firmware_cb+0x1310/0x17a0\n request_firmware_work_func+0x128/0x220\n process_one_work+0x770/0x1824\n worker_thread+0x488/0xea0\n kthread+0x300/0x430\n ret_from_fork+0x10/0x20\n\n Allocated by task 6504:\n kzalloc\n tuner_probe+0xb0/0x1430\n i2c_device_probe+0x92c/0xaf0\n really_probe+0x678/0xcd0\n driver_probe_device+0x280/0x370\n __device_attach_driver+0x220/0x330\n bus_for_each_drv+0x134/0x1c0\n __device_attach+0x1f4/0x410\n device_initial_probe+0x20/0x30\n bus_probe_device+0x184/0x200\n device_add+0x924/0x12c0\n device_register+0x24/0x30\n i2c_new_device+0x4e0/0xc44\n v4l2_i2c_new_subdev_board+0xbc/0x290\n v4l2_i2c_new_subdev+0xc8/0x104\n em28xx_v4l2_init+0x1dd0/0x3770\n\n Freed by task 6504:\n kfree+0x238/0x4e4\n tuner_remove+0x144/0x1c0\n i2c_device_remove+0xc8/0x290\n __device_release_driver+0x314/0x5fc\n device_release_driver+0x30/0x44\n bus_remove_device+0x244/0x490\n device_del+0x350/0x900\n device_unregister+0x28/0xd0\n i2c_unregister_device+0x174/0x1d0\n v4l2_device_unregister+0x224/0x380\n em28xx_v4l2_init+0x1d90/0x3770\n\n The buggy address belongs to the object at ffff8000d7ca2000\n which belongs to the cache kmalloc-2k of size 2048\n The buggy address is located 776 bytes inside of\n 2048-byte region [ffff8000d7ca2000, ffff8000d7ca2800)\n The buggy address belongs to the page:\n page:ffff7fe00035f280 count:1 mapcount:0 mapping:ffff8000c001f000 index:0x0\n flags: 0x7ff800000000100(slab)\n raw: 07ff800000000100 ffff7fe00049d880 0000000300000003 ffff8000c001f000\n raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000\n page dumped because: kasan: bad access detected\n\n Memory state around the buggy address:\n ffff8000d7ca2200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n ffff8000d7ca2280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n >ffff8000d7ca2300: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n ^\n ffff8000d7ca2380: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n ffff8000d7ca2400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n ==================================================================\n\n[2]\n Actually, it is allocated for struct tuner, and dvb_frontend is inside.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2024-43900"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/208deb6d8c3cb8c3acb1f41eb31cf68ea08726d5",
"url": "https://git.kernel.org/stable/c/208deb6d8c3cb8c3acb1f41eb31cf68ea08726d5"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/68594cec291ff9523b9feb3f43fd853dcddd1f60",
"url": "https://git.kernel.org/stable/c/68594cec291ff9523b9feb3f43fd853dcddd1f60"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/850304152d367f104d21c77cfbcc05806504218b",
"url": "https://git.kernel.org/stable/c/850304152d367f104d21c77cfbcc05806504218b"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/ef517bdfc01818419f7bd426969a0c86b14f3e0e",
"url": "https://git.kernel.org/stable/c/ef517bdfc01818419f7bd426969a0c86b14f3e0e"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html",
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
}
],
"release_date": "2024-08-26T11:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T13:41:48.045205Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775655705",
"product_ids": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775655705"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2024-50073",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: n_gsm: Fix use-after-free in gsm_cleanup_mux\n\nBUG: KASAN: slab-use-after-free in gsm_cleanup_mux+0x77b/0x7b0\ndrivers/tty/n_gsm.c:3160 [n_gsm]\nRead of size 8 at addr ffff88815fe99c00 by task poc/3379\nCPU: 0 UID: 0 PID: 3379 Comm: poc Not tainted 6.11.0+ #56\nHardware name: VMware, Inc. VMware Virtual Platform/440BX\nDesktop Reference Platform, BIOS 6.00 11/12/2020\nCall Trace:\n \n gsm_cleanup_mux+0x77b/0x7b0 drivers/tty/n_gsm.c:3160 [n_gsm]\n __pfx_gsm_cleanup_mux+0x10/0x10 drivers/tty/n_gsm.c:3124 [n_gsm]\n __pfx_sched_clock_cpu+0x10/0x10 kernel/sched/clock.c:389\n update_load_avg+0x1c1/0x27b0 kernel/sched/fair.c:4500\n __pfx_min_vruntime_cb_rotate+0x10/0x10 kernel/sched/fair.c:846\n __rb_insert_augmented+0x492/0xbf0 lib/rbtree.c:161\n gsmld_ioctl+0x395/0x1450 drivers/tty/n_gsm.c:3408 [n_gsm]\n _raw_spin_lock_irqsave+0x92/0xf0 arch/x86/include/asm/atomic.h:107\n __pfx_gsmld_ioctl+0x10/0x10 drivers/tty/n_gsm.c:3822 [n_gsm]\n ktime_get+0x5e/0x140 kernel/time/timekeeping.c:195\n ldsem_down_read+0x94/0x4e0 arch/x86/include/asm/atomic64_64.h:79\n __pfx_ldsem_down_read+0x10/0x10 drivers/tty/tty_ldsem.c:338\n __pfx_do_vfs_ioctl+0x10/0x10 fs/ioctl.c:805\n tty_ioctl+0x643/0x1100 drivers/tty/tty_io.c:2818\n\nAllocated by task 65:\n gsm_data_alloc.constprop.0+0x27/0x190 drivers/tty/n_gsm.c:926 [n_gsm]\n gsm_send+0x2c/0x580 drivers/tty/n_gsm.c:819 [n_gsm]\n gsm1_receive+0x547/0xad0 drivers/tty/n_gsm.c:3038 [n_gsm]\n gsmld_receive_buf+0x176/0x280 drivers/tty/n_gsm.c:3609 [n_gsm]\n tty_ldisc_receive_buf+0x101/0x1e0 drivers/tty/tty_buffer.c:391\n tty_port_default_receive_buf+0x61/0xa0 drivers/tty/tty_port.c:39\n flush_to_ldisc+0x1b0/0x750 drivers/tty/tty_buffer.c:445\n process_scheduled_works+0x2b0/0x10d0 kernel/workqueue.c:3229\n worker_thread+0x3dc/0x950 kernel/workqueue.c:3391\n kthread+0x2a3/0x370 kernel/kthread.c:389\n ret_from_fork+0x2d/0x70 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:257\n\nFreed by task 3367:\n kfree+0x126/0x420 mm/slub.c:4580\n gsm_cleanup_mux+0x36c/0x7b0 drivers/tty/n_gsm.c:3160 [n_gsm]\n gsmld_ioctl+0x395/0x1450 drivers/tty/n_gsm.c:3408 [n_gsm]\n tty_ioctl+0x643/0x1100 drivers/tty/tty_io.c:2818\n\n[Analysis]\ngsm_msg on the tx_ctrl_list or tx_data_list of gsm_mux\ncan be freed by multi threads through ioctl,which leads\nto the occurrence of uaf. Protect it by gsm tx lock.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2024-50073"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/0eec592c6a7460ba795d7de29f3dc95cb5422e62",
"url": "https://git.kernel.org/stable/c/0eec592c6a7460ba795d7de29f3dc95cb5422e62"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/9462f4ca56e7d2430fdb6dcc8498244acbfc4489",
"url": "https://git.kernel.org/stable/c/9462f4ca56e7d2430fdb6dcc8498244acbfc4489"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/bf171b5e86e41de4c1cf32fb7aefa275c3d7de49",
"url": "https://git.kernel.org/stable/c/bf171b5e86e41de4c1cf32fb7aefa275c3d7de49"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/c29f192e0d44cc1cbaf698fa1ff198f63556691a",
"url": "https://git.kernel.org/stable/c/c29f192e0d44cc1cbaf698fa1ff198f63556691a"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html",
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
}
],
"release_date": "2024-10-29T01:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T13:41:48.045205Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775655705",
"product_ids": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775655705"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2026-22977",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: sock: fix hardened usercopy panic in sock_recv_errqueue\n\nskbuff_fclone_cache was created without defining a usercopy region,\n[1] unlike skbuff_head_cache which properly whitelists the cb[] field.\n[2] This causes a usercopy BUG() when CONFIG_HARDENED_USERCOPY is\nenabled and the kernel attempts to copy sk_buff.cb data to userspace\nvia sock_recv_errqueue() -> put_cmsg().\n\nThe crash occurs when: 1. TCP allocates an skb using alloc_skb_fclone()\n (from skbuff_fclone_cache) [1]\n2. The skb is cloned via skb_clone() using the pre-allocated fclone\n[3] 3. The cloned skb is queued to sk_error_queue for timestamp\nreporting 4. Userspace reads the error queue via recvmsg(MSG_ERRQUEUE)\n5. sock_recv_errqueue() calls put_cmsg() to copy serr->ee from skb->cb\n[4] 6. __check_heap_object() fails because skbuff_fclone_cache has no\n usercopy whitelist [5]\n\nWhen cloned skbs allocated from skbuff_fclone_cache are used in the\nsocket error queue, accessing the sock_exterr_skb structure in skb->cb\nvia put_cmsg() triggers a usercopy hardening violation:\n\n[ 5.379589] usercopy: Kernel memory exposure attempt detected from SLUB object 'skbuff_fclone_cache' (offset 296, size 16)!\n[ 5.382796] kernel BUG at mm/usercopy.c:102!\n[ 5.383923] Oops: invalid opcode: 0000 [#1] SMP KASAN NOPTI\n[ 5.384903] CPU: 1 UID: 0 PID: 138 Comm: poc_put_cmsg Not tainted 6.12.57 #7\n[ 5.384903] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014\n[ 5.384903] RIP: 0010:usercopy_abort+0x6c/0x80\n[ 5.384903] Code: 1a 86 51 48 c7 c2 40 15 1a 86 41 52 48 c7 c7 c0 15 1a 86 48 0f 45 d6 48 c7 c6 80 15 1a 86 48 89 c1 49 0f 45 f3 e8 84 27 88 ff <0f> 0b 490\n[ 5.384903] RSP: 0018:ffffc900006f77a8 EFLAGS: 00010246\n[ 5.384903] RAX: 000000000000006f RBX: ffff88800f0ad2a8 RCX: 1ffffffff0f72e74\n[ 5.384903] RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffffffff87b973a0\n[ 5.384903] RBP: 0000000000000010 R08: 0000000000000000 R09: fffffbfff0f72e74\n[ 5.384903] R10: 0000000000000003 R11: 79706f6372657375 R12: 0000000000000001\n[ 5.384903] R13: ffff88800f0ad2b8 R14: ffffea00003c2b40 R15: ffffea00003c2b00\n[ 5.384903] FS: 0000000011bc4380(0000) GS:ffff8880bf100000(0000) knlGS:0000000000000000\n[ 5.384903] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 5.384903] CR2: 000056aa3b8e5fe4 CR3: 000000000ea26004 CR4: 0000000000770ef0\n[ 5.384903] PKRU: 55555554\n[ 5.384903] Call Trace:\n[ 5.384903] \n[ 5.384903] __check_heap_object+0x9a/0xd0\n[ 5.384903] __check_object_size+0x46c/0x690\n[ 5.384903] put_cmsg+0x129/0x5e0\n[ 5.384903] sock_recv_errqueue+0x22f/0x380\n[ 5.384903] tls_sw_recvmsg+0x7ed/0x1960\n[ 5.384903] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 5.384903] ? schedule+0x6d/0x270\n[ 5.384903] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 5.384903] ? mutex_unlock+0x81/0xd0\n[ 5.384903] ? __pfx_mutex_unlock+0x10/0x10\n[ 5.384903] ? __pfx_tls_sw_recvmsg+0x10/0x10\n[ 5.384903] ? _raw_spin_lock_irqsave+0x8f/0xf0\n[ 5.384903] ? _raw_read_unlock_irqrestore+0x20/0x40\n[ 5.384903] ? srso_alias_return_thunk+0x5/0xfbef5\n\nThe crash offset 296 corresponds to skb2->cb within skbuff_fclones:\n - sizeof(struct sk_buff) = 232 - offsetof(struct sk_buff, cb) = 40 -\n offset of skb2.cb in fclones = 232 + 40 = 272 - crash offset 296 =\n 272 + 24 (inside sock_exterr_skb.ee)\n\nThis patch uses a local stack variable as a bounce buffer to avoid the hardened usercopy check failure.\n\n[1] https://elixir.bootlin.com/linux/v6.12.62/source/net/ipv4/tcp.c#L885\n[2] https://elixir.bootlin.com/linux/v6.12.62/source/net/core/skbuff.c#L5104\n[3] https://elixir.bootlin.com/linux/v6.12.62/source/net/core/skbuff.c#L5566\n[4] https://elixir.bootlin.com/linux/v6.12.62/source/net/core/skbuff.c#L5491\n[5] https://elixir.bootlin.com/linux/v6.12.62/source/mm/slub.c#L5719",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2026-22977"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/005671c60fcf1dbdb8bddf12a62568fd5e4ec391",
"url": "https://git.kernel.org/stable/c/005671c60fcf1dbdb8bddf12a62568fd5e4ec391"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/2a71a1a8d0ed718b1c7a9ac61f07e5755c47ae20",
"url": "https://git.kernel.org/stable/c/2a71a1a8d0ed718b1c7a9ac61f07e5755c47ae20"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/582a5e922a9652fcbb7d0165c95d5b20aa37575d",
"url": "https://git.kernel.org/stable/c/582a5e922a9652fcbb7d0165c95d5b20aa37575d"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/88dd6be7ebb3153b662c2cebcb06e032a92857f5",
"url": "https://git.kernel.org/stable/c/88dd6be7ebb3153b662c2cebcb06e032a92857f5"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/8c6901aa29626e35045130bac09b75f791acca85",
"url": "https://git.kernel.org/stable/c/8c6901aa29626e35045130bac09b75f791acca85"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/c655d2167bf014d4c61b4faeca59b60ff9b9f6b1",
"url": "https://git.kernel.org/stable/c/c655d2167bf014d4c61b4faeca59b60ff9b9f6b1"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/e00b169eaac5f7cdbf710c354c8fa76d02009115",
"url": "https://git.kernel.org/stable/c/e00b169eaac5f7cdbf710c354c8fa76d02009115"
}
],
"release_date": "2026-01-21T14:16:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T13:41:48.045205Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775655705",
"product_ids": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775655705"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
]
},
{
"cve": "CVE-2024-46724",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Fix out-of-bounds read of df_v1_7_channel_number\n\nCheck the fb_channel_number range to avoid the array out-of-bounds\nread error",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2024-46724"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/32915dc909ff502823babfe07d5416c5b6e8a8b1",
"url": "https://git.kernel.org/stable/c/32915dc909ff502823babfe07d5416c5b6e8a8b1"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/45f7b02afc464c208e8f56bcbc672ef5c364c815",
"url": "https://git.kernel.org/stable/c/45f7b02afc464c208e8f56bcbc672ef5c364c815"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/725b728cc0c8c5fafdfb51cb0937870d33a40fa4",
"url": "https://git.kernel.org/stable/c/725b728cc0c8c5fafdfb51cb0937870d33a40fa4"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/d768394fa99467bcf2703bde74ddc96eeb0b71fa",
"url": "https://git.kernel.org/stable/c/d768394fa99467bcf2703bde74ddc96eeb0b71fa"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/db7a86676fd624768a5d907faf34ad7bb4ff25f4",
"url": "https://git.kernel.org/stable/c/db7a86676fd624768a5d907faf34ad7bb4ff25f4"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/f9267972490f9fcffe146e79828e97acc0da588c",
"url": "https://git.kernel.org/stable/c/f9267972490f9fcffe146e79828e97acc0da588c"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2024/10/msg00003.html",
"url": "https://lists.debian.org/debian-lts-announce/2024/10/msg00003.html"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html",
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
}
],
"release_date": "2024-09-18T07:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T13:41:48.045205Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775655705",
"product_ids": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775655705"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2025-37885",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86: Reset IRTE to host control if *new* route isn't postable\n\nRestore an IRTE back to host control (remapped or posted MSI mode) if the\n*new* GSI route prevents posting the IRQ directly to a vCPU, regardless of\nthe GSI routing type. Updating the IRTE if and only if the new GSI is an\nMSI results in KVM leaving an IRTE posting to a vCPU.\n\nThe dangling IRTE can result in interrupts being incorrectly delivered to\nthe guest, and in the worst case scenario can result in use-after-free,\ne.g. if the VM is torn down, but the underlying host IRQ isn't freed.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2025-37885"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/023816bd5fa46fab94d1e7917fe131b79ed1fb41",
"url": "https://git.kernel.org/stable/c/023816bd5fa46fab94d1e7917fe131b79ed1fb41"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/116c7d35b8f72eac383b9fd371d7c1a8ffc2968b",
"url": "https://git.kernel.org/stable/c/116c7d35b8f72eac383b9fd371d7c1a8ffc2968b"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/3066ec21d1a33896125747f68638725f456308db",
"url": "https://git.kernel.org/stable/c/3066ec21d1a33896125747f68638725f456308db"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/3481fd96d801715942b6f69fe251133128156f30",
"url": "https://git.kernel.org/stable/c/3481fd96d801715942b6f69fe251133128156f30"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/9bcac97dc42d2f4da8229d18feb0fe2b1ce523a2",
"url": "https://git.kernel.org/stable/c/9bcac97dc42d2f4da8229d18feb0fe2b1ce523a2"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/b5de7ac74f69603ad803c524b840bffd36368fc3",
"url": "https://git.kernel.org/stable/c/b5de7ac74f69603ad803c524b840bffd36368fc3"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/e5f2dee9f7fcd2ff4b97869f3c66a0d89c167769",
"url": "https://git.kernel.org/stable/c/e5f2dee9f7fcd2ff4b97869f3c66a0d89c167769"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html",
"url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html",
"url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html"
}
],
"release_date": "2025-05-09T07:16:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T13:41:48.045205Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775655705",
"product_ids": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775655705"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2026-23061",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: kvaser_usb: kvaser_usb_read_bulk_callback(): fix URB memory leak\n\nFix similar memory leak as in commit 7352e1d5932a (\"can: gs_usb:\ngs_usb_receive_bulk_callback(): fix URB memory leak\").\n\nIn kvaser_usb_set_{,data_}bittiming() -> kvaser_usb_setup_rx_urbs(), the\nURBs for USB-in transfers are allocated, added to the dev->rx_submitted\nanchor and submitted. In the complete callback\nkvaser_usb_read_bulk_callback(), the URBs are processed and resubmitted. In\nkvaser_usb_remove_interfaces() the URBs are freed by calling\nusb_kill_anchored_urbs(&dev->rx_submitted).\n\nHowever, this does not take into account that the USB framework unanchors\nthe URB before the complete function is called. This means that once an\nin-URB has been completed, it is no longer anchored and is ultimately not\nreleased in usb_kill_anchored_urbs().\n\nFix the memory leak by anchoring the URB in the\nkvaser_usb_read_bulk_callback() to the dev->rx_submitted anchor.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2026-23061"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/248e8e1a125fa875158df521b30f2cc7e27eeeaa",
"url": "https://git.kernel.org/stable/c/248e8e1a125fa875158df521b30f2cc7e27eeeaa"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/3b1a593eab941c3f32417896cc7df564191f2482",
"url": "https://git.kernel.org/stable/c/3b1a593eab941c3f32417896cc7df564191f2482"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/40a3334ffda479c63e416e61ff086485e24401f7",
"url": "https://git.kernel.org/stable/c/40a3334ffda479c63e416e61ff086485e24401f7"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/7c308f7530bffafa994e0aa8dc651a312f4b9ff4",
"url": "https://git.kernel.org/stable/c/7c308f7530bffafa994e0aa8dc651a312f4b9ff4"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/94a7fc42e21c7d9d1c49778cd1db52de5df52a01",
"url": "https://git.kernel.org/stable/c/94a7fc42e21c7d9d1c49778cd1db52de5df52a01"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/c1b39fa24c140bc616f51fef4175c1743e2bb132",
"url": "https://git.kernel.org/stable/c/c1b39fa24c140bc616f51fef4175c1743e2bb132"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/d9d824582f2ec76459ffab449e9b05c7bc49645c",
"url": "https://git.kernel.org/stable/c/d9d824582f2ec76459ffab449e9b05c7bc49645c"
}
],
"release_date": "2026-02-04T17:16:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T13:41:48.045205Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775655705",
"product_ids": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775655705"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
]
},
{
"cve": "CVE-2024-46731",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: fix the Out-of-bounds read warning\n\nusing index i - 1U may beyond element index\nfor mc_data[] when i = 0.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2024-46731"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/12c6967428a099bbba9dfd247bb4322a984fcc0b",
"url": "https://git.kernel.org/stable/c/12c6967428a099bbba9dfd247bb4322a984fcc0b"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/20c6373a6be93039f9d66029bb1e21038a060be1",
"url": "https://git.kernel.org/stable/c/20c6373a6be93039f9d66029bb1e21038a060be1"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/3317966efcdc5101e93db21514b68917e7eb34ea",
"url": "https://git.kernel.org/stable/c/3317966efcdc5101e93db21514b68917e7eb34ea"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/38e32a0d837443c91c4b615a067b976cfb925376",
"url": "https://git.kernel.org/stable/c/38e32a0d837443c91c4b615a067b976cfb925376"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/d83fb9f9f63e9a120bf405b078f829f0b2e58934",
"url": "https://git.kernel.org/stable/c/d83fb9f9f63e9a120bf405b078f829f0b2e58934"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/f1e261ced9bcad772a45a2fcdf413c3490e87299",
"url": "https://git.kernel.org/stable/c/f1e261ced9bcad772a45a2fcdf413c3490e87299"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2024/10/msg00003.html",
"url": "https://lists.debian.org/debian-lts-announce/2024/10/msg00003.html"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html",
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
}
],
"release_date": "2024-09-18T07:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T13:41:48.045205Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775655705",
"product_ids": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775655705"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2025-38068",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: lzo - Fix compression buffer overrun\n\nUnlike the decompression code, the compression code in LZO never\nchecked for output overruns. It instead assumes that the caller\nalways provides enough buffer space, disregarding the buffer length\nprovided by the caller.\n\nAdd a safe compression interface that checks for the end of buffer\nbefore each write. Use the safe interface in crypto/lzo.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2025-38068"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/0acdc4d6e679ba31d01e3e7e2e4124b76d6d8e2a",
"url": "https://git.kernel.org/stable/c/0acdc4d6e679ba31d01e3e7e2e4124b76d6d8e2a"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/167373d77c70c2b558aae3e327b115249bb2652c",
"url": "https://git.kernel.org/stable/c/167373d77c70c2b558aae3e327b115249bb2652c"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/4b173bb2c4665c23f8fcf5241c7b06dfa6b5b111",
"url": "https://git.kernel.org/stable/c/4b173bb2c4665c23f8fcf5241c7b06dfa6b5b111"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/7caad075acb634a74911830d6386c50ea12566cd",
"url": "https://git.kernel.org/stable/c/7caad075acb634a74911830d6386c50ea12566cd"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/a98bd864e16f91c70b2469adf013d713d04d1d13",
"url": "https://git.kernel.org/stable/c/a98bd864e16f91c70b2469adf013d713d04d1d13"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/cc47f07234f72cbd8e2c973cdbf2a6730660a463",
"url": "https://git.kernel.org/stable/c/cc47f07234f72cbd8e2c973cdbf2a6730660a463"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html",
"url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html"
}
],
"release_date": "2025-06-18T10:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T13:41:48.045205Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775655705",
"product_ids": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775655705"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2026-22991",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlibceph: make free_choose_arg_map() resilient to partial allocation\n\nfree_choose_arg_map() may dereference a NULL pointer if its caller fails\nafter a partial allocation.\n\nFor example, in decode_choose_args(), if allocation of arg_map->args\nfails, execution jumps to the fail label and free_choose_arg_map() is\ncalled. Since arg_map->size is updated to a non-zero value before memory\nallocation, free_choose_arg_map() will iterate over arg_map->args and\ndereference a NULL pointer.\n\nTo prevent this potential NULL pointer dereference and make\nfree_choose_arg_map() more resilient, add checks for pointers before\niterating.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2026-22991"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/8081faaf089db5280c3be820948469f7c58ef8dd",
"url": "https://git.kernel.org/stable/c/8081faaf089db5280c3be820948469f7c58ef8dd"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/851241d3f78a5505224dc21c03d8692f530256b4",
"url": "https://git.kernel.org/stable/c/851241d3f78a5505224dc21c03d8692f530256b4"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/9b3730dabcf3764bfe3ff07caf55e641a0b45234",
"url": "https://git.kernel.org/stable/c/9b3730dabcf3764bfe3ff07caf55e641a0b45234"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/c4c2152a858c0ce4d2bff6ca8c1d5b0ef9f2cbdf",
"url": "https://git.kernel.org/stable/c/c4c2152a858c0ce4d2bff6ca8c1d5b0ef9f2cbdf"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/e3fe30e57649c551757a02e1cad073c47e1e075e",
"url": "https://git.kernel.org/stable/c/e3fe30e57649c551757a02e1cad073c47e1e075e"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/ec1850f663da64842614c86b20fe734be070c2ba",
"url": "https://git.kernel.org/stable/c/ec1850f663da64842614c86b20fe734be070c2ba"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/f21c3fdb96833aac2f533506899fe38c19cf49d5",
"url": "https://git.kernel.org/stable/c/f21c3fdb96833aac2f533506899fe38c19cf49d5"
}
],
"release_date": "2026-01-23T16:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T13:41:48.045205Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775655705",
"product_ids": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775655705"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
]
},
{
"cve": "CVE-2026-23060",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: authencesn - reject too-short AAD (assoclen<8) to match ESP/ESN spec\n\nauthencesn assumes an ESP/ESN-formatted AAD. When assoclen is shorter than\nthe minimum expected length, crypto_authenc_esn_decrypt() can advance past\nthe end of the destination scatterlist and trigger a NULL pointer dereference\nin scatterwalk_map_and_copy(), leading to a kernel panic (DoS).\n\nAdd a minimum AAD length check to fail fast on invalid inputs.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2026-23060"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/161bdc90fce25bd9890adc67fa1c8563a7acbf40",
"url": "https://git.kernel.org/stable/c/161bdc90fce25bd9890adc67fa1c8563a7acbf40"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/2397e9264676be7794f8f7f1e9763d90bd3c7335",
"url": "https://git.kernel.org/stable/c/2397e9264676be7794f8f7f1e9763d90bd3c7335"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/767e8349f7e929b7dd95c08f0b4cb353459b365e",
"url": "https://git.kernel.org/stable/c/767e8349f7e929b7dd95c08f0b4cb353459b365e"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/9532ff0d0e90ff78a214299f594ab9bac81defe4",
"url": "https://git.kernel.org/stable/c/9532ff0d0e90ff78a214299f594ab9bac81defe4"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/b0a9609283a5c852addb513dafa655c61eebc1ef",
"url": "https://git.kernel.org/stable/c/b0a9609283a5c852addb513dafa655c61eebc1ef"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/df22c9a65e9a9daa368a72fed596af9d7d5876bb",
"url": "https://git.kernel.org/stable/c/df22c9a65e9a9daa368a72fed596af9d7d5876bb"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/fee86edf5803f1d1f19e3b4f2dacac241bddfa48",
"url": "https://git.kernel.org/stable/c/fee86edf5803f1d1f19e3b4f2dacac241bddfa48"
}
],
"release_date": "2026-02-04T17:16:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T13:41:48.045205Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775655705",
"product_ids": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775655705"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
]
},
{
"cve": "CVE-2025-38556",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: core: Harden s32ton() against conversion to 0 bits\n\nTesting by the syzbot fuzzer showed that the HID core gets a\nshift-out-of-bounds exception when it tries to convert a 32-bit\nquantity to a 0-bit quantity. Ideally this should never occur, but\nthere are buggy devices and some might have a report field with size\nset to zero; we shouldn't reject the report or the device just because\nof that.\n\nInstead, harden the s32ton() routine so that it returns a reasonable\nresult instead of crashing when it is called with the number of bits\nset to 0 -- the same as what snto32() does.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2025-38556"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/3c86548a20d7bc2861aa4de044991a327bebad1a",
"url": "https://git.kernel.org/stable/c/3c86548a20d7bc2861aa4de044991a327bebad1a"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/6cdf6c708717c5c6897d0800a1793e83757c7491",
"url": "https://git.kernel.org/stable/c/6cdf6c708717c5c6897d0800a1793e83757c7491"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/810189546cb6c8f36443ed091d91f1f5d2fc2ec7",
"url": "https://git.kernel.org/stable/c/810189546cb6c8f36443ed091d91f1f5d2fc2ec7"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/865ad8469fa24de1559f247d9426ab01e5ce3a56",
"url": "https://git.kernel.org/stable/c/865ad8469fa24de1559f247d9426ab01e5ce3a56"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/8b4a94b1510f6a46ec48494b52ee8f67eb4fc836",
"url": "https://git.kernel.org/stable/c/8b4a94b1510f6a46ec48494b52ee8f67eb4fc836"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/a6b87bfc2ab5bccb7ad953693c85d9062aef3fdd",
"url": "https://git.kernel.org/stable/c/a6b87bfc2ab5bccb7ad953693c85d9062aef3fdd"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/d3b504146c111548ab60b6ef7aad00bfb1db05a2",
"url": "https://git.kernel.org/stable/c/d3b504146c111548ab60b6ef7aad00bfb1db05a2"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/eeeaba737919bdce9885e2a00ac2912f61a3684d",
"url": "https://git.kernel.org/stable/c/eeeaba737919bdce9885e2a00ac2912f61a3684d"
}
],
"release_date": "2025-08-19T17:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T13:41:48.045205Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775655705",
"product_ids": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775655705"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2025-39760",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: core: config: Prevent OOB read in SS endpoint companion parsing\n\nusb_parse_ss_endpoint_companion() checks descriptor type before length,\nenabling a potentially odd read outside of the buffer size.\n\nFix this up by checking the size first before looking at any of the\nfields in the descriptor.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2025-39760"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/058ad2b722812708fe90567875704ae36563e33b",
"url": "https://git.kernel.org/stable/c/058ad2b722812708fe90567875704ae36563e33b"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/4fe6f472f0beef4281e6f03bc38a910a33be663f",
"url": "https://git.kernel.org/stable/c/4fe6f472f0beef4281e6f03bc38a910a33be663f"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/5badd56c711e2c8371d1670f9bd486697575423c",
"url": "https://git.kernel.org/stable/c/5badd56c711e2c8371d1670f9bd486697575423c"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/5c3097ede7835d3caf6543eb70ff689af4550cd2",
"url": "https://git.kernel.org/stable/c/5c3097ede7835d3caf6543eb70ff689af4550cd2"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/9512510cee7d1becdb0e9413fdd3ab783e4e30ee",
"url": "https://git.kernel.org/stable/c/9512510cee7d1becdb0e9413fdd3ab783e4e30ee"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/9843bcb187cb933861f7805022e6873905f669e4",
"url": "https://git.kernel.org/stable/c/9843bcb187cb933861f7805022e6873905f669e4"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/b10e0f868067c6f25bbfabdcf3e1e6432c24ca55",
"url": "https://git.kernel.org/stable/c/b10e0f868067c6f25bbfabdcf3e1e6432c24ca55"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/cf16f408364efd8a68f39011a3b073c83a03612d",
"url": "https://git.kernel.org/stable/c/cf16f408364efd8a68f39011a3b073c83a03612d"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html",
"url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html",
"url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html"
}
],
"release_date": "2025-09-11T17:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T13:41:48.045205Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775655705",
"product_ids": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775655705"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2025-71154",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: usb: rtl8150: fix memory leak on usb_submit_urb() failure\n\nIn async_set_registers(), when usb_submit_urb() fails, the allocated\n async_req structure and URB are not freed, causing a memory leak.\n\n The completion callback async_set_reg_cb() is responsible for freeing\n these allocations, but it is only called after the URB is successfully\n submitted and completes (successfully or with error). If submission\n fails, the callback never runs and the memory is leaked.\n\n Fix this by freeing both the URB and the request structure in the error\n path when usb_submit_urb() fails.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2025-71154"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/12cab1191d9890097171156d06bfa8d31f1e39c8",
"url": "https://git.kernel.org/stable/c/12cab1191d9890097171156d06bfa8d31f1e39c8"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/151403e903840c9cf06754097b6732c14f26c532",
"url": "https://git.kernel.org/stable/c/151403e903840c9cf06754097b6732c14f26c532"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/2f966186b99550e3c665dbfb87b8314e30acea02",
"url": "https://git.kernel.org/stable/c/2f966186b99550e3c665dbfb87b8314e30acea02"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/4bd4ea3eb326608ffc296db12c105f92dc2f2190",
"url": "https://git.kernel.org/stable/c/4bd4ea3eb326608ffc296db12c105f92dc2f2190"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/6492ad6439ff1a479fc94dc6052df3628faed8b6",
"url": "https://git.kernel.org/stable/c/6492ad6439ff1a479fc94dc6052df3628faed8b6"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/a4e2442d3c48355a84463342f397134f149936d7",
"url": "https://git.kernel.org/stable/c/a4e2442d3c48355a84463342f397134f149936d7"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/db2244c580540306d60ce783ed340190720cd429",
"url": "https://git.kernel.org/stable/c/db2244c580540306d60ce783ed340190720cd429"
}
],
"release_date": "2026-01-23T15:16:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T13:41:48.045205Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775655705",
"product_ids": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775655705"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
]
},
{
"cve": "CVE-2024-40929",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: mvm: check n_ssids before accessing the ssids\n\nIn some versions of cfg80211, the ssids poinet might be a valid one even\nthough n_ssids is 0. Accessing the pointer in this case will cuase an\nout-of-bound access. Fix this by checking n_ssids first.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2024-40929"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/29a18d56bd64b95bd10bda4afda512558471382a",
"url": "https://git.kernel.org/stable/c/29a18d56bd64b95bd10bda4afda512558471382a"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/3c4771091ea8016c8601399078916f722dd8833b",
"url": "https://git.kernel.org/stable/c/3c4771091ea8016c8601399078916f722dd8833b"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/60d62757df30b74bf397a2847a6db7385c6ee281",
"url": "https://git.kernel.org/stable/c/60d62757df30b74bf397a2847a6db7385c6ee281"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/62e007bdeb91c6879a4652c3426aef1cd9d2937b",
"url": "https://git.kernel.org/stable/c/62e007bdeb91c6879a4652c3426aef1cd9d2937b"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/9e719ae3abad60e245ce248ba3f08148f375a614",
"url": "https://git.kernel.org/stable/c/9e719ae3abad60e245ce248ba3f08148f375a614"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/f777792952d03bbaf8329fdfa99393a5a33e2640",
"url": "https://git.kernel.org/stable/c/f777792952d03bbaf8329fdfa99393a5a33e2640"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html",
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
}
],
"release_date": "2024-07-12T13:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T13:41:48.045205Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775655705",
"product_ids": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775655705"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2025-68349",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\nNFSv4/pNFS: Clear NFS_INO_LAYOUTCOMMIT in pnfs_mark_layout_stateid_invalid\nFixes a crash when layout is null during this call stack:\nwrite_inode\n-> nfs4_write_inode\n-> pnfs_layoutcommit_inode\npnfs_set_layoutcommit relies on the lseg refcount to keep the layout\naround. Need to clear NFS_INO_LAYOUTCOMMIT otherwise we might attempt\nto reference a null layout.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2025-68349"
}
],
"release_date": "2025-12-24T00:00:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T13:41:48.045205Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775655705",
"product_ids": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775655705"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2024-42159",
"cwe": {
"id": "CWE-754",
"name": "Improper Check for Unusual or Exceptional Conditions"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: mpi3mr: Sanitise num_phys\n\nInformation is stored in mr_sas_port->phy_mask, values larger then size of\nthis field shouldn't be allowed.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2024-42159"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/3668651def2c1622904e58b0280ee93121f2b10b",
"url": "https://git.kernel.org/stable/c/3668651def2c1622904e58b0280ee93121f2b10b"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/586b41060113ae43032ec6c4a16d518cef5da6e0",
"url": "https://git.kernel.org/stable/c/586b41060113ae43032ec6c4a16d518cef5da6e0"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/b869ec89d2ee923d46608b76e54c006680c9b4df",
"url": "https://git.kernel.org/stable/c/b869ec89d2ee923d46608b76e54c006680c9b4df"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/c8707901b53a48106d7501bdbd0350cefaefa4cf",
"url": "https://git.kernel.org/stable/c/c8707901b53a48106d7501bdbd0350cefaefa4cf"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html",
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"
}
],
"release_date": "2024-07-30T08:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T13:41:48.045205Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775655705",
"product_ids": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775655705"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2024-56664",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, sockmap: Fix race between element replace and close()\n\nElement replace (with a socket different from the one stored) may race\nwith socket's close() link popping & unlinking. __sock_map_delete()\nunconditionally unrefs the (wrong) element:\n\n// set map[0] = s0\nmap_update_elem(map, 0, s0)\n\n// drop fd of s0\nclose(s0)\n sock_map_close()\n lock_sock(sk) (s0!)\n sock_map_remove_links(sk)\n link = sk_psock_link_pop()\n sock_map_unlink(sk, link)\n sock_map_delete_from_link\n // replace map[0] with s1\n map_update_elem(map, 0, s1)\n sock_map_update_elem\n (s1!) lock_sock(sk)\n sock_map_update_common\n psock = sk_psock(sk)\n spin_lock(&stab->lock)\n osk = stab->sks[idx]\n sock_map_add_link(..., &stab->sks[idx])\n sock_map_unref(osk, &stab->sks[idx])\n psock = sk_psock(osk)\n sk_psock_put(sk, psock)\n if (refcount_dec_and_test(&psock))\n sk_psock_drop(sk, psock)\n spin_unlock(&stab->lock)\n unlock_sock(sk)\n __sock_map_delete\n spin_lock(&stab->lock)\n sk = *psk // s1 replaced s0; sk == s1\n if (!sk_test || sk_test == sk) // sk_test (s0) != sk (s1); no branch\n sk = xchg(psk, NULL)\n if (sk)\n sock_map_unref(sk, psk) // unref s1; sks[idx] will dangle\n psock = sk_psock(sk)\n sk_psock_put(sk, psock)\n if (refcount_dec_and_test())\n sk_psock_drop(sk, psock)\n spin_unlock(&stab->lock)\n release_sock(sk)\n\nThen close(map) enqueues bpf_map_free_deferred, which finally calls\nsock_map_free(). This results in some refcount_t warnings along with\na KASAN splat [1].\n\nFix __sock_map_delete(), do not allow sock_map_unref() on elements that\nmay have been replaced.\n\n[1]:\nBUG: KASAN: slab-use-after-free in sock_map_free+0x10e/0x330\nWrite of size 4 at addr ffff88811f5b9100 by task kworker/u64:12/1063\n\nCPU: 14 UID: 0 PID: 1063 Comm: kworker/u64:12 Not tainted 6.12.0+ #125\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Arch Linux 1.16.3-1-1 04/01/2014\nWorkqueue: events_unbound bpf_map_free_deferred\nCall Trace:\n \n dump_stack_lvl+0x68/0x90\n print_report+0x174/0x4f6\n kasan_report+0xb9/0x190\n kasan_check_range+0x10f/0x1e0\n sock_map_free+0x10e/0x330\n bpf_map_free_deferred+0x173/0x320\n process_one_work+0x846/0x1420\n worker_thread+0x5b3/0xf80\n kthread+0x29e/0x360\n ret_from_fork+0x2d/0x70\n ret_from_fork_asm+0x1a/0x30\n \n\nAllocated by task 1202:\n kasan_save_stack+0x1e/0x40\n kasan_save_track+0x10/0x30\n __kasan_slab_alloc+0x85/0x90\n kmem_cache_alloc_noprof+0x131/0x450\n sk_prot_alloc+0x5b/0x220\n sk_alloc+0x2c/0x870\n unix_create1+0x88/0x8a0\n unix_create+0xc5/0x180\n __sock_create+0x241/0x650\n __sys_socketpair+0x1ce/0x420\n __x64_sys_socketpair+0x92/0x100\n do_syscall_64+0x93/0x180\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nFreed by task 46:\n kasan_save_stack+0x1e/0x40\n kasan_save_track+0x10/0x30\n kasan_save_free_info+0x37/0x60\n __kasan_slab_free+0x4b/0x70\n kmem_cache_free+0x1a1/0x590\n __sk_destruct+0x388/0x5a0\n sk_psock_destroy+0x73e/0xa50\n process_one_work+0x846/0x1420\n worker_thread+0x5b3/0xf80\n kthread+0x29e/0x360\n ret_from_fork+0x2d/0x70\n ret_from_fork_asm+0x1a/0x30\n\nThe bu\n---truncated---",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2024-56664"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/6deb9e85dc9a2ba4414b91c1b5b00b8415910890",
"url": "https://git.kernel.org/stable/c/6deb9e85dc9a2ba4414b91c1b5b00b8415910890"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/b015f19fedd2e12283a8450dd0aefce49ec57015",
"url": "https://git.kernel.org/stable/c/b015f19fedd2e12283a8450dd0aefce49ec57015"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/b79a0d1e9a374d1b376933a354c4fcd01fce0365",
"url": "https://git.kernel.org/stable/c/b79a0d1e9a374d1b376933a354c4fcd01fce0365"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/bf2318e288f636a882eea39f7e1015623629f168",
"url": "https://git.kernel.org/stable/c/bf2318e288f636a882eea39f7e1015623629f168"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/ed1fc5d76b81a4d681211333c026202cad4d5649",
"url": "https://git.kernel.org/stable/c/ed1fc5d76b81a4d681211333c026202cad4d5649"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/fdb2cd8957ac51f84c9e742ba866087944bb834b",
"url": "https://git.kernel.org/stable/c/fdb2cd8957ac51f84c9e742ba866087944bb834b"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html",
"url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html",
"url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html"
}
],
"release_date": "2024-12-27T15:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T13:41:48.045205Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775655705",
"product_ids": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775655705"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2025-22083",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvhost-scsi: Fix handling of multiple calls to vhost_scsi_set_endpoint\n\nIf vhost_scsi_set_endpoint is called multiple times without a\nvhost_scsi_clear_endpoint between them, we can hit multiple bugs\nfound by Haoran Zhang:\n\n1. Use-after-free when no tpgs are found:\n\nThis fixes a use after free that occurs when vhost_scsi_set_endpoint is\ncalled more than once and calls after the first call do not find any\ntpgs to add to the vs_tpg. When vhost_scsi_set_endpoint first finds\ntpgs to add to the vs_tpg array match=true, so we will do:\n\nvhost_vq_set_backend(vq, vs_tpg);\n...\n\nkfree(vs->vs_tpg);\nvs->vs_tpg = vs_tpg;\n\nIf vhost_scsi_set_endpoint is called again and no tpgs are found\nmatch=false so we skip the vhost_vq_set_backend call leaving the\npointer to the vs_tpg we then free via:\n\nkfree(vs->vs_tpg);\nvs->vs_tpg = vs_tpg;\n\nIf a scsi request is then sent we do:\n\nvhost_scsi_handle_vq -> vhost_scsi_get_req -> vhost_vq_get_backend\n\nwhich sees the vs_tpg we just did a kfree on.\n\n2. Tpg dir removal hang:\n\nThis patch fixes an issue where we cannot remove a LIO/target layer\ntpg (and structs above it like the target) dir due to the refcount\ndropping to -1.\n\nThe problem is that if vhost_scsi_set_endpoint detects a tpg is already\nin the vs->vs_tpg array or if the tpg has been removed so\ntarget_depend_item fails, the undepend goto handler will do\ntarget_undepend_item on all tpgs in the vs_tpg array dropping their\nrefcount to 0. At this time vs_tpg contains both the tpgs we have added\nin the current vhost_scsi_set_endpoint call as well as tpgs we added in\nprevious calls which are also in vs->vs_tpg.\n\nLater, when vhost_scsi_clear_endpoint runs it will do\ntarget_undepend_item on all the tpgs in the vs->vs_tpg which will drop\ntheir refcount to -1. Userspace will then not be able to remove the tpg\nand will hang when it tries to do rmdir on the tpg dir.\n\n3. Tpg leak:\n\nThis fixes a bug where we can leak tpgs and cause them to be\nun-removable because the target name is overwritten when\nvhost_scsi_set_endpoint is called multiple times but with different\ntarget names.\n\nThe bug occurs if a user has called VHOST_SCSI_SET_ENDPOINT and setup\na vhost-scsi device to target/tpg mapping, then calls\nVHOST_SCSI_SET_ENDPOINT again with a new target name that has tpgs we\nhaven't seen before (target1 has tpg1 but target2 has tpg2). When this\nhappens we don't teardown the old target tpg mapping and just overwrite\nthe target name and the vs->vs_tpg array. Later when we do\nvhost_scsi_clear_endpoint, we are passed in either target1 or target2's\nname and we will only match that target's tpgs when we loop over the\nvs->vs_tpg. We will then return from the function without doing\ntarget_undepend_item on the tpgs.\n\nBecause of all these bugs, it looks like being able to call\nvhost_scsi_set_endpoint multiple times was never supported. The major\nuser, QEMU, already has checks to prevent this use case. So to fix the\nissues, this patch prevents vhost_scsi_set_endpoint from being called\nif it's already successfully added tpgs. To add, remove or change the\ntpg config or target name, you must do a vhost_scsi_clear_endpoint\nfirst.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2025-22083"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/2b34bdc42df047794542f3e220fe989124e4499a",
"url": "https://git.kernel.org/stable/c/2b34bdc42df047794542f3e220fe989124e4499a"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/3a19eb3d9818e28f14c818a18dc913344a52ca92",
"url": "https://git.kernel.org/stable/c/3a19eb3d9818e28f14c818a18dc913344a52ca92"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/3fd054baf382a426bbf5135ede0fc5673db74d3e",
"url": "https://git.kernel.org/stable/c/3fd054baf382a426bbf5135ede0fc5673db74d3e"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/451c72f5e7cf5d339a6410a635cee0825687c3dc",
"url": "https://git.kernel.org/stable/c/451c72f5e7cf5d339a6410a635cee0825687c3dc"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/5dd639a1646ef5fe8f4bf270fad47c5c3755b9b6",
"url": "https://git.kernel.org/stable/c/5dd639a1646ef5fe8f4bf270fad47c5c3755b9b6"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/63b449f73ab0dcc0ba11ceaa4c5c70bc86ccf03c",
"url": "https://git.kernel.org/stable/c/63b449f73ab0dcc0ba11ceaa4c5c70bc86ccf03c"
}
],
"release_date": "2025-04-16T15:16:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T13:41:48.045205Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775655705",
"product_ids": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775655705"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2026-23193",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: target: iscsi: Fix use-after-free in iscsit_dec_session_usage_count()\n\nIn iscsit_dec_session_usage_count(), the function calls complete() while\nholding the sess->session_usage_lock. Similar to the connection usage count\nlogic, the waiter signaled by complete() (e.g., in the session release\npath) may wake up and free the iscsit_session structure immediately.\n\nThis creates a race condition where the current thread may attempt to\nexecute spin_unlock_bh() on a session structure that has already been\ndeallocated, resulting in a KASAN slab-use-after-free.\n\nTo resolve this, release the session_usage_lock before calling complete()\nto ensure all dereferences of the sess pointer are finished before the\nwaiter is allowed to proceed with deallocation.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2026-23193"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/11ebafffce31efc6abeb28c509017976fc49f1ca",
"url": "https://git.kernel.org/stable/c/11ebafffce31efc6abeb28c509017976fc49f1ca"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/2b64015550a13bcc72910be0565548d9a754d46d",
"url": "https://git.kernel.org/stable/c/2b64015550a13bcc72910be0565548d9a754d46d"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/41b86a9ec037bd3435d68dd3692f0891a207e7e7",
"url": "https://git.kernel.org/stable/c/41b86a9ec037bd3435d68dd3692f0891a207e7e7"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/4530f4e4d0e6a207110b0ffed0c911bca43531a4",
"url": "https://git.kernel.org/stable/c/4530f4e4d0e6a207110b0ffed0c911bca43531a4"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/84dc6037390b8607c5551047d3970336cb51ba9a",
"url": "https://git.kernel.org/stable/c/84dc6037390b8607c5551047d3970336cb51ba9a"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/d8dbdc146e9e9a976931b78715be2e91299049f9",
"url": "https://git.kernel.org/stable/c/d8dbdc146e9e9a976931b78715be2e91299049f9"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/fd8b0900173307039d3a84644c2fee041a7ed4fb",
"url": "https://git.kernel.org/stable/c/fd8b0900173307039d3a84644c2fee041a7ed4fb"
}
],
"release_date": "2026-02-14T17:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T13:41:48.045205Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775655705",
"product_ids": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775655705"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Oracle-Linux-7:bpftool-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-container-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-debug-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-devel-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-headers-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:kernel-uek-tools-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64",
"Oracle-Linux-7:python-perf-0:5.4.17-2136.354.4.el7uek.tuxcare.els1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
}
]
}