{
"document": {
"aggregate_severity": {
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "TuxCare License Agreement",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Cloud Linux Inc. and provide a link to the original.",
"title": "Terms of Use"
},
{
"category": "details",
"text": "efivarfs: Fix slab-out-of-bounds in efivarfs_d_compare {CVE-2025-39817}\n- scsi: ses: Fix possible desc_ptr out-of-bounds accesses {CVE-2023-53675}\n- ipv6: Fix out-of-bounds access in ipv6_find_tlv() {CVE-2023-53705}\n- libceph: fix potential use-after-free in have_mon_and_osd_map() {CVE-2025-68285}\n- scsi: lpfc: Fix use-after-free KFENCE violation during sysfs firmware write {CVE-2023-53282}\n- Bluetooth: hci_sysfs: Fix attempting to call device_add multiple times {CVE-2022-50419}\n- firewire: net: fix use after free in fwnet_finish_incoming_packet() {CVE-2023-53432}\n- net: openvswitch: fix nested key length validation in the set() action\n- wifi: mac80211_hwsim: drop short frames {CVE-2023-53321}\n- scsi: libsas: Fix use-after-free bug in smp_execute_task_sg() {CVE-2022-50422}\n- fix: crypto: lzo - Fix compression buffer overrun\n- fix: NFSD: Protect against send buffer overflow in NFSv2 READ\n- cifs: fix oops during encryption {CVE-2022-50341}\n- SMB3: Kernel oops mounting a encryptData share with CONFIG_DEBUG_VIRTUAL\n- fix smb3-encryption breakage when CONFIG_DEBUG_SG=y\n- Bluetooth: L2CAP: fix \"bad unlock balance\" in l2cap_disconnect_rsp {CVE-2023-53297}\n- iomap: iomap: fix memory corruption when recording errors during writeback {CVE-2022-50406}\n- mm: zswap: fix missing folio cleanup in writeback race path {CVE-2024-26832}\n- mm: fix zswap writeback race condition\n- Bluetooth: prefetch channel before killing sock\n- Bluetooth: Fix l2cap_disconnect_req deadlock\n- Bluetooth: L2CAP: Fix use-after-free in l2cap_disconnect_{req,rsp} {CVE-2023-53827}\n- Bluetooth: Fix refcount use-after-free issue\n- Bluetooth: Check state in l2cap_disconnect_rsp\n- Bluetooth: L2CAP: Fix build errors in some archs\n- Bluetooth: L2CAP: Fix l2cap_global_chan_by_psm regression\n- Bluetooth: use the correct print format for L2CAP debug statements\n- i40e: fix Jumbo Frame support after iPXE boot\n- i40e: Report MFS in decimal base instead of hex\n- i40e: Fix unexpected MFS warning message\n- i40e: Add a check to see if MFS is set\n- bitops: Add non-atomic bitops for pointers\n- bitfield: Add FIELD_MODIFY() helper",
"title": "Details"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://tuxcare.com/contact/",
"name": "TuxCare",
"namespace": "https://tuxcare.com/"
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.tuxcare.com/csaf/v2/els_os/rhel7els/advisories/2026/clsa-2026_1770028764.json"
},
{
"category": "self",
"summary": "https://cve.tuxcare.com/els/releases/CLSA-2026:1770028764",
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1770028764"
}
],
"tracking": {
"current_release_date": "2026-02-02T10:41:41Z",
"generator": {
"date": "2026-02-02T10:41:41Z",
"engine": {
"name": "pyCSAF"
}
},
"id": "CLSA-2026:1770028764",
"initial_release_date": "2026-02-02T10:41:41Z",
"revision_history": [
{
"date": "2026-02-02T10:41:41Z",
"number": "1",
"summary": "Initial version"
}
],
"status": "final",
"version": "1"
},
"title": "kernel: Fix of 14 CVEs"
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux 7",
"product": {
"name": "Red Hat Enterprise Linux 7",
"product_id": "Red-Hat-7",
"product_identification_helper": {
"cpe": "cpe:2.3:o:redhat:enterprise_linux:7:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
}
],
"category": "vendor",
"name": "Red Hat, Inc."
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"product": {
"name": "kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"product_id": "kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/tuxcare/kernel-tools-libs-devel@3.10.0-1160.144.1.el7.tuxcare.els1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"product": {
"name": "kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"product_id": "kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/tuxcare/kernel-debug-devel@3.10.0-1160.144.1.el7.tuxcare.els1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"product": {
"name": "python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"product_id": "python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/tuxcare/python-perf@3.10.0-1160.144.1.el7.tuxcare.els1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"product": {
"name": "perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"product_id": "perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/tuxcare/perf@3.10.0-1160.144.1.el7.tuxcare.els1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"product": {
"name": "bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"product_id": "bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/tuxcare/bpftool@3.10.0-1160.144.1.el7.tuxcare.els1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"product": {
"name": "kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"product_id": "kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/tuxcare/kernel-tools-libs@3.10.0-1160.144.1.el7.tuxcare.els1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"product": {
"name": "kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"product_id": "kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/tuxcare/kernel-devel@3.10.0-1160.144.1.el7.tuxcare.els1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"product": {
"name": "kernel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"product_id": "kernel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/tuxcare/kernel@3.10.0-1160.144.1.el7.tuxcare.els1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"product": {
"name": "kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"product_id": "kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/tuxcare/kernel-debug@3.10.0-1160.144.1.el7.tuxcare.els1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"product": {
"name": "kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"product_id": "kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/tuxcare/kernel-headers@3.10.0-1160.144.1.el7.tuxcare.els1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"product": {
"name": "kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"product_id": "kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/tuxcare/kernel-tools@3.10.0-1160.144.1.el7.tuxcare.els1?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "TuxCare"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64 as a component of Red Hat Enterprise Linux 7",
"product_id": "Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64"
},
"product_reference": "kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"relates_to_product_reference": "Red-Hat-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64 as a component of Red Hat Enterprise Linux 7",
"product_id": "Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64"
},
"product_reference": "kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"relates_to_product_reference": "Red-Hat-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64 as a component of Red Hat Enterprise Linux 7",
"product_id": "Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64"
},
"product_reference": "python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"relates_to_product_reference": "Red-Hat-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64 as a component of Red Hat Enterprise Linux 7",
"product_id": "Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64"
},
"product_reference": "perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"relates_to_product_reference": "Red-Hat-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64 as a component of Red Hat Enterprise Linux 7",
"product_id": "Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64"
},
"product_reference": "bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"relates_to_product_reference": "Red-Hat-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64 as a component of Red Hat Enterprise Linux 7",
"product_id": "Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64"
},
"product_reference": "kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"relates_to_product_reference": "Red-Hat-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64 as a component of Red Hat Enterprise Linux 7",
"product_id": "Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64"
},
"product_reference": "kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"relates_to_product_reference": "Red-Hat-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64 as a component of Red Hat Enterprise Linux 7",
"product_id": "Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64"
},
"product_reference": "kernel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"relates_to_product_reference": "Red-Hat-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64 as a component of Red Hat Enterprise Linux 7",
"product_id": "Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64"
},
"product_reference": "kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"relates_to_product_reference": "Red-Hat-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64 as a component of Red Hat Enterprise Linux 7",
"product_id": "Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64"
},
"product_reference": "kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"relates_to_product_reference": "Red-Hat-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64 as a component of Red Hat Enterprise Linux 7",
"product_id": "Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64"
},
"product_reference": "kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"relates_to_product_reference": "Red-Hat-7"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-53321",
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211_hwsim: drop short frames\n\nWhile technically some control frames like ACK are shorter and\nend after Address 1, such frames shouldn't be forwarded through\nwmediumd or similar userspace, so require the full 3-address\nheader to avoid accessing invalid memory if shorter frames are\npassed in.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2023-53321"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/3beb97bed860d95b14ad23578ce8ddaea62023db",
"url": "https://git.kernel.org/stable/c/3beb97bed860d95b14ad23578ce8ddaea62023db"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/672205c6f2d11978fcd7f0f336bb2c708e28874b",
"url": "https://git.kernel.org/stable/c/672205c6f2d11978fcd7f0f336bb2c708e28874b"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/89a41ed7f21476301659ebd25ccb48a60791c1a7",
"url": "https://git.kernel.org/stable/c/89a41ed7f21476301659ebd25ccb48a60791c1a7"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/b9a175e3b250b0dc6e152988040aa5014e98e61e",
"url": "https://git.kernel.org/stable/c/b9a175e3b250b0dc6e152988040aa5014e98e61e"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/c64ee9dd335832d5e2ab0a8fc83a34ad4c729799",
"url": "https://git.kernel.org/stable/c/c64ee9dd335832d5e2ab0a8fc83a34ad4c729799"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/fba360a047d5eeeb9d4b7c3a9b1c8308980ce9a6",
"url": "https://git.kernel.org/stable/c/fba360a047d5eeeb9d4b7c3a9b1c8308980ce9a6"
}
],
"release_date": "2025-09-16T17:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T10:39:26.377136Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1770028764",
"product_ids": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1770028764"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2022-50341",
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: fix oops during encryption\n\nWhen running xfstests against Azure the following oops occurred on an\narm64 system\n\n Unable to handle kernel write to read-only memory at virtual address\n ffff0001221cf000\n Mem abort info:\n ESR = 0x9600004f\n EC = 0x25: DABT (current EL), IL = 32 bits\n SET = 0, FnV = 0\n EA = 0, S1PTW = 0\n FSC = 0x0f: level 3 permission fault\n Data abort info:\n ISV = 0, ISS = 0x0000004f\n CM = 0, WnR = 1\n swapper pgtable: 4k pages, 48-bit VAs, pgdp=00000000294f3000\n [ffff0001221cf000] pgd=18000001ffff8003, p4d=18000001ffff8003,\n pud=18000001ff82e003, pmd=18000001ff71d003, pte=00600001221cf787\n Internal error: Oops: 9600004f [#1] PREEMPT SMP\n ...\n pstate: 80000005 (Nzcv daif -PAN -UAO -TCO BTYPE=--)\n pc : __memcpy+0x40/0x230\n lr : scatterwalk_copychunks+0xe0/0x200\n sp : ffff800014e92de0\n x29: ffff800014e92de0 x28: ffff000114f9de80 x27: 0000000000000008\n x26: 0000000000000008 x25: ffff800014e92e78 x24: 0000000000000008\n x23: 0000000000000001 x22: 0000040000000000 x21: ffff000000000000\n x20: 0000000000000001 x19: ffff0001037c4488 x18: 0000000000000014\n x17: 235e1c0d6efa9661 x16: a435f9576b6edd6c x15: 0000000000000058\n x14: 0000000000000001 x13: 0000000000000008 x12: ffff000114f2e590\n x11: ffffffffffffffff x10: 0000040000000000 x9 : ffff8000105c3580\n x8 : 2e9413b10000001a x7 : 534b4410fb86b005 x6 : 534b4410fb86b005\n x5 : ffff0001221cf008 x4 : ffff0001037c4490 x3 : 0000000000000001\n x2 : 0000000000000008 x1 : ffff0001037c4488 x0 : ffff0001221cf000\n Call trace:\n __memcpy+0x40/0x230\n scatterwalk_map_and_copy+0x98/0x100\n crypto_ccm_encrypt+0x150/0x180\n crypto_aead_encrypt+0x2c/0x40\n crypt_message+0x750/0x880\n smb3_init_transform_rq+0x298/0x340\n smb_send_rqst.part.11+0xd8/0x180\n smb_send_rqst+0x3c/0x100\n compound_send_recv+0x534/0xbc0\n smb2_query_info_compound+0x32c/0x440\n smb2_set_ea+0x438/0x4c0\n cifs_xattr_set+0x5d4/0x7c0\n\nThis is because in scatterwalk_copychunks(), we attempted to write to\na buffer (@sign) that was allocated in the stack (vmalloc area) by\ncrypt_message() and thus accessing its remaining 8 (x2) bytes ended up\ncrossing a page boundary.\n\nTo simply fix it, we could just pass @sign kmalloc'd from\ncrypt_message() and then we're done. Luckily, we don't seem to pass\nany other vmalloc'd buffers in smb_rqst::rq_iov...\n\nInstead, let's map the correct pages and offsets from vmalloc buffers\nas well in cifs_sg_set_buf() and then avoiding such oopses.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2022-50341"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/a13e51760703f71c25d5fc1f4a62dfa4b0cc80e9",
"url": "https://git.kernel.org/stable/c/a13e51760703f71c25d5fc1f4a62dfa4b0cc80e9"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/bf0543b93740916ee91956f9a63da6fc0d79daaa",
"url": "https://git.kernel.org/stable/c/bf0543b93740916ee91956f9a63da6fc0d79daaa"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/e8d16a54842d609fd4a3ed2d81d4333d6329aa94",
"url": "https://git.kernel.org/stable/c/e8d16a54842d609fd4a3ed2d81d4333d6329aa94"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/e8e2861cc3258dbe407d01ea8c59bb5a53132301",
"url": "https://git.kernel.org/stable/c/e8e2861cc3258dbe407d01ea8c59bb5a53132301"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/f7f291e14dde32a07b1f0aa06921d28f875a7b54",
"url": "https://git.kernel.org/stable/c/f7f291e14dde32a07b1f0aa06921d28f875a7b54"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/fe6ea044c4f05706cb71040055b1c70c6c8275e0",
"url": "https://git.kernel.org/stable/c/fe6ea044c4f05706cb71040055b1c70c6c8275e0"
}
],
"release_date": "2025-09-16T17:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T10:39:26.377136Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1770028764",
"product_ids": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1770028764"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
]
},
{
"cve": "CVE-2023-53675",
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\nscsi: ses: Fix possible desc_ptr out-of-bounds accesses\nSanitize possible desc_ptr out-of-bounds accesses in\nses_enclosure_data_process().",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2023-53675"
}
],
"release_date": "2025-10-07T00:00:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T10:39:26.377136Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1770028764",
"product_ids": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1770028764"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2023-53432",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfirewire: net: fix use after free in fwnet_finish_incoming_packet()\n\nThe netif_rx() function frees the skb so we can't dereference it to\nsave the skb->len.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2023-53432"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/2ea70379e4f4efa95c9daa7f3f9bdd4d40aec927",
"url": "https://git.kernel.org/stable/c/2ea70379e4f4efa95c9daa7f3f9bdd4d40aec927"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/3ff256751a2853e1ffaa36958ff933ccc98c6cb5",
"url": "https://git.kernel.org/stable/c/3ff256751a2853e1ffaa36958ff933ccc98c6cb5"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/9040adc38cf6bfbb77034d558ac2c52f70d840ac",
"url": "https://git.kernel.org/stable/c/9040adc38cf6bfbb77034d558ac2c52f70d840ac"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/9860921ab4521252dc39bb21b9c936bd09a00982",
"url": "https://git.kernel.org/stable/c/9860921ab4521252dc39bb21b9c936bd09a00982"
}
],
"release_date": "2025-09-18T16:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T10:39:26.377136Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1770028764",
"product_ids": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1770028764"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2022-50406",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niomap: iomap: fix memory corruption when recording errors during writeback\n\nEvery now and then I see this crash on arm64:\n\nUnable to handle kernel NULL pointer dereference at virtual address 00000000000000f8\nBuffer I/O error on dev dm-0, logical block 8733687, async page read\nMem abort info:\n ESR = 0x0000000096000006\n EC = 0x25: DABT (current EL), IL = 32 bits\n SET = 0, FnV = 0\n EA = 0, S1PTW = 0\n FSC = 0x06: level 2 translation fault\nData abort info:\n ISV = 0, ISS = 0x00000006\n CM = 0, WnR = 0\nuser pgtable: 64k pages, 42-bit VAs, pgdp=0000000139750000\n[00000000000000f8] pgd=0000000000000000, p4d=0000000000000000, pud=0000000000000000, pmd=0000000000000000\nInternal error: Oops: 96000006 [#1] PREEMPT SMP\nBuffer I/O error on dev dm-0, logical block 8733688, async page read\nDumping ftrace buffer:\nBuffer I/O error on dev dm-0, logical block 8733689, async page read\n (ftrace buffer empty)\nXFS (dm-0): log I/O error -5\nModules linked in: dm_thin_pool dm_persistent_data\nXFS (dm-0): Metadata I/O Error (0x1) detected at xfs_trans_read_buf_map+0x1ec/0x590 [xfs] (fs/xfs/xfs_trans_buf.c:296).\n dm_bio_prison\nXFS (dm-0): Please unmount the filesystem and rectify the problem(s)\nXFS (dm-0): xfs_imap_lookup: xfs_ialloc_read_agi() returned error -5, agno 0\n dm_bufio dm_log_writes xfs nft_chain_nat xt_REDIRECT nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 ip6t_REJECT\npotentially unexpected fatal signal 6.\n nf_reject_ipv6\npotentially unexpected fatal signal 6.\n ipt_REJECT nf_reject_ipv4\nCPU: 1 PID: 122166 Comm: fsstress Tainted: G W 6.0.0-rc5-djwa #rc5 3004c9f1de887ebae86015f2677638ce51ee7\n rpcsec_gss_krb5 auth_rpcgss xt_tcpudp ip_set_hash_ip ip_set_hash_net xt_set nft_compat ip_set_hash_mac ip_set nf_tables\nHardware name: QEMU KVM Virtual Machine, BIOS 1.5.1 06/16/2021\npstate: 60001000 (nZCv daif -PAN -UAO -TCO -DIT +SSBS BTYPE=--)\n ip_tables\npc : 000003fd6d7df200\n x_tables\nlr : 000003fd6d7df1ec\n overlay nfsv4\nCPU: 0 PID: 54031 Comm: u4:3 Tainted: G W 6.0.0-rc5-djwa #rc5 3004c9f1de887ebae86015f2677638ce51ee7405\nHardware name: QEMU KVM Virtual Machine, BIOS 1.5.1 06/16/2021\nWorkqueue: writeback wb_workfn\nsp : 000003ffd9522fd0\n (flush-253:0)\npstate: 60401005 (nZCv daif +PAN -UAO -TCO -DIT +SSBS BTYPE=--)\npc : errseq_set+0x1c/0x100\nx29: 000003ffd9522fd0 x28: 0000000000000023 x27: 000002acefeb6780\nx26: 0000000000000005 x25: 0000000000000001 x24: 0000000000000000\nx23: 00000000ffffffff x22: 0000000000000005\nlr : __filemap_set_wb_err+0x24/0xe0\n x21: 0000000000000006\nsp : fffffe000f80f760\nx29: fffffe000f80f760 x28: 0000000000000003 x27: fffffe000f80f9f8\nx26: 0000000002523000 x25: 00000000fffffffb x24: fffffe000f80f868\nx23: fffffe000f80fbb0 x22: fffffc0180c26a78 x21: 0000000002530000\nx20: 0000000000000000 x19: 0000000000000000 x18: 0000000000000000\n\nx17: 0000000000000000 x16: 0000000000000000 x15: 0000000000000000\nx14: 0000000000000001 x13: 0000000000470af3 x12: fffffc0058f70000\nx11: 0000000000000040 x10: 0000000000001b20 x9 : fffffe000836b288\nx8 : fffffc00eb9fd480 x7 : 0000000000f83659 x6 : 0000000000000000\nx5 : 0000000000000869 x4 : 0000000000000005 x3 : 00000000000000f8\nx20: 000003fd6d740020 x19: 000000000001dd36 x18: 0000000000000001\nx17: 000003fd6d78704c x16: 0000000000000001 x15: 000002acfac87668\nx2 : 0000000000000ffa x1 : 00000000fffffffb x0 : 00000000000000f8\nCall trace:\n errseq_set+0x1c/0x100\n __filemap_set_wb_err+0x24/0xe0\n iomap_do_writepage+0x5e4/0xd5c\n write_cache_pages+0x208/0x674\n iomap_writepages+0x34/0x60\n xfs_vm_writepages+0x8c/0xcc [xfs 7a861f39c43631f15d3a5884246ba5035d4ca78b]\nx14: 0000000000000000 x13: 2064656e72757465 x12: 0000000000002180\nx11: 000003fd6d8a82d0 x10: 0000000000000000 x9 : 000003fd6d8ae288\nx8 : 0000000000000083 x7 : 00000000ffffffff x6 : 00000000ffffffee\nx5 : 00000000fbad2887 x4 : 000003fd6d9abb58 x3 : 000003fd6d740020\nx2 : 0000000000000006 x1 : 000000000001dd36 x0 : 0000000000000000\nCPU: \n---truncated---",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2022-50406"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/3d5f3ba1ac28059bdf7000cae2403e4e984308d2",
"url": "https://git.kernel.org/stable/c/3d5f3ba1ac28059bdf7000cae2403e4e984308d2"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/7308591d9c7787aec58f6a01a7823f14e90db7a2",
"url": "https://git.kernel.org/stable/c/7308591d9c7787aec58f6a01a7823f14e90db7a2"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/82c66c46f73b88be74c869e2cbfef45281adf3c6",
"url": "https://git.kernel.org/stable/c/82c66c46f73b88be74c869e2cbfef45281adf3c6"
}
],
"release_date": "2025-09-18T16:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T10:39:26.377136Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1770028764",
"product_ids": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1770028764"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2025-39817",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nefivarfs: Fix slab-out-of-bounds in efivarfs_d_compare\n\nObserved on kernel 6.6 (present on master as well):\n\n BUG: KASAN: slab-out-of-bounds in memcmp+0x98/0xd0\n Call trace:\n kasan_check_range+0xe8/0x190\n __asan_loadN+0x1c/0x28\n memcmp+0x98/0xd0\n efivarfs_d_compare+0x68/0xd8\n __d_lookup_rcu_op_compare+0x178/0x218\n __d_lookup_rcu+0x1f8/0x228\n d_alloc_parallel+0x150/0x648\n lookup_open.isra.0+0x5f0/0x8d0\n open_last_lookups+0x264/0x828\n path_openat+0x130/0x3f8\n do_filp_open+0x114/0x248\n do_sys_openat2+0x340/0x3c0\n __arm64_sys_openat+0x120/0x1a0\n\nIf dentry->d_name.len < EFI_VARIABLE_GUID_LEN , 'guid' can become\nnegative, leadings to oob. The issue can be triggered by parallel\nlookups using invalid filename:\n\n T1\t\t\tT2\n lookup_open\n ->lookup\n simple_lookup\n d_add\n // invalid dentry is added to hash list\n\n\t\t\tlookup_open\n\t\t\t d_alloc_parallel\n\t\t\t __d_lookup_rcu\n\t\t\t __d_lookup_rcu_op_compare\n\t\t\t hlist_bl_for_each_entry_rcu\n\t\t\t // invalid dentry can be retrieved\n\t\t\t ->d_compare\n\t\t\t efivarfs_d_compare\n\t\t\t // oob\n\nFix it by checking 'guid' before cmp.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2025-39817"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/0f63fbabeaaaaaaf5b742a2f4c1b4590d50bf1f6",
"url": "https://git.kernel.org/stable/c/0f63fbabeaaaaaaf5b742a2f4c1b4590d50bf1f6"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/568e7761279b99c6daa3002290fd6d8047ddb6d2",
"url": "https://git.kernel.org/stable/c/568e7761279b99c6daa3002290fd6d8047ddb6d2"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/71581a82f38e5a4d807d71fc1bb59aead80ccf95",
"url": "https://git.kernel.org/stable/c/71581a82f38e5a4d807d71fc1bb59aead80ccf95"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/794399019301944fd6d2e0d7a51b3327e26c410e",
"url": "https://git.kernel.org/stable/c/794399019301944fd6d2e0d7a51b3327e26c410e"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/925599eba46045930b850a98ae594d2e3028ac40",
"url": "https://git.kernel.org/stable/c/925599eba46045930b850a98ae594d2e3028ac40"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/a6358f8cf64850f3f27857b8ed8c1b08cfc4685c",
"url": "https://git.kernel.org/stable/c/a6358f8cf64850f3f27857b8ed8c1b08cfc4685c"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/c2925cd6207079c3f4d040d082515db78d63afbf",
"url": "https://git.kernel.org/stable/c/c2925cd6207079c3f4d040d082515db78d63afbf"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/d7f5e35e70507d10cbaff5f9e194ed54c4ee14f7",
"url": "https://git.kernel.org/stable/c/d7f5e35e70507d10cbaff5f9e194ed54c4ee14f7"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html",
"url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html",
"url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html"
}
],
"release_date": "2025-09-16T13:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T10:39:26.377136Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1770028764",
"product_ids": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1770028764"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2023-53282",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: lpfc: Fix use-after-free KFENCE violation during sysfs firmware write\n\nDuring the sysfs firmware write process, a use-after-free read warning is\nlogged from the lpfc_wr_object() routine:\n\n BUG: KFENCE: use-after-free read in lpfc_wr_object+0x235/0x310 [lpfc]\n Use-after-free read at 0x0000000000cf164d (in kfence-#111):\n lpfc_wr_object+0x235/0x310 [lpfc]\n lpfc_write_firmware.cold+0x206/0x30d [lpfc]\n lpfc_sli4_request_firmware_update+0xa6/0x100 [lpfc]\n lpfc_request_firmware_upgrade_store+0x66/0xb0 [lpfc]\n kernfs_fop_write_iter+0x121/0x1b0\n new_sync_write+0x11c/0x1b0\n vfs_write+0x1ef/0x280\n ksys_write+0x5f/0xe0\n do_syscall_64+0x59/0x90\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nThe driver accessed wr_object pointer data, which was initialized into\nmailbox payload memory, after the mailbox object was released back to the\nmailbox pool.\n\nFix by moving the mailbox free calls to the end of the routine ensuring\nthat we don't reference internal mailbox memory after release.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2023-53282"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/21681b81b9ae548c5dae7ae00d931197a27f480c",
"url": "https://git.kernel.org/stable/c/21681b81b9ae548c5dae7ae00d931197a27f480c"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/51ab4eb1a25e73c7fc2ad9026520c4d8369c93cc",
"url": "https://git.kernel.org/stable/c/51ab4eb1a25e73c7fc2ad9026520c4d8369c93cc"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/8becb97918f04bb177bc9c4e00c2bdb302e00944",
"url": "https://git.kernel.org/stable/c/8becb97918f04bb177bc9c4e00c2bdb302e00944"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/8dfefa8f424ab208e552df1bfd008b732f3d0ad1",
"url": "https://git.kernel.org/stable/c/8dfefa8f424ab208e552df1bfd008b732f3d0ad1"
}
],
"release_date": "2025-09-16T08:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T10:39:26.377136Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1770028764",
"product_ids": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1770028764"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2025-68285",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\nlibceph: fix potential use-after-free in have_mon_and_osd_map()\nThe wait loop in __ceph_open_session() can race with the client\nreceiving a new monmap or osdmap shortly after the initial map is\nreceived. Both ceph_monc_handle_map() and handle_one_map() install\na new map immediately after freeing the old one\nkfree(monc->monmap);\nmonc->monmap = monmap;\nceph_osdmap_destroy(osdc->osdmap);\nosdc->osdmap = newmap;\nunder client->monc.mutex and client->osdc.lock respectively, but\nbecause neither is taken in have_mon_and_osd_map() it's possible for\nclient->monc.monmap->epoch and client->osdc.osdmap->epoch arms in\nclient->monc.monmap && client->monc.monmap->epoch &&\nclient->osdc.osdmap && client->osdc.osdmap->epoch;\ncondition to dereference an already freed map. This happens to be\nreproducible with generic/395 and generic/397 with KASAN enabled:\nBUG: KASAN: slab-use-after-free in have_mon_and_osd_map+0x56/0x70\nRead of size 4 at addr ffff88811012d810 by task mount.ceph/13305\nCPU: 2 UID: 0 PID: 13305 Comm: mount.ceph Not tainted 6.14.0-rc2-build2+ #1266\n...\nCall Trace:\n\nhave_mon_and_osd_map+0x56/0x70\nceph_open_session+0x182/0x290\nceph_get_tree+0x333/0x680\nvfs_get_tree+0x49/0x180\ndo_new_mount+0x1a3/0x2d0\npath_mount+0x6dd/0x730\ndo_mount+0x99/0xe0\n__do_sys_mount+0x141/0x180\ndo_syscall_64+0x9f/0x100\nentry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nAllocated by task 13305:\nceph_osdmap_alloc+0x16/0x130\nceph_osdc_init+0x27a/0x4c0\nceph_create_client+0x153/0x190\ncreate_fs_client+0x50/0x2a0\nceph_get_tree+0xff/0x680\nvfs_get_tree+0x49/0x180\ndo_new_mount+0x1a3/0x2d0\npath_mount+0x6dd/0x730\ndo_mount+0x99/0xe0\n__do_sys_mount+0x141/0x180\ndo_syscall_64+0x9f/0x100\nentry_SYSCALL_64_after_hwframe+0x76/0x7e\nFreed by task 9475:\nkfree+0x212/0x290\nhandle_one_map+0x23c/0x3b0\nceph_osdc_handle_map+0x3c9/0x590\nmon_dispatch+0x655/0x6f0\nceph_con_process_message+0xc3/0xe0\nceph_con_v1_try_read+0x614/0x760\nceph_con_workfn+0x2de/0x650\nprocess_one_work+0x486/0x7c0\nprocess_scheduled_works+0x73/0x90\nworker_thread+0x1c8/0x2a0\nkthread+0x2ec/0x300\nret_from_fork+0x24/0x40\nret_from_fork_asm+0x1a/0x30\nRewrite the wait loop to check the above condition directly with\nclient->monc.mutex and client->osdc.lock taken as appropriate. While\nat it, improve the timeout handling (previously mount_timeout could be\nexceeded in case wait_event_interruptible_timeout() slept more than\nonce) and access client->auth_err under client->monc.mutex to match\nhow it's set in finish_auth().\nmonmap_show() and osdmap_show() now take the respective lock before\naccessing the map as well.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2025-68285"
}
],
"release_date": "2025-12-16T00:00:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T10:39:26.377136Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1770028764",
"product_ids": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1770028764"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2022-50422",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: libsas: Fix use-after-free bug in smp_execute_task_sg()\n\nWhen executing SMP task failed, the smp_execute_task_sg() calls del_timer()\nto delete \"slow_task->timer\". However, if the timer handler\nsas_task_internal_timedout() is running, the del_timer() in\nsmp_execute_task_sg() will not stop it and a UAF will happen. The process\nis shown below:\n\n (thread 1) | (thread 2)\nsmp_execute_task_sg() | sas_task_internal_timedout()\n ... |\n del_timer() |\n ... | ...\n sas_free_task(task) |\n kfree(task->slow_task) //FREE|\n | task->slow_task->... //USE\n\nFix by calling del_timer_sync() in smp_execute_task_sg(), which makes sure\nthe timer handler have finished before the \"task->slow_task\" is\ndeallocated.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2022-50422"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/117331a2a5227fb4369c2a1f321d3e3e2e2ef8fe",
"url": "https://git.kernel.org/stable/c/117331a2a5227fb4369c2a1f321d3e3e2e2ef8fe"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/2e12ce270f0d926085c1209cc90397e307deef97",
"url": "https://git.kernel.org/stable/c/2e12ce270f0d926085c1209cc90397e307deef97"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/46ba53c30666717cb06c2b3c5d896301cd00d0c0",
"url": "https://git.kernel.org/stable/c/46ba53c30666717cb06c2b3c5d896301cd00d0c0"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/a9e5176ead6de64f572ad5c87a72825d9d3c82ae",
"url": "https://git.kernel.org/stable/c/a9e5176ead6de64f572ad5c87a72825d9d3c82ae"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/e45a1516d2933703a4823d9db71e17c3abeba24f",
"url": "https://git.kernel.org/stable/c/e45a1516d2933703a4823d9db71e17c3abeba24f"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/f7a785177611ffc97d645fcbc196e6de6ad2421d",
"url": "https://git.kernel.org/stable/c/f7a785177611ffc97d645fcbc196e6de6ad2421d"
}
],
"release_date": "2025-10-01T12:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T10:39:26.377136Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1770028764",
"product_ids": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1770028764"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2024-26832",
"cwe": {
"id": "CWE-459",
"name": "Incomplete Cleanup"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: zswap: fix missing folio cleanup in writeback race path\n\nIn zswap_writeback_entry(), after we get a folio from\n__read_swap_cache_async(), we grab the tree lock again to check that the\nswap entry was not invalidated and recycled. If it was, we delete the\nfolio we just added to the swap cache and exit.\n\nHowever, __read_swap_cache_async() returns the folio locked when it is\nnewly allocated, which is always true for this path, and the folio is\nref'd. Make sure to unlock and put the folio before returning.\n\nThis was discovered by code inspection, probably because this path handles\na race condition that should not happen often, and the bug would not crash\nthe system, it will only strand the folio indefinitely.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2024-26832"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/14f1992430ef9e647b02aa8ca12c5bcb9a1dffea",
"url": "https://git.kernel.org/stable/c/14f1992430ef9e647b02aa8ca12c5bcb9a1dffea"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/6156277d1b26cb3fdb6fcbf0686ab78268571644",
"url": "https://git.kernel.org/stable/c/6156277d1b26cb3fdb6fcbf0686ab78268571644"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/e2891c763aa2cff74dd6b5e978411ccf0cf94abe",
"url": "https://git.kernel.org/stable/c/e2891c763aa2cff74dd6b5e978411ccf0cf94abe"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/e3b63e966cac0bf78aaa1efede1827a252815a1d",
"url": "https://git.kernel.org/stable/c/e3b63e966cac0bf78aaa1efede1827a252815a1d"
}
],
"release_date": "2024-04-17T10:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T10:39:26.377136Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1770028764",
"product_ids": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1770028764"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
]
},
{
"cve": "CVE-2023-53297",
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: L2CAP: fix \"bad unlock balance\" in l2cap_disconnect_rsp\n\nconn->chan_lock isn't acquired before l2cap_get_chan_by_scid,\nif l2cap_get_chan_by_scid returns NULL, then 'bad unlock balance'\nis triggered.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2023-53297"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/116b9c002c894097adc2b8684db2d1da4229ed46",
"url": "https://git.kernel.org/stable/c/116b9c002c894097adc2b8684db2d1da4229ed46"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/2112c4c47d36bc5aba3ddeb9afedce6ae6a67e7d",
"url": "https://git.kernel.org/stable/c/2112c4c47d36bc5aba3ddeb9afedce6ae6a67e7d"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/25e97f7b1866e6b8503be349eeea44bb52d661ce",
"url": "https://git.kernel.org/stable/c/25e97f7b1866e6b8503be349eeea44bb52d661ce"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/5134556c9be582793f30695c09d18a26fe1ff2d7",
"url": "https://git.kernel.org/stable/c/5134556c9be582793f30695c09d18a26fe1ff2d7"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/55410a9144c76ecda126e6cdec556dfcd8f343b2",
"url": "https://git.kernel.org/stable/c/55410a9144c76ecda126e6cdec556dfcd8f343b2"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/5f352a56f0e607e6ff539cbf12156bfd8af232be",
"url": "https://git.kernel.org/stable/c/5f352a56f0e607e6ff539cbf12156bfd8af232be"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/6a27762340ad08643de3bc17fe1646ea489ca2e2",
"url": "https://git.kernel.org/stable/c/6a27762340ad08643de3bc17fe1646ea489ca2e2"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/fd269a0435f8e9943b7a57c5a59688848d42d449",
"url": "https://git.kernel.org/stable/c/fd269a0435f8e9943b7a57c5a59688848d42d449"
}
],
"release_date": "2025-09-16T08:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T10:39:26.377136Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1770028764",
"product_ids": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1770028764"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
]
},
{
"cve": "CVE-2023-53705",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\nipv6: Fix out-of-bounds access in ipv6_find_tlv()\noptlen is fetched without checking whether there is more than one byte to parse.\nIt can lead to out-of-bounds access.\nFound by InfoTeCS on behalf of Linux Verification Center\n(linuxtesting.org) with SVACE.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2023-53705"
}
],
"release_date": "2025-10-22T00:00:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T10:39:26.377136Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1770028764",
"product_ids": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1770028764"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H",
"version": "3.1"
},
"products": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2022-50419",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: hci_sysfs: Fix attempting to call device_add multiple times\n\ndevice_add shall not be called multiple times as stated in its\ndocumentation:\n\n 'Do not call this routine or device_register() more than once for\n any device structure'\n\nSyzkaller reports a bug as follows [1]:\n------------[ cut here ]------------\nkernel BUG at lib/list_debug.c:33!\ninvalid opcode: 0000 [#1] PREEMPT SMP KASAN\n[...]\nCall Trace:\n \n __list_add include/linux/list.h:69 [inline]\n list_add_tail include/linux/list.h:102 [inline]\n kobj_kset_join lib/kobject.c:164 [inline]\n kobject_add_internal+0x18f/0x8f0 lib/kobject.c:214\n kobject_add_varg lib/kobject.c:358 [inline]\n kobject_add+0x150/0x1c0 lib/kobject.c:410\n device_add+0x368/0x1e90 drivers/base/core.c:3452\n hci_conn_add_sysfs+0x9b/0x1b0 net/bluetooth/hci_sysfs.c:53\n hci_le_cis_estabilished_evt+0x57c/0xae0 net/bluetooth/hci_event.c:6799\n hci_le_meta_evt+0x2b8/0x510 net/bluetooth/hci_event.c:7110\n hci_event_func net/bluetooth/hci_event.c:7440 [inline]\n hci_event_packet+0x63d/0xfd0 net/bluetooth/hci_event.c:7495\n hci_rx_work+0xae7/0x1230 net/bluetooth/hci_core.c:4007\n process_one_work+0x991/0x1610 kernel/workqueue.c:2289\n worker_thread+0x665/0x1080 kernel/workqueue.c:2436\n kthread+0x2e4/0x3a0 kernel/kthread.c:376\n ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:306\n ",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2022-50419"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/1b6c89571f453101251201f0fad1c26f7256e937",
"url": "https://git.kernel.org/stable/c/1b6c89571f453101251201f0fad1c26f7256e937"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/3423a50fa018e88aed4c900d59c3c8334d8ad583",
"url": "https://git.kernel.org/stable/c/3423a50fa018e88aed4c900d59c3c8334d8ad583"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/448a496f760664d3e2e79466aa1787e6abc922b5",
"url": "https://git.kernel.org/stable/c/448a496f760664d3e2e79466aa1787e6abc922b5"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/4bcefec3636208b4c97536b26014d5935d5c10a0",
"url": "https://git.kernel.org/stable/c/4bcefec3636208b4c97536b26014d5935d5c10a0"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/6144423712d570247b8ca26e50a277c30dd13702",
"url": "https://git.kernel.org/stable/c/6144423712d570247b8ca26e50a277c30dd13702"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/671fee73e08ff415d36a7c16bdf238927df83884",
"url": "https://git.kernel.org/stable/c/671fee73e08ff415d36a7c16bdf238927df83884"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/6e85d2ad958c6f034b1b158d904019869dbb3c81",
"url": "https://git.kernel.org/stable/c/6e85d2ad958c6f034b1b158d904019869dbb3c81"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/7b674dce4162bb46d396586e30e4653427023875",
"url": "https://git.kernel.org/stable/c/7b674dce4162bb46d396586e30e4653427023875"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/ef055094df4c10b73cfe67c8d43f9de1fb608a8b",
"url": "https://git.kernel.org/stable/c/ef055094df4c10b73cfe67c8d43f9de1fb608a8b"
}
],
"release_date": "2025-09-18T16:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T10:39:26.377136Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1770028764",
"product_ids": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1770028764"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2023-53827",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\nBluetooth: L2CAP: Fix use-after-free in l2cap_disconnect_{req,rsp}\nSimilar to commit d0be8347c623 (\"Bluetooth: L2CAP: Fix use-after-free\ncaused by l2cap_chan_put\"), just use l2cap_chan_hold_unless_zero to\nprevent referencing a channel that is about to be destroyed.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2023-53827"
}
],
"release_date": "2025-12-09T00:00:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T10:39:26.377136Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1770028764",
"product_ids": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1770028764"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
}
]
}