{
"document": {
"aggregate_severity": {
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "TuxCare License Agreement",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Cloud Linux Inc. and provide a link to the original.",
"title": "Terms of Use"
},
{
"category": "details",
"text": "i40e: fix IRQ freeing in i40e_vsi_request_irq_msix error path {CVE-2025-39911}\n- media: rc: fix races with imon_disconnect() {CVE-2025-39993}\n- VMCI: fix race between vmci_host_setup_notify and vmci_ctx_unset_notify {CVE-2025-38102}\n- partitions: mac: fix handling of bogus partition table {CVE-2025-21772}\n- tracing: Fix oob write in trace_seq_to_buffer() {CVE-2025-37923}\n- drm/vmwgfx: Validate command header size against SVGA_CMD_MAX_DATASIZE {CVE-2025-40277}\n- Bluetooth: fix use-after-free in device_for_each_child() {CVE-2024-53237}\n- net/atm: remove the atmdev_ops {get, set}sockopt methods {CVE-2022-50410}\n- i40e: add validation for ring_len param {CVE-2025-39973}\n- vsock: Ignore signal/timeout on connect() if already established {CVE-2025-40248}\n- sctp: avoid NULL dereference when chunk data buffer is missing {CVE-2025-40240}\n- nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm() {CVE-2025-38724}\n- VMCI: check context->notify_page after call to get_user_pages_fast() to avoid GPF {CVE-2023-53259}\n- wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy() {CVE-2024-58014}\n- isofs: Prevent the use of too small fid {CVE-2025-37780}\n- net: ppp: Add bound checking for skb data on ppp_sync_txmung {CVE-2025-37749}\n- Bluetooth: Fix use-after-free in l2cap_sock_cleanup_listen() {CVE-2025-39860}\n- i40e: Fix potential invalid access when MAC list is empty {CVE-2025-39853}\n- ALSA: usb-audio: Fix out-of-bounds read in snd_usb_get_audioformat_uac3() {CVE-2025-38249}\n- fbdev: bitblit: bound-check glyph index in bit_putcs* {CVE-2025-40322}\n- fbdev: Add bounds checking in bit_putcs to fix vmalloc-out-of-bounds {CVE-2025-40304}",
"title": "Details"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://tuxcare.com/contact/",
"name": "TuxCare",
"namespace": "https://tuxcare.com/"
},
"references": [
{
"category": "self",
"summary": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773046740",
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773046740"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.tuxcare.com/csaf/v2/els_os/rhel7els/advisories/2026/clsa-2026_1773046740.json"
}
],
"tracking": {
"current_release_date": "2026-03-09T09:01:54Z",
"generator": {
"date": "2026-03-09T09:01:54Z",
"engine": {
"name": "pyCSAF"
}
},
"id": "CLSA-2026:1773046740",
"initial_release_date": "2026-03-09T09:01:54Z",
"revision_history": [
{
"date": "2026-03-09T09:01:54Z",
"number": "1",
"summary": "Initial version"
}
],
"status": "final",
"version": "1"
},
"title": "kernel: Fix of 21 CVEs"
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux 7",
"product": {
"name": "Red Hat Enterprise Linux 7",
"product_id": "Red-Hat-7",
"product_identification_helper": {
"cpe": "cpe:2.3:o:redhat:enterprise_linux:7:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
}
],
"category": "vendor",
"name": "Red Hat, Inc."
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"product": {
"name": "kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"product_id": "kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/tuxcare/kernel-tools@3.10.0-1160.144.1.el7.tuxcare.els3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"product": {
"name": "perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"product_id": "perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/tuxcare/perf@3.10.0-1160.144.1.el7.tuxcare.els3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"product": {
"name": "kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"product_id": "kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/tuxcare/kernel-tools-libs-devel@3.10.0-1160.144.1.el7.tuxcare.els3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"product": {
"name": "kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"product_id": "kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/tuxcare/kernel-debug-devel@3.10.0-1160.144.1.el7.tuxcare.els3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"product": {
"name": "kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"product_id": "kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/tuxcare/kernel-headers@3.10.0-1160.144.1.el7.tuxcare.els3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"product": {
"name": "python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"product_id": "python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/tuxcare/python-perf@3.10.0-1160.144.1.el7.tuxcare.els3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"product": {
"name": "bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"product_id": "bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/tuxcare/bpftool@3.10.0-1160.144.1.el7.tuxcare.els3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"product": {
"name": "kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"product_id": "kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/tuxcare/kernel-debug@3.10.0-1160.144.1.el7.tuxcare.els3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"product": {
"name": "kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"product_id": "kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/tuxcare/kernel-devel@3.10.0-1160.144.1.el7.tuxcare.els3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"product": {
"name": "kernel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"product_id": "kernel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/tuxcare/kernel@3.10.0-1160.144.1.el7.tuxcare.els3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"product": {
"name": "kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"product_id": "kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/tuxcare/kernel-tools-libs@3.10.0-1160.144.1.el7.tuxcare.els3?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "TuxCare"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64 as a component of Red Hat Enterprise Linux 7",
"product_id": "Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64"
},
"product_reference": "kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"relates_to_product_reference": "Red-Hat-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64 as a component of Red Hat Enterprise Linux 7",
"product_id": "Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64"
},
"product_reference": "perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"relates_to_product_reference": "Red-Hat-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64 as a component of Red Hat Enterprise Linux 7",
"product_id": "Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64"
},
"product_reference": "kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"relates_to_product_reference": "Red-Hat-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64 as a component of Red Hat Enterprise Linux 7",
"product_id": "Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64"
},
"product_reference": "kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"relates_to_product_reference": "Red-Hat-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64 as a component of Red Hat Enterprise Linux 7",
"product_id": "Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64"
},
"product_reference": "kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"relates_to_product_reference": "Red-Hat-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64 as a component of Red Hat Enterprise Linux 7",
"product_id": "Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64"
},
"product_reference": "python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"relates_to_product_reference": "Red-Hat-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64 as a component of Red Hat Enterprise Linux 7",
"product_id": "Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64"
},
"product_reference": "bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"relates_to_product_reference": "Red-Hat-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64 as a component of Red Hat Enterprise Linux 7",
"product_id": "Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64"
},
"product_reference": "kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"relates_to_product_reference": "Red-Hat-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64 as a component of Red Hat Enterprise Linux 7",
"product_id": "Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64"
},
"product_reference": "kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"relates_to_product_reference": "Red-Hat-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64 as a component of Red Hat Enterprise Linux 7",
"product_id": "Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64"
},
"product_reference": "kernel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"relates_to_product_reference": "Red-Hat-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64 as a component of Red Hat Enterprise Linux 7",
"product_id": "Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64"
},
"product_reference": "kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"relates_to_product_reference": "Red-Hat-7"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-21772",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npartitions: mac: fix handling of bogus partition table\n\nFix several issues in partition probing:\n\n - The bailout for a bad partoffset must use put_dev_sector(), since the\n preceding read_part_sector() succeeded.\n - If the partition table claims a silly sector size like 0xfff bytes\n (which results in partition table entries straddling sector boundaries),\n bail out instead of accessing out-of-bounds memory.\n - We must not assume that the partition table contains proper NUL\n termination - use strnlen() and strncmp() instead of strlen() and\n strcmp().",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2025-21772"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/213ba5bd81b7e97ac6e6190b8f3bc6ba76123625",
"url": "https://git.kernel.org/stable/c/213ba5bd81b7e97ac6e6190b8f3bc6ba76123625"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/27a39d006f85e869be68c1d5d2ce05e5d6445bf5",
"url": "https://git.kernel.org/stable/c/27a39d006f85e869be68c1d5d2ce05e5d6445bf5"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/40a35d14f3c0dc72b689061ec72fc9b193f37d1f",
"url": "https://git.kernel.org/stable/c/40a35d14f3c0dc72b689061ec72fc9b193f37d1f"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/6578717ebca91678131d2b1f4ba4258e60536e9f",
"url": "https://git.kernel.org/stable/c/6578717ebca91678131d2b1f4ba4258e60536e9f"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/7fa9706722882f634090bfc9af642bf9ed719e27",
"url": "https://git.kernel.org/stable/c/7fa9706722882f634090bfc9af642bf9ed719e27"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/80e648042e512d5a767da251d44132553fe04ae0",
"url": "https://git.kernel.org/stable/c/80e648042e512d5a767da251d44132553fe04ae0"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/92527100be38ede924768f4277450dfe8a40e16b",
"url": "https://git.kernel.org/stable/c/92527100be38ede924768f4277450dfe8a40e16b"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/a3e77da9f843e4ab93917d30c314f0283e28c124",
"url": "https://git.kernel.org/stable/c/a3e77da9f843e4ab93917d30c314f0283e28c124"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2025/03/msg00028.html",
"url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00028.html"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html",
"url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html"
}
],
"release_date": "2025-02-27T03:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-09T08:59:02.905127Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773046740",
"product_ids": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773046740"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2025-39911",
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni40e: fix IRQ freeing in i40e_vsi_request_irq_msix error path\n\nIf request_irq() in i40e_vsi_request_irq_msix() fails in an iteration\nlater than the first, the error path wants to free the IRQs requested\nso far. However, it uses the wrong dev_id argument for free_irq(), so\nit does not free the IRQs correctly and instead triggers the warning:\n\n Trying to free already-free IRQ 173\n WARNING: CPU: 25 PID: 1091 at kernel/irq/manage.c:1829 __free_irq+0x192/0x2c0\n Modules linked in: i40e(+) [...]\n CPU: 25 UID: 0 PID: 1091 Comm: NetworkManager Not tainted 6.17.0-rc1+ #1 PREEMPT(lazy)\n Hardware name: [...]\n RIP: 0010:__free_irq+0x192/0x2c0\n [...]\n Call Trace:\n \n free_irq+0x32/0x70\n i40e_vsi_request_irq_msix.cold+0x63/0x8b [i40e]\n i40e_vsi_request_irq+0x79/0x80 [i40e]\n i40e_vsi_open+0x21f/0x2f0 [i40e]\n i40e_open+0x63/0x130 [i40e]\n __dev_open+0xfc/0x210\n __dev_change_flags+0x1fc/0x240\n netif_change_flags+0x27/0x70\n do_setlink.isra.0+0x341/0xc70\n rtnl_newlink+0x468/0x860\n rtnetlink_rcv_msg+0x375/0x450\n netlink_rcv_skb+0x5c/0x110\n netlink_unicast+0x288/0x3c0\n netlink_sendmsg+0x20d/0x430\n ____sys_sendmsg+0x3a2/0x3d0\n ___sys_sendmsg+0x99/0xe0\n __sys_sendmsg+0x8a/0xf0\n do_syscall_64+0x82/0x2c0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n [...]\n \n ---[ end trace 0000000000000000 ]---\n\nUse the same dev_id for free_irq() as for request_irq().\n\nI tested this with inserting code to fail intentionally.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2025-39911"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/13ab9adef3cd386511c930a9660ae06595007f89",
"url": "https://git.kernel.org/stable/c/13ab9adef3cd386511c930a9660ae06595007f89"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/23431998a37764c464737b855c71a81d50992e98",
"url": "https://git.kernel.org/stable/c/23431998a37764c464737b855c71a81d50992e98"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/6e4016c0dca53afc71e3b99e24252b63417395df",
"url": "https://git.kernel.org/stable/c/6e4016c0dca53afc71e3b99e24252b63417395df"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/915470e1b44e71d1dd07ee067276f003c3521ee3",
"url": "https://git.kernel.org/stable/c/915470e1b44e71d1dd07ee067276f003c3521ee3"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/a30afd6617c30aaa338d1dbcb1e34e7a1890085c",
"url": "https://git.kernel.org/stable/c/a30afd6617c30aaa338d1dbcb1e34e7a1890085c"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/b905b2acb3a0bbb08ad9be9984d8cdabdf827315",
"url": "https://git.kernel.org/stable/c/b905b2acb3a0bbb08ad9be9984d8cdabdf827315"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/b9721a023df38cf44a88f2739b4cf51efd051f85",
"url": "https://git.kernel.org/stable/c/b9721a023df38cf44a88f2739b4cf51efd051f85"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/c62580674ce5feb1be4f90b5873ff3ce50e0a1db",
"url": "https://git.kernel.org/stable/c/c62580674ce5feb1be4f90b5873ff3ce50e0a1db"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html",
"url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html"
}
],
"release_date": "2025-10-01T08:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-09T08:59:02.905127Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773046740",
"product_ids": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773046740"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2025-40304",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\nfbdev: Add bounds checking in bit_putcs to fix vmalloc-out-of-bounds\nAdd bounds checking to prevent writes past framebuffer boundaries when\nrendering text near screen edges. Return early if the Y position is off-screen\nand clip image height to screen boundary. Break from the rendering loop if the\nX position is off-screen. When clipping image width to fit the screen, update\nthe character count to match the clipped width to prevent buffer size\nmismatches.\nWithout the character count update, bit_putcs_aligned and bit_putcs_unaligned\nreceive mismatched parameters where the buffer is allocated for the clipped\nwidth but cnt reflects the original larger count, causing out-of-bounds writes.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2025-40304"
}
],
"release_date": "2025-12-08T00:00:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-09T08:59:02.905127Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773046740",
"product_ids": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773046740"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H",
"version": "3.1"
},
"products": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2024-53237",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: fix use-after-free in device_for_each_child()\n\nSyzbot has reported the following KASAN splat:\n\nBUG: KASAN: slab-use-after-free in device_for_each_child+0x18f/0x1a0\nRead of size 8 at addr ffff88801f605308 by task kbnepd bnep0/4980\n\nCPU: 0 UID: 0 PID: 4980 Comm: kbnepd bnep0 Not tainted 6.12.0-rc4-00161-gae90f6a6170d #1\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-2.fc40 04/01/2014\nCall Trace:\n \n dump_stack_lvl+0x100/0x190\n ? device_for_each_child+0x18f/0x1a0\n print_report+0x13a/0x4cb\n ? __virt_addr_valid+0x5e/0x590\n ? __phys_addr+0xc6/0x150\n ? device_for_each_child+0x18f/0x1a0\n kasan_report+0xda/0x110\n ? device_for_each_child+0x18f/0x1a0\n ? __pfx_dev_memalloc_noio+0x10/0x10\n device_for_each_child+0x18f/0x1a0\n ? __pfx_device_for_each_child+0x10/0x10\n pm_runtime_set_memalloc_noio+0xf2/0x180\n netdev_unregister_kobject+0x1ed/0x270\n unregister_netdevice_many_notify+0x123c/0x1d80\n ? __mutex_trylock_common+0xde/0x250\n ? __pfx_unregister_netdevice_many_notify+0x10/0x10\n ? trace_contention_end+0xe6/0x140\n ? __mutex_lock+0x4e7/0x8f0\n ? __pfx_lock_acquire.part.0+0x10/0x10\n ? rcu_is_watching+0x12/0xc0\n ? unregister_netdev+0x12/0x30\n unregister_netdevice_queue+0x30d/0x3f0\n ? __pfx_unregister_netdevice_queue+0x10/0x10\n ? __pfx_down_write+0x10/0x10\n unregister_netdev+0x1c/0x30\n bnep_session+0x1fb3/0x2ab0\n ? __pfx_bnep_session+0x10/0x10\n ? __pfx_lock_release+0x10/0x10\n ? __pfx_woken_wake_function+0x10/0x10\n ? __kthread_parkme+0x132/0x200\n ? __pfx_bnep_session+0x10/0x10\n ? kthread+0x13a/0x370\n ? __pfx_bnep_session+0x10/0x10\n kthread+0x2b7/0x370\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x48/0x80\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \n\nAllocated by task 4974:\n kasan_save_stack+0x30/0x50\n kasan_save_track+0x14/0x30\n __kasan_kmalloc+0xaa/0xb0\n __kmalloc_noprof+0x1d1/0x440\n hci_alloc_dev_priv+0x1d/0x2820\n __vhci_create_device+0xef/0x7d0\n vhci_write+0x2c7/0x480\n vfs_write+0x6a0/0xfc0\n ksys_write+0x12f/0x260\n do_syscall_64+0xc7/0x250\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nFreed by task 4979:\n kasan_save_stack+0x30/0x50\n kasan_save_track+0x14/0x30\n kasan_save_free_info+0x3b/0x60\n __kasan_slab_free+0x4f/0x70\n kfree+0x141/0x490\n hci_release_dev+0x4d9/0x600\n bt_host_release+0x6a/0xb0\n device_release+0xa4/0x240\n kobject_put+0x1ec/0x5a0\n put_device+0x1f/0x30\n vhci_release+0x81/0xf0\n __fput+0x3f6/0xb30\n task_work_run+0x151/0x250\n do_exit+0xa79/0x2c30\n do_group_exit+0xd5/0x2a0\n get_signal+0x1fcd/0x2210\n arch_do_signal_or_restart+0x93/0x780\n syscall_exit_to_user_mode+0x140/0x290\n do_syscall_64+0xd4/0x250\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nIn 'hci_conn_del_sysfs()', 'device_unregister()' may be called when\nan underlying (kobject) reference counter is greater than 1. This\nmeans that reparenting (happened when the device is actually freed)\nis delayed and, during that delay, parent controller device (hciX)\nmay be deleted. Since the latter may create a dangling pointer to\nfreed parent, avoid that scenario by reparenting to NULL explicitly.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2024-53237"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/0f67ca2a80acf8b207240405b7f72d660665d3df",
"url": "https://git.kernel.org/stable/c/0f67ca2a80acf8b207240405b7f72d660665d3df"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/27aabf27fd014ae037cc179c61b0bee7cff55b3d",
"url": "https://git.kernel.org/stable/c/27aabf27fd014ae037cc179c61b0bee7cff55b3d"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/6894717a1ea363c5a27010ba604f957c309d282d",
"url": "https://git.kernel.org/stable/c/6894717a1ea363c5a27010ba604f957c309d282d"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/7b277bd569bb6a2777f0014f84b4344f444fd49d",
"url": "https://git.kernel.org/stable/c/7b277bd569bb6a2777f0014f84b4344f444fd49d"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/91e2a2e4d1336333804cd31162984f01ad8cc70f",
"url": "https://git.kernel.org/stable/c/91e2a2e4d1336333804cd31162984f01ad8cc70f"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/a9584c897d1cba6265c78010bbb45ca5722c88bc",
"url": "https://git.kernel.org/stable/c/a9584c897d1cba6265c78010bbb45ca5722c88bc"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/de5a44f351ca7efd9add9851b218f5353e2224b7",
"url": "https://git.kernel.org/stable/c/de5a44f351ca7efd9add9851b218f5353e2224b7"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/fb91ce37dc9a37ea23cf32b6d7b667004e93d4c5",
"url": "https://git.kernel.org/stable/c/fb91ce37dc9a37ea23cf32b6d7b667004e93d4c5"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html",
"url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html",
"url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html"
}
],
"release_date": "2024-12-27T14:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-09T08:59:02.905127Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773046740",
"product_ids": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773046740"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2025-40322",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\nfbdev: bitblit: bound-check glyph index in bit_putcs*\nbit_putcs_aligned()/unaligned() derived the glyph pointer from the\ncharacter value masked by 0xff/0x1ff, which may exceed the actual font's\nglyph count and read past the end of the built-in font array.\nClamp the index to the actual glyph count before computing the address.\nThis fixes a global out-of-bounds read reported by syzbot.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2025-40322"
}
],
"release_date": "2025-12-08T00:00:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-09T08:59:02.905127Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773046740",
"product_ids": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773046740"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2025-39853",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni40e: Fix potential invalid access when MAC list is empty\n\nlist_first_entry() never returns NULL - if the list is empty, it still\nreturns a pointer to an invalid object, leading to potential invalid\nmemory access when dereferenced.\n\nFix this by using list_first_entry_or_null instead of list_first_entry.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2025-39853"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/1eadabcf5623f1237a539b16586b4ed8ac8dffcd",
"url": "https://git.kernel.org/stable/c/1eadabcf5623f1237a539b16586b4ed8ac8dffcd"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/3c6fb929afa313d9d11f780451d113f73922fe5d",
"url": "https://git.kernel.org/stable/c/3c6fb929afa313d9d11f780451d113f73922fe5d"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/66e7cdbda74ee823ec2bf7b830ebd235c54f5ddf",
"url": "https://git.kernel.org/stable/c/66e7cdbda74ee823ec2bf7b830ebd235c54f5ddf"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/971feafe157afac443027acdc235badc6838560b",
"url": "https://git.kernel.org/stable/c/971feafe157afac443027acdc235badc6838560b"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/9c21fc4cebd44dd21016c61261a683af390343f8",
"url": "https://git.kernel.org/stable/c/9c21fc4cebd44dd21016c61261a683af390343f8"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/a556f06338e1d5a85af0e32ecb46e365547f92b9",
"url": "https://git.kernel.org/stable/c/a556f06338e1d5a85af0e32ecb46e365547f92b9"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/e2a5e74879f9b494bbd66fa93f355feacde450c7",
"url": "https://git.kernel.org/stable/c/e2a5e74879f9b494bbd66fa93f355feacde450c7"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/fb216d980fae6561c7c70af8ef826faf059c6515",
"url": "https://git.kernel.org/stable/c/fb216d980fae6561c7c70af8ef826faf059c6515"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html",
"url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html",
"url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html"
}
],
"release_date": "2025-09-19T16:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-09T08:59:02.905127Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773046740",
"product_ids": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773046740"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2025-39973",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\ni40e: add validation for ring_len param\nThe `ring_len` parameter provided by the virtual function (VF)\nis assigned directly to the hardware memory context (HMC) without\nany validation.\nTo address this, introduce an upper boundary check for both Tx and Rx\nqueue lengths. The maximum number of descriptors supported by the\nhardware is 8k-32.\nAdditionally, enforce alignment constraints: Tx rings must be a multiple\nof 8, and Rx rings must be a multiple of 32.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2025-39973"
}
],
"release_date": "2025-10-15T00:00:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-09T08:59:02.905127Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773046740",
"product_ids": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773046740"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2025-37749",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ppp: Add bound checking for skb data on ppp_sync_txmung\n\nEnsure we have enough data in linear buffer from skb before accessing\ninitial bytes. This prevents potential out-of-bounds accesses\nwhen processing short packets.\n\nWhen ppp_sync_txmung receives an incoming package with an empty\npayload:\n(remote) gef➤ p *(struct pppoe_hdr *) (skb->head + skb->network_header)\n$18 = {\n\ttype = 0x1,\n\tver = 0x1,\n\tcode = 0x0,\n\tsid = 0x2,\n length = 0x0,\n\ttag = 0xffff8880371cdb96\n}\n\nfrom the skb struct (trimmed)\n tail = 0x16,\n end = 0x140,\n head = 0xffff88803346f400 \"4\",\n data = 0xffff88803346f416 \":\\377\",\n truesize = 0x380,\n len = 0x0,\n data_len = 0x0,\n mac_len = 0xe,\n hdr_len = 0x0,\n\nit is not safe to access data[2].\n\n[pabeni@redhat.com: fixed subj typo]",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2025-37749"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/1f6eb9fa87a781d5370c0de7794ae242f1a95ee5",
"url": "https://git.kernel.org/stable/c/1f6eb9fa87a781d5370c0de7794ae242f1a95ee5"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/529401c8f12ecc35f9ea5d946d5a5596cf172b48",
"url": "https://git.kernel.org/stable/c/529401c8f12ecc35f9ea5d946d5a5596cf172b48"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/6e8a6bf43cea4347121ab21bb1ed8d7bef7e732e",
"url": "https://git.kernel.org/stable/c/6e8a6bf43cea4347121ab21bb1ed8d7bef7e732e"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/99aa698dec342a07125d733e39aab4394b3b7e05",
"url": "https://git.kernel.org/stable/c/99aa698dec342a07125d733e39aab4394b3b7e05"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/aabc6596ffb377c4c9c8f335124b92ea282c9821",
"url": "https://git.kernel.org/stable/c/aabc6596ffb377c4c9c8f335124b92ea282c9821"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/b4c836d33ca888695b2f2665f948bc1b34fbd533",
"url": "https://git.kernel.org/stable/c/b4c836d33ca888695b2f2665f948bc1b34fbd533"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/b78f2b458f56a5a4d976c8e01c43dbf58d3ea2ca",
"url": "https://git.kernel.org/stable/c/b78f2b458f56a5a4d976c8e01c43dbf58d3ea2ca"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/de5a4f0cba58625e88b7bebd88f780c8c0150997",
"url": "https://git.kernel.org/stable/c/de5a4f0cba58625e88b7bebd88f780c8c0150997"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/fbaffe8bccf148ece8ad67eb5d7aa852cabf59c8",
"url": "https://git.kernel.org/stable/c/fbaffe8bccf148ece8ad67eb5d7aa852cabf59c8"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html",
"url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html",
"url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html"
}
],
"release_date": "2025-05-01T13:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-09T08:59:02.905127Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773046740",
"product_ids": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773046740"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2025-39860",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: Fix use-after-free in l2cap_sock_cleanup_listen()\n\nsyzbot reported the splat below without a repro.\n\nIn the splat, a single thread calling bt_accept_dequeue() freed sk\nand touched it after that.\n\nThe root cause would be the racy l2cap_sock_cleanup_listen() call\nadded by the cited commit.\n\nbt_accept_dequeue() is called under lock_sock() except for\nl2cap_sock_release().\n\nTwo threads could see the same socket during the list iteration\nin bt_accept_dequeue():\n\n CPU1 CPU2 (close())\n ---- ----\n sock_hold(sk) sock_hold(sk);\n lock_sock(sk) <-- block close()\n sock_put(sk)\n bt_accept_unlink(sk)\n sock_put(sk) <-- refcnt by bt_accept_enqueue()\n release_sock(sk)\n lock_sock(sk)\n sock_put(sk)\n bt_accept_unlink(sk)\n sock_put(sk) <-- last refcnt\n bt_accept_unlink(sk) <-- UAF\n\nDepending on the timing, the other thread could show up in the\n\"Freed by task\" part.\n\nLet's call l2cap_sock_cleanup_listen() under lock_sock() in\nl2cap_sock_release().\n\n[0]:\nBUG: KASAN: slab-use-after-free in debug_spin_lock_before kernel/locking/spinlock_debug.c:86 [inline]\nBUG: KASAN: slab-use-after-free in do_raw_spin_lock+0x26f/0x2b0 kernel/locking/spinlock_debug.c:115\nRead of size 4 at addr ffff88803b7eb1c4 by task syz.5.3276/16995\nCPU: 3 UID: 0 PID: 16995 Comm: syz.5.3276 Not tainted syzkaller #0 PREEMPT(full)\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nCall Trace:\n \n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0xcd/0x630 mm/kasan/report.c:482\n kasan_report+0xe0/0x110 mm/kasan/report.c:595\n debug_spin_lock_before kernel/locking/spinlock_debug.c:86 [inline]\n do_raw_spin_lock+0x26f/0x2b0 kernel/locking/spinlock_debug.c:115\n spin_lock_bh include/linux/spinlock.h:356 [inline]\n release_sock+0x21/0x220 net/core/sock.c:3746\n bt_accept_dequeue+0x505/0x600 net/bluetooth/af_bluetooth.c:312\n l2cap_sock_cleanup_listen+0x5c/0x2a0 net/bluetooth/l2cap_sock.c:1451\n l2cap_sock_release+0x5c/0x210 net/bluetooth/l2cap_sock.c:1425\n __sock_release+0xb3/0x270 net/socket.c:649\n sock_close+0x1c/0x30 net/socket.c:1439\n __fput+0x3ff/0xb70 fs/file_table.c:468\n task_work_run+0x14d/0x240 kernel/task_work.c:227\n resume_user_mode_work include/linux/resume_user_mode.h:50 [inline]\n exit_to_user_mode_loop+0xeb/0x110 kernel/entry/common.c:43\n exit_to_user_mode_prepare include/linux/irq-entry-common.h:225 [inline]\n syscall_exit_to_user_mode_work include/linux/entry-common.h:175 [inline]\n syscall_exit_to_user_mode include/linux/entry-common.h:210 [inline]\n do_syscall_64+0x3f6/0x4c0 arch/x86/entry/syscall_64.c:100\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7f2accf8ebe9\nCode: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007ffdb6cb1378 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4\nRAX: 0000000000000000 RBX: 00000000000426fb RCX: 00007f2accf8ebe9\nRDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003\nRBP: 00007f2acd1b7da0 R08: 0000000000000001 R09: 00000012b6cb166f\nR10: 0000001b30e20000 R11: 0000000000000246 R12: 00007f2acd1b609c\nR13: 00007f2acd1b6090 R14: ffffffffffffffff R15: 00007ffdb6cb1490\n \n\nAllocated by task 5326:\n kasan_save_stack+0x33/0x60 mm/kasan/common.c:47\n kasan_save_track+0x14/0x30 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:388 [inline]\n __kasan_kmalloc+0xaa/0xb0 mm/kasan/common.c:405\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __do_kmalloc_node mm/slub.c:4365 [inline]\n __kmalloc_nopro\n---truncated---",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2025-39860"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/2ca99fc3512a8074de20ee52a87b492dfcc41a4d",
"url": "https://git.kernel.org/stable/c/2ca99fc3512a8074de20ee52a87b492dfcc41a4d"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/306b0991413b482dbf5585b423022123bb505966",
"url": "https://git.kernel.org/stable/c/306b0991413b482dbf5585b423022123bb505966"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/3dff390f55ccd9ce12e91233849769b5312180c2",
"url": "https://git.kernel.org/stable/c/3dff390f55ccd9ce12e91233849769b5312180c2"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/47f6090bcf75c369695d21c3f179db8a56bbbd49",
"url": "https://git.kernel.org/stable/c/47f6090bcf75c369695d21c3f179db8a56bbbd49"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/6077d16b5c0f65d571eee709de2f0541fb5ef0ca",
"url": "https://git.kernel.org/stable/c/6077d16b5c0f65d571eee709de2f0541fb5ef0ca"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/83e1d9892ef51785cf0760b7681436760dda435a",
"url": "https://git.kernel.org/stable/c/83e1d9892ef51785cf0760b7681436760dda435a"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/862c628108562d8c7a516a900034823b381d3cba",
"url": "https://git.kernel.org/stable/c/862c628108562d8c7a516a900034823b381d3cba"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/964cbb198f9c46c2b2358cd1faffc04c1e8248cf",
"url": "https://git.kernel.org/stable/c/964cbb198f9c46c2b2358cd1faffc04c1e8248cf"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html",
"url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html",
"url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html"
}
],
"release_date": "2025-09-19T16:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-09T08:59:02.905127Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773046740",
"product_ids": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773046740"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2025-38102",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nVMCI: fix race between vmci_host_setup_notify and vmci_ctx_unset_notify\n\nDuring our test, it is found that a warning can be trigger in try_grab_folio\nas follow:\n\n ------------[ cut here ]------------\n WARNING: CPU: 0 PID: 1678 at mm/gup.c:147 try_grab_folio+0x106/0x130\n Modules linked in:\n CPU: 0 UID: 0 PID: 1678 Comm: syz.3.31 Not tainted 6.15.0-rc5 #163 PREEMPT(undef)\n RIP: 0010:try_grab_folio+0x106/0x130\n Call Trace:\n \n follow_huge_pmd+0x240/0x8e0\n follow_pmd_mask.constprop.0.isra.0+0x40b/0x5c0\n follow_pud_mask.constprop.0.isra.0+0x14a/0x170\n follow_page_mask+0x1c2/0x1f0\n __get_user_pages+0x176/0x950\n __gup_longterm_locked+0x15b/0x1060\n ? gup_fast+0x120/0x1f0\n gup_fast_fallback+0x17e/0x230\n get_user_pages_fast+0x5f/0x80\n vmci_host_unlocked_ioctl+0x21c/0xf80\n RIP: 0033:0x54d2cd\n ---[ end trace 0000000000000000 ]---\n\nDigging into the source, context->notify_page may init by get_user_pages_fast\nand can be seen in vmci_ctx_unset_notify which will try to put_page. However\nget_user_pages_fast is not finished here and lead to following\ntry_grab_folio warning. The race condition is shown as follow:\n\ncpu0\t\t\tcpu1\nvmci_host_do_set_notify\nvmci_host_setup_notify\nget_user_pages_fast(uva, 1, FOLL_WRITE, &context->notify_page);\nlockless_pages_from_mm\ngup_pgd_range\ngup_huge_pmd // update &context->notify_page\n\t\t\tvmci_host_do_set_notify\n\t\t\tvmci_ctx_unset_notify\n\t\t\tnotify_page = context->notify_page;\n\t\t\tif (notify_page)\n\t\t\tput_page(notify_page);\t// page is freed\n__gup_longterm_locked\n__get_user_pages\nfollow_trans_huge_pmd\ntry_grab_folio // warn here\n\nTo slove this, use local variable page to make notify_page can be seen\nafter finish get_user_pages_fast.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2025-38102"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/00ddc7dad55b7bbb78df80d6e174d0c4764dea0c",
"url": "https://git.kernel.org/stable/c/00ddc7dad55b7bbb78df80d6e174d0c4764dea0c"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/1bd6406fb5f36c2bb1e96e27d4c3e9f4d09edde4",
"url": "https://git.kernel.org/stable/c/1bd6406fb5f36c2bb1e96e27d4c3e9f4d09edde4"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/468aec888f838ce5174b96e0cb4396790d6f60ca",
"url": "https://git.kernel.org/stable/c/468aec888f838ce5174b96e0cb4396790d6f60ca"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/58a90db70aa6616411e5f69d1982d9b1dd97d774",
"url": "https://git.kernel.org/stable/c/58a90db70aa6616411e5f69d1982d9b1dd97d774"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/6e3af836805ed1d7a699f76ec798626198917aa4",
"url": "https://git.kernel.org/stable/c/6e3af836805ed1d7a699f76ec798626198917aa4"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/74095bbbb19ca74a0368d857603a2438c88ca86c",
"url": "https://git.kernel.org/stable/c/74095bbbb19ca74a0368d857603a2438c88ca86c"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/75b5313c80c39a26d27cbb602f968a05576c36f9",
"url": "https://git.kernel.org/stable/c/75b5313c80c39a26d27cbb602f968a05576c36f9"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/b4209e4b778e4e57d0636e1c9fc07a924dbc6043",
"url": "https://git.kernel.org/stable/c/b4209e4b778e4e57d0636e1c9fc07a924dbc6043"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html",
"url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html",
"url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html"
}
],
"release_date": "2025-07-03T09:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-09T08:59:02.905127Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773046740",
"product_ids": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773046740"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2025-37923",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing: Fix oob write in trace_seq_to_buffer()\n\nsyzbot reported this bug:\n==================================================================\nBUG: KASAN: slab-out-of-bounds in trace_seq_to_buffer kernel/trace/trace.c:1830 [inline]\nBUG: KASAN: slab-out-of-bounds in tracing_splice_read_pipe+0x6be/0xdd0 kernel/trace/trace.c:6822\nWrite of size 4507 at addr ffff888032b6b000 by task syz.2.320/7260\n\nCPU: 1 UID: 0 PID: 7260 Comm: syz.2.320 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025\nCall Trace:\n \n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:408 [inline]\n print_report+0xc3/0x670 mm/kasan/report.c:521\n kasan_report+0xe0/0x110 mm/kasan/report.c:634\n check_region_inline mm/kasan/generic.c:183 [inline]\n kasan_check_range+0xef/0x1a0 mm/kasan/generic.c:189\n __asan_memcpy+0x3c/0x60 mm/kasan/shadow.c:106\n trace_seq_to_buffer kernel/trace/trace.c:1830 [inline]\n tracing_splice_read_pipe+0x6be/0xdd0 kernel/trace/trace.c:6822\n ....\n==================================================================\n\nIt has been reported that trace_seq_to_buffer() tries to copy more data\nthan PAGE_SIZE to buf. Therefore, to prevent this, we should use the\nsmaller of trace_seq_used(&iter->seq) and PAGE_SIZE as an argument.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2025-37923"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/056ebbddb8faf4ddf83d005454dd78fc25c2d897",
"url": "https://git.kernel.org/stable/c/056ebbddb8faf4ddf83d005454dd78fc25c2d897"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/1a3f9482b50b74fa9421bff8ceecfefd0dc06f8f",
"url": "https://git.kernel.org/stable/c/1a3f9482b50b74fa9421bff8ceecfefd0dc06f8f"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/1f27a3e93b8d674b24b27fcdbc6f72743cd96c0d",
"url": "https://git.kernel.org/stable/c/1f27a3e93b8d674b24b27fcdbc6f72743cd96c0d"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/441021e5b3c7d9bd1b963590652c415929f3b157",
"url": "https://git.kernel.org/stable/c/441021e5b3c7d9bd1b963590652c415929f3b157"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/665ce421041890571852422487f4c613d1824ba9",
"url": "https://git.kernel.org/stable/c/665ce421041890571852422487f4c613d1824ba9"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/c5d2b66c5ef5037b4b4360e5447605ff00ba1bd4",
"url": "https://git.kernel.org/stable/c/c5d2b66c5ef5037b4b4360e5447605ff00ba1bd4"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/f4b0174e9f18aaba59ee6ffdaf8827a7f94eb606",
"url": "https://git.kernel.org/stable/c/f4b0174e9f18aaba59ee6ffdaf8827a7f94eb606"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/f5178c41bb43444a6008150fe6094497135d07cb",
"url": "https://git.kernel.org/stable/c/f5178c41bb43444a6008150fe6094497135d07cb"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2025/08/msg00010.html",
"url": "https://lists.debian.org/debian-lts-announce/2025/08/msg00010.html"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html",
"url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html"
}
],
"release_date": "2025-05-20T16:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-09T08:59:02.905127Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773046740",
"product_ids": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773046740"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2025-38724",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm()\n\nLei Lu recently reported that nfsd4_setclientid_confirm() did not check\nthe return value from get_client_locked(). a SETCLIENTID_CONFIRM could\nrace with a confirmed client expiring and fail to get a reference. That\ncould later lead to a UAF.\n\nFix this by getting a reference early in the case where there is an\nextant confirmed client. If that fails then treat it as if there were no\nconfirmed client found at all.\n\nIn the case where the unconfirmed client is expiring, just fail and\nreturn the result from get_client_locked().",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2025-38724"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/22f45cedf281e6171817c8a3432c44d788c550e1",
"url": "https://git.kernel.org/stable/c/22f45cedf281e6171817c8a3432c44d788c550e1"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/36e83eda90e0e4ac52f259f775b40b2841f8a0a3",
"url": "https://git.kernel.org/stable/c/36e83eda90e0e4ac52f259f775b40b2841f8a0a3"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/3f252a73e81aa01660cb426735eab932e6182e8d",
"url": "https://git.kernel.org/stable/c/3f252a73e81aa01660cb426735eab932e6182e8d"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/571a5e46c71490285d2d8c06f6b5a7cbf6c7edd1",
"url": "https://git.kernel.org/stable/c/571a5e46c71490285d2d8c06f6b5a7cbf6c7edd1"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/74ad36ed60df561a303a19ecef400c7096b20306",
"url": "https://git.kernel.org/stable/c/74ad36ed60df561a303a19ecef400c7096b20306"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/908e4ead7f757504d8b345452730636e298cbf68",
"url": "https://git.kernel.org/stable/c/908e4ead7f757504d8b345452730636e298cbf68"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/d35ac850410966010e92f401f4e21868a9ea4d8b",
"url": "https://git.kernel.org/stable/c/d35ac850410966010e92f401f4e21868a9ea4d8b"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/d71abd1ae4e0413707cd42b10c24a11d1aa71772",
"url": "https://git.kernel.org/stable/c/d71abd1ae4e0413707cd42b10c24a11d1aa71772"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/f3aac6cf390d8b80e1d82975faf4ac61175519c0",
"url": "https://git.kernel.org/stable/c/f3aac6cf390d8b80e1d82975faf4ac61175519c0"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html",
"url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html",
"url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html"
}
],
"release_date": "2025-09-04T16:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-09T08:59:02.905127Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773046740",
"product_ids": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773046740"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2025-37780",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nisofs: Prevent the use of too small fid\n\nsyzbot reported a slab-out-of-bounds Read in isofs_fh_to_parent. [1]\n\nThe handle_bytes value passed in by the reproducing program is equal to 12.\nIn handle_to_path(), only 12 bytes of memory are allocated for the structure\nfile_handle->f_handle member, which causes an out-of-bounds access when\naccessing the member parent_block of the structure isofs_fid in isofs,\nbecause accessing parent_block requires at least 16 bytes of f_handle.\nHere, fh_len is used to indirectly confirm that the value of handle_bytes\nis greater than 3 before accessing parent_block.\n\n[1]\nBUG: KASAN: slab-out-of-bounds in isofs_fh_to_parent+0x1b8/0x210 fs/isofs/export.c:183\nRead of size 4 at addr ffff0000cc030d94 by task syz-executor215/6466\nCPU: 1 UID: 0 PID: 6466 Comm: syz-executor215 Not tainted 6.14.0-rc7-syzkaller-ga2392f333575 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025\nCall trace:\n show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:466 (C)\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0xe4/0x150 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:408 [inline]\n print_report+0x198/0x550 mm/kasan/report.c:521\n kasan_report+0xd8/0x138 mm/kasan/report.c:634\n __asan_report_load4_noabort+0x20/0x2c mm/kasan/report_generic.c:380\n isofs_fh_to_parent+0x1b8/0x210 fs/isofs/export.c:183\n exportfs_decode_fh_raw+0x2dc/0x608 fs/exportfs/expfs.c:523\n do_handle_to_path+0xa0/0x198 fs/fhandle.c:257\n handle_to_path fs/fhandle.c:385 [inline]\n do_handle_open+0x8cc/0xb8c fs/fhandle.c:403\n __do_sys_open_by_handle_at fs/fhandle.c:443 [inline]\n __se_sys_open_by_handle_at fs/fhandle.c:434 [inline]\n __arm64_sys_open_by_handle_at+0x80/0x94 fs/fhandle.c:434\n __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]\n invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49\n el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132\n do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151\n el0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:744\n el0t_64_sync_handler+0x84/0x108 arch/arm64/kernel/entry-common.c:762\n el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600\n\nAllocated by task 6466:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x40/0x78 mm/kasan/common.c:68\n kasan_save_alloc_info+0x40/0x50 mm/kasan/generic.c:562\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0xac/0xc4 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __do_kmalloc_node mm/slub.c:4294 [inline]\n __kmalloc_noprof+0x32c/0x54c mm/slub.c:4306\n kmalloc_noprof include/linux/slab.h:905 [inline]\n handle_to_path fs/fhandle.c:357 [inline]\n do_handle_open+0x5a4/0xb8c fs/fhandle.c:403\n __do_sys_open_by_handle_at fs/fhandle.c:443 [inline]\n __se_sys_open_by_handle_at fs/fhandle.c:434 [inline]\n __arm64_sys_open_by_handle_at+0x80/0x94 fs/fhandle.c:434\n __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]\n invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49\n el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132\n do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151\n el0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:744\n el0t_64_sync_handler+0x84/0x108 arch/arm64/kernel/entry-common.c:762\n el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2025-37780"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/007124c896e7d4614ac1f6bd4dedb975c35a2a8e",
"url": "https://git.kernel.org/stable/c/007124c896e7d4614ac1f6bd4dedb975c35a2a8e"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/0405d4b63d082861f4eaff9d39c78ee9dc34f845",
"url": "https://git.kernel.org/stable/c/0405d4b63d082861f4eaff9d39c78ee9dc34f845"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/0fdafdaef796816a9ed0fd7ac812932d569d9beb",
"url": "https://git.kernel.org/stable/c/0fdafdaef796816a9ed0fd7ac812932d569d9beb"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/56dfffea9fd3be0b3795a9ca6401e133a8427e0b",
"url": "https://git.kernel.org/stable/c/56dfffea9fd3be0b3795a9ca6401e133a8427e0b"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/5e7de55602c61c8ff28db075cc49c8dd6989d7e0",
"url": "https://git.kernel.org/stable/c/5e7de55602c61c8ff28db075cc49c8dd6989d7e0"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/63d5a3e207bf315a32c7d16de6c89753a759f95a",
"url": "https://git.kernel.org/stable/c/63d5a3e207bf315a32c7d16de6c89753a759f95a"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/952e7a7e317f126d0a2b879fc531b716932d5ffa",
"url": "https://git.kernel.org/stable/c/952e7a7e317f126d0a2b879fc531b716932d5ffa"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/ee01a309ebf598be1ff8174901ed6e91619f1749",
"url": "https://git.kernel.org/stable/c/ee01a309ebf598be1ff8174901ed6e91619f1749"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html",
"url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html",
"url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html"
}
],
"release_date": "2025-05-01T14:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-09T08:59:02.905127Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773046740",
"product_ids": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773046740"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2025-40248",
"cwe": {
"id": "CWE-364",
"name": "Signal Handler Race Condition"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\nvsock: Ignore signal/timeout on connect() if already established\nDuring connect(), acting on a signal/timeout by disconnecting an already\nestablished socket leads to several issues:\n1. connect() invoking vsock_transport_cancel_pkt() ->\nvirtio_transport_purge_skbs() may race with sendmsg() invoking\nvirtio_transport_get_credit(). This results in a permanently elevated\n`vvs->bytes_unsent`. Which, in turn, confuses the SOCK_LINGER handling.\n2. connect() resetting a connected socket's state may race with socket\nbeing placed in a sockmap. A disconnected socket remaining in a sockmap\nbreaks sockmap's assumptions. And gives rise to WARNs.\n3. connect() transitioning SS_CONNECTED -> SS_UNCONNECTED allows for a\ntransport change/drop after TCP_ESTABLISHED. Which poses a problem for\nany simultaneous sendmsg() or connect() and may result in a\nuse-after-free/null-ptr-deref.\nDo not disconnect socket on signal/timeout. Keep the logic for unconnected\nsockets: they don't linger, can't be placed in a sockmap, are rejected by\nsendmsg().\n[1]: https://lore.kernel.org/netdev/e07fd95c-9a38-4eea-9638-133e38c2ec9b@rbox.co/\n[2]: https://lore.kernel.org/netdev/20250317-vsock-trans-signal-race-v4-0-fc8837f3f1d4@rbox.co/\n[3]: https://lore.kernel.org/netdev/60f1b7db-3099-4f6a-875e-af9f6ef194f6@rbox.co/",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2025-40248"
}
],
"release_date": "2025-12-04T00:00:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-09T08:59:02.905127Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773046740",
"product_ids": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773046740"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2025-40277",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\ndrm/vmwgfx: Validate command header size against SVGA_CMD_MAX_DATASIZE\nThis data originates from userspace and is used in buffer offset\ncalculations which could potentially overflow causing an out-of-bounds\naccess.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2025-40277"
}
],
"release_date": "2025-12-06T00:00:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-09T08:59:02.905127Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773046740",
"product_ids": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773046740"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2024-58014",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy()\n\nIn 'wlc_phy_iqcal_gainparams_nphy()', add gain range check to WARN()\ninstead of possible out-of-bounds 'tbl_iqcal_gainparams_nphy' access.\nCompile tested only.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2024-58014"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/093286c33409bf38896f2dab0c0bb6ca388afb33",
"url": "https://git.kernel.org/stable/c/093286c33409bf38896f2dab0c0bb6ca388afb33"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/0a457223cb2b9ca46bae7de387d0f4c093b0220d",
"url": "https://git.kernel.org/stable/c/0a457223cb2b9ca46bae7de387d0f4c093b0220d"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/13ef16c4fe384b1e70277bbe1d87934ee6c81e12",
"url": "https://git.kernel.org/stable/c/13ef16c4fe384b1e70277bbe1d87934ee6c81e12"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/3f4a0948c3524ae50f166dbc6572a3296b014e62",
"url": "https://git.kernel.org/stable/c/3f4a0948c3524ae50f166dbc6572a3296b014e62"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/6f6e293246dc1f5b2b6b3d0f2d757598489cda79",
"url": "https://git.kernel.org/stable/c/6f6e293246dc1f5b2b6b3d0f2d757598489cda79"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/ada9df08b3ef683507e75b92f522fb659260147f",
"url": "https://git.kernel.org/stable/c/ada9df08b3ef683507e75b92f522fb659260147f"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/c27ce584d274f6ad3cba2294497de824a3c66646",
"url": "https://git.kernel.org/stable/c/c27ce584d274f6ad3cba2294497de824a3c66646"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/d280a12e9b87819a8a209639d600b48a2d6d65dc",
"url": "https://git.kernel.org/stable/c/d280a12e9b87819a8a209639d600b48a2d6d65dc"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2025/03/msg00028.html",
"url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00028.html"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html",
"url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html"
}
],
"release_date": "2025-02-27T03:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-09T08:59:02.905127Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773046740",
"product_ids": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773046740"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2023-53259",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nVMCI: check context->notify_page after call to get_user_pages_fast() to avoid GPF\n\nThe call to get_user_pages_fast() in vmci_host_setup_notify() can return\nNULL context->notify_page causing a GPF. To avoid GPF check if\ncontext->notify_page == NULL and return error if so.\n\ngeneral protection fault, probably for non-canonical address\n 0xe0009d1000000060: 0000 [#1] PREEMPT SMP KASAN NOPTI\nKASAN: maybe wild-memory-access in range [0x0005088000000300-\n 0x0005088000000307]\nCPU: 2 PID: 26180 Comm: repro_34802241 Not tainted 6.1.0-rc4 #1\nHardware name: Red Hat KVM, BIOS 1.15.0-2.module+el8.6.0 04/01/2014\nRIP: 0010:vmci_ctx_check_signal_notify+0x91/0xe0\nCall Trace:\n \n vmci_host_unlocked_ioctl+0x362/0x1f40\n __x64_sys_ioctl+0x1a1/0x230\n do_syscall_64+0x3a/0x90\n entry_SYSCALL_64_after_hwframe+0x63/0xcd",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2023-53259"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/055891397f530f9b1b22be38d7eca8b08382941f",
"url": "https://git.kernel.org/stable/c/055891397f530f9b1b22be38d7eca8b08382941f"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/1a726cb47fd204109c767409fa9ca15a96328f14",
"url": "https://git.kernel.org/stable/c/1a726cb47fd204109c767409fa9ca15a96328f14"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/91b8e4f61f8f4594ee65368c8d89e6fdc29d3fb1",
"url": "https://git.kernel.org/stable/c/91b8e4f61f8f4594ee65368c8d89e6fdc29d3fb1"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/a3c89e8c69a58f62451c0a75b77fcab25979b897",
"url": "https://git.kernel.org/stable/c/a3c89e8c69a58f62451c0a75b77fcab25979b897"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/b4239bfb260d1e6837766c41a0b241d7670f1402",
"url": "https://git.kernel.org/stable/c/b4239bfb260d1e6837766c41a0b241d7670f1402"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/d4198f67e7556b1507f14f60d81a72660e5560e4",
"url": "https://git.kernel.org/stable/c/d4198f67e7556b1507f14f60d81a72660e5560e4"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html",
"url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html"
}
],
"release_date": "2025-09-15T15:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-09T08:59:02.905127Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773046740",
"product_ids": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773046740"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2025-39993",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\nmedia: rc: fix races with imon_disconnect()\nSyzbot reports a KASAN issue as below:\nBUG: KASAN: use-after-free in __create_pipe include/linux/usb.h:1945 [inline]\nBUG: KASAN: use-after-free in send_packet+0xa2d/0xbc0 drivers/media/rc/imon.c:627\nRead of size 4 at addr ffff8880256fb000 by task syz-executor314/4465\nCPU: 2 PID: 4465 Comm: syz-executor314 Not tainted 6.0.0-rc1-syzkaller #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014\nCall Trace:\n\n__dump_stack lib/dump_stack.c:88 [inline]\ndump_stack_lvl+0xcd/0x134 lib/dump_stack.c:106\nprint_address_description mm/kasan/report.c:317 [inline]\nprint_report.cold+0x2ba/0x6e9 mm/kasan/report.c:433\nkasan_report+0xb1/0x1e0 mm/kasan/report.c:495\n__create_pipe include/linux/usb.h:1945 [inline]\nsend_packet+0xa2d/0xbc0 drivers/media/rc/imon.c:627\nvfd_write+0x2d9/0x550 drivers/media/rc/imon.c:991\nvfs_write+0x2d7/0xdd0 fs/read_write.c:576\nksys_write+0x127/0x250 fs/read_write.c:631\ndo_syscall_x64 arch/x86/entry/common.c:50 [inline]\ndo_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80\nentry_SYSCALL_64_after_hwframe+0x63/0xcd\nThe iMON driver improperly releases the usb_device reference in\nimon_disconnect without coordinating with active users of the\ndevice.\nSpecifically, the fields usbdev_intf0 and usbdev_intf1 are not\nprotected by the users counter (ictx->users). During probe,\nimon_init_intf0 or imon_init_intf1 increments the usb_device\nreference count depending on the interface. However, during\ndisconnect, usb_put_dev is called unconditionally, regardless of\nactual usage.\nAs a result, if vfd_write or other operations are still in\nprogress after disconnect, this can lead to a use-after-free of\nthe usb_device pointer.\nThread 1 vfd_write Thread 2 imon_disconnect\n...\nif\nusb_put_dev(ictx->usbdev_intf0)\nelse\nusb_put_dev(ictx->usbdev_intf1)\n...\nwhile\nsend_packet\nif\npipe = usb_sndintpipe(\nictx->usbdev_intf0) UAF\nelse\npipe = usb_sndctrlpipe(\nictx->usbdev_intf0, 0) UAF\nGuard access to usbdev_intf0 and usbdev_intf1 after disconnect by\nchecking ictx->disconnected in all writer paths. Add early return\nwith -ENODEV in send_packet(), vfd_write(), lcd_write() and\ndisplay_open() if the device is no longer present.\nSet and read ictx->disconnected under ictx->lock to ensure memory\nsynchronization. Acquire the lock in imon_disconnect() before setting\nthe flag to synchronize with any ongoing operations.\nEnsure writers exit early and safely after disconnect before the USB\ncore proceeds with cleanup.\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2025-39993"
}
],
"release_date": "2025-10-15T00:00:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-09T08:59:02.905127Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773046740",
"product_ids": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773046740"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2025-38249",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: usb-audio: Fix out-of-bounds read in snd_usb_get_audioformat_uac3()\n\nIn snd_usb_get_audioformat_uac3(), the length value returned from\nsnd_usb_ctl_msg() is used directly for memory allocation without\nvalidation. This length is controlled by the USB device.\n\nThe allocated buffer is cast to a uac3_cluster_header_descriptor\nand its fields are accessed without verifying that the buffer\nis large enough. If the device returns a smaller than expected\nlength, this leads to an out-of-bounds read.\n\nAdd a length check to ensure the buffer is large enough for\nuac3_cluster_header_descriptor.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2025-38249"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/0ee87c2814deb5e42921281116ac3abcb326880b",
"url": "https://git.kernel.org/stable/c/0ee87c2814deb5e42921281116ac3abcb326880b"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/11e740dc1a2c8590eb7074b5c4ab921bb6224c36",
"url": "https://git.kernel.org/stable/c/11e740dc1a2c8590eb7074b5c4ab921bb6224c36"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/24ff7d465c4284529bbfa207757bffb6f44b6403",
"url": "https://git.kernel.org/stable/c/24ff7d465c4284529bbfa207757bffb6f44b6403"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/2dc1c3edf67abd30c757f8054a5da61927cdda21",
"url": "https://git.kernel.org/stable/c/2dc1c3edf67abd30c757f8054a5da61927cdda21"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/6eb211788e1370af52a245d4d7da35c374c7b401",
"url": "https://git.kernel.org/stable/c/6eb211788e1370af52a245d4d7da35c374c7b401"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/74fcb3852a2f579151ce80b9ed96cd916ba0d5d8",
"url": "https://git.kernel.org/stable/c/74fcb3852a2f579151ce80b9ed96cd916ba0d5d8"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/c3fb926abe90d86f5e3055e0035f04d9892a118b",
"url": "https://git.kernel.org/stable/c/c3fb926abe90d86f5e3055e0035f04d9892a118b"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/fb4e2a6e8f28a3c0ad382e363aeb9cd822007b8a",
"url": "https://git.kernel.org/stable/c/fb4e2a6e8f28a3c0ad382e363aeb9cd822007b8a"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html",
"url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html",
"url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html"
}
],
"release_date": "2025-07-09T11:15:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-09T08:59:02.905127Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773046740",
"product_ids": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773046740"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
},
{
"cve": "CVE-2025-40240",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\nsctp: avoid NULL dereference when chunk data buffer is missing\nchunk->skb pointer is dereferenced in the if-block where it's supposed\nto be NULL only.\nchunk->skb can only be NULL if chunk->head_skb is not. Check for frag_list\ninstead and do it just before replacing chunk->skb. We're sure that\notherwise chunk->skb is non-NULL because of outer if() condition.",
"title": "Vulnerability description"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://cve.tuxcare.com/els/cve/CVE-2025-40240"
}
],
"release_date": "2025-12-04T00:00:00Z",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-09T08:59:02.905127Z",
"details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1773046740",
"product_ids": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64"
],
"url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1773046740"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red-Hat-7:bpftool-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-debug-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-headers-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:kernel-tools-libs-devel-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64",
"Red-Hat-7:python-perf-0:3.10.0-1160.144.1.el7.tuxcare.els3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
]
}
]
}