{ "document": { "aggregate_severity": { "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "TuxCare License Agreement", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Cloud Linux Inc. and provide a link to the original.", "title": "Terms of Use" }, { "category": "details", "text": "* CVE-2025-39743\n - jfs: truncate good inode pages when hard link is 0 {CVE-2025-39743}\n * CVE-2025-39685\n - comedi: pcl726: Prevent invalid irq number {CVE-2025-39685}\n * CVE-2025-38713\n - hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc()\n {CVE-2025-38713}\n * CVE-2025-38699\n - scsi: bfa: Double-free fix {CVE-2025-38699}\n * CVE-2025-38697\n - jfs: upper bound check of tree index in dbAllocAG {CVE-2025-38697}\n * CVE-2025-38680\n - media: uvcvideo: Fix 1-byte out-of-bounds read in uvc_parse_format()\n {CVE-2025-38680}\n * CVE-2025-38677\n - f2fs: fix to avoid out-of-boundary access in dnode page {CVE-2025-38677}\n * CVE-2025-38572\n - ipv6: reject malicious packets in ipv6_gso_segment() {CVE-2025-38572}\n * CVE-2025-38538\n - dmaengine: nbpfaxi: Fix memory corruption in probe() {CVE-2025-38538}\n * CVE-2025-38530\n - comedi: pcl812: Fix bit shift out of bounds {CVE-2025-38530}\n * CVE-2025-38529\n - comedi: aio_iiro_16: Fix bit shift out of bounds {CVE-2025-38529}\n * CVE-2025-38494\n - HID: core: do not bypass hid_hw_raw_request {CVE-2025-38494}\n * CVE-2025-38482\n - comedi: das6402: Fix bit shift out of bounds {CVE-2025-38482}\n * CVE-2025-38428\n - Input: ims-pcu - check record size in ims_pcu_flash_firmware()\n {CVE-2025-38428}\n * CVE-2025-38416\n - NFC: nci: uart: Set tty->disc_data only in success path {CVE-2025-38416}\n * CVE-2025-38415\n - Squashfs: check return result of sb_min_blocksize {CVE-2025-38415}\n * CVE-2025-38403\n - vsock/vmci: Clear the vmci transport packet properly when initializing\n it {CVE-2025-38403}\n * CVE-2025-38286\n - pinctrl: at91: Fix possible out-of-boundary access {CVE-2025-38286}\n * CVE-2025-38245\n - atm: Release atm_dev_mutex after removing procfs in\n atm_dev_deregister(). {CVE-2025-38245}\n * CVE-2025-38212\n - ipc: fix to protect IPCS lookups using RCU {CVE-2025-38212}\n * CVE-2025-38204\n - jfs: fix array-index-out-of-bounds read in add_missing_indices\n {CVE-2025-38204}\n * CVE-2025-38157\n - wifi: ath9k_htc: Abort software beacon handling if disabled\n {CVE-2025-38157}\n * CVE-2025-38079\n - crypto: algif_hash - fix double free in hash_accept {CVE-2025-38079}\n * CVE-2025-38051\n - smb: client: Fix use-after-free in cifs_fill_dirent {CVE-2025-38051}\n * CVE-2023-53676\n - scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show()\n {CVE-2023-53676}\n * CVE-2023-53675\n - scsi: ses: Fix possible desc_ptr out-of-bounds accesses {CVE-2023-53675}\n * CVE-2023-53668\n - ring-buffer: Fix deadloop issue on reading trace_pipe {CVE-2023-53668}\n * CVE-2023-53622\n - gfs2: Fix possible data races in gfs2_show_options() {CVE-2023-53622}\n * CVE-2023-53616\n - jfs: fix invalid free of JFS_IP(ipimap)->i_imap in diUnmount\n {CVE-2023-53616}\n * CVE-2023-53608\n - nilfs2: fix potential UAF of struct nilfs_sc_info in\n nilfs_segctor_thread() {CVE-2023-53608}\n * CVE-2023-53587\n - ring-buffer: Sync IRQ works before buffer destruction {CVE-2023-53587}\n * CVE-2023-53569\n - ext2: Check block size validity during mount {CVE-2023-53569}\n * CVE-2023-53559\n - ip_vti: fix potential slab-use-after-free in decode_session6\n {CVE-2023-53559}\n * CVE-2023-53541\n - mtd: rawnand: brcmnand: Fix potential out-of-bounds access in oob write\n {CVE-2023-53541}\n * CVE-2023-53521\n - scsi: ses: Fix slab-out-of-bounds in ses_intf_remove() {CVE-2023-53521}\n * CVE-2023-53506\n - udf: Do not bother merging very long extents {CVE-2023-53506}\n * CVE-2023-53485\n - fs: jfs: Fix UBSAN: array-index-out-of-bounds in dbAllocDmapLev\n {CVE-2023-53485}\n * CVE-2023-53484\n - lib: cpu_rmap: Avoid use after free on rmap->obj array entries\n {CVE-2023-53484}\n * CVE-2023-53454\n - HID: multitouch: Correct devm device reference for hidinput input_dev\n name {CVE-2023-53454}\n * CVE-2023-53322\n - scsi: qla2xxx: Wait for io return on terminate rport {CVE-2023-53322}\n * CVE-2023-53311\n - nilfs2: fix use-after-free of nilfs_root in dirtying inodes via iput\n {CVE-2023-53311}\n * CVE-2023-53259\n - VMCI: check context->notify_page after call to get_user_pages_fast() to\n avoid GPF {CVE-2023-53259}\n * CVE-2023-53219\n - media: netup_unidvb: fix use-after-free at del_timer() {CVE-2023-53219}\n * CVE-2023-53138\n - net: caif: Fix use-after-free in cfusbl_device_notify() {CVE-2023-53138}\n * CVE-2023-53075\n - ftrace: Fix invalid address access in lookup_rec() when index is 0\n {CVE-2023-53075}\n * CVE-2023-53035\n - nilfs2: fix kernel-infoleak in nilfs_ioctl_wrap_copy() {CVE-2023-53035}\n * CVE-2022-50542\n - media: si470x: Fix use-after-free in si470x_int_in_callback()\n {CVE-2022-50542}\n * CVE-2022-50496\n - dm cache: Fix UAF in destroy() {CVE-2022-50496}\n * CVE-2022-50478\n - nilfs2: fix shift-out-of-bounds/overflow in nilfs_sb2_bad_offset()\n {CVE-2022-50478}\n * CVE-2022-50470\n - xhci: Remove device endpoints from bandwidth list when freeing the\n device {CVE-2022-50470}\n * CVE-2022-50432\n - kernfs: fix use-after-free in __kernfs_remove {CVE-2022-50432}\n * CVE-2022-50423\n - ACPICA: Fix use-after-free in acpi_ut_copy_ipackage_to_ipackage()\n {CVE-2022-50423}\n * CVE-2022-50419\n - Bluetooth: hci_sysfs: Fix attempting to call device_add multiple times\n {CVE-2022-50419}\n * CVE-2022-50411\n - ACPICA: Fix error code path in acpi_ds_call_control_method()\n {CVE-2022-50411}\n * CVE-2022-50394\n - i2c: ismt: Fix an out-of-bounds bug in ismt_access() {CVE-2022-50394}\n * CVE-2022-50384\n - staging: vme_user: Fix possible UAF in tsi148_dma_list_add\n {CVE-2022-50384}\n * CVE-2022-50333\n - fs: jfs: fix shift-out-of-bounds in dbDiscardAG {CVE-2022-50333}\n * CVE-2022-50301\n - iommu/omap: Fix buffer overflow in debugfs {CVE-2022-50301}\n * CVE-2022-50094\n - spmi: trace: fix stack-out-of-bound access in SPMI tracing functions\n {CVE-2022-50094}\n * CVE-2022-50022\n - drivers:md:fix a potential use-after-free bug {CVE-2022-50022}\n * CVE-2022-49945\n - hwmon: (gpio-fan) Fix array out of bounds access {CVE-2022-49945}\n * CVE-2022-49865\n - ipv6: addrlabel: fix infoleak when sending struct ifaddrlblmsg to\n network {CVE-2022-49865}\n * CVE-2022-49775\n - tcp: cdg: allow tcp_cdg_release() to be called multiple times\n {CVE-2022-49775}\n * CVE-2022-49581\n - be2net: Fix buffer overflow in be_get_module_eeprom {CVE-2022-49581}\n * CVE-2022-49503\n - ath9k_htc: fix potential out of bounds access with invalid\n rxstatus->rs_keyix {CVE-2022-49503}\n * CVE-2021-47142\n - drm/amdgpu: Fix a use-after-free {CVE-2021-47142}\n * CVE-url: https://ubuntu.com/security/CVE-2025-38477\n - net/sched: sch_qfq: Avoid triggering might_sleep in atomic context in\n qfq_delete_class\n * Focal update: v5.4.255 upstream stable release (LP: #2039440)\n - Bluetooth: L2CAP: Fix use-after-free\n * Bionic update: upstream stable patchset 2022-11-15 (LP: #1996650)\n - Bluetooth: L2CAP: Fix user-after-free\n - wifi: brcmfmac: fix use-after-free bug in brcmf_netdev_start_xmit()\n * Focal update: v5.4.253 upstream stable release (LP: #2038652)\n - ip6mr: Fix skb_under_panic in ip6mr_cache_report()\n * Focal update: v5.4.224 upstream stable release (LP: #1999273)\n - ipvs: use explicitly signed chars\n - ipvs: fix WARNING in __ip_vs_cleanup_batch()\n - ipvs: fix WARNING in ip_vs_app_net_cleanup()\n * Bionic update: upstream stable patchset 2022-10-18 (LP: #1993349)\n - vt: Clear selection before changing the font\n * Focal update: v5.4.237 upstream stable release (LP: #2023420)\n - fs: prevent out-of-bounds array speculation when closing a file\n descriptor\n * Focal update: v5.4.231 upstream stable release (LP: #2011226)\n - netlink: prevent potential spectre v1 gadgets\n * Bionic update: upstream stable patchset 2022-09-23 (LP: #1990698)\n - ALSA: bcd2000: Fix a UAF bug on the error path of probing\n - drm/radeon: fix potential buffer overflow in\n ni_set_mc_special_registers()\n - md-raid10: fix KASAN warning\n - selinux: Add boundary check in put_entry()\n - video: fbdev: vt8623fb: Check the size of screen before memset_io()\n - video: fbdev: arkfb: Check the size of screen before memset_io()\n - video: fbdev: s3fb: Check the size of screen before memset_io()\n * Bionic update: upstream stable patchset 2023-02-06 (LP: #2006403)\n - igb: Do not free q_vector unless new one was allocated\n * Bionic update: upstream stable patchset 2023-01-20 (LP: #2003596)\n - capabilities: fix undefined behavior in bit shift for CAP_TO_MASK\n - net: mdio: fix undefined behavior in bit shift for __mdiobus_register\n * CVE-url: https://ubuntu.com/security/CVE-2023-1989\n - Bluetooth: btsdio: fix use after free bug in btsdio_remove due to race\n condition\n * Focal update: v5.4.225 upstream stable release (LP: #2002347)\n - ntfs: fix use-after-free in ntfs_attr_find()\n * Focal update: Focal update: v5.4.235 upstream stable release\n (LP: #2017706)\n - wifi: brcmfmac: Fix potential stack-out-of-bounds in\n brcmf_c_preinit_dcmds()\n * Miscellaneous upstream changes\n - debian: add control and changelog files\n - Merge branch 'master' into master-build\n - Merge branch 'master' into master-build\n - Merge branch 'master' into master-build\n - Merge branch 'master' into master-build\n - Merge branch 'master' into master-build\n - Merge branch 'master' into master-build\n - Merge branch 'master' into master-build\n - Merge branch 'master' into master-build\n - Merge branch 'master' into master-build\n - Merge branch 'master' into master-build\n - Merge branch 'master' into master-build\n - Merge branch 'master' into master-build\n - Merge branch 'master' into master-build\n - Merge branch 'master' into master-build\n - Merge branch 'master' into master-build\n - Merge branch 'master' into master-build\n - Merge branch 'master' into master-build\n - Merge branch 'master' into master-build\n - Merge branch 'master' into master-build\n - Merge branch 'master' into master-build\n - Merge branch 'master' into master-build\n - Merge branch 'master' into master-build\n - Merge branch 'master' into master-build\n - Merge branch 'master' into master-build\n - Merge branch 'master' into master-build\n - Merge branch 'master' into master-build\n - Merge branch 'master' into master-build\n - Merge branch 'master' into master-build\n - Merge branch 'master' into master-build\n - Merge branch 'master' into master-build\n - Merge branch 'master' into master-build\n - Merge branch 'master' into master-build\n - Merge branch 'master' into master-build\n - Merge branch 'master' into master-build\n - Merge branch 'master' into master-build\n - Merge branch 'master' into master-build\n - Merge branch 'master' into master-build\n - Merge branch 'master' into master-build\n - Merge branch 'master' into master-build\n - Merge branch 'master' into master-build\n - Merge branch 'master' into master-build\n - Merge branch 'master' into master-build\n - Merge branch 'master' into master-build\n - Merge branch 'master' into master-build\n - Merge branch 'master' into master-build\n - vhost-scsi: Fix handling of multiple calls to vhost_scsi_set_endpoint\n - f2fs: return error when accessing insane flie offset\n - f2fs: lost matching-pair of trace in f2fs_truncate_inode_blocks\n - f2fs: fix to avoid out-of-bounds access in f2fs_truncate_inode_blocks()\n - usb: vhci-hcd: Do not drop references before new references are gained\n - tracing: Fix oob write in trace_seq_to_buffer()\n - mtd: inftlcore: Add error check for inftl_read_oob()\n - jbd2: remove wrong sb->s_sequence check\n - usb: dwc3: gadget: check that event count does not exceed event buffer\n length\n - ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control\n - Bluetooth: hci_core: Fix use-after-free in vhci_flush()\n - usb: xhci: Fix isochronous Ring Underrun/Overrun event handling\n - Revert \"Bluetooth: btsdio: fix use after free bug in btsdio_remove due\n to unfinished work\"\n - scsi: target: Fix WRITE_SAME No Data Buffer crash\n - net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too\n - HID: core: Harden s32ton() against conversion to 0 bits\n - scsi: libsas: Fix use-after-free bug in smp_execute_task_sg()\n - wifi: mac80211_hwsim: drop short frames\n - ACPICA: Add AML_NO_OPERAND_RESOLVE flag to Timer\n - scsi: lpfc: Fix use-after-free KFENCE violation during sysfs firmware\n write", "title": "Details" } ], "publisher": { "category": "vendor", "contact_details": "https://tuxcare.com/contact/", "name": "TuxCare", "namespace": "https://tuxcare.com/" }, "references": [ { "category": "self", "summary": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.tuxcare.com/csaf/v2/els_os/ubuntu16.04els/advisories/2026/clsa-2026_1775779453.json" } ], "tracking": { "current_release_date": "2026-04-10T00:17:50Z", "generator": { "date": "2026-04-10T00:17:50Z", "engine": { "name": "pyCSAF" } }, "id": "CLSA-2026:1775779453", "initial_release_date": "2026-04-10T00:17:50Z", "revision_history": [ { "date": "2026-04-10T00:17:50Z", "number": "1", "summary": "Initial version" } ], "status": "final", "version": "1" }, "title": "Fix of 68 CVEs" }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Ubuntu 16.04", "product": { "name": "Ubuntu 16.04", "product_id": "Ubuntu-16", "product_identification_helper": { "cpe": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" } } } ], "category": "product_family", "name": "Ubuntu" } ], "category": "vendor", "name": "Canonical Ltd." }, { "branches": [ { "branches": [ { "category": "product_version", "name": "linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "product": { "name": "linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "product_id": "linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "product_identification_helper": { "purl": "pkg:deb/cloudlinux/linux-modules-4.4.0-281-tuxcare.els51-lowlatency@4.4.0-281.315?arch=amd64" } } }, { "category": "product_version", "name": "linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "product": { "name": "linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "product_id": "linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "product_identification_helper": { "purl": "pkg:deb/cloudlinux/linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency@4.4.0-281.315?arch=amd64" } } }, { "category": "product_version", "name": "linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "product": { "name": "linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "product_id": "linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "product_identification_helper": { "purl": "pkg:deb/cloudlinux/linux-headers-4.4.0-281-tuxcare.els51-generic@4.4.0-281.315?arch=amd64" } } }, { "category": "product_version", "name": "linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "product": { "name": "linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "product_id": "linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "product_identification_helper": { "purl": "pkg:deb/cloudlinux/linux-cloud-tools-4.4.0-281-tuxcare.els51@4.4.0-281.315?arch=amd64" } } }, { "category": "product_version", "name": "linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "product": { "name": "linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "product_id": "linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "product_identification_helper": { "purl": "pkg:deb/cloudlinux/linux-modules-4.4.0-281-tuxcare.els51-generic@4.4.0-281.315?arch=amd64" } } }, { "category": "product_version", "name": "linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "product": { "name": "linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "product_id": "linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "product_identification_helper": { "purl": "pkg:deb/cloudlinux/linux-cloud-tools-4.4.0-281-tuxcare.els51-generic@4.4.0-281.315?arch=amd64" } } }, { "category": "product_version", "name": "linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "product": { "name": "linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "product_id": "linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "product_identification_helper": { "purl": "pkg:deb/cloudlinux/linux-headers-4.4.0-281-tuxcare.els51-lowlatency@4.4.0-281.315?arch=amd64" } } }, { "category": "product_version", "name": "linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "product": { "name": "linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "product_id": "linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "product_identification_helper": { "purl": "pkg:deb/cloudlinux/linux-buildinfo-4.4.0-281-tuxcare.els51-generic@4.4.0-281.315?arch=amd64" } } }, { "category": "product_version", "name": "linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "product": { "name": "linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "product_id": "linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "product_identification_helper": { "purl": "pkg:deb/cloudlinux/linux-tools-4.4.0-281-tuxcare.els51-lowlatency@4.4.0-281.315?arch=amd64" } } }, { "category": "product_version", "name": "linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "product": { "name": "linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "product_id": "linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "product_identification_helper": { "purl": "pkg:deb/cloudlinux/linux-image-unsigned-4.4.0-281-tuxcare.els51-generic@4.4.0-281.315?arch=amd64" } } }, { "category": "product_version", "name": "linux-libc-dev-0:4.4.0-281.315.amd64", "product": { "name": "linux-libc-dev-0:4.4.0-281.315.amd64", "product_id": "linux-libc-dev-0:4.4.0-281.315.amd64", "product_identification_helper": { "purl": "pkg:deb/cloudlinux/linux-libc-dev@4.4.0-281.315?arch=amd64" } } }, { "category": "product_version", "name": "linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "product": { "name": "linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "product_id": "linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "product_identification_helper": { "purl": "pkg:deb/cloudlinux/linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency@4.4.0-281.315?arch=amd64" } } }, { "category": "product_version", "name": "linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "product": { "name": "linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "product_id": "linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "product_identification_helper": { "purl": "pkg:deb/cloudlinux/linux-tools-4.4.0-281-tuxcare.els51@4.4.0-281.315?arch=amd64" } } }, { "category": "product_version", "name": "linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "product": { "name": "linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "product_id": "linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "product_identification_helper": { "purl": "pkg:deb/cloudlinux/linux-modules-extra-4.4.0-281-tuxcare.els51-generic@4.4.0-281.315?arch=amd64" } } }, { "category": "product_version", "name": "linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "product": { "name": "linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "product_id": "linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "product_identification_helper": { "purl": "pkg:deb/cloudlinux/linux-tools-4.4.0-281-tuxcare.els51-generic@4.4.0-281.315?arch=amd64" } } }, { "category": "product_version", "name": "linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "product": { "name": "linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "product_id": "linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "product_identification_helper": { "purl": "pkg:deb/cloudlinux/linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency@4.4.0-281.315?arch=amd64" } } } ], "category": "architecture", "name": "amd64" }, { "branches": [ { "category": "product_version", "name": "linux-tools-host-0:4.4.0-281.315.all", "product": { "name": "linux-tools-host-0:4.4.0-281.315.all", "product_id": "linux-tools-host-0:4.4.0-281.315.all", "product_identification_helper": { "purl": "pkg:deb/cloudlinux/linux-tools-host@4.4.0-281.315?arch=all" } } }, { "category": "product_version", "name": "linux-source-4.4.0-0:4.4.0-281.315.all", "product": { "name": "linux-source-4.4.0-0:4.4.0-281.315.all", "product_id": "linux-source-4.4.0-0:4.4.0-281.315.all", "product_identification_helper": { "purl": "pkg:deb/cloudlinux/linux-source-4.4.0@4.4.0-281.315?arch=all" } } }, { "category": "product_version", "name": "linux-doc-0:4.4.0-281.315.all", "product": { "name": "linux-doc-0:4.4.0-281.315.all", "product_id": "linux-doc-0:4.4.0-281.315.all", "product_identification_helper": { "purl": "pkg:deb/cloudlinux/linux-doc@4.4.0-281.315?arch=all" } } }, { "category": "product_version", "name": "linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "product": { "name": "linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "product_id": "linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "product_identification_helper": { "purl": "pkg:deb/cloudlinux/linux-headers-4.4.0-281-tuxcare.els51@4.4.0-281.315?arch=all" } } }, { "category": "product_version", "name": "linux-cloud-tools-common-0:4.4.0-281.315.all", "product": { "name": "linux-cloud-tools-common-0:4.4.0-281.315.all", "product_id": "linux-cloud-tools-common-0:4.4.0-281.315.all", "product_identification_helper": { "purl": "pkg:deb/cloudlinux/linux-cloud-tools-common@4.4.0-281.315?arch=all" } } }, { "category": "product_version", "name": "linux-tools-common-0:4.4.0-281.315.all", "product": { "name": "linux-tools-common-0:4.4.0-281.315.all", "product_id": "linux-tools-common-0:4.4.0-281.315.all", "product_identification_helper": { "purl": "pkg:deb/cloudlinux/linux-tools-common@4.4.0-281.315?arch=all" } } } ], "category": "architecture", "name": "all" } ], "category": "vendor", "name": "CloudLinux" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64 as a component of Ubuntu 16.04", "product_id": "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64" }, "product_reference": "linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "relates_to_product_reference": "Ubuntu-16" }, { "category": "default_component_of", "full_product_name": { "name": "linux-tools-host-0:4.4.0-281.315.all as a component of Ubuntu 16.04", "product_id": "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" }, "product_reference": "linux-tools-host-0:4.4.0-281.315.all", "relates_to_product_reference": "Ubuntu-16" }, { "category": "default_component_of", "full_product_name": { "name": "linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64 as a component of Ubuntu 16.04", "product_id": "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64" }, "product_reference": "linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "relates_to_product_reference": "Ubuntu-16" }, { "category": "default_component_of", "full_product_name": { "name": "linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64 as a component of Ubuntu 16.04", "product_id": "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64" }, "product_reference": "linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "relates_to_product_reference": "Ubuntu-16" }, { "category": "default_component_of", "full_product_name": { "name": "linux-source-4.4.0-0:4.4.0-281.315.all as a component of Ubuntu 16.04", "product_id": "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all" }, "product_reference": "linux-source-4.4.0-0:4.4.0-281.315.all", "relates_to_product_reference": "Ubuntu-16" }, { "category": "default_component_of", "full_product_name": { "name": "linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64 as a component of Ubuntu 16.04", "product_id": "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64" }, "product_reference": "linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "relates_to_product_reference": "Ubuntu-16" }, { "category": "default_component_of", "full_product_name": { "name": "linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64 as a component of Ubuntu 16.04", "product_id": "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64" }, "product_reference": "linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "relates_to_product_reference": "Ubuntu-16" }, { "category": "default_component_of", "full_product_name": { "name": "linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64 as a component of Ubuntu 16.04", "product_id": "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64" }, "product_reference": "linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "relates_to_product_reference": "Ubuntu-16" }, { "category": "default_component_of", "full_product_name": { "name": "linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64 as a component of Ubuntu 16.04", "product_id": "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64" }, "product_reference": "linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "relates_to_product_reference": "Ubuntu-16" }, { "category": "default_component_of", "full_product_name": { "name": "linux-doc-0:4.4.0-281.315.all as a component of Ubuntu 16.04", "product_id": "Ubuntu-16:linux-doc-0:4.4.0-281.315.all" }, "product_reference": "linux-doc-0:4.4.0-281.315.all", "relates_to_product_reference": "Ubuntu-16" }, { "category": "default_component_of", "full_product_name": { "name": "linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64 as a component of Ubuntu 16.04", "product_id": "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64" }, "product_reference": "linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "relates_to_product_reference": "Ubuntu-16" }, { "category": "default_component_of", "full_product_name": { "name": "linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all as a component of Ubuntu 16.04", "product_id": "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all" }, "product_reference": "linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "relates_to_product_reference": "Ubuntu-16" }, { "category": "default_component_of", "full_product_name": { "name": "linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64 as a component of Ubuntu 16.04", "product_id": "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64" }, "product_reference": "linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "relates_to_product_reference": "Ubuntu-16" }, { "category": "default_component_of", "full_product_name": { "name": "linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64 as a component of Ubuntu 16.04", "product_id": "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64" }, "product_reference": "linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "relates_to_product_reference": "Ubuntu-16" }, { "category": "default_component_of", "full_product_name": { "name": "linux-cloud-tools-common-0:4.4.0-281.315.all as a component of Ubuntu 16.04", "product_id": "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all" }, "product_reference": "linux-cloud-tools-common-0:4.4.0-281.315.all", "relates_to_product_reference": "Ubuntu-16" }, { "category": "default_component_of", "full_product_name": { "name": "linux-tools-common-0:4.4.0-281.315.all as a component of Ubuntu 16.04", "product_id": "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all" }, "product_reference": "linux-tools-common-0:4.4.0-281.315.all", "relates_to_product_reference": "Ubuntu-16" }, { "category": "default_component_of", "full_product_name": { "name": "linux-libc-dev-0:4.4.0-281.315.amd64 as a component of Ubuntu 16.04", "product_id": "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64" }, "product_reference": "linux-libc-dev-0:4.4.0-281.315.amd64", "relates_to_product_reference": "Ubuntu-16" }, { "category": "default_component_of", "full_product_name": { "name": "linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64 as a component of Ubuntu 16.04", "product_id": "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64" }, "product_reference": "linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "relates_to_product_reference": "Ubuntu-16" }, { "category": "default_component_of", "full_product_name": { "name": "linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64 as a component of Ubuntu 16.04", "product_id": "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64" }, "product_reference": "linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "relates_to_product_reference": "Ubuntu-16" }, { "category": "default_component_of", "full_product_name": { "name": "linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64 as a component of Ubuntu 16.04", "product_id": "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64" }, "product_reference": "linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "relates_to_product_reference": "Ubuntu-16" }, { "category": "default_component_of", "full_product_name": { "name": "linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64 as a component of Ubuntu 16.04", "product_id": "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64" }, "product_reference": "linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "relates_to_product_reference": "Ubuntu-16" }, { "category": "default_component_of", "full_product_name": { "name": "linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64 as a component of Ubuntu 16.04", "product_id": "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64" }, "product_reference": "linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "relates_to_product_reference": "Ubuntu-16" } ] }, "vulnerabilities": [ { "cve": "CVE-2022-50097", "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvideo: fbdev: s3fb: Check the size of screen before memset_io()\n\nIn the function s3fb_set_par(), the value of 'screen_size' is\ncalculated by the user input. If the user provides the improper value,\nthe value of 'screen_size' may larger than 'info->screen_size', which\nmay cause the following bug:\n\n[ 54.083733] BUG: unable to handle page fault for address: ffffc90003000000\n[ 54.083742] #PF: supervisor write access in kernel mode\n[ 54.083744] #PF: error_code(0x0002) - not-present page\n[ 54.083760] RIP: 0010:memset_orig+0x33/0xb0\n[ 54.083782] Call Trace:\n[ 54.083788] s3fb_set_par+0x1ec6/0x4040\n[ 54.083806] fb_set_var+0x604/0xeb0\n[ 54.083836] do_fb_ioctl+0x234/0x670\n\nFix the this by checking the value of 'screen_size' before memset_io().", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-50097" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/3c35a0dc2b4e7acf24c796043b64fa3eee799239", "url": "https://git.kernel.org/stable/c/3c35a0dc2b4e7acf24c796043b64fa3eee799239" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/52461d387cc8c8f8dc40320caa2e9e101f73e7ba", "url": "https://git.kernel.org/stable/c/52461d387cc8c8f8dc40320caa2e9e101f73e7ba" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/574912261528589012b61f82d368256247c3a5a8", "url": "https://git.kernel.org/stable/c/574912261528589012b61f82d368256247c3a5a8" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/5e0da18956d38e7106664dc1d06367b22f06edd3", "url": "https://git.kernel.org/stable/c/5e0da18956d38e7106664dc1d06367b22f06edd3" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/6ba592fa014f21f35a8ee8da4ca7b95a018f13e8", "url": "https://git.kernel.org/stable/c/6ba592fa014f21f35a8ee8da4ca7b95a018f13e8" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/ce50d94afcb8690813c5522f24cd38737657db81", "url": "https://git.kernel.org/stable/c/ce50d94afcb8690813c5522f24cd38737657db81" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/e2d7cacc6a2a1d77e7e20a492daf458a12cf19e0", "url": "https://git.kernel.org/stable/c/e2d7cacc6a2a1d77e7e20a492daf458a12cf19e0" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/eacb50f1733660911827d7c3720f4c5425d0cdda", "url": "https://git.kernel.org/stable/c/eacb50f1733660911827d7c3720f4c5425d0cdda" } ], "release_date": "2025-06-18T11:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-38572", "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: reject malicious packets in ipv6_gso_segment()\n\nsyzbot was able to craft a packet with very long IPv6 extension headers\nleading to an overflow of skb->transport_header.\n\nThis 16bit field has a limited range.\n\nAdd skb_reset_transport_header_careful() helper and use it\nfrom ipv6_gso_segment()\n\nWARNING: CPU: 0 PID: 5871 at ./include/linux/skbuff.h:3032 skb_reset_transport_header include/linux/skbuff.h:3032 [inline]\nWARNING: CPU: 0 PID: 5871 at ./include/linux/skbuff.h:3032 ipv6_gso_segment+0x15e2/0x21e0 net/ipv6/ip6_offload.c:151\nModules linked in:\nCPU: 0 UID: 0 PID: 5871 Comm: syz-executor211 Not tainted 6.16.0-rc6-syzkaller-g7abc678e3084 #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025\n RIP: 0010:skb_reset_transport_header include/linux/skbuff.h:3032 [inline]\n RIP: 0010:ipv6_gso_segment+0x15e2/0x21e0 net/ipv6/ip6_offload.c:151\nCall Trace:\n \n skb_mac_gso_segment+0x31c/0x640 net/core/gso.c:53\n nsh_gso_segment+0x54a/0xe10 net/nsh/nsh.c:110\n skb_mac_gso_segment+0x31c/0x640 net/core/gso.c:53\n __skb_gso_segment+0x342/0x510 net/core/gso.c:124\n skb_gso_segment include/net/gso.h:83 [inline]\n validate_xmit_skb+0x857/0x11b0 net/core/dev.c:3950\n validate_xmit_skb_list+0x84/0x120 net/core/dev.c:4000\n sch_direct_xmit+0xd3/0x4b0 net/sched/sch_generic.c:329\n __dev_xmit_skb net/core/dev.c:4102 [inline]\n __dev_queue_xmit+0x17b6/0x3a70 net/core/dev.c:4679", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-38572" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/09ff062b89d8e48165247d677d1ca23d6d607e9b", "url": "https://git.kernel.org/stable/c/09ff062b89d8e48165247d677d1ca23d6d607e9b" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/3f638e0b28bde7c3354a0df938ab3a96739455d1", "url": "https://git.kernel.org/stable/c/3f638e0b28bde7c3354a0df938ab3a96739455d1" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/5489e7fc6f8be3062f8cb7e49406de4bfd94db67", "url": "https://git.kernel.org/stable/c/5489e7fc6f8be3062f8cb7e49406de4bfd94db67" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/573b8250fc2554761db3bc2bbdbab23789d52d4e", "url": "https://git.kernel.org/stable/c/573b8250fc2554761db3bc2bbdbab23789d52d4e" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/5dc60b2a00ed7629214ac0c48e43f40af2078703", "url": "https://git.kernel.org/stable/c/5dc60b2a00ed7629214ac0c48e43f40af2078703" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/d45cf1e7d7180256e17c9ce88e32e8061a7887fe", "url": "https://git.kernel.org/stable/c/d45cf1e7d7180256e17c9ce88e32e8061a7887fe" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/de322cdf600fc9433845a9e944d1ca6b31cfb67e", "url": "https://git.kernel.org/stable/c/de322cdf600fc9433845a9e944d1ca6b31cfb67e" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/ee851768e4b8371ce151fd446d24bf3ae2d18789", "url": "https://git.kernel.org/stable/c/ee851768e4b8371ce151fd446d24bf3ae2d18789" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/ef05007b403dcc21e701cb1f30d4572ac0a9da20", "url": "https://git.kernel.org/stable/c/ef05007b403dcc21e701cb1f30d4572ac0a9da20" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html" } ], "release_date": "2025-08-19T17:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2023-53117", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs: prevent out-of-bounds array speculation when closing a file descriptor\n\nGoogle-Bug-Id: 114199369", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2023-53117" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/3d5d9501b634fd268eb56428cda92cd317752d69", "url": "https://git.kernel.org/stable/c/3d5d9501b634fd268eb56428cda92cd317752d69" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/609d54441493c99f21c1823dfd66fa7f4c512ff4", "url": "https://git.kernel.org/stable/c/609d54441493c99f21c1823dfd66fa7f4c512ff4" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/6631c8da02cfad96c53b217cf647b511c7f34faf", "url": "https://git.kernel.org/stable/c/6631c8da02cfad96c53b217cf647b511c7f34faf" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a759905de9cd6ec9ca08ceadf0920272772ed830", "url": "https://git.kernel.org/stable/c/a759905de9cd6ec9ca08ceadf0920272772ed830" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/cec08b7d1ebcd3138d4658b3868ce26aeb1e8e06", "url": "https://git.kernel.org/stable/c/cec08b7d1ebcd3138d4658b3868ce26aeb1e8e06" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/eea8e4e056a5ffbeb539a13854c017d5d62c756a", "url": "https://git.kernel.org/stable/c/eea8e4e056a5ffbeb539a13854c017d5d62c756a" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/f31cd5da636682caea424fa1c22679016cbfc16b", "url": "https://git.kernel.org/stable/c/f31cd5da636682caea424fa1c22679016cbfc16b" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/f8cd8754a03a3748384ee438c572423643c9c315", "url": "https://git.kernel.org/stable/c/f8cd8754a03a3748384ee438c572423643c9c315" } ], "release_date": "2025-05-02T16:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2022-49581", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbe2net: Fix buffer overflow in be_get_module_eeprom\n\nbe_cmd_read_port_transceiver_data assumes that it is given a buffer that\nis at least PAGE_DATA_LEN long, or twice that if the module supports SFF\n8472. However, this is not always the case.\n\nFix this by passing the desired offset and length to\nbe_cmd_read_port_transceiver_data so that we only copy the bytes once.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-49581" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/18043da94c023f3ef09c15017bdb04e8f695ef10", "url": "https://git.kernel.org/stable/c/18043da94c023f3ef09c15017bdb04e8f695ef10" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/665cbe91de2f7c97c51ca8fce39aae26477c1948", "url": "https://git.kernel.org/stable/c/665cbe91de2f7c97c51ca8fce39aae26477c1948" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/8ff4f9df73e5c551a72ee6034886c17e8de6596d", "url": "https://git.kernel.org/stable/c/8ff4f9df73e5c551a72ee6034886c17e8de6596d" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a5a8fc0679a8fd58d47aa2ebcfc5742631f753f9", "url": "https://git.kernel.org/stable/c/a5a8fc0679a8fd58d47aa2ebcfc5742631f753f9" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a8569f76df7ec5b4b51155c57523a0b356db5741", "url": "https://git.kernel.org/stable/c/a8569f76df7ec5b4b51155c57523a0b356db5741" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/aba8ff847f4f927ad7a1a1ee4a9f29989a1a728f", "url": "https://git.kernel.org/stable/c/aba8ff847f4f927ad7a1a1ee4a9f29989a1a728f" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/d7241f679a59cfe27f92cb5c6272cb429fb1f7ec", "url": "https://git.kernel.org/stable/c/d7241f679a59cfe27f92cb5c6272cb429fb1f7ec" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/fe4473fc7940f14c4a12db873b9729134c212654", "url": "https://git.kernel.org/stable/c/fe4473fc7940f14c4a12db873b9729134c212654" } ], "release_date": "2025-02-26T07:01:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2022-50419", "cwe": { "id": "CWE-415", "name": "Double Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: hci_sysfs: Fix attempting to call device_add multiple times\n\ndevice_add shall not be called multiple times as stated in its\ndocumentation:\n\n 'Do not call this routine or device_register() more than once for\n any device structure'\n\nSyzkaller reports a bug as follows [1]:\n------------[ cut here ]------------\nkernel BUG at lib/list_debug.c:33!\ninvalid opcode: 0000 [#1] PREEMPT SMP KASAN\n[...]\nCall Trace:\n \n __list_add include/linux/list.h:69 [inline]\n list_add_tail include/linux/list.h:102 [inline]\n kobj_kset_join lib/kobject.c:164 [inline]\n kobject_add_internal+0x18f/0x8f0 lib/kobject.c:214\n kobject_add_varg lib/kobject.c:358 [inline]\n kobject_add+0x150/0x1c0 lib/kobject.c:410\n device_add+0x368/0x1e90 drivers/base/core.c:3452\n hci_conn_add_sysfs+0x9b/0x1b0 net/bluetooth/hci_sysfs.c:53\n hci_le_cis_estabilished_evt+0x57c/0xae0 net/bluetooth/hci_event.c:6799\n hci_le_meta_evt+0x2b8/0x510 net/bluetooth/hci_event.c:7110\n hci_event_func net/bluetooth/hci_event.c:7440 [inline]\n hci_event_packet+0x63d/0xfd0 net/bluetooth/hci_event.c:7495\n hci_rx_work+0xae7/0x1230 net/bluetooth/hci_core.c:4007\n process_one_work+0x991/0x1610 kernel/workqueue.c:2289\n worker_thread+0x665/0x1080 kernel/workqueue.c:2436\n kthread+0x2e4/0x3a0 kernel/kthread.c:376\n ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:306\n ", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-50419" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/1b6c89571f453101251201f0fad1c26f7256e937", "url": "https://git.kernel.org/stable/c/1b6c89571f453101251201f0fad1c26f7256e937" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/3423a50fa018e88aed4c900d59c3c8334d8ad583", "url": "https://git.kernel.org/stable/c/3423a50fa018e88aed4c900d59c3c8334d8ad583" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/448a496f760664d3e2e79466aa1787e6abc922b5", "url": "https://git.kernel.org/stable/c/448a496f760664d3e2e79466aa1787e6abc922b5" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/4bcefec3636208b4c97536b26014d5935d5c10a0", "url": "https://git.kernel.org/stable/c/4bcefec3636208b4c97536b26014d5935d5c10a0" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/6144423712d570247b8ca26e50a277c30dd13702", "url": "https://git.kernel.org/stable/c/6144423712d570247b8ca26e50a277c30dd13702" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/671fee73e08ff415d36a7c16bdf238927df83884", "url": "https://git.kernel.org/stable/c/671fee73e08ff415d36a7c16bdf238927df83884" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/6e85d2ad958c6f034b1b158d904019869dbb3c81", "url": "https://git.kernel.org/stable/c/6e85d2ad958c6f034b1b158d904019869dbb3c81" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/7b674dce4162bb46d396586e30e4653427023875", "url": "https://git.kernel.org/stable/c/7b674dce4162bb46d396586e30e4653427023875" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/ef055094df4c10b73cfe67c8d43f9de1fb608a8b", "url": "https://git.kernel.org/stable/c/ef055094df4c10b73cfe67c8d43f9de1fb608a8b" } ], "release_date": "2025-09-18T16:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2022-49945", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhwmon: (gpio-fan) Fix array out of bounds access\n\nThe driver does not check if the cooling state passed to\ngpio_fan_set_cur_state() exceeds the maximum cooling state as\nstored in fan_data->num_speeds. Since the cooling state is later\nused as an array index in set_fan_speed(), an array out of bounds\naccess can occur.\nThis can be exploited by setting the state of the thermal cooling device\nto arbitrary values, causing for example a kernel oops when unavailable\nmemory is accessed this way.\n\nExample kernel oops:\n[ 807.987276] Unable to handle kernel paging request at virtual address ffffff80d0588064\n[ 807.987369] Mem abort info:\n[ 807.987398] ESR = 0x96000005\n[ 807.987428] EC = 0x25: DABT (current EL), IL = 32 bits\n[ 807.987477] SET = 0, FnV = 0\n[ 807.987507] EA = 0, S1PTW = 0\n[ 807.987536] FSC = 0x05: level 1 translation fault\n[ 807.987570] Data abort info:\n[ 807.987763] ISV = 0, ISS = 0x00000005\n[ 807.987801] CM = 0, WnR = 0\n[ 807.987832] swapper pgtable: 4k pages, 39-bit VAs, pgdp=0000000001165000\n[ 807.987872] [ffffff80d0588064] pgd=0000000000000000, p4d=0000000000000000, pud=0000000000000000\n[ 807.987961] Internal error: Oops: 96000005 [#1] PREEMPT SMP\n[ 807.987992] Modules linked in: cmac algif_hash aes_arm64 algif_skcipher af_alg bnep hci_uart btbcm bluetooth ecdh_generic ecc 8021q garp stp llc snd_soc_hdmi_codec brcmfmac vc4 brcmutil cec drm_kms_helper snd_soc_core cfg80211 snd_compress bcm2835_codec(C) snd_pcm_dmaengine syscopyarea bcm2835_isp(C) bcm2835_v4l2(C) sysfillrect v4l2_mem2mem bcm2835_mmal_vchiq(C) raspberrypi_hwmon sysimgblt videobuf2_dma_contig videobuf2_vmalloc fb_sys_fops videobuf2_memops rfkill videobuf2_v4l2 videobuf2_common i2c_bcm2835 snd_bcm2835(C) videodev snd_pcm snd_timer snd mc vc_sm_cma(C) gpio_fan uio_pdrv_genirq uio drm fuse drm_panel_orientation_quirks backlight ip_tables x_tables ipv6\n[ 807.988508] CPU: 0 PID: 1321 Comm: bash Tainted: G C 5.15.56-v8+ #1575\n[ 807.988548] Hardware name: Raspberry Pi 3 Model B Rev 1.2 (DT)\n[ 807.988574] pstate: 20000005 (nzCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 807.988608] pc : set_fan_speed.part.5+0x34/0x80 [gpio_fan]\n[ 807.988654] lr : gpio_fan_set_cur_state+0x34/0x50 [gpio_fan]\n[ 807.988691] sp : ffffffc008cf3bd0\n[ 807.988710] x29: ffffffc008cf3bd0 x28: ffffff80019edac0 x27: 0000000000000000\n[ 807.988762] x26: 0000000000000000 x25: 0000000000000000 x24: ffffff800747c920\n[ 807.988787] x23: 000000000000000a x22: ffffff800369f000 x21: 000000001999997c\n[ 807.988854] x20: ffffff800369f2e8 x19: ffffff8002ae8080 x18: 0000000000000000\n[ 807.988877] x17: 0000000000000000 x16: 0000000000000000 x15: 000000559e271b70\n[ 807.988938] x14: 0000000000000000 x13: 0000000000000000 x12: 0000000000000000\n[ 807.988960] x11: 0000000000000000 x10: ffffffc008cf3c20 x9 : ffffffcfb60c741c\n[ 807.989018] x8 : 000000000000000a x7 : 00000000ffffffc9 x6 : 0000000000000009\n[ 807.989040] x5 : 000000000000002a x4 : 0000000000000000 x3 : ffffff800369f2e8\n[ 807.989062] x2 : 000000000000e780 x1 : 0000000000000001 x0 : ffffff80d0588060\n[ 807.989084] Call trace:\n[ 807.989091] set_fan_speed.part.5+0x34/0x80 [gpio_fan]\n[ 807.989113] gpio_fan_set_cur_state+0x34/0x50 [gpio_fan]\n[ 807.989199] cur_state_store+0x84/0xd0\n[ 807.989221] dev_attr_store+0x20/0x38\n[ 807.989262] sysfs_kf_write+0x4c/0x60\n[ 807.989282] kernfs_fop_write_iter+0x130/0x1c0\n[ 807.989298] new_sync_write+0x10c/0x190\n[ 807.989315] vfs_write+0x254/0x378\n[ 807.989362] ksys_write+0x70/0xf8\n[ 807.989379] __arm64_sys_write+0x24/0x30\n[ 807.989424] invoke_syscall+0x4c/0x110\n[ 807.989442] el0_svc_common.constprop.3+0xfc/0x120\n[ 807.989458] do_el0_svc+0x2c/0x90\n[ 807.989473] el0_svc+0x24/0x60\n[ 807.989544] el0t_64_sync_handler+0x90/0xb8\n[ 807.989558] el0t_64_sync+0x1a0/0x1a4\n[ 807.989579] Code: b9403801 f9402800 7100003f 8b35cc00 (b9400416)\n[ 807.989627] ---[ end t\n---truncated---", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-49945" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/3263984c7acdcb0658155b05a724ed45a10de76d", "url": "https://git.kernel.org/stable/c/3263984c7acdcb0658155b05a724ed45a10de76d" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/3ff866455e1e263a9ac1958095fd440984248e2f", "url": "https://git.kernel.org/stable/c/3ff866455e1e263a9ac1958095fd440984248e2f" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/517dba798793e69b510779c3cde7224a65f3ed1d", "url": "https://git.kernel.org/stable/c/517dba798793e69b510779c3cde7224a65f3ed1d" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/53196e0376205ed49b75bfd0475af5e0fbd20156", "url": "https://git.kernel.org/stable/c/53196e0376205ed49b75bfd0475af5e0fbd20156" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/7756eb1ed124753f4d64f761fc3d84290dffcb4d", "url": "https://git.kernel.org/stable/c/7756eb1ed124753f4d64f761fc3d84290dffcb4d" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c8ae6a18708f260ccdeef6ba53af7548457dc26c", "url": "https://git.kernel.org/stable/c/c8ae6a18708f260ccdeef6ba53af7548457dc26c" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/e9f6972ab40a82bd7f6d36800792ba2e084474d8", "url": "https://git.kernel.org/stable/c/e9f6972ab40a82bd7f6d36800792ba2e084474d8" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/f233d2be38dbbb22299192292983037f01ab363c", "url": "https://git.kernel.org/stable/c/f233d2be38dbbb22299192292983037f01ab363c" } ], "release_date": "2025-06-18T11:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2023-53454", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: multitouch: Correct devm device reference for hidinput input_dev name\n\nReference the HID device rather than the input device for the devm\nallocation of the input_dev name. Referencing the input_dev would lead to a\nuse-after-free when the input_dev was unregistered and subsequently fires a\nuevent that depends on the name. At the point of firing the uevent, the\nname would be freed by devres management.\n\nUse devm_kasprintf to simplify the logic for allocating memory and\nformatting the input_dev name string.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2023-53454" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/15ec7cb55e7d88755aa01d44a7a1015a42bfce86", "url": "https://git.kernel.org/stable/c/15ec7cb55e7d88755aa01d44a7a1015a42bfce86" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/1d7833db9fd118415dace2ca157bfa603dec9c8c", "url": "https://git.kernel.org/stable/c/1d7833db9fd118415dace2ca157bfa603dec9c8c" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/2763732ec1e68910719c75b6b896e11b6d3d622b", "url": "https://git.kernel.org/stable/c/2763732ec1e68910719c75b6b896e11b6d3d622b" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/39c70c19456e50dcb3abfe53539220dff0490f1d", "url": "https://git.kernel.org/stable/c/39c70c19456e50dcb3abfe53539220dff0490f1d" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/4794394635293a3e74591351fff469cea7ad15a2", "url": "https://git.kernel.org/stable/c/4794394635293a3e74591351fff469cea7ad15a2" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/ac0d389402a6ff9ad92cea02c2d8c711483b91ab", "url": "https://git.kernel.org/stable/c/ac0d389402a6ff9ad92cea02c2d8c711483b91ab" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/b70ac7849248ec8128fa12f86e3655ba38838f29", "url": "https://git.kernel.org/stable/c/b70ac7849248ec8128fa12f86e3655ba38838f29" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/dde88ab4e45beb60b217026207aa9c14c88d71ab", "url": "https://git.kernel.org/stable/c/dde88ab4e45beb60b217026207aa9c14c88d71ab" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/df7ca43fe090e1a56c216c8ebc106ef5fd49afc6", "url": "https://git.kernel.org/stable/c/df7ca43fe090e1a56c216c8ebc106ef5fd49afc6" } ], "release_date": "2025-10-01T12:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2023-53622", "cwe": { "id": "CWE-362", "name": "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngfs2: Fix possible data races in gfs2_show_options()\n\nSome fields such as gt_logd_secs of the struct gfs2_tune are accessed\nwithout holding the lock gt_spin in gfs2_show_options():\n\n val = sdp->sd_tune.gt_logd_secs;\n if (val != 30)\n seq_printf(s, \",commit=%d\", val);\n\nAnd thus can cause data races when gfs2_show_options() and other functions\nsuch as gfs2_reconfigure() are concurrently executed:\n\n spin_lock(>->gt_spin);\n gt->gt_logd_secs = newargs->ar_commit;\n\nTo fix these possible data races, the lock sdp->sd_tune.gt_spin is\nacquired before accessing the fields of gfs2_tune and released after these\naccesses.\n\nFurther changes by Andreas:\n\n- Don't hold the spin lock over the seq_printf operations.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2023-53622" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/235a5ae73cea29109a3e06f100493f17857e6a93", "url": "https://git.kernel.org/stable/c/235a5ae73cea29109a3e06f100493f17857e6a93" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/42077d4de49e4d9c773c97c42d5383b4899a8f9d", "url": "https://git.kernel.org/stable/c/42077d4de49e4d9c773c97c42d5383b4899a8f9d" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/6fa0a72cbbe45db4ed967a51f9e6f4e3afe61d20", "url": "https://git.kernel.org/stable/c/6fa0a72cbbe45db4ed967a51f9e6f4e3afe61d20" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/7c5b2649f6a37d45bfb7abf34c9b71d08677139f", "url": "https://git.kernel.org/stable/c/7c5b2649f6a37d45bfb7abf34c9b71d08677139f" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/7e5bbeb7eb813bb2568e1d5d02587df943272e57", "url": "https://git.kernel.org/stable/c/7e5bbeb7eb813bb2568e1d5d02587df943272e57" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/85e888150075cb221270b64bf772341fc6bd11d9", "url": "https://git.kernel.org/stable/c/85e888150075cb221270b64bf772341fc6bd11d9" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a4f71523ed2123d63b431cc0cea4e9f363a0f054", "url": "https://git.kernel.org/stable/c/a4f71523ed2123d63b431cc0cea4e9f363a0f054" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/b4a7ab57effbed42624842f2ab2a49b177c21a47", "url": "https://git.kernel.org/stable/c/b4a7ab57effbed42624842f2ab2a49b177c21a47" } ], "release_date": "2025-10-07T16:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2022-49948", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvt: Clear selection before changing the font\n\nWhen changing the console font with ioctl(KDFONTOP) the new font size\ncan be bigger than the previous font. A previous selection may thus now\nbe outside of the new screen size and thus trigger out-of-bounds\naccesses to graphics memory if the selection is removed in\nvc_do_resize().\n\nPrevent such out-of-memory accesses by dropping the selection before the\nvarious con_font_set() console handlers are called.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-49948" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/1cf1930369c9dc428d827b60260c53271bff3285", "url": "https://git.kernel.org/stable/c/1cf1930369c9dc428d827b60260c53271bff3285" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/2535431ae967ad17585513649625fea7db28d4db", "url": "https://git.kernel.org/stable/c/2535431ae967ad17585513649625fea7db28d4db" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/566f9c9f89337792070b5a6062dff448b3e7977f", "url": "https://git.kernel.org/stable/c/566f9c9f89337792070b5a6062dff448b3e7977f" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/989201bb8c00b222235aff04e6200230d29dc7bb", "url": "https://git.kernel.org/stable/c/989201bb8c00b222235aff04e6200230d29dc7bb" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c555cf04684fde39b5b0dd9fd80730030ee10c4a", "url": "https://git.kernel.org/stable/c/c555cf04684fde39b5b0dd9fd80730030ee10c4a" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c904fe03c4bd1f356a58797d39e2a5d0ca15cefc", "url": "https://git.kernel.org/stable/c/c904fe03c4bd1f356a58797d39e2a5d0ca15cefc" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/e9ba4611ddf676194385506222cce7b0844e708e", "url": "https://git.kernel.org/stable/c/e9ba4611ddf676194385506222cce7b0844e708e" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/f74b4a41c5d7c9522469917e3072e55d435efd9e", "url": "https://git.kernel.org/stable/c/f74b4a41c5d7c9522469917e3072e55d435efd9e" } ], "release_date": "2025-06-18T11:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2022-50411", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nACPICA: Fix error code path in acpi_ds_call_control_method()\n\nA use-after-free in acpi_ps_parse_aml() after a failing invocaion of\nacpi_ds_call_control_method() is reported by KASAN [1] and code\ninspection reveals that next_walk_state pushed to the thread by\nacpi_ds_create_walk_state() is freed on errors, but it is not popped\nfrom the thread beforehand. Thus acpi_ds_get_current_walk_state()\ncalled by acpi_ps_parse_aml() subsequently returns it as the new\nwalk state which is incorrect.\n\nTo address this, make acpi_ds_call_control_method() call\nacpi_ds_pop_walk_state() to pop next_walk_state from the thread before\nreturning an error.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-50411" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/0462fec709d51762ba486245bc344f44cc6cfa97", "url": "https://git.kernel.org/stable/c/0462fec709d51762ba486245bc344f44cc6cfa97" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/2deb42c4f9776e59bee247c14af9c5e8c05ca9a6", "url": "https://git.kernel.org/stable/c/2deb42c4f9776e59bee247c14af9c5e8c05ca9a6" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/38e251d356a01b61a86cb35213cafd7e8fe7090c", "url": "https://git.kernel.org/stable/c/38e251d356a01b61a86cb35213cafd7e8fe7090c" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/404ec60438add1afadaffaed34bb5fe4ddcadd40", "url": "https://git.kernel.org/stable/c/404ec60438add1afadaffaed34bb5fe4ddcadd40" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/5777432ebaaf797e24f059979b42df3139967163", "url": "https://git.kernel.org/stable/c/5777432ebaaf797e24f059979b42df3139967163" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/799881db3e03b5e98fe6a900d9d7de8c7d61e7ee", "url": "https://git.kernel.org/stable/c/799881db3e03b5e98fe6a900d9d7de8c7d61e7ee" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/9ef353c92f9d04c88de3af1a46859c1fb76db0f8", "url": "https://git.kernel.org/stable/c/9ef353c92f9d04c88de3af1a46859c1fb76db0f8" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/b0b83d3f3ffa96e8395c56b83d6197e184902a34", "url": "https://git.kernel.org/stable/c/b0b83d3f3ffa96e8395c56b83d6197e184902a34" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/f520d181477ec29a496c0b3bbfbdb7e2606c2713", "url": "https://git.kernel.org/stable/c/f520d181477ec29a496c0b3bbfbdb7e2606c2713" } ], "release_date": "2025-09-18T16:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2023-53322", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Wait for io return on terminate rport\n\nSystem crash due to use after free.\nCurrent code allows terminate_rport_io to exit before making\nsure all IOs has returned. For FCP-2 device, IO's can hang\non in HW because driver has not tear down the session in FW at\nfirst sign of cable pull. When dev_loss_tmo timer pops,\nterminate_rport_io is called and upper layer is about to\nfree various resources. Terminate_rport_io trigger qla to do\nthe final cleanup, but the cleanup might not be fast enough where it\nleave qla still holding on to the same resource.\n\nWait for IO's to return to upper layer before resources are freed.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2023-53322" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/079c8264ed9fea8cbcac01ad29040f901cbc3692", "url": "https://git.kernel.org/stable/c/079c8264ed9fea8cbcac01ad29040f901cbc3692" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/4647d2e88918a078359d1532d90c417a38542c9e", "url": "https://git.kernel.org/stable/c/4647d2e88918a078359d1532d90c417a38542c9e" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/5bcdaafd92be6035ddc77fa76650cf9dd5b864c4", "url": "https://git.kernel.org/stable/c/5bcdaafd92be6035ddc77fa76650cf9dd5b864c4" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/8a55556cd7e0220486163b1285ce11a8be2ce5fa", "url": "https://git.kernel.org/stable/c/8a55556cd7e0220486163b1285ce11a8be2ce5fa" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/90770dad1eb30967ebd8d37d82830bcf270b3293", "url": "https://git.kernel.org/stable/c/90770dad1eb30967ebd8d37d82830bcf270b3293" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a9fe97fb7b4ee21bffb76f2acb05769bad27ae70", "url": "https://git.kernel.org/stable/c/a9fe97fb7b4ee21bffb76f2acb05769bad27ae70" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/d25fded78d88e1515439b3ba581684d683e0b6ab", "url": "https://git.kernel.org/stable/c/d25fded78d88e1515439b3ba581684d683e0b6ab" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/fc0cba0c7be8261a1625098bd1d695077ec621c9", "url": "https://git.kernel.org/stable/c/fc0cba0c7be8261a1625098bd1d695077ec621c9" } ], "release_date": "2025-09-16T17:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2023-53035", "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix kernel-infoleak in nilfs_ioctl_wrap_copy()\n\nThe ioctl helper function nilfs_ioctl_wrap_copy(), which exchanges a\nmetadata array to/from user space, may copy uninitialized buffer regions\nto user space memory for read-only ioctl commands NILFS_IOCTL_GET_SUINFO\nand NILFS_IOCTL_GET_CPINFO.\n\nThis can occur when the element size of the user space metadata given by\nthe v_size member of the argument nilfs_argv structure is larger than the\nsize of the metadata element (nilfs_suinfo structure or nilfs_cpinfo\nstructure) on the file system side.\n\nKMSAN-enabled kernels detect this issue as follows:\n\n BUG: KMSAN: kernel-infoleak in instrument_copy_to_user\n include/linux/instrumented.h:121 [inline]\n BUG: KMSAN: kernel-infoleak in _copy_to_user+0xc0/0x100 lib/usercopy.c:33\n instrument_copy_to_user include/linux/instrumented.h:121 [inline]\n _copy_to_user+0xc0/0x100 lib/usercopy.c:33\n copy_to_user include/linux/uaccess.h:169 [inline]\n nilfs_ioctl_wrap_copy+0x6fa/0xc10 fs/nilfs2/ioctl.c:99\n nilfs_ioctl_get_info fs/nilfs2/ioctl.c:1173 [inline]\n nilfs_ioctl+0x2402/0x4450 fs/nilfs2/ioctl.c:1290\n nilfs_compat_ioctl+0x1b8/0x200 fs/nilfs2/ioctl.c:1343\n __do_compat_sys_ioctl fs/ioctl.c:968 [inline]\n __se_compat_sys_ioctl+0x7dd/0x1000 fs/ioctl.c:910\n __ia32_compat_sys_ioctl+0x93/0xd0 fs/ioctl.c:910\n do_syscall_32_irqs_on arch/x86/entry/common.c:112 [inline]\n __do_fast_syscall_32+0xa2/0x100 arch/x86/entry/common.c:178\n do_fast_syscall_32+0x37/0x80 arch/x86/entry/common.c:203\n do_SYSENTER_32+0x1f/0x30 arch/x86/entry/common.c:246\n entry_SYSENTER_compat_after_hwframe+0x70/0x82\n\n Uninit was created at:\n __alloc_pages+0x9f6/0xe90 mm/page_alloc.c:5572\n alloc_pages+0xab0/0xd80 mm/mempolicy.c:2287\n __get_free_pages+0x34/0xc0 mm/page_alloc.c:5599\n nilfs_ioctl_wrap_copy+0x223/0xc10 fs/nilfs2/ioctl.c:74\n nilfs_ioctl_get_info fs/nilfs2/ioctl.c:1173 [inline]\n nilfs_ioctl+0x2402/0x4450 fs/nilfs2/ioctl.c:1290\n nilfs_compat_ioctl+0x1b8/0x200 fs/nilfs2/ioctl.c:1343\n __do_compat_sys_ioctl fs/ioctl.c:968 [inline]\n __se_compat_sys_ioctl+0x7dd/0x1000 fs/ioctl.c:910\n __ia32_compat_sys_ioctl+0x93/0xd0 fs/ioctl.c:910\n do_syscall_32_irqs_on arch/x86/entry/common.c:112 [inline]\n __do_fast_syscall_32+0xa2/0x100 arch/x86/entry/common.c:178\n do_fast_syscall_32+0x37/0x80 arch/x86/entry/common.c:203\n do_SYSENTER_32+0x1f/0x30 arch/x86/entry/common.c:246\n entry_SYSENTER_compat_after_hwframe+0x70/0x82\n\n Bytes 16-127 of 3968 are uninitialized\n ...\n\nThis eliminates the leak issue by initializing the page allocated as\nbuffer using get_zeroed_page().", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2023-53035" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/003587000276f81d0114b5ce773d80c119d8cb30", "url": "https://git.kernel.org/stable/c/003587000276f81d0114b5ce773d80c119d8cb30" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/5bb105cc72beb9d51bf12f5c657336d2d35bdc5d", "url": "https://git.kernel.org/stable/c/5bb105cc72beb9d51bf12f5c657336d2d35bdc5d" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/5f33b042f74fc9662eba17f4cd19b07d84bbc6c5", "url": "https://git.kernel.org/stable/c/5f33b042f74fc9662eba17f4cd19b07d84bbc6c5" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/8a6550b365c0ce2e65905de57dcbfe1f7d629726", "url": "https://git.kernel.org/stable/c/8a6550b365c0ce2e65905de57dcbfe1f7d629726" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/8f5cbf6a8c0e19b062b829c5b7aca01468bb57f6", "url": "https://git.kernel.org/stable/c/8f5cbf6a8c0e19b062b829c5b7aca01468bb57f6" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/9c5034e9a0e03db8d5e9eabb176340259b5b97e4", "url": "https://git.kernel.org/stable/c/9c5034e9a0e03db8d5e9eabb176340259b5b97e4" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a94932381e8dae4117e9129b3c1282e18aa97b05", "url": "https://git.kernel.org/stable/c/a94932381e8dae4117e9129b3c1282e18aa97b05" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/d18db946cc6a394291539e030df32324285648f7", "url": "https://git.kernel.org/stable/c/d18db946cc6a394291539e030df32324285648f7" } ], "release_date": "2025-05-02T16:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-38538", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: nbpfaxi: Fix memory corruption in probe()\n\nThe nbpf->chan[] array is allocated earlier in the nbpf_probe() function\nand it has \"num_channels\" elements. These three loops iterate one\nelement farther than they should and corrupt memory.\n\nThe changes to the second loop are more involved. In this case, we're\ncopying data from the irqbuf[] array into the nbpf->chan[] array. If\nthe data in irqbuf[i] is the error IRQ then we skip it, so the iterators\nare not in sync. I added a check to ensure that we don't go beyond the\nend of the irqbuf[] array. I'm pretty sure this can't happen, but it\nseemed harmless to add a check.\n\nOn the other hand, after the loop has ended there is a check to ensure\nthat the \"chan\" iterator is where we expect it to be. In the original\ncode we went one element beyond the end of the array so the iterator\nwasn't in the correct place and it would always return -EINVAL. However,\nnow it will always be in the correct place. I deleted the check since\nwe know the result.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-38538" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/122160289adf8ebf15060f1cbf6265b55a914948", "url": "https://git.kernel.org/stable/c/122160289adf8ebf15060f1cbf6265b55a914948" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/188c6ba1dd925849c5d94885c8bbdeb0b3dcf510", "url": "https://git.kernel.org/stable/c/188c6ba1dd925849c5d94885c8bbdeb0b3dcf510" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/24861ef8b517a309a4225f2793be0cd8fa0bec9e", "url": "https://git.kernel.org/stable/c/24861ef8b517a309a4225f2793be0cd8fa0bec9e" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/4bb016438335ec02b01f96bf1367378c2bfe03e5", "url": "https://git.kernel.org/stable/c/4bb016438335ec02b01f96bf1367378c2bfe03e5" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/84fff8e6f11b9af1407e273995b5257d99ff0cff", "url": "https://git.kernel.org/stable/c/84fff8e6f11b9af1407e273995b5257d99ff0cff" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/aec396b4f736f3f8d2c28a9cd2924a4ada57ae87", "url": "https://git.kernel.org/stable/c/aec396b4f736f3f8d2c28a9cd2924a4ada57ae87" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/d6bbd67ab5de37a74ac85c83c5a26664b62034dd", "url": "https://git.kernel.org/stable/c/d6bbd67ab5de37a74ac85c83c5a26664b62034dd" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/f366b36c5e3ce29c9a3c8eed3d1631908e4fc8bb", "url": "https://git.kernel.org/stable/c/f366b36c5e3ce29c9a3c8eed3d1631908e4fc8bb" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html" } ], "release_date": "2025-08-16T12:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2022-49907", "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: mdio: fix undefined behavior in bit shift for __mdiobus_register\n\nShifting signed 32-bit value by 31 bits is undefined, so changing\nsignificant bit to unsigned. The UBSAN warning calltrace like below:\n\nUBSAN: shift-out-of-bounds in drivers/net/phy/mdio_bus.c:586:27\nleft shift of 1 by 31 places cannot be represented in type 'int'\nCall Trace:\n \n dump_stack_lvl+0x7d/0xa5\n dump_stack+0x15/0x1b\n ubsan_epilogue+0xe/0x4e\n __ubsan_handle_shift_out_of_bounds+0x1e7/0x20c\n __mdiobus_register+0x49d/0x4e0\n fixed_mdio_bus_init+0xd8/0x12d\n do_one_initcall+0x76/0x430\n kernel_init_freeable+0x3b3/0x422\n kernel_init+0x24/0x1e0\n ret_from_fork+0x1f/0x30\n ", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-49907" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/20ed01a7b9af6e6a3c33761eebbb710ea6dd49b7", "url": "https://git.kernel.org/stable/c/20ed01a7b9af6e6a3c33761eebbb710ea6dd49b7" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/40e4eb324c59e11fcb927aa46742d28aba6ecb8a", "url": "https://git.kernel.org/stable/c/40e4eb324c59e11fcb927aa46742d28aba6ecb8a" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/4954b5359eb141499492fadfab891e28905509e2", "url": "https://git.kernel.org/stable/c/4954b5359eb141499492fadfab891e28905509e2" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/634f066d02bdb22a26da7deb0c7617ab1a65fc9d", "url": "https://git.kernel.org/stable/c/634f066d02bdb22a26da7deb0c7617ab1a65fc9d" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/6ce6f8f8f6316da6f92afe7490bc2f0b654d68e0", "url": "https://git.kernel.org/stable/c/6ce6f8f8f6316da6f92afe7490bc2f0b654d68e0" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/7006176a3c863e3e353ce1b8a349ef5bb1b9320e", "url": "https://git.kernel.org/stable/c/7006176a3c863e3e353ce1b8a349ef5bb1b9320e" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/985a88bf0b27193522bba7856b1763f428cef19d", "url": "https://git.kernel.org/stable/c/985a88bf0b27193522bba7856b1763f428cef19d" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a3fafc974be37319679f36dc4e7cca7db1e02973", "url": "https://git.kernel.org/stable/c/a3fafc974be37319679f36dc4e7cca7db1e02973" } ], "release_date": "2025-05-01T15:16:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2023-53000", "cwe": { "id": "CWE-129", "name": "Improper Validation of Array Index" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetlink: prevent potential spectre v1 gadgets\n\nMost netlink attributes are parsed and validated from\n__nla_validate_parse() or validate_nla()\n\n u16 type = nla_type(nla);\n\n if (type == 0 || type > maxtype) {\n /* error or continue */\n }\n\n@type is then used as an array index and can be used\nas a Spectre v1 gadget.\n\narray_index_nospec() can be used to prevent leaking\ncontent of kernel memory to malicious users.\n\nThis should take care of vast majority of netlink uses,\nbut an audit is needed to take care of others where\nvalidation is not yet centralized in core netlink functions.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2023-53000" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/3e5082b1c66c7783fbcd79b5b178573230e528ff", "url": "https://git.kernel.org/stable/c/3e5082b1c66c7783fbcd79b5b178573230e528ff" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/41b74e95f297ac360ca7ed6bf200100717cb6c45", "url": "https://git.kernel.org/stable/c/41b74e95f297ac360ca7ed6bf200100717cb6c45" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/539ca5dcbc91134bbe2c45677811c31d8b030d2d", "url": "https://git.kernel.org/stable/c/539ca5dcbc91134bbe2c45677811c31d8b030d2d" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/992e4ff7116a77968039277b5d6aaa535c2f2184", "url": "https://git.kernel.org/stable/c/992e4ff7116a77968039277b5d6aaa535c2f2184" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/f0950402e8c76e7dcb08563f1b4e8000fbc62455", "url": "https://git.kernel.org/stable/c/f0950402e8c76e7dcb08563f1b4e8000fbc62455" } ], "release_date": "2025-03-27T17:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2023-53321", "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211_hwsim: drop short frames\n\nWhile technically some control frames like ACK are shorter and\nend after Address 1, such frames shouldn't be forwarded through\nwmediumd or similar userspace, so require the full 3-address\nheader to avoid accessing invalid memory if shorter frames are\npassed in.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2023-53321" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/3beb97bed860d95b14ad23578ce8ddaea62023db", "url": "https://git.kernel.org/stable/c/3beb97bed860d95b14ad23578ce8ddaea62023db" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/672205c6f2d11978fcd7f0f336bb2c708e28874b", "url": "https://git.kernel.org/stable/c/672205c6f2d11978fcd7f0f336bb2c708e28874b" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/89a41ed7f21476301659ebd25ccb48a60791c1a7", "url": "https://git.kernel.org/stable/c/89a41ed7f21476301659ebd25ccb48a60791c1a7" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/b9a175e3b250b0dc6e152988040aa5014e98e61e", "url": "https://git.kernel.org/stable/c/b9a175e3b250b0dc6e152988040aa5014e98e61e" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c64ee9dd335832d5e2ab0a8fc83a34ad4c729799", "url": "https://git.kernel.org/stable/c/c64ee9dd335832d5e2ab0a8fc83a34ad4c729799" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/fba360a047d5eeeb9d4b7c3a9b1c8308980ce9a6", "url": "https://git.kernel.org/stable/c/fba360a047d5eeeb9d4b7c3a9b1c8308980ce9a6" } ], "release_date": "2025-09-16T17:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2022-50094", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspmi: trace: fix stack-out-of-bound access in SPMI tracing functions\n\ntrace_spmi_write_begin() and trace_spmi_read_end() both call\nmemcpy() with a length of \"len + 1\". This leads to one extra\nbyte being read beyond the end of the specified buffer. Fix\nthis out-of-bound memory access by using a length of \"len\"\ninstead.\n\nHere is a KASAN log showing the issue:\n\nBUG: KASAN: stack-out-of-bounds in trace_event_raw_event_spmi_read_end+0x1d0/0x234\nRead of size 2 at addr ffffffc0265b7540 by task thermal@2.0-ser/1314\n...\nCall trace:\n dump_backtrace+0x0/0x3e8\n show_stack+0x2c/0x3c\n dump_stack_lvl+0xdc/0x11c\n print_address_description+0x74/0x384\n kasan_report+0x188/0x268\n kasan_check_range+0x270/0x2b0\n memcpy+0x90/0xe8\n trace_event_raw_event_spmi_read_end+0x1d0/0x234\n spmi_read_cmd+0x294/0x3ac\n spmi_ext_register_readl+0x84/0x9c\n regmap_spmi_ext_read+0x144/0x1b0 [regmap_spmi]\n _regmap_raw_read+0x40c/0x754\n regmap_raw_read+0x3a0/0x514\n regmap_bulk_read+0x418/0x494\n adc5_gen3_poll_wait_hs+0xe8/0x1e0 [qcom_spmi_adc5_gen3]\n ...\n __arm64_sys_read+0x4c/0x60\n invoke_syscall+0x80/0x218\n el0_svc_common+0xec/0x1c8\n ...\n\naddr ffffffc0265b7540 is located in stack of task thermal@2.0-ser/1314 at offset 32 in frame:\n adc5_gen3_poll_wait_hs+0x0/0x1e0 [qcom_spmi_adc5_gen3]\n\nthis frame has 1 object:\n [32, 33) 'status'\n\nMemory state around the buggy address:\n ffffffc0265b7400: 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 f1\n ffffffc0265b7480: 04 f3 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00\n>ffffffc0265b7500: 00 00 00 00 f1 f1 f1 f1 01 f3 f3 f3 00 00 00 00\n ^\n ffffffc0265b7580: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n ffffffc0265b7600: f1 f1 f1 f1 01 f2 07 f2 f2 f2 01 f3 00 00 00 00\n==================================================================", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-50094" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/1e0ca3d809c36ad3d1f542917718fc22ec6316e7", "url": "https://git.kernel.org/stable/c/1e0ca3d809c36ad3d1f542917718fc22ec6316e7" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/2af28b241eea816e6f7668d1954f15894b45d7e3", "url": "https://git.kernel.org/stable/c/2af28b241eea816e6f7668d1954f15894b45d7e3" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/37690cb8662cec672cacda19e6e4fd2ca7b13f0b", "url": "https://git.kernel.org/stable/c/37690cb8662cec672cacda19e6e4fd2ca7b13f0b" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/504090815c1ad3fd3fa34618b54d706727f8911c", "url": "https://git.kernel.org/stable/c/504090815c1ad3fd3fa34618b54d706727f8911c" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/80f7c93e573ea9f524924bb529c2af8cb28b1c43", "url": "https://git.kernel.org/stable/c/80f7c93e573ea9f524924bb529c2af8cb28b1c43" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/ac730c72bddc889f5610d51d8a7abf425e08da1a", "url": "https://git.kernel.org/stable/c/ac730c72bddc889f5610d51d8a7abf425e08da1a" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/bcc1b6b1ed3f42ed25858c1f1eb24a2f741db93f", "url": "https://git.kernel.org/stable/c/bcc1b6b1ed3f42ed25858c1f1eb24a2f741db93f" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/dc6033a7761254e5a5ba7df36b64db787a53313c", "url": "https://git.kernel.org/stable/c/dc6033a7761254e5a5ba7df36b64db787a53313c" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/dd02510fb43168310abfd0b9ccf49993a722fb91", "url": "https://git.kernel.org/stable/c/dd02510fb43168310abfd0b9ccf49993a722fb91" } ], "release_date": "2025-06-18T11:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2023-53219", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: netup_unidvb: fix use-after-free at del_timer()\n\nWhen Universal DVB card is detaching, netup_unidvb_dma_fini()\nuses del_timer() to stop dma->timeout timer. But when timer\nhandler netup_unidvb_dma_timeout() is running, del_timer()\ncould not stop it. As a result, the use-after-free bug could\nhappen. The process is shown below:\n\n (cleanup routine) | (timer routine)\n | mod_timer(&dev->tx_sim_timer, ..)\nnetup_unidvb_finidev() | (wait a time)\n netup_unidvb_dma_fini() | netup_unidvb_dma_timeout()\n del_timer(&dma->timeout); |\n | ndev->pci_dev->dev //USE\n\nFix by changing del_timer() to del_timer_sync().", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2023-53219" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/051af3f0b7d1cd8ab7f3e2523ad8ae1af44caba3", "url": "https://git.kernel.org/stable/c/051af3f0b7d1cd8ab7f3e2523ad8ae1af44caba3" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/07821524f67bf920342bc84ae8b3dea2a315a89e", "url": "https://git.kernel.org/stable/c/07821524f67bf920342bc84ae8b3dea2a315a89e" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/0f5bb36bf9b39a2a96e730bf4455095b50713f63", "url": "https://git.kernel.org/stable/c/0f5bb36bf9b39a2a96e730bf4455095b50713f63" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/1550bcf2983ae1220cc8ab899a39a423fa7cb523", "url": "https://git.kernel.org/stable/c/1550bcf2983ae1220cc8ab899a39a423fa7cb523" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/90229e9ee957d4514425e4a4d82c50ab5d57ac4d", "url": "https://git.kernel.org/stable/c/90229e9ee957d4514425e4a4d82c50ab5d57ac4d" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c8f9c05e1ebcc9c7bc211cc8b74d8fb86a8756fc", "url": "https://git.kernel.org/stable/c/c8f9c05e1ebcc9c7bc211cc8b74d8fb86a8756fc" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/dd5c77814f290b353917df329f36de1472d47154", "url": "https://git.kernel.org/stable/c/dd5c77814f290b353917df329f36de1472d47154" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/f9982db735a8495eee14267cf193c806b957e942", "url": "https://git.kernel.org/stable/c/f9982db735a8495eee14267cf193c806b957e942" } ], "release_date": "2025-09-15T15:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-38415", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nSquashfs: check return result of sb_min_blocksize\n\nSyzkaller reports an \"UBSAN: shift-out-of-bounds in squashfs_bio_read\" bug.\n\nSyzkaller forks multiple processes which after mounting the Squashfs\nfilesystem, issues an ioctl(\"/dev/loop0\", LOOP_SET_BLOCK_SIZE, 0x8000). \nNow if this ioctl occurs at the same time another process is in the\nprocess of mounting a Squashfs filesystem on /dev/loop0, the failure\noccurs. When this happens the following code in squashfs_fill_super()\nfails.\n\n----\nmsblk->devblksize = sb_min_blocksize(sb, SQUASHFS_DEVBLK_SIZE);\nmsblk->devblksize_log2 = ffz(~msblk->devblksize);\n----\n\nsb_min_blocksize() returns 0, which means msblk->devblksize is set to 0.\n\nAs a result, ffz(~msblk->devblksize) returns 64, and msblk->devblksize_log2\nis set to 64.\n\nThis subsequently causes the\n\nUBSAN: shift-out-of-bounds in fs/squashfs/block.c:195:36\nshift exponent 64 is too large for 64-bit type 'u64' (aka\n'unsigned long long')\n\nThis commit adds a check for a 0 return by sb_min_blocksize().", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-38415" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/0aff95d9bc7fb5400ca8af507429c4b067bdb425", "url": "https://git.kernel.org/stable/c/0aff95d9bc7fb5400ca8af507429c4b067bdb425" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/295ab18c2dbce8d0ac6ecf7c5187e16e1ac8b282", "url": "https://git.kernel.org/stable/c/295ab18c2dbce8d0ac6ecf7c5187e16e1ac8b282" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/4f99357dadbf9c979ad737156ad4c37fadf7c56b", "url": "https://git.kernel.org/stable/c/4f99357dadbf9c979ad737156ad4c37fadf7c56b" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/549f9e3d7b60d53808c98b9fde49b4f46d0524a5", "url": "https://git.kernel.org/stable/c/549f9e3d7b60d53808c98b9fde49b4f46d0524a5" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/5c51aa862cbeed2f3887f0382a2708956710bd68", "url": "https://git.kernel.org/stable/c/5c51aa862cbeed2f3887f0382a2708956710bd68" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/6abf6b78c6fb112eee495f5636ffcc350dd2ce25", "url": "https://git.kernel.org/stable/c/6abf6b78c6fb112eee495f5636ffcc350dd2ce25" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/734aa85390ea693bb7eaf2240623d41b03705c84", "url": "https://git.kernel.org/stable/c/734aa85390ea693bb7eaf2240623d41b03705c84" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/db7096ea160e40d78c67fce52e7cc51bde049497", "url": "https://git.kernel.org/stable/c/db7096ea160e40d78c67fce52e7cc51bde049497" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html" } ], "release_date": "2025-07-25T14:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-38079", "cwe": { "id": "CWE-415", "name": "Double Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: algif_hash - fix double free in hash_accept\n\nIf accept(2) is called on socket type algif_hash with\nMSG_MORE flag set and crypto_ahash_import fails,\nsk2 is freed. However, it is also freed in af_alg_release,\nleading to slab-use-after-free error.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-38079" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/0346f4b742345d1c733c977f3a7aef5a6419a967", "url": "https://git.kernel.org/stable/c/0346f4b742345d1c733c977f3a7aef5a6419a967" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/134daaba93193df9e988524b5cd2f52d15eb1993", "url": "https://git.kernel.org/stable/c/134daaba93193df9e988524b5cd2f52d15eb1993" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/2f45a8d64fb4ed4830a4b3273834ecd6ca504896", "url": "https://git.kernel.org/stable/c/2f45a8d64fb4ed4830a4b3273834ecd6ca504896" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/5bff312b59b3f2a54ff504e4f4e47272b64f3633", "url": "https://git.kernel.org/stable/c/5bff312b59b3f2a54ff504e4f4e47272b64f3633" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/b2df03ed4052e97126267e8c13ad4204ea6ba9b6", "url": "https://git.kernel.org/stable/c/b2df03ed4052e97126267e8c13ad4204ea6ba9b6" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/bf7bba75b91539e93615f560893a599c1e1c98bf", "url": "https://git.kernel.org/stable/c/bf7bba75b91539e93615f560893a599c1e1c98bf" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c3059d58f79fdfb2201249c2741514e34562b547", "url": "https://git.kernel.org/stable/c/c3059d58f79fdfb2201249c2741514e34562b547" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/f0f3d09f53534ea385d55ced408f2b67059b16e4", "url": "https://git.kernel.org/stable/c/f0f3d09f53534ea385d55ced408f2b67059b16e4" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html" } ], "release_date": "2025-06-18T10:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-39743", "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: truncate good inode pages when hard link is 0\n\nThe fileset value of the inode copy from the disk by the reproducer is\nAGGR_RESERVED_I. When executing evict, its hard link number is 0, so its\ninode pages are not truncated. This causes the bugon to be triggered when\nexecuting clear_inode() because nrpages is greater than 0.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-39743" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/1bb5cdc3e39f0c2b311fcb631258b7e60d3fb0d3", "url": "https://git.kernel.org/stable/c/1bb5cdc3e39f0c2b311fcb631258b7e60d3fb0d3" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/2b1d5ca395a5fb170c3f885cd42c16179f7f54ec", "url": "https://git.kernel.org/stable/c/2b1d5ca395a5fb170c3f885cd42c16179f7f54ec" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/2d91b3765cd05016335cd5df5e5c6a29708ec058", "url": "https://git.kernel.org/stable/c/2d91b3765cd05016335cd5df5e5c6a29708ec058" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/34d8e982bac48bdcca7524644a8825a580edce74", "url": "https://git.kernel.org/stable/c/34d8e982bac48bdcca7524644a8825a580edce74" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/5845b926c561b8333cd65169526eec357d7bb449", "url": "https://git.kernel.org/stable/c/5845b926c561b8333cd65169526eec357d7bb449" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/89fff8e3d6710fc32507b8e19eb5afa9fb79b896", "url": "https://git.kernel.org/stable/c/89fff8e3d6710fc32507b8e19eb5afa9fb79b896" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/8ed7275910fb7177012619864e04d3008763f3ea", "url": "https://git.kernel.org/stable/c/8ed7275910fb7177012619864e04d3008763f3ea" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/b5b471820c33365a8ccd2d463578bf4e47056c2c", "url": "https://git.kernel.org/stable/c/b5b471820c33365a8ccd2d463578bf4e47056c2c" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/df3fd8daf278eca365f221749ae5b728e8382a04", "url": "https://git.kernel.org/stable/c/df3fd8daf278eca365f221749ae5b728e8382a04" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html" } ], "release_date": "2025-09-11T17:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2022-50301", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/omap: Fix buffer overflow in debugfs\n\nThere are two issues here:\n\n1) The \"len\" variable needs to be checked before the very first write.\n Otherwise if omap2_iommu_dump_ctx() with \"bytes\" less than 32 it is a\n buffer overflow.\n2) The snprintf() function returns the number of bytes that *would* have\n been copied if there were enough space. But we want to know the\n number of bytes which were *actually* copied so use scnprintf()\n instead.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-50301" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/0c7043a5b5c3b35f5dc8875757f71e7f491d64d4", "url": "https://git.kernel.org/stable/c/0c7043a5b5c3b35f5dc8875757f71e7f491d64d4" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/184233a5202786b20220acd2d04ddf909ef18f29", "url": "https://git.kernel.org/stable/c/184233a5202786b20220acd2d04ddf909ef18f29" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/2fee0dbfaeaaa4bda04279ce772c4572b1429d04", "url": "https://git.kernel.org/stable/c/2fee0dbfaeaaa4bda04279ce772c4572b1429d04" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/4010a1afaae1c0fb9c2cac5de703bed29b1f1782", "url": "https://git.kernel.org/stable/c/4010a1afaae1c0fb9c2cac5de703bed29b1f1782" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/648472df221f2bbffb433b964bcb87baccc586d8", "url": "https://git.kernel.org/stable/c/648472df221f2bbffb433b964bcb87baccc586d8" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/706e359cf046c142db290244c3f4938b20fbe805", "url": "https://git.kernel.org/stable/c/706e359cf046c142db290244c3f4938b20fbe805" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/9814cc350e0765ce69244bf55ae4c8b29facd27e", "url": "https://git.kernel.org/stable/c/9814cc350e0765ce69244bf55ae4c8b29facd27e" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/bd0438f534b2e31b12f0b39b355c5dc2bbdaf854", "url": "https://git.kernel.org/stable/c/bd0438f534b2e31b12f0b39b355c5dc2bbdaf854" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/ec53b99b6b9da8b501f001595a6260c03b42d5b7", "url": "https://git.kernel.org/stable/c/ec53b99b6b9da8b501f001595a6260c03b42d5b7" } ], "release_date": "2025-09-15T15:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2022-50211", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd-raid10: fix KASAN warning\n\nThere's a KASAN warning in raid10_remove_disk when running the lvm\ntest lvconvert-raid-reshape.sh. We fix this warning by verifying that the\nvalue \"number\" is valid.\n\nBUG: KASAN: slab-out-of-bounds in raid10_remove_disk+0x61/0x2a0 [raid10]\nRead of size 8 at addr ffff889108f3d300 by task mdX_raid10/124682\n\nCPU: 3 PID: 124682 Comm: mdX_raid10 Not tainted 5.19.0-rc6 #1\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.14.0-2 04/01/2014\nCall Trace:\n \n dump_stack_lvl+0x34/0x44\n print_report.cold+0x45/0x57a\n ? __lock_text_start+0x18/0x18\n ? raid10_remove_disk+0x61/0x2a0 [raid10]\n kasan_report+0xa8/0xe0\n ? raid10_remove_disk+0x61/0x2a0 [raid10]\n raid10_remove_disk+0x61/0x2a0 [raid10]\nBuffer I/O error on dev dm-76, logical block 15344, async page read\n ? __mutex_unlock_slowpath.constprop.0+0x1e0/0x1e0\n remove_and_add_spares+0x367/0x8a0 [md_mod]\n ? super_written+0x1c0/0x1c0 [md_mod]\n ? mutex_trylock+0xac/0x120\n ? _raw_spin_lock+0x72/0xc0\n ? _raw_spin_lock_bh+0xc0/0xc0\n md_check_recovery+0x848/0x960 [md_mod]\n raid10d+0xcf/0x3360 [raid10]\n ? sched_clock_cpu+0x185/0x1a0\n ? rb_erase+0x4d4/0x620\n ? var_wake_function+0xe0/0xe0\n ? psi_group_change+0x411/0x500\n ? preempt_count_sub+0xf/0xc0\n ? _raw_spin_lock_irqsave+0x78/0xc0\n ? __lock_text_start+0x18/0x18\n ? raid10_sync_request+0x36c0/0x36c0 [raid10]\n ? preempt_count_sub+0xf/0xc0\n ? _raw_spin_unlock_irqrestore+0x19/0x40\n ? del_timer_sync+0xa9/0x100\n ? try_to_del_timer_sync+0xc0/0xc0\n ? _raw_spin_lock_irqsave+0x78/0xc0\n ? __lock_text_start+0x18/0x18\n ? _raw_spin_unlock_irq+0x11/0x24\n ? __list_del_entry_valid+0x68/0xa0\n ? finish_wait+0xa3/0x100\n md_thread+0x161/0x260 [md_mod]\n ? unregister_md_personality+0xa0/0xa0 [md_mod]\n ? _raw_spin_lock_irqsave+0x78/0xc0\n ? prepare_to_wait_event+0x2c0/0x2c0\n ? unregister_md_personality+0xa0/0xa0 [md_mod]\n kthread+0x148/0x180\n ? kthread_complete_and_exit+0x20/0x20\n ret_from_fork+0x1f/0x30\n \n\nAllocated by task 124495:\n kasan_save_stack+0x1e/0x40\n __kasan_kmalloc+0x80/0xa0\n setup_conf+0x140/0x5c0 [raid10]\n raid10_run+0x4cd/0x740 [raid10]\n md_run+0x6f9/0x1300 [md_mod]\n raid_ctr+0x2531/0x4ac0 [dm_raid]\n dm_table_add_target+0x2b0/0x620 [dm_mod]\n table_load+0x1c8/0x400 [dm_mod]\n ctl_ioctl+0x29e/0x560 [dm_mod]\n dm_compat_ctl_ioctl+0x7/0x20 [dm_mod]\n __do_compat_sys_ioctl+0xfa/0x160\n do_syscall_64+0x90/0xc0\n entry_SYSCALL_64_after_hwframe+0x46/0xb0\n\nLast potentially related work creation:\n kasan_save_stack+0x1e/0x40\n __kasan_record_aux_stack+0x9e/0xc0\n kvfree_call_rcu+0x84/0x480\n timerfd_release+0x82/0x140\nL __fput+0xfa/0x400\n task_work_run+0x80/0xc0\n exit_to_user_mode_prepare+0x155/0x160\n syscall_exit_to_user_mode+0x12/0x40\n do_syscall_64+0x42/0xc0\n entry_SYSCALL_64_after_hwframe+0x46/0xb0\n\nSecond to last potentially related work creation:\n kasan_save_stack+0x1e/0x40\n __kasan_record_aux_stack+0x9e/0xc0\n kvfree_call_rcu+0x84/0x480\n timerfd_release+0x82/0x140\n __fput+0xfa/0x400\n task_work_run+0x80/0xc0\n exit_to_user_mode_prepare+0x155/0x160\n syscall_exit_to_user_mode+0x12/0x40\n do_syscall_64+0x42/0xc0\n entry_SYSCALL_64_after_hwframe+0x46/0xb0\n\nThe buggy address belongs to the object at ffff889108f3d200\n which belongs to the cache kmalloc-256 of size 256\nThe buggy address is located 0 bytes to the right of\n 256-byte region [ffff889108f3d200, ffff889108f3d300)\n\nThe buggy address belongs to the physical page:\npage:000000007ef2a34c refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1108f3c\nhead:000000007ef2a34c order:2 compound_mapcount:0 compound_pincount:0\nflags: 0x4000000000010200(slab|head|zone=2)\nraw: 4000000000010200 0000000000000000 dead000000000001 ffff889100042b40\nraw: 0000000000000000 0000000080200020 00000001ffffffff 0000000000000000\npage dumped because: kasan: bad access detected\n\nMemory state around the buggy address:\n ffff889108f3d200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n ffff889108f3d280: 00 00\n---truncated---", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-50211" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/0f4d18cbea4a6e37a05fd8ee2887439f85211110", "url": "https://git.kernel.org/stable/c/0f4d18cbea4a6e37a05fd8ee2887439f85211110" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/5f57843565131bb782388f9d993f9ee8f453dee1", "url": "https://git.kernel.org/stable/c/5f57843565131bb782388f9d993f9ee8f453dee1" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/5fd4ffa2372a41361d2bdd27ea5730e4e673240c", "url": "https://git.kernel.org/stable/c/5fd4ffa2372a41361d2bdd27ea5730e4e673240c" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/75fbd370a2cec9e92f48285bd90735ed0c837f52", "url": "https://git.kernel.org/stable/c/75fbd370a2cec9e92f48285bd90735ed0c837f52" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/7a6ccc8fa192fd357c2d5d4c6ce67c834a179e23", "url": "https://git.kernel.org/stable/c/7a6ccc8fa192fd357c2d5d4c6ce67c834a179e23" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/bcbdc26a44aba488d2f7122f2d66801bccb74733", "url": "https://git.kernel.org/stable/c/bcbdc26a44aba488d2f7122f2d66801bccb74733" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/bf30b9ba09b0ac2a10f04dce2b0835ec4d178aa6", "url": "https://git.kernel.org/stable/c/bf30b9ba09b0ac2a10f04dce2b0835ec4d178aa6" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/ce839b9331c11780470f3d727b6fe3c2794a4620", "url": "https://git.kernel.org/stable/c/ce839b9331c11780470f3d727b6fe3c2794a4620" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/d17f744e883b2f8d13cca252d71cfe8ace346f7d", "url": "https://git.kernel.org/stable/c/d17f744e883b2f8d13cca252d71cfe8ace346f7d" } ], "release_date": "2025-06-18T11:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-38713", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc()\n\nThe hfsplus_readdir() method is capable to crash by calling\nhfsplus_uni2asc():\n\n[ 667.121659][ T9805] ==================================================================\n[ 667.122651][ T9805] BUG: KASAN: slab-out-of-bounds in hfsplus_uni2asc+0x902/0xa10\n[ 667.123627][ T9805] Read of size 2 at addr ffff88802592f40c by task repro/9805\n[ 667.124578][ T9805]\n[ 667.124876][ T9805] CPU: 3 UID: 0 PID: 9805 Comm: repro Not tainted 6.16.0-rc3 #1 PREEMPT(full)\n[ 667.124886][ T9805] Hardware name: QEMU Ubuntu 24.04 PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\n[ 667.124890][ T9805] Call Trace:\n[ 667.124893][ T9805] \n[ 667.124896][ T9805] dump_stack_lvl+0x10e/0x1f0\n[ 667.124911][ T9805] print_report+0xd0/0x660\n[ 667.124920][ T9805] ? __virt_addr_valid+0x81/0x610\n[ 667.124928][ T9805] ? __phys_addr+0xe8/0x180\n[ 667.124934][ T9805] ? hfsplus_uni2asc+0x902/0xa10\n[ 667.124942][ T9805] kasan_report+0xc6/0x100\n[ 667.124950][ T9805] ? hfsplus_uni2asc+0x902/0xa10\n[ 667.124959][ T9805] hfsplus_uni2asc+0x902/0xa10\n[ 667.124966][ T9805] ? hfsplus_bnode_read+0x14b/0x360\n[ 667.124974][ T9805] hfsplus_readdir+0x845/0xfc0\n[ 667.124984][ T9805] ? __pfx_hfsplus_readdir+0x10/0x10\n[ 667.124994][ T9805] ? stack_trace_save+0x8e/0xc0\n[ 667.125008][ T9805] ? iterate_dir+0x18b/0xb20\n[ 667.125015][ T9805] ? trace_lock_acquire+0x85/0xd0\n[ 667.125022][ T9805] ? lock_acquire+0x30/0x80\n[ 667.125029][ T9805] ? iterate_dir+0x18b/0xb20\n[ 667.125037][ T9805] ? down_read_killable+0x1ed/0x4c0\n[ 667.125044][ T9805] ? putname+0x154/0x1a0\n[ 667.125051][ T9805] ? __pfx_down_read_killable+0x10/0x10\n[ 667.125058][ T9805] ? apparmor_file_permission+0x239/0x3e0\n[ 667.125069][ T9805] iterate_dir+0x296/0xb20\n[ 667.125076][ T9805] __x64_sys_getdents64+0x13c/0x2c0\n[ 667.125084][ T9805] ? __pfx___x64_sys_getdents64+0x10/0x10\n[ 667.125091][ T9805] ? __x64_sys_openat+0x141/0x200\n[ 667.125126][ T9805] ? __pfx_filldir64+0x10/0x10\n[ 667.125134][ T9805] ? do_user_addr_fault+0x7fe/0x12f0\n[ 667.125143][ T9805] do_syscall_64+0xc9/0x480\n[ 667.125151][ T9805] entry_SYSCALL_64_after_hwframe+0x77/0x7f\n[ 667.125158][ T9805] RIP: 0033:0x7fa8753b2fc9\n[ 667.125164][ T9805] Code: 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 48\n[ 667.125172][ T9805] RSP: 002b:00007ffe96f8e0f8 EFLAGS: 00000217 ORIG_RAX: 00000000000000d9\n[ 667.125181][ T9805] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fa8753b2fc9\n[ 667.125185][ T9805] RDX: 0000000000000400 RSI: 00002000000063c0 RDI: 0000000000000004\n[ 667.125190][ T9805] RBP: 00007ffe96f8e110 R08: 00007ffe96f8e110 R09: 00007ffe96f8e110\n[ 667.125195][ T9805] R10: 0000000000000000 R11: 0000000000000217 R12: 0000556b1e3b4260\n[ 667.125199][ T9805] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000\n[ 667.125207][ T9805] \n[ 667.125210][ T9805]\n[ 667.145632][ T9805] Allocated by task 9805:\n[ 667.145991][ T9805] kasan_save_stack+0x20/0x40\n[ 667.146352][ T9805] kasan_save_track+0x14/0x30\n[ 667.146717][ T9805] __kasan_kmalloc+0xaa/0xb0\n[ 667.147065][ T9805] __kmalloc_noprof+0x205/0x550\n[ 667.147448][ T9805] hfsplus_find_init+0x95/0x1f0\n[ 667.147813][ T9805] hfsplus_readdir+0x220/0xfc0\n[ 667.148174][ T9805] iterate_dir+0x296/0xb20\n[ 667.148549][ T9805] __x64_sys_getdents64+0x13c/0x2c0\n[ 667.148937][ T9805] do_syscall_64+0xc9/0x480\n[ 667.149291][ T9805] entry_SYSCALL_64_after_hwframe+0x77/0x7f\n[ 667.149809][ T9805]\n[ 667.150030][ T9805] The buggy address belongs to the object at ffff88802592f000\n[ 667.150030][ T9805] which belongs to the cache kmalloc-2k of size 2048\n[ 667.151282][ T9805] The buggy address is located 0 bytes to the right of\n[ 667.151282][ T9805] allocated 1036-byte region [ffff88802592f000, ffff88802592f40c)\n[ 667.1\n---truncated---", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-38713" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/13604b1d7e7b125fb428cddbec6b8d92baad25d5", "url": "https://git.kernel.org/stable/c/13604b1d7e7b125fb428cddbec6b8d92baad25d5" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/1ca69007e52a73bd8b84b988b61b319816ca8b01", "url": "https://git.kernel.org/stable/c/1ca69007e52a73bd8b84b988b61b319816ca8b01" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/291bb5d931c6f3cd7227b913302a17be21cf53b0", "url": "https://git.kernel.org/stable/c/291bb5d931c6f3cd7227b913302a17be21cf53b0" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/6f93694bcbc2c2ab3e01cd8fba2f296faf34e6b9", "url": "https://git.kernel.org/stable/c/6f93694bcbc2c2ab3e01cd8fba2f296faf34e6b9" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/73f7da507d787b489761a0fa280716f84fa32b2f", "url": "https://git.kernel.org/stable/c/73f7da507d787b489761a0fa280716f84fa32b2f" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/76a4c6636a69d69409aa253b049b1be717a539c5", "url": "https://git.kernel.org/stable/c/76a4c6636a69d69409aa253b049b1be717a539c5" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/94458781aee6045bd3d0ad4b80b02886b9e2219b", "url": "https://git.kernel.org/stable/c/94458781aee6045bd3d0ad4b80b02886b9e2219b" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/ccf0ad56a779e6704c0b27f555dec847f50c7557", "url": "https://git.kernel.org/stable/c/ccf0ad56a779e6704c0b27f555dec847f50c7557" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/f7534cbfac0a9ffa4fa17cacc6e8b6446dae24ee", "url": "https://git.kernel.org/stable/c/f7534cbfac0a9ffa4fa17cacc6e8b6446dae24ee" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html" } ], "release_date": "2025-09-04T16:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2022-50470", "cwe": { "id": "CWE-415", "name": "Double Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxhci: Remove device endpoints from bandwidth list when freeing the device\n\nEndpoints are normally deleted from the bandwidth list when they are\ndropped, before the virt device is freed.\n\nIf xHC host is dying or being removed then the endpoints aren't dropped\ncleanly due to functions returning early to avoid interacting with a\nnon-accessible host controller.\n\nSo check and delete endpoints that are still on the bandwidth list when\nfreeing the virt device.\n\nSolves a list_del corruption kernel crash when unbinding xhci-pci,\ncaused by xhci_mem_cleanup() when it later tried to delete already freed\nendpoints from the bandwidth list.\n\nThis only affects hosts that use software bandwidth checking, which\ncurrenty is only the xHC in intel Panther Point PCH (Ivy Bridge)", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-50470" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/3bf860a41e0f2fcea0ac3aae8f7ef887a7994b70", "url": "https://git.kernel.org/stable/c/3bf860a41e0f2fcea0ac3aae8f7ef887a7994b70" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/5aed5b7c2430ce318a8e62f752f181e66f0d1053", "url": "https://git.kernel.org/stable/c/5aed5b7c2430ce318a8e62f752f181e66f0d1053" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/5e4ce28ad907aa54f13b21d5f1dc490525957b0c", "url": "https://git.kernel.org/stable/c/5e4ce28ad907aa54f13b21d5f1dc490525957b0c" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/678d2cc2041cc6ce05030852dce9ad42719abcfc", "url": "https://git.kernel.org/stable/c/678d2cc2041cc6ce05030852dce9ad42719abcfc" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/8f1cd9633d1f21efc13e8fc75be8f2b6bb85e38c", "url": "https://git.kernel.org/stable/c/8f1cd9633d1f21efc13e8fc75be8f2b6bb85e38c" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c892a81c7424b4f6a660cb9c249d354ccf3afeca", "url": "https://git.kernel.org/stable/c/c892a81c7424b4f6a660cb9c249d354ccf3afeca" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/cebbc8d335d6bcc1316584f779c08f80287c6af8", "url": "https://git.kernel.org/stable/c/cebbc8d335d6bcc1316584f779c08f80287c6af8" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/f0de39474078adef6ece7a183e34c15ce2c1d8d1", "url": "https://git.kernel.org/stable/c/f0de39474078adef6ece7a183e34c15ce2c1d8d1" } ], "release_date": "2025-10-04T16:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2023-53282", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: lpfc: Fix use-after-free KFENCE violation during sysfs firmware write\n\nDuring the sysfs firmware write process, a use-after-free read warning is\nlogged from the lpfc_wr_object() routine:\n\n BUG: KFENCE: use-after-free read in lpfc_wr_object+0x235/0x310 [lpfc]\n Use-after-free read at 0x0000000000cf164d (in kfence-#111):\n lpfc_wr_object+0x235/0x310 [lpfc]\n lpfc_write_firmware.cold+0x206/0x30d [lpfc]\n lpfc_sli4_request_firmware_update+0xa6/0x100 [lpfc]\n lpfc_request_firmware_upgrade_store+0x66/0xb0 [lpfc]\n kernfs_fop_write_iter+0x121/0x1b0\n new_sync_write+0x11c/0x1b0\n vfs_write+0x1ef/0x280\n ksys_write+0x5f/0xe0\n do_syscall_64+0x59/0x90\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nThe driver accessed wr_object pointer data, which was initialized into\nmailbox payload memory, after the mailbox object was released back to the\nmailbox pool.\n\nFix by moving the mailbox free calls to the end of the routine ensuring\nthat we don't reference internal mailbox memory after release.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2023-53282" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/21681b81b9ae548c5dae7ae00d931197a27f480c", "url": "https://git.kernel.org/stable/c/21681b81b9ae548c5dae7ae00d931197a27f480c" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/51ab4eb1a25e73c7fc2ad9026520c4d8369c93cc", "url": "https://git.kernel.org/stable/c/51ab4eb1a25e73c7fc2ad9026520c4d8369c93cc" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/8becb97918f04bb177bc9c4e00c2bdb302e00944", "url": "https://git.kernel.org/stable/c/8becb97918f04bb177bc9c4e00c2bdb302e00944" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/8dfefa8f424ab208e552df1bfd008b732f3d0ad1", "url": "https://git.kernel.org/stable/c/8dfefa8f424ab208e552df1bfd008b732f3d0ad1" } ], "release_date": "2025-09-16T08:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-37839", "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\njbd2: remove wrong sb->s_sequence check\n\nJournal emptiness is not determined by sb->s_sequence == 0 but rather by\nsb->s_start == 0 (which is set a few lines above). Furthermore 0 is a\nvalid transaction ID so the check can spuriously trigger. Remove the\ninvalid WARN_ON.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-37839" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/3b4643ffaf72d7a5a357e9bf68b1775f8cfe7e77", "url": "https://git.kernel.org/stable/c/3b4643ffaf72d7a5a357e9bf68b1775f8cfe7e77" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/9eaec071f111cd2124ce9a5b93536d3f6837d457", "url": "https://git.kernel.org/stable/c/9eaec071f111cd2124ce9a5b93536d3f6837d457" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/ad926f735b4d4f10768fec7d080cadeb6d075cac", "url": "https://git.kernel.org/stable/c/ad926f735b4d4f10768fec7d080cadeb6d075cac" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/b0cca357f85beb6144ab60c62dcc98508cc044bf", "url": "https://git.kernel.org/stable/c/b0cca357f85beb6144ab60c62dcc98508cc044bf" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/b479839525fe7906966cdc4b5b2afbca048558a1", "url": "https://git.kernel.org/stable/c/b479839525fe7906966cdc4b5b2afbca048558a1" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c88f7328bb0fff66520fc9164f02b1d06e083c1b", "url": "https://git.kernel.org/stable/c/c88f7328bb0fff66520fc9164f02b1d06e083c1b" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c98eb9ffb1d9c98237b5e1668eee17654e129fb0", "url": "https://git.kernel.org/stable/c/c98eb9ffb1d9c98237b5e1668eee17654e129fb0" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/cf30432f5b3064ff85d85639c2f0106f89c566f6", "url": "https://git.kernel.org/stable/c/cf30432f5b3064ff85d85639c2f0106f89c566f6" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/e6eff39dd0fe4190c6146069cc16d160e71d1148", "url": "https://git.kernel.org/stable/c/e6eff39dd0fe4190c6146069cc16d160e71d1148" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html", "url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html", "url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html" } ], "release_date": "2025-05-09T07:16:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2022-50384", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nstaging: vme_user: Fix possible UAF in tsi148_dma_list_add\n\nSmatch report warning as follows:\n\ndrivers/staging/vme_user/vme_tsi148.c:1757 tsi148_dma_list_add() warn:\n '&entry->list' not removed from list\n\nIn tsi148_dma_list_add(), the error path \"goto err_dma\" will not\nremove entry->list from list->entries, but entry will be freed,\nthen list traversal may cause UAF.\n\nFix by removeing it from list->entries before free().", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-50384" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/1f5661388f43df3ac106ce93e67d8d22b16a78ff", "url": "https://git.kernel.org/stable/c/1f5661388f43df3ac106ce93e67d8d22b16a78ff" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/357057ee55d3c99a5de5abe8150f7bca04f8e53b", "url": "https://git.kernel.org/stable/c/357057ee55d3c99a5de5abe8150f7bca04f8e53b" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/51c0ad3b7c5b01f9314758335a13f157b05fa56d", "url": "https://git.kernel.org/stable/c/51c0ad3b7c5b01f9314758335a13f157b05fa56d" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/5cc4eea715a3fcf4e516662f736dfee63979465f", "url": "https://git.kernel.org/stable/c/5cc4eea715a3fcf4e516662f736dfee63979465f" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/5d2b286eb034af114f67d9967fc3fbc1829bb712", "url": "https://git.kernel.org/stable/c/5d2b286eb034af114f67d9967fc3fbc1829bb712" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/85db68fc901da52314ded80aace99f8b684c7815", "url": "https://git.kernel.org/stable/c/85db68fc901da52314ded80aace99f8b684c7815" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a45ba33d398a821147d7e5f16ead7eb125e331e2", "url": "https://git.kernel.org/stable/c/a45ba33d398a821147d7e5f16ead7eb125e331e2" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/cf138759a7e92c75cfc1b7ba705e4108fe330edf", "url": "https://git.kernel.org/stable/c/cf138759a7e92c75cfc1b7ba705e4108fe330edf" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/e6b0adff99edf246ba1f8d464530a0438cb1cbda", "url": "https://git.kernel.org/stable/c/e6b0adff99edf246ba1f8d464530a0438cb1cbda" } ], "release_date": "2025-09-18T14:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2022-50542", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: si470x: Fix use-after-free in si470x_int_in_callback()\n\nsyzbot reported use-after-free in si470x_int_in_callback() [1]. This\nindicates that urb->context, which contains struct si470x_device\nobject, is freed when si470x_int_in_callback() is called.\n\nThe cause of this issue is that si470x_int_in_callback() is called for\nfreed urb.\n\nsi470x_usb_driver_probe() calls si470x_start_usb(), which then calls\nusb_submit_urb() and si470x_start(). If si470x_start_usb() fails,\nsi470x_usb_driver_probe() doesn't kill urb, but it just frees struct\nsi470x_device object, as depicted below:\n\nsi470x_usb_driver_probe()\n ...\n si470x_start_usb()\n ...\n usb_submit_urb()\n retval = si470x_start()\n return retval\n if (retval < 0)\n free struct si470x_device object, but don't kill urb\n\nThis patch fixes this issue by killing urb when si470x_start_usb()\nfails and urb is submitted. If si470x_start_usb() fails and urb is\nnot submitted, i.e. submitting usb fails, it just frees struct\nsi470x_device object.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-50542" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/0ca298d548461d29615f9a2b1309e8dcf4a352c6", "url": "https://git.kernel.org/stable/c/0ca298d548461d29615f9a2b1309e8dcf4a352c6" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/146bd005ebb01ae190c22af050cb98623958c373", "url": "https://git.kernel.org/stable/c/146bd005ebb01ae190c22af050cb98623958c373" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/1c6447d0fc68650e51586dde79b5090d9d77f13a", "url": "https://git.kernel.org/stable/c/1c6447d0fc68650e51586dde79b5090d9d77f13a" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/52f54fe78cca24850a30865037250f63eb3d5bf7", "url": "https://git.kernel.org/stable/c/52f54fe78cca24850a30865037250f63eb3d5bf7" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/63648a7bd1a7599bcc2040a6d1792363ae4c2e1b", "url": "https://git.kernel.org/stable/c/63648a7bd1a7599bcc2040a6d1792363ae4c2e1b" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/6c8aee0c8fcc6dda94315f7908e8fa9bc75abe75", "url": "https://git.kernel.org/stable/c/6c8aee0c8fcc6dda94315f7908e8fa9bc75abe75" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/7d21e0b1b41b21d628bf2afce777727bd4479aa5", "url": "https://git.kernel.org/stable/c/7d21e0b1b41b21d628bf2afce777727bd4479aa5" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/8c6151b8e8dd2d98ad2cd725d26d1e103d989891", "url": "https://git.kernel.org/stable/c/8c6151b8e8dd2d98ad2cd725d26d1e103d989891" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/92b0888398e4ba51d93b618a6506781f4e3879c9", "url": "https://git.kernel.org/stable/c/92b0888398e4ba51d93b618a6506781f4e3879c9" } ], "release_date": "2025-10-07T16:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-38286", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\npinctrl: at91: Fix possible out-of-boundary access\n\nat91_gpio_probe() doesn't check that given OF alias is not available or\nsomething went wrong when trying to get it. This might have consequences\nwhen accessing gpio_chips array with that value as an index. Note, that\nBUG() can be compiled out and hence won't actually perform the required\nchecks.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-38286" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/264a5cf0c422e65c94447a1ebebfac7c92690670", "url": "https://git.kernel.org/stable/c/264a5cf0c422e65c94447a1ebebfac7c92690670" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/288c39286f759314ee8fb3a80a858179b4f306da", "url": "https://git.kernel.org/stable/c/288c39286f759314ee8fb3a80a858179b4f306da" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/2ecafe59668d2506a68459a9d169ebe41a147a41", "url": "https://git.kernel.org/stable/c/2ecafe59668d2506a68459a9d169ebe41a147a41" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/762ef7d1e6eefad9896560bfcb9bcf7f1b6df9c1", "url": "https://git.kernel.org/stable/c/762ef7d1e6eefad9896560bfcb9bcf7f1b6df9c1" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/db5665cbfd766db7d8cd0e5fd6e3c0b412916774", "url": "https://git.kernel.org/stable/c/db5665cbfd766db7d8cd0e5fd6e3c0b412916774" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/e02e12d6a7ab76c83849a4122785650dc7edef65", "url": "https://git.kernel.org/stable/c/e02e12d6a7ab76c83849a4122785650dc7edef65" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/eb435bc4c74acbb286cec773deac13d117d3ef39", "url": "https://git.kernel.org/stable/c/eb435bc4c74acbb286cec773deac13d117d3ef39" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/f1c1fdc41fbf7e308ced9c86f3f66345a3f6f478", "url": "https://git.kernel.org/stable/c/f1c1fdc41fbf7e308ced9c86f3f66345a3f6f478" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html" } ], "release_date": "2025-07-10T08:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2022-50496", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm cache: Fix UAF in destroy()\n\nDm_cache also has the same UAF problem when dm_resume()\nand dm_destroy() are concurrent.\n\nTherefore, cancelling timer again in destroy().", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-50496" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/034cbc8d3b47a56acd89453c29632a9c117de09d", "url": "https://git.kernel.org/stable/c/034cbc8d3b47a56acd89453c29632a9c117de09d" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/2b17026685a270b2beaf1cdd9857fcedd3505c7e", "url": "https://git.kernel.org/stable/c/2b17026685a270b2beaf1cdd9857fcedd3505c7e" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/2f097dfac7579fd84ff98eb1d3acd41d53a485f3", "url": "https://git.kernel.org/stable/c/2f097dfac7579fd84ff98eb1d3acd41d53a485f3" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/4d20032dd90664de09f2902a7ea49ae2f7771746", "url": "https://git.kernel.org/stable/c/4d20032dd90664de09f2902a7ea49ae2f7771746" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/6a3e412c2ab131c54945327a7676b006f000a209", "url": "https://git.kernel.org/stable/c/6a3e412c2ab131c54945327a7676b006f000a209" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/6a459d8edbdbe7b24db42a5a9f21e6aa9e00c2aa", "url": "https://git.kernel.org/stable/c/6a459d8edbdbe7b24db42a5a9f21e6aa9e00c2aa" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/6ac4f36910764cb510bafc4c3768544f86ca48ca", "url": "https://git.kernel.org/stable/c/6ac4f36910764cb510bafc4c3768544f86ca48ca" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/993406104d2b28fe470126a062ad37a1e21e792e", "url": "https://git.kernel.org/stable/c/993406104d2b28fe470126a062ad37a1e21e792e" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/d2a0b298ebf83ab6236f66788a3541e91ce75a70", "url": "https://git.kernel.org/stable/c/d2a0b298ebf83ab6236f66788a3541e91ce75a70" } ], "release_date": "2025-10-04T16:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-38051", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: Fix use-after-free in cifs_fill_dirent\n\nThere is a race condition in the readdir concurrency process, which may\naccess the rsp buffer after it has been released, triggering the\nfollowing KASAN warning.\n\n ==================================================================\n BUG: KASAN: slab-use-after-free in cifs_fill_dirent+0xb03/0xb60 [cifs]\n Read of size 4 at addr ffff8880099b819c by task a.out/342975\n\n CPU: 2 UID: 0 PID: 342975 Comm: a.out Not tainted 6.15.0-rc6+ #240 PREEMPT(full)\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.1-2.fc37 04/01/2014\n Call Trace:\n \n dump_stack_lvl+0x53/0x70\n print_report+0xce/0x640\n kasan_report+0xb8/0xf0\n cifs_fill_dirent+0xb03/0xb60 [cifs]\n cifs_readdir+0x12cb/0x3190 [cifs]\n iterate_dir+0x1a1/0x520\n __x64_sys_getdents+0x134/0x220\n do_syscall_64+0x4b/0x110\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n RIP: 0033:0x7f996f64b9f9\n Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89\n f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01\n f0 ff ff 0d f7 c3 0c 00 f7 d8 64 89 8\n RSP: 002b:00007f996f53de78 EFLAGS: 00000207 ORIG_RAX: 000000000000004e\n RAX: ffffffffffffffda RBX: 00007f996f53ecdc RCX: 00007f996f64b9f9\n RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003\n RBP: 00007f996f53dea0 R08: 0000000000000000 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000207 R12: ffffffffffffff88\n R13: 0000000000000000 R14: 00007ffc8cd9a500 R15: 00007f996f51e000\n \n\n Allocated by task 408:\n kasan_save_stack+0x20/0x40\n kasan_save_track+0x14/0x30\n __kasan_slab_alloc+0x6e/0x70\n kmem_cache_alloc_noprof+0x117/0x3d0\n mempool_alloc_noprof+0xf2/0x2c0\n cifs_buf_get+0x36/0x80 [cifs]\n allocate_buffers+0x1d2/0x330 [cifs]\n cifs_demultiplex_thread+0x22b/0x2690 [cifs]\n kthread+0x394/0x720\n ret_from_fork+0x34/0x70\n ret_from_fork_asm+0x1a/0x30\n\n Freed by task 342979:\n kasan_save_stack+0x20/0x40\n kasan_save_track+0x14/0x30\n kasan_save_free_info+0x3b/0x60\n __kasan_slab_free+0x37/0x50\n kmem_cache_free+0x2b8/0x500\n cifs_buf_release+0x3c/0x70 [cifs]\n cifs_readdir+0x1c97/0x3190 [cifs]\n iterate_dir+0x1a1/0x520\n __x64_sys_getdents64+0x134/0x220\n do_syscall_64+0x4b/0x110\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\n The buggy address belongs to the object at ffff8880099b8000\n which belongs to the cache cifs_request of size 16588\n The buggy address is located 412 bytes inside of\n freed 16588-byte region [ffff8880099b8000, ffff8880099bc0cc)\n\n The buggy address belongs to the physical page:\n page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x99b8\n head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0\n anon flags: 0x80000000000040(head|node=0|zone=1)\n page_type: f5(slab)\n raw: 0080000000000040 ffff888001e03400 0000000000000000 dead000000000001\n raw: 0000000000000000 0000000000010001 00000000f5000000 0000000000000000\n head: 0080000000000040 ffff888001e03400 0000000000000000 dead000000000001\n head: 0000000000000000 0000000000010001 00000000f5000000 0000000000000000\n head: 0080000000000003 ffffea0000266e01 00000000ffffffff 00000000ffffffff\n head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008\n page dumped because: kasan: bad access detected\n\n Memory state around the buggy address:\n ffff8880099b8080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n ffff8880099b8100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n >ffff8880099b8180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n ^\n ffff8880099b8200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n ffff8880099b8280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n ==================================================================\n\nPOC is available in the link [1].\n\nThe problem triggering process is as follows:\n\nProcess 1 Process 2\n-----------------------------------\n---truncated---", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-38051" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/1b197931fbc821bc7e9e91bf619400db563e3338", "url": "https://git.kernel.org/stable/c/1b197931fbc821bc7e9e91bf619400db563e3338" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/73cadde98f67f76c5eba00ac0b72c453383cec8b", "url": "https://git.kernel.org/stable/c/73cadde98f67f76c5eba00ac0b72c453383cec8b" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/9bea368648ac46f8593a780760362e40291d22a9", "url": "https://git.kernel.org/stable/c/9bea368648ac46f8593a780760362e40291d22a9" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/9c9aafbacc183598f064902365e107b5e856531f", "url": "https://git.kernel.org/stable/c/9c9aafbacc183598f064902365e107b5e856531f" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a24c2f05ac3c5b0aaa539d9d913826d2643dfd0e", "url": "https://git.kernel.org/stable/c/a24c2f05ac3c5b0aaa539d9d913826d2643dfd0e" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a7a8fe56e932a36f43e031b398aef92341bf5ea0", "url": "https://git.kernel.org/stable/c/a7a8fe56e932a36f43e031b398aef92341bf5ea0" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/aee067e88d61eb72e966f094e4749c6b14e7008f", "url": "https://git.kernel.org/stable/c/aee067e88d61eb72e966f094e4749c6b14e7008f" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c8623231e0edfcccb7cc6add0288fa0f0594282f", "url": "https://git.kernel.org/stable/c/c8623231e0edfcccb7cc6add0288fa0f0594282f" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html" } ], "release_date": "2025-06-18T10:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-37823", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too\n\nSimilarly to the previous patch, we need to safe guard hfsc_dequeue()\ntoo. But for this one, we don't have a reliable reproducer.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-37823" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/11bccb054c1462fb069219f8e98e97a5a730758e", "url": "https://git.kernel.org/stable/c/11bccb054c1462fb069219f8e98e97a5a730758e" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/2f46d14919c39528c6e540ebc43f90055993eedc", "url": "https://git.kernel.org/stable/c/2f46d14919c39528c6e540ebc43f90055993eedc" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/68f256305ceb426d545a0dc31f83c2ab1d211a1e", "url": "https://git.kernel.org/stable/c/68f256305ceb426d545a0dc31f83c2ab1d211a1e" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/6ccbda44e2cc3d26fd22af54c650d6d5d801addf", "url": "https://git.kernel.org/stable/c/6ccbda44e2cc3d26fd22af54c650d6d5d801addf" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/76c4c22c2437d3d3880efc0f62eca06ef078d290", "url": "https://git.kernel.org/stable/c/76c4c22c2437d3d3880efc0f62eca06ef078d290" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c6936266f8bf98a53f28ef9a820e6a501e946d09", "url": "https://git.kernel.org/stable/c/c6936266f8bf98a53f28ef9a820e6a501e946d09" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c6f035044104c6ff656f4565cd22938dc892528c", "url": "https://git.kernel.org/stable/c/c6f035044104c6ff656f4565cd22938dc892528c" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/da7936518996d290e2fcfcaf6cd7e15bfd87804a", "url": "https://git.kernel.org/stable/c/da7936518996d290e2fcfcaf6cd7e15bfd87804a" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html", "url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html", "url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html" } ], "release_date": "2025-05-08T07:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2022-50099", "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvideo: fbdev: arkfb: Check the size of screen before memset_io()\n\nIn the function arkfb_set_par(), the value of 'screen_size' is\ncalculated by the user input. If the user provides the improper value,\nthe value of 'screen_size' may larger than 'info->screen_size', which\nmay cause the following bug:\n\n[ 659.399066] BUG: unable to handle page fault for address: ffffc90003000000\n[ 659.399077] #PF: supervisor write access in kernel mode\n[ 659.399079] #PF: error_code(0x0002) - not-present page\n[ 659.399094] RIP: 0010:memset_orig+0x33/0xb0\n[ 659.399116] Call Trace:\n[ 659.399122] arkfb_set_par+0x143f/0x24c0\n[ 659.399130] fb_set_var+0x604/0xeb0\n[ 659.399161] do_fb_ioctl+0x234/0x670\n[ 659.399189] fb_ioctl+0xdd/0x130\n\nFix the this by checking the value of 'screen_size' before memset_io().", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-50099" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/0701df594bc1d7ae55fed407fb65dd90a93f8a9c", "url": "https://git.kernel.org/stable/c/0701df594bc1d7ae55fed407fb65dd90a93f8a9c" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/09e733d6ac948e6fda4b16252e44ea46f98fc8b4", "url": "https://git.kernel.org/stable/c/09e733d6ac948e6fda4b16252e44ea46f98fc8b4" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/2ce61c39c2a0b8ec82f48e0f7136f0dac105ae75", "url": "https://git.kernel.org/stable/c/2ce61c39c2a0b8ec82f48e0f7136f0dac105ae75" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/352305ea50d682b8e081d826da53caf9e744d7d0", "url": "https://git.kernel.org/stable/c/352305ea50d682b8e081d826da53caf9e744d7d0" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/4a20c5510aa2c031a096a58deb356e91609781c9", "url": "https://git.kernel.org/stable/c/4a20c5510aa2c031a096a58deb356e91609781c9" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/53198b81930e567ad6b879812d88052a1e8ac79e", "url": "https://git.kernel.org/stable/c/53198b81930e567ad6b879812d88052a1e8ac79e" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/8bcb1a06e3091716b7cbebe0e91d1de9895068cd", "url": "https://git.kernel.org/stable/c/8bcb1a06e3091716b7cbebe0e91d1de9895068cd" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/96b550971c65d54d64728d8ba973487878a06454", "url": "https://git.kernel.org/stable/c/96b550971c65d54d64728d8ba973487878a06454" } ], "release_date": "2025-06-18T11:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-39685", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncomedi: pcl726: Prevent invalid irq number\n\nThe reproducer passed in an irq number(0x80008000) that was too large,\nwhich triggered the oob.\n\nAdded an interrupt number check to prevent users from passing in an irq\nnumber that was too large.\n\nIf `it->options[1]` is 31, then `1 << it->options[1]` is still invalid\nbecause it shifts a 1-bit into the sign bit (which is UB in C).\nPossible solutions include reducing the upper bound on the\n`it->options[1]` value to 30 or lower, or using `1U << it->options[1]`.\n\nThe old code would just not attempt to request the IRQ if the\n`options[1]` value were invalid. And it would still configure the\ndevice without interrupts even if the call to `request_irq` returned an\nerror. So it would be better to combine this test with the test below.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-39685" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/0eb4ed2aa261dee228f1668dbfa6d87353e8162d", "url": "https://git.kernel.org/stable/c/0eb4ed2aa261dee228f1668dbfa6d87353e8162d" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/5a33d07c94ba91306093e823112a7aa9727549f6", "url": "https://git.kernel.org/stable/c/5a33d07c94ba91306093e823112a7aa9727549f6" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/96cb948408b3adb69df7e451ba7da9d21f814d00", "url": "https://git.kernel.org/stable/c/96cb948408b3adb69df7e451ba7da9d21f814d00" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a3cfcd0c78c80ca7cd80372dc28f77d01be57bf6", "url": "https://git.kernel.org/stable/c/a3cfcd0c78c80ca7cd80372dc28f77d01be57bf6" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/bab220b0bb5af652007e278e8e8357f952b0e1ea", "url": "https://git.kernel.org/stable/c/bab220b0bb5af652007e278e8e8357f952b0e1ea" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/d8992c9a01f81128f36acb7c5755530e21fcd059", "url": "https://git.kernel.org/stable/c/d8992c9a01f81128f36acb7c5755530e21fcd059" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html" } ], "release_date": "2025-09-05T18:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2022-49865", "cwe": { "id": "CWE-909", "name": "Missing Initialization of Resource" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: addrlabel: fix infoleak when sending struct ifaddrlblmsg to network\n\nWhen copying a `struct ifaddrlblmsg` to the network, __ifal_reserved\nremained uninitialized, resulting in a 1-byte infoleak:\n\n BUG: KMSAN: kernel-network-infoleak in __netdev_start_xmit ./include/linux/netdevice.h:4841\n __netdev_start_xmit ./include/linux/netdevice.h:4841\n netdev_start_xmit ./include/linux/netdevice.h:4857\n xmit_one net/core/dev.c:3590\n dev_hard_start_xmit+0x1dc/0x800 net/core/dev.c:3606\n __dev_queue_xmit+0x17e8/0x4350 net/core/dev.c:4256\n dev_queue_xmit ./include/linux/netdevice.h:3009\n __netlink_deliver_tap_skb net/netlink/af_netlink.c:307\n __netlink_deliver_tap+0x728/0xad0 net/netlink/af_netlink.c:325\n netlink_deliver_tap net/netlink/af_netlink.c:338\n __netlink_sendskb net/netlink/af_netlink.c:1263\n netlink_sendskb+0x1d9/0x200 net/netlink/af_netlink.c:1272\n netlink_unicast+0x56d/0xf50 net/netlink/af_netlink.c:1360\n nlmsg_unicast ./include/net/netlink.h:1061\n rtnl_unicast+0x5a/0x80 net/core/rtnetlink.c:758\n ip6addrlbl_get+0xfad/0x10f0 net/ipv6/addrlabel.c:628\n rtnetlink_rcv_msg+0xb33/0x1570 net/core/rtnetlink.c:6082\n ...\n Uninit was created at:\n slab_post_alloc_hook+0x118/0xb00 mm/slab.h:742\n slab_alloc_node mm/slub.c:3398\n __kmem_cache_alloc_node+0x4f2/0x930 mm/slub.c:3437\n __do_kmalloc_node mm/slab_common.c:954\n __kmalloc_node_track_caller+0x117/0x3d0 mm/slab_common.c:975\n kmalloc_reserve net/core/skbuff.c:437\n __alloc_skb+0x27a/0xab0 net/core/skbuff.c:509\n alloc_skb ./include/linux/skbuff.h:1267\n nlmsg_new ./include/net/netlink.h:964\n ip6addrlbl_get+0x490/0x10f0 net/ipv6/addrlabel.c:608\n rtnetlink_rcv_msg+0xb33/0x1570 net/core/rtnetlink.c:6082\n netlink_rcv_skb+0x299/0x550 net/netlink/af_netlink.c:2540\n rtnetlink_rcv+0x26/0x30 net/core/rtnetlink.c:6109\n netlink_unicast_kernel net/netlink/af_netlink.c:1319\n netlink_unicast+0x9ab/0xf50 net/netlink/af_netlink.c:1345\n netlink_sendmsg+0xebc/0x10f0 net/netlink/af_netlink.c:1921\n ...\n\nThis patch ensures that the reserved field is always initialized.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-49865" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/0f85b7ae7c4b5d7b4bbf7ac653a733c181a8a2bf", "url": "https://git.kernel.org/stable/c/0f85b7ae7c4b5d7b4bbf7ac653a733c181a8a2bf" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/2acb2779b147decd300c117683d5a32ce61c75d6", "url": "https://git.kernel.org/stable/c/2acb2779b147decd300c117683d5a32ce61c75d6" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/49e92ba5ecd7d72ba369dde2ccff738edd028a47", "url": "https://git.kernel.org/stable/c/49e92ba5ecd7d72ba369dde2ccff738edd028a47" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/568a47ff756f913e8b374c2af9d22cd2c772c744", "url": "https://git.kernel.org/stable/c/568a47ff756f913e8b374c2af9d22cd2c772c744" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/58cd7fdc8c1e6c7873acc08f190069fed88d1c12", "url": "https://git.kernel.org/stable/c/58cd7fdc8c1e6c7873acc08f190069fed88d1c12" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/6d26d0587abccb9835382a0b53faa7b9b1cd83e3", "url": "https://git.kernel.org/stable/c/6d26d0587abccb9835382a0b53faa7b9b1cd83e3" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a033b86c7f7621fde31f0364af8986f43b44914f", "url": "https://git.kernel.org/stable/c/a033b86c7f7621fde31f0364af8986f43b44914f" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c23fb2c82267638f9d206cb96bb93e1f93ad7828", "url": "https://git.kernel.org/stable/c/c23fb2c82267638f9d206cb96bb93e1f93ad7828" } ], "release_date": "2025-05-01T15:16:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2023-53569", "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\next2: Check block size validity during mount\n\nCheck that log of block size stored in the superblock has sensible\nvalue. Otherwise the shift computing the block size can overflow leading\nto undefined behavior.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2023-53569" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/0ebfaf14150f55550cffb1148ed3920143c7a69c", "url": "https://git.kernel.org/stable/c/0ebfaf14150f55550cffb1148ed3920143c7a69c" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/22ab5fed07ad4b206ea910fd0132d1a0d4831584", "url": "https://git.kernel.org/stable/c/22ab5fed07ad4b206ea910fd0132d1a0d4831584" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/451b98155be5dfee05bc6e7c8b30c0be4add3f71", "url": "https://git.kernel.org/stable/c/451b98155be5dfee05bc6e7c8b30c0be4add3f71" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/62aeb94433fcec80241754b70d0d1836d5926b0a", "url": "https://git.kernel.org/stable/c/62aeb94433fcec80241754b70d0d1836d5926b0a" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/99f8a15af6c9f0653193104a9e70891f950c6001", "url": "https://git.kernel.org/stable/c/99f8a15af6c9f0653193104a9e70891f950c6001" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c2e7776843a953fd7e48895c3880c277f996193e", "url": "https://git.kernel.org/stable/c/c2e7776843a953fd7e48895c3880c277f996193e" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c4813f858e5c3e4c4659ce95385c1c400c593e1e", "url": "https://git.kernel.org/stable/c/c4813f858e5c3e4c4659ce95385c1c400c593e1e" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/e6f4fb28890c1361e0db9eb1adee3fc04e7fe7f5", "url": "https://git.kernel.org/stable/c/e6f4fb28890c1361e0db9eb1adee3fc04e7fe7f5" } ], "release_date": "2025-10-04T16:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2023-53138", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: caif: Fix use-after-free in cfusbl_device_notify()\n\nsyzbot reported use-after-free in cfusbl_device_notify() [1]. This\ncauses a stack trace like below:\n\nBUG: KASAN: use-after-free in cfusbl_device_notify+0x7c9/0x870 net/caif/caif_usb.c:138\nRead of size 8 at addr ffff88807ac4e6f0 by task kworker/u4:6/1214\n\nCPU: 0 PID: 1214 Comm: kworker/u4:6 Not tainted 5.19.0-rc3-syzkaller-00146-g92f20ff72066 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\nWorkqueue: netns cleanup_net\nCall Trace:\n \n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0xcd/0x134 lib/dump_stack.c:106\n print_address_description.constprop.0.cold+0xeb/0x467 mm/kasan/report.c:313\n print_report mm/kasan/report.c:429 [inline]\n kasan_report.cold+0xf4/0x1c6 mm/kasan/report.c:491\n cfusbl_device_notify+0x7c9/0x870 net/caif/caif_usb.c:138\n notifier_call_chain+0xb5/0x200 kernel/notifier.c:87\n call_netdevice_notifiers_info+0xb5/0x130 net/core/dev.c:1945\n call_netdevice_notifiers_extack net/core/dev.c:1983 [inline]\n call_netdevice_notifiers net/core/dev.c:1997 [inline]\n netdev_wait_allrefs_any net/core/dev.c:10227 [inline]\n netdev_run_todo+0xbc0/0x10f0 net/core/dev.c:10341\n default_device_exit_batch+0x44e/0x590 net/core/dev.c:11334\n ops_exit_list+0x125/0x170 net/core/net_namespace.c:167\n cleanup_net+0x4ea/0xb00 net/core/net_namespace.c:594\n process_one_work+0x996/0x1610 kernel/workqueue.c:2289\n worker_thread+0x665/0x1080 kernel/workqueue.c:2436\n kthread+0x2e9/0x3a0 kernel/kthread.c:376\n ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:302\n \n\nWhen unregistering a net device, unregister_netdevice_many_notify()\nsets the device's reg_state to NETREG_UNREGISTERING, calls notifiers\nwith NETDEV_UNREGISTER, and adds the device to the todo list.\n\nLater on, devices in the todo list are processed by netdev_run_todo().\nnetdev_run_todo() waits devices' reference count become 1 while\nrebdoadcasting NETDEV_UNREGISTER notification.\n\nWhen cfusbl_device_notify() is called with NETDEV_UNREGISTER multiple\ntimes, the parent device might be freed. This could cause UAF.\nProcessing NETDEV_UNREGISTER multiple times also causes inbalance of\nreference count for the module.\n\nThis patch fixes the issue by accepting only first NETDEV_UNREGISTER\nnotification.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2023-53138" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/1793da97a23e31c5bf06631f3f3e5a25f368fd64", "url": "https://git.kernel.org/stable/c/1793da97a23e31c5bf06631f3f3e5a25f368fd64" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/287027d8a567168a5d8ce5cb0cba16a34791a48c", "url": "https://git.kernel.org/stable/c/287027d8a567168a5d8ce5cb0cba16a34791a48c" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/3f14457e1584224f4296af613bbd99deb60b5d91", "url": "https://git.kernel.org/stable/c/3f14457e1584224f4296af613bbd99deb60b5d91" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/68a45c3cf0e2242a533657f4f535d9b6a7447a79", "url": "https://git.kernel.org/stable/c/68a45c3cf0e2242a533657f4f535d9b6a7447a79" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/9781e98a97110f5e76999058368b4be76a788484", "url": "https://git.kernel.org/stable/c/9781e98a97110f5e76999058368b4be76a788484" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/9dc16be373b382ddd4c274052a6e870a95e76c01", "url": "https://git.kernel.org/stable/c/9dc16be373b382ddd4c274052a6e870a95e76c01" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c3aaec463a632cf4187dc017e421bfa69d7834a9", "url": "https://git.kernel.org/stable/c/c3aaec463a632cf4187dc017e421bfa69d7834a9" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/d1a11bbdbb5ea9f172019c5a4a3e9d8eabd72179", "url": "https://git.kernel.org/stable/c/d1a11bbdbb5ea9f172019c5a4a3e9d8eabd72179" } ], "release_date": "2025-05-02T16:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2024-43883", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: vhci-hcd: Do not drop references before new references are gained\n\nAt a few places the driver carries stale pointers\nto references that can still be used. Make sure that does not happen.\nThis strictly speaking closes ZDI-CAN-22273, though there may be\nsimilar races in the driver.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2024-43883" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/128e82e41cf7d74a562726c1587d9d2ede1a0a37", "url": "https://git.kernel.org/stable/c/128e82e41cf7d74a562726c1587d9d2ede1a0a37" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/4dacdb9720aaab10b6be121eae55820174d97174", "url": "https://git.kernel.org/stable/c/4dacdb9720aaab10b6be121eae55820174d97174" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/585e6bc7d0a9bf73a8be3d3fb34e86b90cc61a14", "url": "https://git.kernel.org/stable/c/585e6bc7d0a9bf73a8be3d3fb34e86b90cc61a14" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/5a3c473b28ae1c1f7c4dc129e30cb19ae6e96f89", "url": "https://git.kernel.org/stable/c/5a3c473b28ae1c1f7c4dc129e30cb19ae6e96f89" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/9c3746ce8d8fcb3a2405644fc0eec7fc5312de80", "url": "https://git.kernel.org/stable/c/9c3746ce8d8fcb3a2405644fc0eec7fc5312de80" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/afdcfd3d6fcdeca2735ca8d994c5f2d24a368f0a", "url": "https://git.kernel.org/stable/c/afdcfd3d6fcdeca2735ca8d994c5f2d24a368f0a" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c3d0857b7fc2c49f68f89128a5440176089a8f54", "url": "https://git.kernel.org/stable/c/c3d0857b7fc2c49f68f89128a5440176089a8f54" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/e8c1e606dab8c56cf074b43b98d0805de7322ba2", "url": "https://git.kernel.org/stable/c/e8c1e606dab8c56cf074b43b98d0805de7322ba2" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2024/10/msg00003.html", "url": "https://lists.debian.org/debian-lts-announce/2024/10/msg00003.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html", "url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html" } ], "release_date": "2024-08-23T13:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2022-50185", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/radeon: fix potential buffer overflow in ni_set_mc_special_registers()\n\nThe last case label can write two buffers 'mc_reg_address[j]' and\n'mc_data[j]' with 'j' offset equal to SMC_NISLANDS_MC_REGISTER_ARRAY_SIZE\nsince there are no checks for this value in both case labels after the\nlast 'j++'.\n\nInstead of changing '>' to '>=' there, add the bounds check at the start\nof the second 'case' (the first one already has it).\n\nAlso, remove redundant last checks for 'j' index bigger than array size.\nThe expression is always false. Moreover, before or after the patch\n'table->last' can be equal to SMC_NISLANDS_MC_REGISTER_ARRAY_SIZE and it\nseems it can be a valid value.\n\nDetected using the static analysis tool - Svace.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-50185" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/136f614931a2bb73616b292cf542da3a18daefd5", "url": "https://git.kernel.org/stable/c/136f614931a2bb73616b292cf542da3a18daefd5" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/1f341053852be76f82610ce47a505d930512f05c", "url": "https://git.kernel.org/stable/c/1f341053852be76f82610ce47a505d930512f05c" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/782e413e38dffd37cc85b08b1ccb982adb4a93ce", "url": "https://git.kernel.org/stable/c/782e413e38dffd37cc85b08b1ccb982adb4a93ce" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/8508d6d23a247c29792ce2fc0df3f3404d6a6a80", "url": "https://git.kernel.org/stable/c/8508d6d23a247c29792ce2fc0df3f3404d6a6a80" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/9faff03617afeced1c4e5daa89e79b3906374342", "url": "https://git.kernel.org/stable/c/9faff03617afeced1c4e5daa89e79b3906374342" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/db1a9add3f90ff1c641974d5bb910c16b87af4ef", "url": "https://git.kernel.org/stable/c/db1a9add3f90ff1c641974d5bb910c16b87af4ef" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/deb603c5928e546609c0d5798e231d0205748943", "url": "https://git.kernel.org/stable/c/deb603c5928e546609c0d5798e231d0205748943" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/ea73869df6ef386fc0feeb28ff66742ca835b18f", "url": "https://git.kernel.org/stable/c/ea73869df6ef386fc0feeb28ff66742ca835b18f" } ], "release_date": "2025-06-18T11:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2023-53145", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btsdio: fix use after free bug in btsdio_remove due to race condition\n\nIn btsdio_probe, the data->work is bound with btsdio_work. It will be\nstarted in btsdio_send_frame.\n\nIf the btsdio_remove runs with a unfinished work, there may be a race\ncondition that hdev is freed but used in btsdio_work. Fix it by\ncanceling the work before do cleanup in btsdio_remove.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2023-53145" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/179c65828593aff1f444e15debd40a477cb23cf4", "url": "https://git.kernel.org/stable/c/179c65828593aff1f444e15debd40a477cb23cf4" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/3efcbf25e5ab4d4ad1b7e6ba0869ff85540e3f6e", "url": "https://git.kernel.org/stable/c/3efcbf25e5ab4d4ad1b7e6ba0869ff85540e3f6e" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/6c3653627397a0d6eab19b20a59423e118985a6b", "url": "https://git.kernel.org/stable/c/6c3653627397a0d6eab19b20a59423e118985a6b" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/73f7b171b7c09139eb3c6a5677c200dc1be5f318", "url": "https://git.kernel.org/stable/c/73f7b171b7c09139eb3c6a5677c200dc1be5f318" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/746b363bef41cc159c051c47f9e30800bc6b520d", "url": "https://git.kernel.org/stable/c/746b363bef41cc159c051c47f9e30800bc6b520d" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a5c2a467e9e789ae0891de55b766daac52e3b7b3", "url": "https://git.kernel.org/stable/c/a5c2a467e9e789ae0891de55b766daac52e3b7b3" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a6650d27ab2c12a8ee750f396edb5ac8b4558b2e", "url": "https://git.kernel.org/stable/c/a6650d27ab2c12a8ee750f396edb5ac8b4558b2e" } ], "release_date": "2025-05-10T15:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-37882", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: xhci: Fix isochronous Ring Underrun/Overrun event handling\n\nThe TRB pointer of these events points at enqueue at the time of error\noccurrence on xHCI 1.1+ HCs or it's NULL on older ones. By the time we\nare handling the event, a new TD may be queued at this ring position.\n\nI can trigger this race by rising interrupt moderation to increase IRQ\nhandling delay. Similar delay may occur naturally due to system load.\n\nIf this ever happens after a Missed Service Error, missed TDs will be\nskipped and the new TD processed as if it matched the event. It could\nbe given back prematurely, risking data loss or buffer UAF by the xHC.\n\nDon't complete TDs on xrun events and don't warn if queued TDs don't\nmatch the event's TRB pointer, which can be NULL or a link/no-op TRB.\nDon't warn if there are no queued TDs at all.\n\nNow that it's safe, also handle xrun events if the skip flag is clear.\nThis ensures completion of any TD stuck in 'error mid TD' state right\nbefore the xrun event, which could happen if a driver submits a finite\nnumber of URBs to a buggy HC and then an error occurs on the last TD.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-37882" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/16a7a8e6c47fea5c847beb696c8c21a7a44c1915", "url": "https://git.kernel.org/stable/c/16a7a8e6c47fea5c847beb696c8c21a7a44c1915" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/39a080a2925c81b0f1da0add44722ef2b78e5454", "url": "https://git.kernel.org/stable/c/39a080a2925c81b0f1da0add44722ef2b78e5454" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/906dec15b9b321b546fd31a3c99ffc13724c7af4", "url": "https://git.kernel.org/stable/c/906dec15b9b321b546fd31a3c99ffc13724c7af4" } ], "release_date": "2025-05-09T07:16:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2022-50022", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrivers:md:fix a potential use-after-free bug\n\nIn line 2884, \"raid5_release_stripe(sh);\" drops the reference to sh and\nmay cause sh to be released. However, sh is subsequently used in lines\n2886 \"if (sh->batch_head && sh != sh->batch_head)\". This may result in an\nuse-after-free bug.\n\nIt can be fixed by moving \"raid5_release_stripe(sh);\" to the bottom of\nthe function.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-50022" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/09cf99bace7789d91caa8d10fbcfc8b2fb35857f", "url": "https://git.kernel.org/stable/c/09cf99bace7789d91caa8d10fbcfc8b2fb35857f" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/104212471b1c1817b311771d817fb692af983173", "url": "https://git.kernel.org/stable/c/104212471b1c1817b311771d817fb692af983173" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/5d8325fd15892c8ab1146edc1d7ed8463de39636", "url": "https://git.kernel.org/stable/c/5d8325fd15892c8ab1146edc1d7ed8463de39636" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/7470a4314b239e9a9580f248fdf4c9a92805490e", "url": "https://git.kernel.org/stable/c/7470a4314b239e9a9580f248fdf4c9a92805490e" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/d9b94c3ace549433de8a93eeb27b0391fc8ac406", "url": "https://git.kernel.org/stable/c/d9b94c3ace549433de8a93eeb27b0391fc8ac406" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/e5b3dd2d92c4511e81f6e4ec9c5bb7ad25e03d13", "url": "https://git.kernel.org/stable/c/e5b3dd2d92c4511e81f6e4ec9c5bb7ad25e03d13" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/eb3a4f73f43f839df981dda5859e8e075067a360", "url": "https://git.kernel.org/stable/c/eb3a4f73f43f839df981dda5859e8e075067a360" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/f5d46f1b47f65da1faf468277b261eb78c8e25b5", "url": "https://git.kernel.org/stable/c/f5d46f1b47f65da1faf468277b261eb78c8e25b5" } ], "release_date": "2025-06-18T11:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2022-50333", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs: jfs: fix shift-out-of-bounds in dbDiscardAG\n\nThis should be applied to most URSAN bugs found recently by syzbot,\nby guarding the dbMount. As syzbot feeding rubbish into the bmap\ndescriptor.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-50333" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/0183c8f46ab5bcd0740f41c87f5141c6ca2bf1bb", "url": "https://git.kernel.org/stable/c/0183c8f46ab5bcd0740f41c87f5141c6ca2bf1bb" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/10b87da8fae79c7daf5eda6a9e4f1d31b85b4d92", "url": "https://git.kernel.org/stable/c/10b87da8fae79c7daf5eda6a9e4f1d31b85b4d92" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/25e70c6162f207828dd405b432d8f2a98dbf7082", "url": "https://git.kernel.org/stable/c/25e70c6162f207828dd405b432d8f2a98dbf7082" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/3d340b684dcec5e34efc470227cd1c7d2df121ad", "url": "https://git.kernel.org/stable/c/3d340b684dcec5e34efc470227cd1c7d2df121ad" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/50163a115831ef4e6402db5a7ef487d1989d7249", "url": "https://git.kernel.org/stable/c/50163a115831ef4e6402db5a7ef487d1989d7249" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/624843f1bac448150f6859999c72c4841c14a2e3", "url": "https://git.kernel.org/stable/c/624843f1bac448150f6859999c72c4841c14a2e3" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/911999b193735cd378517b6cd5fe585ee345d49c", "url": "https://git.kernel.org/stable/c/911999b193735cd378517b6cd5fe585ee345d49c" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/ab5cd3d62c2493eca3337e7d0178cc7bd819ca64", "url": "https://git.kernel.org/stable/c/ab5cd3d62c2493eca3337e7d0178cc7bd819ca64" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/f8d4d0bac603616e2fa4a3907e81ed13f8f3c380", "url": "https://git.kernel.org/stable/c/f8d4d0bac603616e2fa4a3907e81ed13f8f3c380" } ], "release_date": "2025-09-15T15:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2022-50423", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nACPICA: Fix use-after-free in acpi_ut_copy_ipackage_to_ipackage()\n\nThere is an use-after-free reported by KASAN:\n\n BUG: KASAN: use-after-free in acpi_ut_remove_reference+0x3b/0x82\n Read of size 1 at addr ffff888112afc460 by task modprobe/2111\n CPU: 0 PID: 2111 Comm: modprobe Not tainted 6.1.0-rc7-dirty\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996),\n Call Trace:\n \n kasan_report+0xae/0xe0\n acpi_ut_remove_reference+0x3b/0x82\n acpi_ut_copy_iobject_to_iobject+0x3be/0x3d5\n acpi_ds_store_object_to_local+0x15d/0x3a0\n acpi_ex_store+0x78d/0x7fd\n acpi_ex_opcode_1A_1T_1R+0xbe4/0xf9b\n acpi_ps_parse_aml+0x217/0x8d5\n ...\n \n\nThe root cause of the problem is that the acpi_operand_object\nis freed when acpi_ut_walk_package_tree() fails in\nacpi_ut_copy_ipackage_to_ipackage(), lead to repeated release in\nacpi_ut_copy_iobject_to_iobject(). The problem was introduced\nby \"8aa5e56eeb61\" commit, this commit is to fix memory leak in\nacpi_ut_copy_iobject_to_iobject(), repeatedly adding remove\noperation, lead to \"acpi_operand_object\" used after free.\n\nFix it by removing acpi_ut_remove_reference() in\nacpi_ut_copy_ipackage_to_ipackage(). acpi_ut_copy_ipackage_to_ipackage()\nis called to copy an internal package object into another internal\npackage object, when it fails, the memory of acpi_operand_object\nshould be freed by the caller.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-50423" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/01f2c2052ea50fb9a8ce12e4e83aed0267934ef0", "url": "https://git.kernel.org/stable/c/01f2c2052ea50fb9a8ce12e4e83aed0267934ef0" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/02617006b5a46f2ea55ac61f5693c7afd7bf9276", "url": "https://git.kernel.org/stable/c/02617006b5a46f2ea55ac61f5693c7afd7bf9276" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/02f237423c9c6a18e062de2d474f85d5659e4eb9", "url": "https://git.kernel.org/stable/c/02f237423c9c6a18e062de2d474f85d5659e4eb9" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/133462d35dae95edb944af86b986d4c9dec59bd1", "url": "https://git.kernel.org/stable/c/133462d35dae95edb944af86b986d4c9dec59bd1" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/470188b09e92d83c5a997f25f0e8fb8cd2bc3469", "url": "https://git.kernel.org/stable/c/470188b09e92d83c5a997f25f0e8fb8cd2bc3469" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/6fde666278f91b85d71545a0ebbf41d8d7af8074", "url": "https://git.kernel.org/stable/c/6fde666278f91b85d71545a0ebbf41d8d7af8074" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c9125b643fc51b8e662f2f614096ceb45a0adbc3", "url": "https://git.kernel.org/stable/c/c9125b643fc51b8e662f2f614096ceb45a0adbc3" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/dfdde4d5138bc023897033a5ac653a84e94805be", "url": "https://git.kernel.org/stable/c/dfdde4d5138bc023897033a5ac653a84e94805be" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/f51b2235e4f320edc839c3e5cb0d1f8a6e8657c6", "url": "https://git.kernel.org/stable/c/f51b2235e4f320edc839c3e5cb0d1f8a6e8657c6" } ], "release_date": "2025-10-01T12:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-38529", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncomedi: aio_iiro_16: Fix bit shift out of bounds\n\nWhen checking for a supported IRQ number, the following test is used:\n\n\tif ((1 << it->options[1]) & 0xdcfc) {\n\nHowever, `it->options[i]` is an unchecked `int` value from userspace, so\nthe shift amount could be negative or out of bounds. Fix the test by\nrequiring `it->options[1]` to be within bounds before proceeding with\nthe original test. Valid `it->options[1]` values that select the IRQ\nwill be in the range [1,15]. The value 0 explicitly disables the use of\ninterrupts.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-38529" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/43ddd82e6a91913cea1c078e782afd8de60c3a53", "url": "https://git.kernel.org/stable/c/43ddd82e6a91913cea1c078e782afd8de60c3a53" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/5ac7c60439236fb691b8c7987390e2327bbf18fa", "url": "https://git.kernel.org/stable/c/5ac7c60439236fb691b8c7987390e2327bbf18fa" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/66acb1586737a22dd7b78abc63213b1bcaa100e4", "url": "https://git.kernel.org/stable/c/66acb1586737a22dd7b78abc63213b1bcaa100e4" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/955e8835855fed8e87f7d8c8075564a1746c1b4c", "url": "https://git.kernel.org/stable/c/955e8835855fed8e87f7d8c8075564a1746c1b4c" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a88692245c315bf8e225f205297a6f4b13d6856a", "url": "https://git.kernel.org/stable/c/a88692245c315bf8e225f205297a6f4b13d6856a" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c593215385f0c0163015cca4512ed3ff42875d19", "url": "https://git.kernel.org/stable/c/c593215385f0c0163015cca4512ed3ff42875d19" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/e0f3c0867d7d231c70984f05c97752caacd0daba", "url": "https://git.kernel.org/stable/c/e0f3c0867d7d231c70984f05c97752caacd0daba" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/ff30dd3f15f443d2a0085b12ec2cc95d44f35fa7", "url": "https://git.kernel.org/stable/c/ff30dd3f15f443d2a0085b12ec2cc95d44f35fa7" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html" } ], "release_date": "2025-08-16T12:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2023-53365", "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nip6mr: Fix skb_under_panic in ip6mr_cache_report()\n\nskbuff: skb_under_panic: text:ffffffff88771f69 len:56 put:-4\n head:ffff88805f86a800 data:ffff887f5f86a850 tail:0x88 end:0x2c0 dev:pim6reg\n ------------[ cut here ]------------\n kernel BUG at net/core/skbuff.c:192!\n invalid opcode: 0000 [#1] PREEMPT SMP KASAN\n CPU: 2 PID: 22968 Comm: kworker/2:11 Not tainted 6.5.0-rc3-00044-g0a8db05b571a #236\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\n Workqueue: ipv6_addrconf addrconf_dad_work\n RIP: 0010:skb_panic+0x152/0x1d0\n Call Trace:\n \n skb_push+0xc4/0xe0\n ip6mr_cache_report+0xd69/0x19b0\n reg_vif_xmit+0x406/0x690\n dev_hard_start_xmit+0x17e/0x6e0\n __dev_queue_xmit+0x2d6a/0x3d20\n vlan_dev_hard_start_xmit+0x3ab/0x5c0\n dev_hard_start_xmit+0x17e/0x6e0\n __dev_queue_xmit+0x2d6a/0x3d20\n neigh_connected_output+0x3ed/0x570\n ip6_finish_output2+0x5b5/0x1950\n ip6_finish_output+0x693/0x11c0\n ip6_output+0x24b/0x880\n NF_HOOK.constprop.0+0xfd/0x530\n ndisc_send_skb+0x9db/0x1400\n ndisc_send_rs+0x12a/0x6c0\n addrconf_dad_completed+0x3c9/0xea0\n addrconf_dad_work+0x849/0x1420\n process_one_work+0xa22/0x16e0\n worker_thread+0x679/0x10c0\n ret_from_fork+0x28/0x60\n ret_from_fork_asm+0x11/0x20\n\nWhen setup a vlan device on dev pim6reg, DAD ns packet may sent on reg_vif_xmit().\nreg_vif_xmit()\n ip6mr_cache_report()\n skb_push(skb, -skb_network_offset(pkt));//skb_network_offset(pkt) is 4\nAnd skb_push declared as:\n\tvoid *skb_push(struct sk_buff *skb, unsigned int len);\n\t\tskb->data -= len;\n\t\t//0xffff88805f86a84c - 0xfffffffc = 0xffff887f5f86a850\nskb->data is set to 0xffff887f5f86a850, which is invalid mem addr, lead to skb_push() fails.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2023-53365" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/0438e60a00d4e335b3c36397dbf26c74b5d13ef0", "url": "https://git.kernel.org/stable/c/0438e60a00d4e335b3c36397dbf26c74b5d13ef0" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/1683124129a4263dd5bce2475bab110e95fa0346", "url": "https://git.kernel.org/stable/c/1683124129a4263dd5bce2475bab110e95fa0346" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/1bb54a21f4d9b88442f8c3307c780e2db64417e4", "url": "https://git.kernel.org/stable/c/1bb54a21f4d9b88442f8c3307c780e2db64417e4" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/30e0191b16e8a58e4620fa3e2839ddc7b9d4281c", "url": "https://git.kernel.org/stable/c/30e0191b16e8a58e4620fa3e2839ddc7b9d4281c" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/3326c711f18d18fe6e1f5d83d3a7eab07e5a1560", "url": "https://git.kernel.org/stable/c/3326c711f18d18fe6e1f5d83d3a7eab07e5a1560" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/691a09eecad97e745b9aa0e3918db46d020bdacb", "url": "https://git.kernel.org/stable/c/691a09eecad97e745b9aa0e3918db46d020bdacb" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/8382e7ed2d63e6c2daf6881fa091526dc6c879cd", "url": "https://git.kernel.org/stable/c/8382e7ed2d63e6c2daf6881fa091526dc6c879cd" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a96d74d1076c82a4cef02c150d9996b21354c78d", "url": "https://git.kernel.org/stable/c/a96d74d1076c82a4cef02c150d9996b21354c78d" } ], "release_date": "2025-09-17T15:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ] }, { "cve": "CVE-2023-53559", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nip_vti: fix potential slab-use-after-free in decode_session6\n\nWhen ip_vti device is set to the qdisc of the sfb type, the cb field\nof the sent skb may be modified during enqueuing. Then,\nslab-use-after-free may occur when ip_vti device sends IPv6 packets.\nAs commit f855691975bb (\"xfrm6: Fix the nexthdr offset in\n_decode_session6.\") showed, xfrm_decode_session was originally intended\nonly for the receive path. IP6CB(skb)->nhoff is not set during\ntransmission. Therefore, set the cb field in the skb to 0 before\nsending packets.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2023-53559" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/0b4d69539fdea138af2befe08893850c89248068", "url": "https://git.kernel.org/stable/c/0b4d69539fdea138af2befe08893850c89248068" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/2b05bf5dc437f7891dd409a3eaf5058459391c7a", "url": "https://git.kernel.org/stable/c/2b05bf5dc437f7891dd409a3eaf5058459391c7a" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/6018a266279b1a75143c7c0804dd08a5fc4c3e0b", "url": "https://git.kernel.org/stable/c/6018a266279b1a75143c7c0804dd08a5fc4c3e0b" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/78e397a43e1c47321a4679cc49a6c4530bf820b9", "url": "https://git.kernel.org/stable/c/78e397a43e1c47321a4679cc49a6c4530bf820b9" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/7dfe23659f3677c08a60a0056cda2d91a79c15ca", "url": "https://git.kernel.org/stable/c/7dfe23659f3677c08a60a0056cda2d91a79c15ca" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/82fb41c5de243e7dfa90f32ca58e35adaff56c1d", "url": "https://git.kernel.org/stable/c/82fb41c5de243e7dfa90f32ca58e35adaff56c1d" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/d34c30442d5e53a33cde79ca163320dbe2432cbd", "url": "https://git.kernel.org/stable/c/d34c30442d5e53a33cde79ca163320dbe2432cbd" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/e1e04cc2ef2c0c0866c19f5627149a76c2baae32", "url": "https://git.kernel.org/stable/c/e1e04cc2ef2c0c0866c19f5627149a76c2baae32" } ], "release_date": "2025-10-04T16:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2022-50408", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcmfmac: fix use-after-free bug in brcmf_netdev_start_xmit()\n\n> ret = brcmf_proto_tx_queue_data(drvr, ifp->ifidx, skb);\n\nmay be schedule, and then complete before the line\n\n> ndev->stats.tx_bytes += skb->len;\n\n[ 46.912801] ==================================================================\n[ 46.920552] BUG: KASAN: use-after-free in brcmf_netdev_start_xmit+0x718/0x8c8 [brcmfmac]\n[ 46.928673] Read of size 4 at addr ffffff803f5882e8 by task systemd-resolve/328\n[ 46.935991]\n[ 46.937514] CPU: 1 PID: 328 Comm: systemd-resolve Tainted: G O 5.4.199-[REDACTED] #1\n[ 46.947255] Hardware name: [REDACTED]\n[ 46.954568] Call trace:\n[ 46.957037] dump_backtrace+0x0/0x2b8\n[ 46.960719] show_stack+0x24/0x30\n[ 46.964052] dump_stack+0x128/0x194\n[ 46.967557] print_address_description.isra.0+0x64/0x380\n[ 46.972877] __kasan_report+0x1d4/0x240\n[ 46.976723] kasan_report+0xc/0x18\n[ 46.980138] __asan_report_load4_noabort+0x18/0x20\n[ 46.985027] brcmf_netdev_start_xmit+0x718/0x8c8 [brcmfmac]\n[ 46.990613] dev_hard_start_xmit+0x1bc/0xda0\n[ 46.994894] sch_direct_xmit+0x198/0xd08\n[ 46.998827] __qdisc_run+0x37c/0x1dc0\n[ 47.002500] __dev_queue_xmit+0x1528/0x21f8\n[ 47.006692] dev_queue_xmit+0x24/0x30\n[ 47.010366] neigh_resolve_output+0x37c/0x678\n[ 47.014734] ip_finish_output2+0x598/0x2458\n[ 47.018927] __ip_finish_output+0x300/0x730\n[ 47.023118] ip_output+0x2e0/0x430\n[ 47.026530] ip_local_out+0x90/0x140\n[ 47.030117] igmpv3_sendpack+0x14c/0x228\n[ 47.034049] igmpv3_send_cr+0x384/0x6b8\n[ 47.037895] igmp_ifc_timer_expire+0x4c/0x118\n[ 47.042262] call_timer_fn+0x1cc/0xbe8\n[ 47.046021] __run_timers+0x4d8/0xb28\n[ 47.049693] run_timer_softirq+0x24/0x40\n[ 47.053626] __do_softirq+0x2c0/0x117c\n[ 47.057387] irq_exit+0x2dc/0x388\n[ 47.060715] __handle_domain_irq+0xb4/0x158\n[ 47.064908] gic_handle_irq+0x58/0xb0\n[ 47.068581] el0_irq_naked+0x50/0x5c\n[ 47.072162]\n[ 47.073665] Allocated by task 328:\n[ 47.077083] save_stack+0x24/0xb0\n[ 47.080410] __kasan_kmalloc.isra.0+0xc0/0xe0\n[ 47.084776] kasan_slab_alloc+0x14/0x20\n[ 47.088622] kmem_cache_alloc+0x15c/0x468\n[ 47.092643] __alloc_skb+0xa4/0x498\n[ 47.096142] igmpv3_newpack+0x158/0xd78\n[ 47.099987] add_grhead+0x210/0x288\n[ 47.103485] add_grec+0x6b0/0xb70\n[ 47.106811] igmpv3_send_cr+0x2e0/0x6b8\n[ 47.110657] igmp_ifc_timer_expire+0x4c/0x118\n[ 47.115027] call_timer_fn+0x1cc/0xbe8\n[ 47.118785] __run_timers+0x4d8/0xb28\n[ 47.122457] run_timer_softirq+0x24/0x40\n[ 47.126389] __do_softirq+0x2c0/0x117c\n[ 47.130142]\n[ 47.131643] Freed by task 180:\n[ 47.134712] save_stack+0x24/0xb0\n[ 47.138041] __kasan_slab_free+0x108/0x180\n[ 47.142146] kasan_slab_free+0x10/0x18\n[ 47.145904] slab_free_freelist_hook+0xa4/0x1b0\n[ 47.150444] kmem_cache_free+0x8c/0x528\n[ 47.154292] kfree_skbmem+0x94/0x108\n[ 47.157880] consume_skb+0x10c/0x5a8\n[ 47.161466] __dev_kfree_skb_any+0x88/0xa0\n[ 47.165598] brcmu_pkt_buf_free_skb+0x44/0x68 [brcmutil]\n[ 47.171023] brcmf_txfinalize+0xec/0x190 [brcmfmac]\n[ 47.176016] brcmf_proto_bcdc_txcomplete+0x1c0/0x210 [brcmfmac]\n[ 47.182056] brcmf_sdio_sendfromq+0x8dc/0x1e80 [brcmfmac]\n[ 47.187568] brcmf_sdio_dpc+0xb48/0x2108 [brcmfmac]\n[ 47.192529] brcmf_sdio_dataworker+0xc8/0x238 [brcmfmac]\n[ 47.197859] process_one_work+0x7fc/0x1a80\n[ 47.201965] worker_thread+0x31c/0xc40\n[ 47.205726] kthread+0x2d8/0x370\n[ 47.208967] ret_from_fork+0x10/0x18\n[ 47.212546]\n[ 47.214051] The buggy address belongs to the object at ffffff803f588280\n[ 47.214051] which belongs to the cache skbuff_head_cache of size 208\n[ 47.227086] The buggy address is located 104 bytes inside of\n[ 47.227086] 208-byte region [ffffff803f588280, ffffff803f588350)\n[ 47.238814] The buggy address belongs to the page:\n[ 47.243618] page:ffffffff00dd6200 refcount:1 mapcou\n---truncated---", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-50408" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/1613a7b24f1a7467cb727ba3ec77c9a808383560", "url": "https://git.kernel.org/stable/c/1613a7b24f1a7467cb727ba3ec77c9a808383560" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/232d59eca07f6ea27307022a33d226aff373bd02", "url": "https://git.kernel.org/stable/c/232d59eca07f6ea27307022a33d226aff373bd02" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/27574a3f421c3a1694d0207f37c6bbf23d66978e", "url": "https://git.kernel.org/stable/c/27574a3f421c3a1694d0207f37c6bbf23d66978e" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/3f42faf6db431e04bf942d2ebe3ae88975723478", "url": "https://git.kernel.org/stable/c/3f42faf6db431e04bf942d2ebe3ae88975723478" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/49c742afd60f552fce7799287080db02bffe1db2", "url": "https://git.kernel.org/stable/c/49c742afd60f552fce7799287080db02bffe1db2" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c369836cff98d3877f98c98e15c0151462812d96", "url": "https://git.kernel.org/stable/c/c369836cff98d3877f98c98e15c0151462812d96" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/d79f4d903e14dde822c60b5fd3bedc5a289d25df", "url": "https://git.kernel.org/stable/c/d79f4d903e14dde822c60b5fd3bedc5a289d25df" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/e01d96494a9de0f48b1167f0494f6d929fa773ed", "url": "https://git.kernel.org/stable/c/e01d96494a9de0f48b1167f0494f6d929fa773ed" } ], "release_date": "2025-09-18T16:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-38697", "cwe": { "id": "CWE-129", "name": "Improper Validation of Array Index" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: upper bound check of tree index in dbAllocAG\n\nWhen computing the tree index in dbAllocAG, we never check if we are\nout of bounds realative to the size of the stree.\nThis could happen in a scenario where the filesystem metadata are\ncorrupted.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-38697" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/1467a75819e41341cd5ebd16faa2af1ca3c8f4fe", "url": "https://git.kernel.org/stable/c/1467a75819e41341cd5ebd16faa2af1ca3c8f4fe" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/173cfd741ad7073640bfb7e2344c2a0ee005e769", "url": "https://git.kernel.org/stable/c/173cfd741ad7073640bfb7e2344c2a0ee005e769" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/2dd05f09cc323018136a7ecdb3d1007be9ede27f", "url": "https://git.kernel.org/stable/c/2dd05f09cc323018136a7ecdb3d1007be9ede27f" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/30e19a884c0b11f33821aacda7e72e914bec26ef", "url": "https://git.kernel.org/stable/c/30e19a884c0b11f33821aacda7e72e914bec26ef" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/49ea46d9025aa1914b24ea957636cbe4367a7311", "url": "https://git.kernel.org/stable/c/49ea46d9025aa1914b24ea957636cbe4367a7311" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/5bdb9553fb134fd52ec208a8b378120670f6e784", "url": "https://git.kernel.org/stable/c/5bdb9553fb134fd52ec208a8b378120670f6e784" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a4f199203f79ca9cd7355799ccb26800174ff093", "url": "https://git.kernel.org/stable/c/a4f199203f79ca9cd7355799ccb26800174ff093" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c214006856ff52a8ff17ed8da52d50601d54f9ce", "url": "https://git.kernel.org/stable/c/c214006856ff52a8ff17ed8da52d50601d54f9ce" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c8ca21a2836993d7cb816668458e05e598574e55", "url": "https://git.kernel.org/stable/c/c8ca21a2836993d7cb816668458e05e598574e55" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html" } ], "release_date": "2025-09-04T16:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-38157", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath9k_htc: Abort software beacon handling if disabled\n\nA malicious USB device can send a WMI_SWBA_EVENTID event from an\nath9k_htc-managed device before beaconing has been enabled. This causes\na device-by-zero error in the driver, leading to either a crash or an\nout of bounds read.\n\nPrevent this by aborting the handling in ath9k_htc_swba() if beacons are\nnot enabled.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-38157" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/0281c19074976ec48f0078d50530b406ddae75bc", "url": "https://git.kernel.org/stable/c/0281c19074976ec48f0078d50530b406ddae75bc" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/40471b23147c86ea3ed97faee79937c618250bd0", "url": "https://git.kernel.org/stable/c/40471b23147c86ea3ed97faee79937c618250bd0" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/5482ef9875eaa43f0435e14570e1193823de857e", "url": "https://git.kernel.org/stable/c/5482ef9875eaa43f0435e14570e1193823de857e" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/5a85c21f812e02cb00ca07007d88acdd42d08c46", "url": "https://git.kernel.org/stable/c/5a85c21f812e02cb00ca07007d88acdd42d08c46" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/7ee3fb6258da8c890a51b514f60d7570dc703605", "url": "https://git.kernel.org/stable/c/7ee3fb6258da8c890a51b514f60d7570dc703605" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/ac4e317a95a1092b5da5b9918b7118759342641c", "url": "https://git.kernel.org/stable/c/ac4e317a95a1092b5da5b9918b7118759342641c" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/e5ce9df1d68094d37360dbd9b09289d42fa21e54", "url": "https://git.kernel.org/stable/c/e5ce9df1d68094d37360dbd9b09289d42fa21e54" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/ee5ee646385f5846dcbc881389f3c44a197c402a", "url": "https://git.kernel.org/stable/c/ee5ee646385f5846dcbc881389f3c44a197c402a" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html" } ], "release_date": "2025-07-03T09:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-37892", "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmtd: inftlcore: Add error check for inftl_read_oob()\n\nIn INFTL_findwriteunit(), the return value of inftl_read_oob()\nneed to be checked. A proper implementation can be\nfound in INFTL_deleteblock(). The status will be set as\nSECTOR_IGNORE to break from the while-loop correctly\nif the inftl_read_oob() fails.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-37892" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/0300e751170cf80c05ca1a762a7b449e8ca6b693", "url": "https://git.kernel.org/stable/c/0300e751170cf80c05ca1a762a7b449e8ca6b693" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/114d94f095aa405fa9a51484c4be34846d7bb386", "url": "https://git.kernel.org/stable/c/114d94f095aa405fa9a51484c4be34846d7bb386" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/1c22356dfb041e5292835c9ff44d5f91bef8dd18", "url": "https://git.kernel.org/stable/c/1c22356dfb041e5292835c9ff44d5f91bef8dd18" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/5479a6af3c96f73bec2d2819532b6d6814f52dd6", "url": "https://git.kernel.org/stable/c/5479a6af3c96f73bec2d2819532b6d6814f52dd6" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/6af3b92b1c0b58ca281d0e1501bad2567f73c1a5", "url": "https://git.kernel.org/stable/c/6af3b92b1c0b58ca281d0e1501bad2567f73c1a5" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/7772621041ee78823ccc5f1fe38f6faa22af7023", "url": "https://git.kernel.org/stable/c/7772621041ee78823ccc5f1fe38f6faa22af7023" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/b828d394308e8e00df0a6f57e7dabae609bb8b7b", "url": "https://git.kernel.org/stable/c/b828d394308e8e00df0a6f57e7dabae609bb8b7b" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/d027951dc85cb2e15924c980dc22a6754d100c7c", "url": "https://git.kernel.org/stable/c/d027951dc85cb2e15924c980dc22a6754d100c7c" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/e7d6ceff95c55297f0ee8f9dbc4da5c558f30e9e", "url": "https://git.kernel.org/stable/c/e7d6ceff95c55297f0ee8f9dbc4da5c558f30e9e" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html", "url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html" } ], "release_date": "2025-05-20T11:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2022-50478", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix shift-out-of-bounds/overflow in nilfs_sb2_bad_offset()\n\nPatch series \"nilfs2: fix UBSAN shift-out-of-bounds warnings on mount\ntime\".\n\nThe first patch fixes a bug reported by syzbot, and the second one fixes\nthe remaining bug of the same kind. Although they are triggered by the\nsame super block data anomaly, I divided it into the above two because the\ndetails of the issues and how to fix it are different.\n\nBoth are required to eliminate the shift-out-of-bounds issues at mount\ntime.\n\n\nThis patch (of 2):\n\nIf the block size exponent information written in an on-disk superblock is\ncorrupted, nilfs_sb2_bad_offset helper function can trigger\nshift-out-of-bounds warning followed by a kernel panic (if panic_on_warn\nis set):\n\n shift exponent 38983 is too large for 64-bit type 'unsigned long long'\n Call Trace:\n \n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x1b1/0x28e lib/dump_stack.c:106\n ubsan_epilogue lib/ubsan.c:151 [inline]\n __ubsan_handle_shift_out_of_bounds+0x33d/0x3b0 lib/ubsan.c:322\n nilfs_sb2_bad_offset fs/nilfs2/the_nilfs.c:449 [inline]\n nilfs_load_super_block+0xdf5/0xe00 fs/nilfs2/the_nilfs.c:523\n init_nilfs+0xb7/0x7d0 fs/nilfs2/the_nilfs.c:577\n nilfs_fill_super+0xb1/0x5d0 fs/nilfs2/super.c:1047\n nilfs_mount+0x613/0x9b0 fs/nilfs2/super.c:1317\n ...\n\nIn addition, since nilfs_sb2_bad_offset() performs multiplication without\nconsidering the upper bound, the computation may overflow if the disk\nlayout parameters are not normal.\n\nThis fixes these issues by inserting preliminary sanity checks for those\nparameters and by converting the comparison from one involving\nmultiplication and left bit-shifting to one using division and right\nbit-shifting.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-50478" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/1012ff77284e3bec0ec0a35a820b03ec43dec2cc", "url": "https://git.kernel.org/stable/c/1012ff77284e3bec0ec0a35a820b03ec43dec2cc" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/610a2a3d7d8be3537458a378ec69396a76c385b6", "url": "https://git.kernel.org/stable/c/610a2a3d7d8be3537458a378ec69396a76c385b6" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/62d11ec205ef14d8acf172cfc9904fdbf200025a", "url": "https://git.kernel.org/stable/c/62d11ec205ef14d8acf172cfc9904fdbf200025a" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/6b0ea3df56cccd53398d0289f399f19d43136b2e", "url": "https://git.kernel.org/stable/c/6b0ea3df56cccd53398d0289f399f19d43136b2e" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/9b3ba54025357440d6c4414c670984f628c6f6bf", "url": "https://git.kernel.org/stable/c/9b3ba54025357440d6c4414c670984f628c6f6bf" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a6f89b10042baca218c8598d6db5a44c7e32625f", "url": "https://git.kernel.org/stable/c/a6f89b10042baca218c8598d6db5a44c7e32625f" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/b47f5c579c8186f7f5ab5e4254e0734ea5b7bf7a", "url": "https://git.kernel.org/stable/c/b47f5c579c8186f7f5ab5e4254e0734ea5b7bf7a" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/d464b035c0613856d012cf1704879d3ff3f057fb", "url": "https://git.kernel.org/stable/c/d464b035c0613856d012cf1704879d3ff3f057fb" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/d706485dffbbbf848e681edda29c7a46ac55698c", "url": "https://git.kernel.org/stable/c/d706485dffbbbf848e681edda29c7a46ac55698c" } ], "release_date": "2025-10-04T16:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2023-53608", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix potential UAF of struct nilfs_sc_info in nilfs_segctor_thread()\n\nThe finalization of nilfs_segctor_thread() can race with\nnilfs_segctor_kill_thread() which terminates that thread, potentially\ncausing a use-after-free BUG as KASAN detected.\n\nAt the end of nilfs_segctor_thread(), it assigns NULL to \"sc_task\" member\nof \"struct nilfs_sc_info\" to indicate the thread has finished, and then\nnotifies nilfs_segctor_kill_thread() of this using waitqueue\n\"sc_wait_task\" on the struct nilfs_sc_info.\n\nHowever, here, immediately after the NULL assignment to \"sc_task\", it is\npossible that nilfs_segctor_kill_thread() will detect it and return to\ncontinue the deallocation, freeing the nilfs_sc_info structure before the\nthread does the notification.\n\nThis fixes the issue by protecting the NULL assignment to \"sc_task\" and\nits notification, with spinlock \"sc_state_lock\" of the struct\nnilfs_sc_info. Since nilfs_segctor_kill_thread() does a final check to\nsee if \"sc_task\" is NULL with \"sc_state_lock\" locked, this can eliminate\nthe race.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2023-53608" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/034cce77d52ba013ce62b4f5258c29907eb1ada5", "url": "https://git.kernel.org/stable/c/034cce77d52ba013ce62b4f5258c29907eb1ada5" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/0dbf0e64b91ee8fcb278aea93eb06fc7d56ecbcc", "url": "https://git.kernel.org/stable/c/0dbf0e64b91ee8fcb278aea93eb06fc7d56ecbcc" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/613bf23c070d11c525268f2945aa594704a9b764", "url": "https://git.kernel.org/stable/c/613bf23c070d11c525268f2945aa594704a9b764" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/6be49d100c22ffea3287a4b19d7639d259888e33", "url": "https://git.kernel.org/stable/c/6be49d100c22ffea3287a4b19d7639d259888e33" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/92684e02654c91a61a0b0561433b710bcece19fe", "url": "https://git.kernel.org/stable/c/92684e02654c91a61a0b0561433b710bcece19fe" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/b4d80bd6370b81a1725b6b8f7894802c23a14e9f", "url": "https://git.kernel.org/stable/c/b4d80bd6370b81a1725b6b8f7894802c23a14e9f" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/bae009a2f1b7c2011d2e92d8c84868d315c0b97e", "url": "https://git.kernel.org/stable/c/bae009a2f1b7c2011d2e92d8c84868d315c0b97e" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/f32297dba338dc06d62286dedb3cdbd5175b1719", "url": "https://git.kernel.org/stable/c/f32297dba338dc06d62286dedb3cdbd5175b1719" } ], "release_date": "2025-10-04T16:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2022-49870", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncapabilities: fix undefined behavior in bit shift for CAP_TO_MASK\n\nShifting signed 32-bit value by 31 bits is undefined, so changing\nsignificant bit to unsigned. The UBSAN warning calltrace like below:\n\nUBSAN: shift-out-of-bounds in security/commoncap.c:1252:2\nleft shift of 1 by 31 places cannot be represented in type 'int'\nCall Trace:\n \n dump_stack_lvl+0x7d/0xa5\n dump_stack+0x15/0x1b\n ubsan_epilogue+0xe/0x4e\n __ubsan_handle_shift_out_of_bounds+0x1e7/0x20c\n cap_task_prctl+0x561/0x6f0\n security_task_prctl+0x5a/0xb0\n __x64_sys_prctl+0x61/0x8f0\n do_syscall_64+0x58/0x80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n ", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-49870" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/151dc8087b5609e53b069c068e3f3ee100efa586", "url": "https://git.kernel.org/stable/c/151dc8087b5609e53b069c068e3f3ee100efa586" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/27bdb134c043ff32c459d98f16550d0ffa0b3c34", "url": "https://git.kernel.org/stable/c/27bdb134c043ff32c459d98f16550d0ffa0b3c34" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/46653972e3ea64f79e7f8ae3aa41a4d3fdb70a13", "url": "https://git.kernel.org/stable/c/46653972e3ea64f79e7f8ae3aa41a4d3fdb70a13" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/5661f111a1616ac105ec8cec81bff99b60f847ac", "url": "https://git.kernel.org/stable/c/5661f111a1616ac105ec8cec81bff99b60f847ac" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/5b79fa628e2ab789e629a83cd211ef9b4c1a593e", "url": "https://git.kernel.org/stable/c/5b79fa628e2ab789e629a83cd211ef9b4c1a593e" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/65b0bc7a0690861812ade523d19f82688ab819dc", "url": "https://git.kernel.org/stable/c/65b0bc7a0690861812ade523d19f82688ab819dc" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/dbaab08c8677d598244d21afb7818e44e1c5d826", "url": "https://git.kernel.org/stable/c/dbaab08c8677d598244d21afb7818e44e1c5d826" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/fcbd2b336834bd24e1d9454ad5737856470c10d7", "url": "https://git.kernel.org/stable/c/fcbd2b336834bd24e1d9454ad5737856470c10d7" } ], "release_date": "2025-05-01T15:16:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2022-50200", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nselinux: Add boundary check in put_entry()\n\nJust like next_entry(), boundary check is necessary to prevent memory\nout-of-bound access.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-50200" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/15ec76fb29be31df2bccb30fc09875274cba2776", "url": "https://git.kernel.org/stable/c/15ec76fb29be31df2bccb30fc09875274cba2776" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/2dabe6a872a5744865372eb30ea51e8ccd21305a", "url": "https://git.kernel.org/stable/c/2dabe6a872a5744865372eb30ea51e8ccd21305a" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/477722f31ad73aa779154d1d7e00825538389f76", "url": "https://git.kernel.org/stable/c/477722f31ad73aa779154d1d7e00825538389f76" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/7363a69d8ca8f0086f8e1196c8ddaf0e168614b1", "url": "https://git.kernel.org/stable/c/7363a69d8ca8f0086f8e1196c8ddaf0e168614b1" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/90bdf50ae70c5571a277b5601e4f5df210831e0a", "url": "https://git.kernel.org/stable/c/90bdf50ae70c5571a277b5601e4f5df210831e0a" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/9605f50157cae00eb299e1189a6d708c84935ad8", "url": "https://git.kernel.org/stable/c/9605f50157cae00eb299e1189a6d708c84935ad8" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/adbfdaacde18faf6cd4e490764045375266b3fbd", "url": "https://git.kernel.org/stable/c/adbfdaacde18faf6cd4e490764045375266b3fbd" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/dedd558d9765b72c66e5a53948e9f5abc3ece1f6", "url": "https://git.kernel.org/stable/c/dedd558d9765b72c66e5a53948e9f5abc3ece1f6" } ], "release_date": "2025-06-18T11:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2022-50252", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nigb: Do not free q_vector unless new one was allocated\n\nAvoid potential use-after-free condition under memory pressure. If the\nkzalloc() fails, q_vector will be freed but left in the original\nadapter->q_vector[v_idx] array position.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-50252" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/0200f0fbb11e359cc35af72ab10b2ec224e6f633", "url": "https://git.kernel.org/stable/c/0200f0fbb11e359cc35af72ab10b2ec224e6f633" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/0668716506ca66f90d395f36ccdaebc3e0e84801", "url": "https://git.kernel.org/stable/c/0668716506ca66f90d395f36ccdaebc3e0e84801" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/314f7092b27749bdde44c14095b5533afa2a3bc8", "url": "https://git.kernel.org/stable/c/314f7092b27749bdde44c14095b5533afa2a3bc8" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/3cb18dea11196fb4a06f78294cec5e61985e1aff", "url": "https://git.kernel.org/stable/c/3cb18dea11196fb4a06f78294cec5e61985e1aff" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/56483aecf6b22eb7dff6315b3a174688c6ad494c", "url": "https://git.kernel.org/stable/c/56483aecf6b22eb7dff6315b3a174688c6ad494c" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/64ca1969599857143e91aeec4440640656100803", "url": "https://git.kernel.org/stable/c/64ca1969599857143e91aeec4440640656100803" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/68e8adbcaf7a8743e473343b38b9dad66e2ac6f3", "url": "https://git.kernel.org/stable/c/68e8adbcaf7a8743e473343b38b9dad66e2ac6f3" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/6e399577bd397a517df4b938601108c63769ce0a", "url": "https://git.kernel.org/stable/c/6e399577bd397a517df4b938601108c63769ce0a" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/f96bd8adc8adde25390965a8c1ee81b73cb62075", "url": "https://git.kernel.org/stable/c/f96bd8adc8adde25390965a8c1ee81b73cb62075" } ], "release_date": "2025-09-15T14:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-37923", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing: Fix oob write in trace_seq_to_buffer()\n\nsyzbot reported this bug:\n==================================================================\nBUG: KASAN: slab-out-of-bounds in trace_seq_to_buffer kernel/trace/trace.c:1830 [inline]\nBUG: KASAN: slab-out-of-bounds in tracing_splice_read_pipe+0x6be/0xdd0 kernel/trace/trace.c:6822\nWrite of size 4507 at addr ffff888032b6b000 by task syz.2.320/7260\n\nCPU: 1 UID: 0 PID: 7260 Comm: syz.2.320 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025\nCall Trace:\n \n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:408 [inline]\n print_report+0xc3/0x670 mm/kasan/report.c:521\n kasan_report+0xe0/0x110 mm/kasan/report.c:634\n check_region_inline mm/kasan/generic.c:183 [inline]\n kasan_check_range+0xef/0x1a0 mm/kasan/generic.c:189\n __asan_memcpy+0x3c/0x60 mm/kasan/shadow.c:106\n trace_seq_to_buffer kernel/trace/trace.c:1830 [inline]\n tracing_splice_read_pipe+0x6be/0xdd0 kernel/trace/trace.c:6822\n ....\n==================================================================\n\nIt has been reported that trace_seq_to_buffer() tries to copy more data\nthan PAGE_SIZE to buf. Therefore, to prevent this, we should use the\nsmaller of trace_seq_used(&iter->seq) and PAGE_SIZE as an argument.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-37923" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/056ebbddb8faf4ddf83d005454dd78fc25c2d897", "url": "https://git.kernel.org/stable/c/056ebbddb8faf4ddf83d005454dd78fc25c2d897" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/1a3f9482b50b74fa9421bff8ceecfefd0dc06f8f", "url": "https://git.kernel.org/stable/c/1a3f9482b50b74fa9421bff8ceecfefd0dc06f8f" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/1f27a3e93b8d674b24b27fcdbc6f72743cd96c0d", "url": "https://git.kernel.org/stable/c/1f27a3e93b8d674b24b27fcdbc6f72743cd96c0d" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/441021e5b3c7d9bd1b963590652c415929f3b157", "url": "https://git.kernel.org/stable/c/441021e5b3c7d9bd1b963590652c415929f3b157" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/665ce421041890571852422487f4c613d1824ba9", "url": "https://git.kernel.org/stable/c/665ce421041890571852422487f4c613d1824ba9" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c5d2b66c5ef5037b4b4360e5447605ff00ba1bd4", "url": "https://git.kernel.org/stable/c/c5d2b66c5ef5037b4b4360e5447605ff00ba1bd4" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/f4b0174e9f18aaba59ee6ffdaf8827a7f94eb606", "url": "https://git.kernel.org/stable/c/f4b0174e9f18aaba59ee6ffdaf8827a7f94eb606" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/f5178c41bb43444a6008150fe6094497135d07cb", "url": "https://git.kernel.org/stable/c/f5178c41bb43444a6008150fe6094497135d07cb" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/08/msg00010.html", "url": "https://lists.debian.org/debian-lts-announce/2025/08/msg00010.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html" } ], "release_date": "2025-05-20T16:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2021-47142", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Fix a use-after-free\n\nlooks like we forget to set ttm->sg to NULL.\nHit panic below\n\n[ 1235.844104] general protection fault, probably for non-canonical address 0x6b6b6b6b6b6b7b4b: 0000 [#1] SMP DEBUG_PAGEALLOC NOPTI\n[ 1235.989074] Call Trace:\n[ 1235.991751] sg_free_table+0x17/0x20\n[ 1235.995667] amdgpu_ttm_backend_unbind.cold+0x4d/0xf7 [amdgpu]\n[ 1236.002288] amdgpu_ttm_backend_destroy+0x29/0x130 [amdgpu]\n[ 1236.008464] ttm_tt_destroy+0x1e/0x30 [ttm]\n[ 1236.013066] ttm_bo_cleanup_memtype_use+0x51/0xa0 [ttm]\n[ 1236.018783] ttm_bo_release+0x262/0xa50 [ttm]\n[ 1236.023547] ttm_bo_put+0x82/0xd0 [ttm]\n[ 1236.027766] amdgpu_bo_unref+0x26/0x50 [amdgpu]\n[ 1236.032809] amdgpu_amdkfd_gpuvm_alloc_memory_of_gpu+0x7aa/0xd90 [amdgpu]\n[ 1236.040400] kfd_ioctl_alloc_memory_of_gpu+0xe2/0x330 [amdgpu]\n[ 1236.046912] kfd_ioctl+0x463/0x690 [amdgpu]", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2021-47142" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/0707c3fea8102d211631ba515ef2159707561b0d", "url": "https://git.kernel.org/stable/c/0707c3fea8102d211631ba515ef2159707561b0d" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/1e5c37385097c35911b0f8a0c67ffd10ee1af9a2", "url": "https://git.kernel.org/stable/c/1e5c37385097c35911b0f8a0c67ffd10ee1af9a2" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/3293cf3513d69f00c14d43e2020826d45ea0e46a", "url": "https://git.kernel.org/stable/c/3293cf3513d69f00c14d43e2020826d45ea0e46a" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/7398c2aab4da960761ec182d04d6d5abbb4a226e", "url": "https://git.kernel.org/stable/c/7398c2aab4da960761ec182d04d6d5abbb4a226e" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/952ab3f9f48eb0e8050596d41951cf516be6b122", "url": "https://git.kernel.org/stable/c/952ab3f9f48eb0e8050596d41951cf516be6b122" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a849e218556f932576c0fb1c5a88714b61709a17", "url": "https://git.kernel.org/stable/c/a849e218556f932576c0fb1c5a88714b61709a17" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/d4ea141fd4b40636a8326df5a377d9c5cf9b3faa", "url": "https://git.kernel.org/stable/c/d4ea141fd4b40636a8326df5a377d9c5cf9b3faa" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/f98cdf084405333ee2f5be548a91b2d168e49276", "url": "https://git.kernel.org/stable/c/f98cdf084405333ee2f5be548a91b2d168e49276" } ], "release_date": "2024-03-25T09:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ] }, { "cve": "CVE-2025-38494", "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: core: do not bypass hid_hw_raw_request\n\nhid_hw_raw_request() is actually useful to ensure the provided buffer\nand length are valid. Directly calling in the low level transport driver\nfunction bypassed those checks and allowed invalid paramto be used.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-38494" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/0e5017d84d650ca0eeaf4a3fe9264c5dbc886b81", "url": "https://git.kernel.org/stable/c/0e5017d84d650ca0eeaf4a3fe9264c5dbc886b81" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/19d1314d46c0d8a5c08ab53ddeb62280c77698c0", "url": "https://git.kernel.org/stable/c/19d1314d46c0d8a5c08ab53ddeb62280c77698c0" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/40e25aa7e4e0f2440c73a683ee448e41c7c344ed", "url": "https://git.kernel.org/stable/c/40e25aa7e4e0f2440c73a683ee448e41c7c344ed" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a62a895edb2bfebffa865b5129a66e3b4287f34f", "url": "https://git.kernel.org/stable/c/a62a895edb2bfebffa865b5129a66e3b4287f34f" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c2ca42f190b6714d6c481dfd3d9b62ea091c946b", "url": "https://git.kernel.org/stable/c/c2ca42f190b6714d6c481dfd3d9b62ea091c946b" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/d18f63e848840100dbc351a82e7042eac5a28cf5", "url": "https://git.kernel.org/stable/c/d18f63e848840100dbc351a82e7042eac5a28cf5" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/dd8e8314f2ce225dade5248dcfb9e2ac0edda624", "url": "https://git.kernel.org/stable/c/dd8e8314f2ce225dade5248dcfb9e2ac0edda624" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/f10923b8d32a473b229477b63f23bbd72b1e9910", "url": "https://git.kernel.org/stable/c/f10923b8d32a473b229477b63f23bbd72b1e9910" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html" } ], "release_date": "2025-07-28T12:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-38403", "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock/vmci: Clear the vmci transport packet properly when initializing it\n\nIn vmci_transport_packet_init memset the vmci_transport_packet before\npopulating the fields to avoid any uninitialised data being left in the\nstructure.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-38403" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/0a01021317375b8d1895152f544421ce49299eb1", "url": "https://git.kernel.org/stable/c/0a01021317375b8d1895152f544421ce49299eb1" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/19c2cc01ff9a8031398a802676ffb0f4692dd95d", "url": "https://git.kernel.org/stable/c/19c2cc01ff9a8031398a802676ffb0f4692dd95d" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/1c1bcb0e78230f533b4103e8cf271d17c3f469f0", "url": "https://git.kernel.org/stable/c/1c1bcb0e78230f533b4103e8cf271d17c3f469f0" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/223e2288f4b8c262a864e2c03964ffac91744cd5", "url": "https://git.kernel.org/stable/c/223e2288f4b8c262a864e2c03964ffac91744cd5" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/2d44723a091bc853272e1a51a488a3d22b80be5e", "url": "https://git.kernel.org/stable/c/2d44723a091bc853272e1a51a488a3d22b80be5e" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/75705b44e0b9aaa74f4c163d93d388bcba9e386a", "url": "https://git.kernel.org/stable/c/75705b44e0b9aaa74f4c163d93d388bcba9e386a" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/94d0c326cb3ee6b0f8bd00e209550b93fcc5c839", "url": "https://git.kernel.org/stable/c/94d0c326cb3ee6b0f8bd00e209550b93fcc5c839" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/e9a673153d578fd439919a24e99851b2f87ecbce", "url": "https://git.kernel.org/stable/c/e9a673153d578fd439919a24e99851b2f87ecbce" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html" } ], "release_date": "2025-07-25T14:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-38699", "cwe": { "id": "CWE-415", "name": "Double Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: bfa: Double-free fix\n\nWhen the bfad_im_probe() function fails during initialization, the memory\npointed to by bfad->im is freed without setting bfad->im to NULL.\n\nSubsequently, during driver uninstallation, when the state machine enters\nthe bfad_sm_stopping state and calls the bfad_im_probe_undo() function,\nit attempts to free the memory pointed to by bfad->im again, thereby\ntriggering a double-free vulnerability.\n\nSet bfad->im to NULL if probing fails.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-38699" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/13f613228cf3c96a038424cd97aa4d6aadc66294", "url": "https://git.kernel.org/stable/c/13f613228cf3c96a038424cd97aa4d6aadc66294" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/39cfe2c83146aad956318f866d0ee471b7a61fa5", "url": "https://git.kernel.org/stable/c/39cfe2c83146aad956318f866d0ee471b7a61fa5" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/50d9bd48321038bd6e15af5a454bbcd180cf6f80", "url": "https://git.kernel.org/stable/c/50d9bd48321038bd6e15af5a454bbcd180cf6f80" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/684c92bb08a25ed3c0356bc7eb532ed5b19588dd", "url": "https://git.kernel.org/stable/c/684c92bb08a25ed3c0356bc7eb532ed5b19588dd" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/8456f862cb95bcc3a831e1ba87c0c17068be0f3f", "url": "https://git.kernel.org/stable/c/8456f862cb95bcc3a831e1ba87c0c17068be0f3f" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/8e03dd9fadf76db5b9799583074a1a2a54f787f1", "url": "https://git.kernel.org/stable/c/8e03dd9fadf76db5b9799583074a1a2a54f787f1" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/9337c2affbaebe00b75fdf84ea0e2fcf93c140af", "url": "https://git.kernel.org/stable/c/9337c2affbaebe00b75fdf84ea0e2fcf93c140af" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/add4c4850363d7c1b72e8fce9ccb21fdd2cf5dc9", "url": "https://git.kernel.org/stable/c/add4c4850363d7c1b72e8fce9ccb21fdd2cf5dc9" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/ba024d92564580bb90ec367248ace8efe16ce815", "url": "https://git.kernel.org/stable/c/ba024d92564580bb90ec367248ace8efe16ce815" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html" } ], "release_date": "2025-09-04T16:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2022-50432", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nkernfs: fix use-after-free in __kernfs_remove\n\nSyzkaller managed to trigger concurrent calls to\nkernfs_remove_by_name_ns() for the same file resulting in\na KASAN detected use-after-free. The race occurs when the root\nnode is freed during kernfs_drain().\n\nTo prevent this acquire an additional reference for the root\nof the tree that is removed before calling __kernfs_remove().\n\nFound by syzkaller with the following reproducer (slab_nomerge is\nrequired):\n\nsyz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\\x00', 0x100000, 0x0, 0x0, 0x0, 0x0)\nr0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\\x00', 0x0, 0x0)\nclose(r0)\npipe2(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800)\nmount$9p_fd(0x0, &(0x7f0000000040)='./file0\\x00', &(0x7f00000000c0), 0x408, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_loose}, {@mmap}, {@loose}, {@loose}, {@mmap}], [{@mask={'mask', 0x3d, '^MAY_EXEC'}}, {@fsmagic={'fsmagic', 0x3d, 0x10001}}, {@dont_hash}]}})\n\nSample report:\n\n==================================================================\nBUG: KASAN: use-after-free in kernfs_type include/linux/kernfs.h:335 [inline]\nBUG: KASAN: use-after-free in kernfs_leftmost_descendant fs/kernfs/dir.c:1261 [inline]\nBUG: KASAN: use-after-free in __kernfs_remove.part.0+0x843/0x960 fs/kernfs/dir.c:1369\nRead of size 2 at addr ffff8880088807f0 by task syz-executor.2/857\n\nCPU: 0 PID: 857 Comm: syz-executor.2 Not tainted 6.0.0-rc3-00363-g7726d4c3e60b #5\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\nCall Trace:\n \n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x6e/0x91 lib/dump_stack.c:106\n print_address_description mm/kasan/report.c:317 [inline]\n print_report.cold+0x5e/0x5e5 mm/kasan/report.c:433\n kasan_report+0xa3/0x130 mm/kasan/report.c:495\n kernfs_type include/linux/kernfs.h:335 [inline]\n kernfs_leftmost_descendant fs/kernfs/dir.c:1261 [inline]\n __kernfs_remove.part.0+0x843/0x960 fs/kernfs/dir.c:1369\n __kernfs_remove fs/kernfs/dir.c:1356 [inline]\n kernfs_remove_by_name_ns+0x108/0x190 fs/kernfs/dir.c:1589\n sysfs_slab_add+0x133/0x1e0 mm/slub.c:5943\n __kmem_cache_create+0x3e0/0x550 mm/slub.c:4899\n create_cache mm/slab_common.c:229 [inline]\n kmem_cache_create_usercopy+0x167/0x2a0 mm/slab_common.c:335\n p9_client_create+0xd4d/0x1190 net/9p/client.c:993\n v9fs_session_init+0x1e6/0x13c0 fs/9p/v9fs.c:408\n v9fs_mount+0xb9/0xbd0 fs/9p/vfs_super.c:126\n legacy_get_tree+0xf1/0x200 fs/fs_context.c:610\n vfs_get_tree+0x85/0x2e0 fs/super.c:1530\n do_new_mount fs/namespace.c:3040 [inline]\n path_mount+0x675/0x1d00 fs/namespace.c:3370\n do_mount fs/namespace.c:3383 [inline]\n __do_sys_mount fs/namespace.c:3591 [inline]\n __se_sys_mount fs/namespace.c:3568 [inline]\n __x64_sys_mount+0x282/0x300 fs/namespace.c:3568\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x38/0x90 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\nRIP: 0033:0x7f725f983aed\nCode: 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f725f0f7028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5\nRAX: ffffffffffffffda RBX: 00007f725faa3f80 RCX: 00007f725f983aed\nRDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000000000000\nRBP: 00007f725f9f419c R08: 0000000020000280 R09: 0000000000000000\nR10: 0000000000000408 R11: 0000000000000246 R12: 0000000000000000\nR13: 0000000000000006 R14: 00007f725faa3f80 R15: 00007f725f0d7000\n \n\nAllocated by task 855:\n kasan_save_stack+0x1e/0x40 mm/kasan/common.c:38\n kasan_set_track mm/kasan/common.c:45 [inline]\n set_alloc_info mm/kasan/common.c:437 [inline]\n __kasan_slab_alloc+0x66/0x80 mm/kasan/common.c:470\n kasan_slab_alloc include/linux/kasan.h:224 [inline]\n slab_post_alloc_hook mm/slab.h:7\n---truncated---", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-50432" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/028cf780743eea79abffa7206b9dcfc080ad3546", "url": "https://git.kernel.org/stable/c/028cf780743eea79abffa7206b9dcfc080ad3546" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/02eb35131050735332658029082f61515b7dfe38", "url": "https://git.kernel.org/stable/c/02eb35131050735332658029082f61515b7dfe38" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/4abc99652812a2ddf932f137515d5c5a04723538", "url": "https://git.kernel.org/stable/c/4abc99652812a2ddf932f137515d5c5a04723538" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/4dfd6a477a1525773469feaf3c514b2c0fef76b5", "url": "https://git.kernel.org/stable/c/4dfd6a477a1525773469feaf3c514b2c0fef76b5" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/6f72a3977ba9d0e5491a5c01315204272e7f9c44", "url": "https://git.kernel.org/stable/c/6f72a3977ba9d0e5491a5c01315204272e7f9c44" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/94d2643df1e70a4c310ebb5e2c493eec33df1a06", "url": "https://git.kernel.org/stable/c/94d2643df1e70a4c310ebb5e2c493eec33df1a06" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/af1b57cc39beca203559576b3046094fc9e5eb32", "url": "https://git.kernel.org/stable/c/af1b57cc39beca203559576b3046094fc9e5eb32" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c78b0dc6fb7fb389d674e491fd376388cdfb1d53", "url": "https://git.kernel.org/stable/c/c78b0dc6fb7fb389d674e491fd376388cdfb1d53" } ], "release_date": "2025-10-01T12:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2023-53616", "cwe": { "id": "CWE-415", "name": "Double Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: fix invalid free of JFS_IP(ipimap)->i_imap in diUnmount\n\nsyzbot found an invalid-free in diUnmount:\n\nBUG: KASAN: double-free in slab_free mm/slub.c:3661 [inline]\nBUG: KASAN: double-free in __kmem_cache_free+0x71/0x110 mm/slub.c:3674\nFree of addr ffff88806f410000 by task syz-executor131/3632\n\n CPU: 0 PID: 3632 Comm: syz-executor131 Not tainted 6.1.0-rc7-syzkaller-00012-gca57f02295f1 #0\n Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022\n Call Trace:\n \n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x1b1/0x28e lib/dump_stack.c:106\n print_address_description+0x74/0x340 mm/kasan/report.c:284\n print_report+0x107/0x1f0 mm/kasan/report.c:395\n kasan_report_invalid_free+0xac/0xd0 mm/kasan/report.c:460\n ____kasan_slab_free+0xfb/0x120\n kasan_slab_free include/linux/kasan.h:177 [inline]\n slab_free_hook mm/slub.c:1724 [inline]\n slab_free_freelist_hook+0x12e/0x1a0 mm/slub.c:1750\n slab_free mm/slub.c:3661 [inline]\n __kmem_cache_free+0x71/0x110 mm/slub.c:3674\n diUnmount+0xef/0x100 fs/jfs/jfs_imap.c:195\n jfs_umount+0x108/0x370 fs/jfs/jfs_umount.c:63\n jfs_put_super+0x86/0x190 fs/jfs/super.c:194\n generic_shutdown_super+0x130/0x310 fs/super.c:492\n kill_block_super+0x79/0xd0 fs/super.c:1428\n deactivate_locked_super+0xa7/0xf0 fs/super.c:332\n cleanup_mnt+0x494/0x520 fs/namespace.c:1186\n task_work_run+0x243/0x300 kernel/task_work.c:179\n exit_task_work include/linux/task_work.h:38 [inline]\n do_exit+0x664/0x2070 kernel/exit.c:820\n do_group_exit+0x1fd/0x2b0 kernel/exit.c:950\n __do_sys_exit_group kernel/exit.c:961 [inline]\n __se_sys_exit_group kernel/exit.c:959 [inline]\n __x64_sys_exit_group+0x3b/0x40 kernel/exit.c:959\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x3d/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n[...]\n\nJFS_IP(ipimap)->i_imap is not setting to NULL after free in diUnmount.\nIf jfs_remount() free JFS_IP(ipimap)->i_imap but then failed at diMount().\nJFS_IP(ipimap)->i_imap will be freed once again.\nFix this problem by setting JFS_IP(ipimap)->i_imap to NULL after free.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2023-53616" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/114ea3cb13ab25f7178cb60283adb93d2f96dad7", "url": "https://git.kernel.org/stable/c/114ea3cb13ab25f7178cb60283adb93d2f96dad7" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/4de3a603010e0ca334487de24c6aab0777b7f808", "url": "https://git.kernel.org/stable/c/4de3a603010e0ca334487de24c6aab0777b7f808" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/5873df0195124be2f357de11bfd473ead4f90ed8", "url": "https://git.kernel.org/stable/c/5873df0195124be2f357de11bfd473ead4f90ed8" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/6e2bda2c192d0244b5a78b787ef20aa10cb319b7", "url": "https://git.kernel.org/stable/c/6e2bda2c192d0244b5a78b787ef20aa10cb319b7" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/756747d4b439e3e1159282ae89f17eefebbe9b25", "url": "https://git.kernel.org/stable/c/756747d4b439e3e1159282ae89f17eefebbe9b25" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/88484bde6f12126616b38e43b6c00edcd941f615", "url": "https://git.kernel.org/stable/c/88484bde6f12126616b38e43b6c00edcd941f615" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c3c0f0ddd851b3fa3e9d3450bbcd561f4f850469", "url": "https://git.kernel.org/stable/c/c3c0f0ddd851b3fa3e9d3450bbcd561f4f850469" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/ef7311101ca43dd73b45bca7a30ac72d9535ff87", "url": "https://git.kernel.org/stable/c/ef7311101ca43dd73b45bca7a30ac72d9535ff87" } ], "release_date": "2025-10-04T16:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-38428", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nInput: ims-pcu - check record size in ims_pcu_flash_firmware()\n\nThe \"len\" variable comes from the firmware and we generally do\ntrust firmware, but it's always better to double check. If the \"len\"\nis too large it could result in memory corruption when we do\n\"memcpy(fragment->data, rec->data, len);\"", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-38428" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/17474a56acf708bf6b2d174c06ed26abad0a9fd6", "url": "https://git.kernel.org/stable/c/17474a56acf708bf6b2d174c06ed26abad0a9fd6" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/5a8cd6ae8393e2eaebf51d420d5374821ef2af87", "url": "https://git.kernel.org/stable/c/5a8cd6ae8393e2eaebf51d420d5374821ef2af87" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/74661516daee1eadebede8dc607b6830530096ec", "url": "https://git.kernel.org/stable/c/74661516daee1eadebede8dc607b6830530096ec" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/8e03f1c7d50343bf21da54873301bc4fa647479f", "url": "https://git.kernel.org/stable/c/8e03f1c7d50343bf21da54873301bc4fa647479f" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a95ef0199e80f3384eb992889322957d26c00102", "url": "https://git.kernel.org/stable/c/a95ef0199e80f3384eb992889322957d26c00102" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c1b9d140b0807c6aee4bb53e1bfa4e391e3dc204", "url": "https://git.kernel.org/stable/c/c1b9d140b0807c6aee4bb53e1bfa4e391e3dc204" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/d63706d9f73846106fde28b284f08e01b92ce9f1", "url": "https://git.kernel.org/stable/c/d63706d9f73846106fde28b284f08e01b92ce9f1" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/e5a2481dc2a0b430f49276d7482793a8923631d6", "url": "https://git.kernel.org/stable/c/e5a2481dc2a0b430f49276d7482793a8923631d6" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html" } ], "release_date": "2025-07-25T15:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2023-53521", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ses: Fix slab-out-of-bounds in ses_intf_remove()\n\nA fix for:\n\nBUG: KASAN: slab-out-of-bounds in ses_intf_remove+0x23f/0x270 [ses]\nRead of size 8 at addr ffff88a10d32e5d8 by task rmmod/12013\n\nWhen edev->components is zero, accessing edev->component[0] members is\nwrong.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2023-53521" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/0595cdb587726b4f0fa780eb7462e3679d141e82", "url": "https://git.kernel.org/stable/c/0595cdb587726b4f0fa780eb7462e3679d141e82" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/2fb1fa8425cce2dc4dce298275d22d7077694b73", "url": "https://git.kernel.org/stable/c/2fb1fa8425cce2dc4dce298275d22d7077694b73" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/40af9a6deed723485e05b7d3255a28750692e8db", "url": "https://git.kernel.org/stable/c/40af9a6deed723485e05b7d3255a28750692e8db" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/578797f0c8cbc2e3ec5fc0dab87087b4c7073686", "url": "https://git.kernel.org/stable/c/578797f0c8cbc2e3ec5fc0dab87087b4c7073686" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/76f7050537476ac062ec23a544fbca8270f2d08b", "url": "https://git.kernel.org/stable/c/76f7050537476ac062ec23a544fbca8270f2d08b" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/82143faf01dda831b89eccef60c39ef8575ab08a", "url": "https://git.kernel.org/stable/c/82143faf01dda831b89eccef60c39ef8575ab08a" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/87e47be38d205df338c52ead43f23b2864567423", "url": "https://git.kernel.org/stable/c/87e47be38d205df338c52ead43f23b2864567423" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/8f9542cad6c27297c8391de3a659f0b7948495d0", "url": "https://git.kernel.org/stable/c/8f9542cad6c27297c8391de3a659f0b7948495d0" } ], "release_date": "2025-10-01T12:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-38482", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncomedi: das6402: Fix bit shift out of bounds\n\nWhen checking for a supported IRQ number, the following test is used:\n\n\t/* IRQs 2,3,5,6,7, 10,11,15 are valid for \"enhanced\" mode */\n\tif ((1 << it->options[1]) & 0x8cec) {\n\nHowever, `it->options[i]` is an unchecked `int` value from userspace, so\nthe shift amount could be negative or out of bounds. Fix the test by\nrequiring `it->options[1]` to be within bounds before proceeding with\nthe original test. Valid `it->options[1]` values that select the IRQ\nwill be in the range [1,15]. The value 0 explicitly disables the use of\ninterrupts.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-38482" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/3eab654f5d199ecd45403c6588cda63e491fcfca", "url": "https://git.kernel.org/stable/c/3eab654f5d199ecd45403c6588cda63e491fcfca" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/4a3c18cde02e35aba87e0ad5672b3e1c72dda5a4", "url": "https://git.kernel.org/stable/c/4a3c18cde02e35aba87e0ad5672b3e1c72dda5a4" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/70f2b28b5243df557f51c054c20058ae207baaac", "url": "https://git.kernel.org/stable/c/70f2b28b5243df557f51c054c20058ae207baaac" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/73f34d609397805c20d6b2ef5c07a4cbf7c4d63a", "url": "https://git.kernel.org/stable/c/73f34d609397805c20d6b2ef5c07a4cbf7c4d63a" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/8a3637027ceeba4ca5e500b23cb7d24c25592513", "url": "https://git.kernel.org/stable/c/8a3637027ceeba4ca5e500b23cb7d24c25592513" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a15e9c175f783298c4ee48146be6841335400406", "url": "https://git.kernel.org/stable/c/a15e9c175f783298c4ee48146be6841335400406" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a18a42e77545afcacd6a2b8d9fc16191b87454df", "url": "https://git.kernel.org/stable/c/a18a42e77545afcacd6a2b8d9fc16191b87454df" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/de8da1063cce9234d55c8270d9bdf4cf84411c80", "url": "https://git.kernel.org/stable/c/de8da1063cce9234d55c8270d9bdf4cf84411c80" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html" } ], "release_date": "2025-07-28T12:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2023-53484", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlib: cpu_rmap: Avoid use after free on rmap->obj array entries\n\nWhen calling irq_set_affinity_notifier() with NULL at the notify\nargument, it will cause freeing of the glue pointer in the\ncorresponding array entry but will leave the pointer in the array. A\nsubsequent call to free_irq_cpu_rmap() will try to free this entry again\nleading to possible use after free.\n\nFix that by setting NULL to the array entry and checking that we have\nnon-zero at the array entry when iterating over the array in\nfree_irq_cpu_rmap().\n\nThe current code does not suffer from this since there are no cases\nwhere irq_set_affinity_notifier(irq, NULL) (note the NULL passed for the\nnotify arg) is called, followed by a call to free_irq_cpu_rmap() so we\ndon't hit and issue. Subsequent patches in this series excersize this\nflow, hence the required fix.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2023-53484" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/4e0473f1060aa49621d40a113afde24818101d37", "url": "https://git.kernel.org/stable/c/4e0473f1060aa49621d40a113afde24818101d37" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/67bca5f1d644f4e79b694abd8052a177de81c37f", "url": "https://git.kernel.org/stable/c/67bca5f1d644f4e79b694abd8052a177de81c37f" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/981f339d2905b6a92ef59358158b326493aecac5", "url": "https://git.kernel.org/stable/c/981f339d2905b6a92ef59358158b326493aecac5" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c6ed54dd90698dc0744d669524cc1c122ded8a16", "url": "https://git.kernel.org/stable/c/c6ed54dd90698dc0744d669524cc1c122ded8a16" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c9115f49cf260d24d8b5f2d9a4b63cb31a627bb4", "url": "https://git.kernel.org/stable/c/c9115f49cf260d24d8b5f2d9a4b63cb31a627bb4" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/cc2d2b3dbfb0ba57bc027fb7e1121250c50e4000", "url": "https://git.kernel.org/stable/c/cc2d2b3dbfb0ba57bc027fb7e1121250c50e4000" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/d1308bd0b24cb1d78fa2747d5fa3e055cc628a48", "url": "https://git.kernel.org/stable/c/d1308bd0b24cb1d78fa2747d5fa3e055cc628a48" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/f748e15253833b771acbede14ea98f50831ac289", "url": "https://git.kernel.org/stable/c/f748e15253833b771acbede14ea98f50831ac289" } ], "release_date": "2025-10-01T12:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2023-53075", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nftrace: Fix invalid address access in lookup_rec() when index is 0\n\nKASAN reported follow problem:\n\n BUG: KASAN: use-after-free in lookup_rec\n Read of size 8 at addr ffff000199270ff0 by task modprobe\n CPU: 2 Comm: modprobe\n Call trace:\n kasan_report\n __asan_load8\n lookup_rec\n ftrace_location\n arch_check_ftrace_location\n check_kprobe_address_safe\n register_kprobe\n\nWhen checking pg->records[pg->index - 1].ip in lookup_rec(), it can get a\npg which is newly added to ftrace_pages_start in ftrace_process_locs().\nBefore the first pg->index++, index is 0 and accessing pg->records[-1].ip\nwill cause this problem.\n\nDon't check the ip when pg->index is 0.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2023-53075" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/2a0d71fabfeb349216d33f001a6421b1768bd3a9", "url": "https://git.kernel.org/stable/c/2a0d71fabfeb349216d33f001a6421b1768bd3a9" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/2de28e5ce34b22b73b833a21e2c45ae3aade3964", "url": "https://git.kernel.org/stable/c/2de28e5ce34b22b73b833a21e2c45ae3aade3964" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/4f84f31f63416b0f02fc146ffdc4ab32723eb7e8", "url": "https://git.kernel.org/stable/c/4f84f31f63416b0f02fc146ffdc4ab32723eb7e8" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/7569ee04b0e3b32df79f64db3a7138573edad9bc", "url": "https://git.kernel.org/stable/c/7569ee04b0e3b32df79f64db3a7138573edad9bc" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/83c3b2f4e7c61367c7b24551f4c6eb94bbdda283", "url": "https://git.kernel.org/stable/c/83c3b2f4e7c61367c7b24551f4c6eb94bbdda283" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/ac58b88ccbbb8e9fb83e137cee04a856b1ea6635", "url": "https://git.kernel.org/stable/c/ac58b88ccbbb8e9fb83e137cee04a856b1ea6635" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/ee92fa443358f4fc0017c1d0d325c27b37802504", "url": "https://git.kernel.org/stable/c/ee92fa443358f4fc0017c1d0d325c27b37802504" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/f1bd8b7fd890d87d0dc4dedc6287ea34dd07c0b4", "url": "https://git.kernel.org/stable/c/f1bd8b7fd890d87d0dc4dedc6287ea34dd07c0b4" } ], "release_date": "2025-05-02T16:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-38245", "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: Release atm_dev_mutex after removing procfs in atm_dev_deregister().\n\nsyzbot reported a warning below during atm_dev_register(). [0]\n\nBefore creating a new device and procfs/sysfs for it, atm_dev_register()\nlooks up a duplicated device by __atm_dev_lookup(). These operations are\ndone under atm_dev_mutex.\n\nHowever, when removing a device in atm_dev_deregister(), it releases the\nmutex just after removing the device from the list that __atm_dev_lookup()\niterates over.\n\nSo, there will be a small race window where the device does not exist on\nthe device list but procfs/sysfs are still not removed, triggering the\nsplat.\n\nLet's hold the mutex until procfs/sysfs are removed in\natm_dev_deregister().\n\n[0]:\nproc_dir_entry 'atm/atmtcp:0' already registered\nWARNING: CPU: 0 PID: 5919 at fs/proc/generic.c:377 proc_register+0x455/0x5f0 fs/proc/generic.c:377\nModules linked in:\nCPU: 0 UID: 0 PID: 5919 Comm: syz-executor284 Not tainted 6.16.0-rc2-syzkaller-00047-g52da431bf03b #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025\nRIP: 0010:proc_register+0x455/0x5f0 fs/proc/generic.c:377\nCode: 48 89 f9 48 c1 e9 03 80 3c 01 00 0f 85 a2 01 00 00 48 8b 44 24 10 48 c7 c7 20 c0 c2 8b 48 8b b0 d8 00 00 00 e8 0c 02 1c ff 90 <0f> 0b 90 90 48 c7 c7 80 f2 82 8e e8 0b de 23 09 48 8b 4c 24 28 48\nRSP: 0018:ffffc9000466fa30 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff817ae248\nRDX: ffff888026280000 RSI: ffffffff817ae255 RDI: 0000000000000001\nRBP: ffff8880232bed48 R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000001 R12: ffff888076ed2140\nR13: dffffc0000000000 R14: ffff888078a61340 R15: ffffed100edda444\nFS: 00007f38b3b0c6c0(0000) GS:ffff888124753000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f38b3bdf953 CR3: 0000000076d58000 CR4: 00000000003526f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \n proc_create_data+0xbe/0x110 fs/proc/generic.c:585\n atm_proc_dev_register+0x112/0x1e0 net/atm/proc.c:361\n atm_dev_register+0x46d/0x890 net/atm/resources.c:113\n atmtcp_create+0x77/0x210 drivers/atm/atmtcp.c:369\n atmtcp_attach drivers/atm/atmtcp.c:403 [inline]\n atmtcp_ioctl+0x2f9/0xd60 drivers/atm/atmtcp.c:464\n do_vcc_ioctl+0x12c/0x930 net/atm/ioctl.c:159\n sock_do_ioctl+0x115/0x280 net/socket.c:1190\n sock_ioctl+0x227/0x6b0 net/socket.c:1311\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:907 [inline]\n __se_sys_ioctl fs/ioctl.c:893 [inline]\n __x64_sys_ioctl+0x18b/0x210 fs/ioctl.c:893\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xcd/0x4c0 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7f38b3b74459\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f38b3b0c198 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 00007f38b3bfe318 RCX: 00007f38b3b74459\nRDX: 0000000000000000 RSI: 0000000000006180 RDI: 0000000000000005\nRBP: 00007f38b3bfe310 R08: 65732f636f72702f R09: 65732f636f72702f\nR10: 65732f636f72702f R11: 0000000000000246 R12: 00007f38b3bcb0ac\nR13: 00007f38b3b0c1a0 R14: 0000200000000200 R15: 00007f38b3bcb03b\n ", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-38245" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/26248d5d68c865b888d632162abbf8130645622c", "url": "https://git.kernel.org/stable/c/26248d5d68c865b888d632162abbf8130645622c" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/2a8dcee649d12f69713f2589171a1caf6d4fa439", "url": "https://git.kernel.org/stable/c/2a8dcee649d12f69713f2589171a1caf6d4fa439" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/4bb1bb438134d9ee6b97cc07289dd7c569092eec", "url": "https://git.kernel.org/stable/c/4bb1bb438134d9ee6b97cc07289dd7c569092eec" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/6922f1a048c090f10704bbef4a3a1e81932d2e0a", "url": "https://git.kernel.org/stable/c/6922f1a048c090f10704bbef4a3a1e81932d2e0a" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a433791aeaea6e84df709e0b9584b9bbe040cd1c", "url": "https://git.kernel.org/stable/c/a433791aeaea6e84df709e0b9584b9bbe040cd1c" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/ae539d963a17443ec54cba8a767e4ffa318264f4", "url": "https://git.kernel.org/stable/c/ae539d963a17443ec54cba8a767e4ffa318264f4" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/b2e40fcfe1575faaa548f87614006d3fe44c779e", "url": "https://git.kernel.org/stable/c/b2e40fcfe1575faaa548f87614006d3fe44c779e" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/cabed6ba92a9a8c09da02a3f20e32ecd80989896", "url": "https://git.kernel.org/stable/c/cabed6ba92a9a8c09da02a3f20e32ecd80989896" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html" } ], "release_date": "2025-07-09T11:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-38680", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: uvcvideo: Fix 1-byte out-of-bounds read in uvc_parse_format()\n\nThe buffer length check before calling uvc_parse_format() only ensured\nthat the buffer has at least 3 bytes (buflen > 2), buf the function\naccesses buffer[3], requiring at least 4 bytes.\n\nThis can lead to an out-of-bounds read if the buffer has exactly 3 bytes.\n\nFix it by checking that the buffer has at least 4 bytes in\nuvc_parse_format().", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-38680" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/1e269581b3aa5962fdc52757ab40da286168c087", "url": "https://git.kernel.org/stable/c/1e269581b3aa5962fdc52757ab40da286168c087" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/424980d33b3f816485513e538610168b03fab9f1", "url": "https://git.kernel.org/stable/c/424980d33b3f816485513e538610168b03fab9f1" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/6d4a7c0b296162354b6fc759a1475b9d57ddfaa6", "url": "https://git.kernel.org/stable/c/6d4a7c0b296162354b6fc759a1475b9d57ddfaa6" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/782b6a718651eda3478b1824b37a8b3185d2740c", "url": "https://git.kernel.org/stable/c/782b6a718651eda3478b1824b37a8b3185d2740c" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/8343f3fe0b755925f83d60b05e92bf4396879758", "url": "https://git.kernel.org/stable/c/8343f3fe0b755925f83d60b05e92bf4396879758" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/9ad554217c9b945031c73df4e8176a475e2dea57", "url": "https://git.kernel.org/stable/c/9ad554217c9b945031c73df4e8176a475e2dea57" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a97e062e4ff3dab84a2f1eb811e9eddc6699e2a9", "url": "https://git.kernel.org/stable/c/a97e062e4ff3dab84a2f1eb811e9eddc6699e2a9" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/cac702a439050df65272c49184aef7975fe3eff2", "url": "https://git.kernel.org/stable/c/cac702a439050df65272c49184aef7975fe3eff2" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/ffdd82182953df643aa63d999b6f1653d0c93778", "url": "https://git.kernel.org/stable/c/ffdd82182953df643aa63d999b6f1653d0c93778" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html" } ], "release_date": "2025-09-04T16:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-38530", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncomedi: pcl812: Fix bit shift out of bounds\n\nWhen checking for a supported IRQ number, the following test is used:\n\n\tif ((1 << it->options[1]) & board->irq_bits) {\n\nHowever, `it->options[i]` is an unchecked `int` value from userspace, so\nthe shift amount could be negative or out of bounds. Fix the test by\nrequiring `it->options[1]` to be within bounds before proceeding with\nthe original test. Valid `it->options[1]` values that select the IRQ\nwill be in the range [1,15]. The value 0 explicitly disables the use of\ninterrupts.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-38530" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/0489c30d080f07cc7f09d04de723d8c2ccdb61ef", "url": "https://git.kernel.org/stable/c/0489c30d080f07cc7f09d04de723d8c2ccdb61ef" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/16c173abee315953fd17a279352fec4a1faee862", "url": "https://git.kernel.org/stable/c/16c173abee315953fd17a279352fec4a1faee862" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/29ef03e5b84431171d6b77b822985b54bc44b793", "url": "https://git.kernel.org/stable/c/29ef03e5b84431171d6b77b822985b54bc44b793" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/374d9b3eb4b08407997ef1fce96119d31e0c0bc4", "url": "https://git.kernel.org/stable/c/374d9b3eb4b08407997ef1fce96119d31e0c0bc4" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/5bfa301e1e59a9b1a7b62a800b54852337c97416", "url": "https://git.kernel.org/stable/c/5bfa301e1e59a9b1a7b62a800b54852337c97416" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/7e470d8efd10725b189ca8951973a8425932398a", "url": "https://git.kernel.org/stable/c/7e470d8efd10725b189ca8951973a8425932398a" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a27e27eee313fe1c450b6af1e80e64412546cab4", "url": "https://git.kernel.org/stable/c/a27e27eee313fe1c450b6af1e80e64412546cab4" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/b14b076ce593f72585412fc7fd3747e03a5e3632", "url": "https://git.kernel.org/stable/c/b14b076ce593f72585412fc7fd3747e03a5e3632" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html" } ], "release_date": "2025-08-16T12:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-38677", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: fix to avoid out-of-boundary access in dnode page\n\nAs Jiaming Zhang reported:\n\n \n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x1c1/0x2a0 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0x17e/0x800 mm/kasan/report.c:480\n kasan_report+0x147/0x180 mm/kasan/report.c:593\n data_blkaddr fs/f2fs/f2fs.h:3053 [inline]\n f2fs_data_blkaddr fs/f2fs/f2fs.h:3058 [inline]\n f2fs_get_dnode_of_data+0x1a09/0x1c40 fs/f2fs/node.c:855\n f2fs_reserve_block+0x53/0x310 fs/f2fs/data.c:1195\n prepare_write_begin fs/f2fs/data.c:3395 [inline]\n f2fs_write_begin+0xf39/0x2190 fs/f2fs/data.c:3594\n generic_perform_write+0x2c7/0x910 mm/filemap.c:4112\n f2fs_buffered_write_iter fs/f2fs/file.c:4988 [inline]\n f2fs_file_write_iter+0x1ec8/0x2410 fs/f2fs/file.c:5216\n new_sync_write fs/read_write.c:593 [inline]\n vfs_write+0x546/0xa90 fs/read_write.c:686\n ksys_write+0x149/0x250 fs/read_write.c:738\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xf3/0x3d0 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nThe root cause is in the corrupted image, there is a dnode has the same\nnode id w/ its inode, so during f2fs_get_dnode_of_data(), it tries to\naccess block address in dnode at offset 934, however it parses the dnode\nas inode node, so that get_dnode_addr() returns 360, then it tries to\naccess page address from 360 + 934 * 4 = 4096 w/ 4 bytes.\n\nTo fix this issue, let's add sanity check for node id of all direct nodes\nduring f2fs_get_dnode_of_data().", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-38677" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/6b7784ea07e6aa044f74b39d6b5af5e28746fc81", "url": "https://git.kernel.org/stable/c/6b7784ea07e6aa044f74b39d6b5af5e28746fc81" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/77de19b6867f2740cdcb6c9c7e50d522b47847a4", "url": "https://git.kernel.org/stable/c/77de19b6867f2740cdcb6c9c7e50d522b47847a4" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/888aa660144bcb6ec07839da756ee46bfcf7fc53", "url": "https://git.kernel.org/stable/c/888aa660144bcb6ec07839da756ee46bfcf7fc53" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/901f62efd6e855f93d8b1175540f29f4dc45ba55", "url": "https://git.kernel.org/stable/c/901f62efd6e855f93d8b1175540f29f4dc45ba55" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/92ef491b506a0f4dd971a3a76f86f2d8f5370180", "url": "https://git.kernel.org/stable/c/92ef491b506a0f4dd971a3a76f86f2d8f5370180" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a650654365c57407413e9b1f6ff4d539bf2e99ca", "url": "https://git.kernel.org/stable/c/a650654365c57407413e9b1f6ff4d539bf2e99ca" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/ee4d13f5407cbdf1216cc258f45492075713889a", "url": "https://git.kernel.org/stable/c/ee4d13f5407cbdf1216cc258f45492075713889a" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/f1d5093d9fe9f3c74c123741c88666cc853b79c5", "url": "https://git.kernel.org/stable/c/f1d5093d9fe9f3c74c123741c88666cc853b79c5" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html" } ], "release_date": "2025-08-30T10:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-38204", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: fix array-index-out-of-bounds read in add_missing_indices\n\nstbl is s8 but it must contain offsets into slot which can go from 0 to\n127.\n\nAdded a bound check for that error and return -EIO if the check fails.\nAlso make jfs_readdir return with error if add_missing_indices returns\nwith an error.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-38204" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/44618bee303bed151ef3a525ff79fbd7689593b5", "url": "https://git.kernel.org/stable/c/44618bee303bed151ef3a525ff79fbd7689593b5" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/5dff41a86377563f7a2b968aae00d25b4ceb37c9", "url": "https://git.kernel.org/stable/c/5dff41a86377563f7a2b968aae00d25b4ceb37c9" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/81af4b34fd72d390d7f237c6a545cc6d09707956", "url": "https://git.kernel.org/stable/c/81af4b34fd72d390d7f237c6a545cc6d09707956" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/bfa4655d28f338e68d345aed80d19be7999bbce2", "url": "https://git.kernel.org/stable/c/bfa4655d28f338e68d345aed80d19be7999bbce2" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c8399564a58fb6ea2ff21a6fd278417943cb51a5", "url": "https://git.kernel.org/stable/c/c8399564a58fb6ea2ff21a6fd278417943cb51a5" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html" } ], "release_date": "2025-07-04T14:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2022-49503", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nath9k_htc: fix potential out of bounds access with invalid rxstatus->rs_keyix\n\nThe \"rxstatus->rs_keyix\" eventually gets passed to test_bit() so we need to\nensure that it is within the bitmap.\n\ndrivers/net/wireless/ath/ath9k/common.c:46 ath9k_cmn_rx_accept()\nerror: passing untrusted data 'rx_stats->rs_keyix' to 'test_bit()'", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-49503" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/0bcb528402cd5e1a6e1833e956fd58a12d509e8e", "url": "https://git.kernel.org/stable/c/0bcb528402cd5e1a6e1833e956fd58a12d509e8e" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/2326d398ccd41ba6d93b8346532dfa432ab00fee", "url": "https://git.kernel.org/stable/c/2326d398ccd41ba6d93b8346532dfa432ab00fee" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/2dc509305cf956381532792cb8dceef2b1504765", "url": "https://git.kernel.org/stable/c/2dc509305cf956381532792cb8dceef2b1504765" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/3dad3fed5672828c7fb0465cb66a3d9a70952fa6", "url": "https://git.kernel.org/stable/c/3dad3fed5672828c7fb0465cb66a3d9a70952fa6" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/461e4c1f199076275f16bf6f3d3e42c6b6c79f33", "url": "https://git.kernel.org/stable/c/461e4c1f199076275f16bf6f3d3e42c6b6c79f33" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/4bdcf32c965c27f55ccc4ee71c1927131115b0bb", "url": "https://git.kernel.org/stable/c/4bdcf32c965c27f55ccc4ee71c1927131115b0bb" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/7f6defe0fabc79f29603c6fa3c80e4fe0456a3e9", "url": "https://git.kernel.org/stable/c/7f6defe0fabc79f29603c6fa3c80e4fe0456a3e9" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a048e0c3caa852397b7b50d4c82a0415c05f7ac3", "url": "https://git.kernel.org/stable/c/a048e0c3caa852397b7b50d4c82a0415c05f7ac3" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/eda518db7db16c360bc84379d90675650daa3048", "url": "https://git.kernel.org/stable/c/eda518db7db16c360bc84379d90675650daa3048" } ], "release_date": "2025-02-26T07:01:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2022-50422", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: libsas: Fix use-after-free bug in smp_execute_task_sg()\n\nWhen executing SMP task failed, the smp_execute_task_sg() calls del_timer()\nto delete \"slow_task->timer\". However, if the timer handler\nsas_task_internal_timedout() is running, the del_timer() in\nsmp_execute_task_sg() will not stop it and a UAF will happen. The process\nis shown below:\n\n (thread 1) | (thread 2)\nsmp_execute_task_sg() | sas_task_internal_timedout()\n ... |\n del_timer() |\n ... | ...\n sas_free_task(task) |\n kfree(task->slow_task) //FREE|\n | task->slow_task->... //USE\n\nFix by calling del_timer_sync() in smp_execute_task_sg(), which makes sure\nthe timer handler have finished before the \"task->slow_task\" is\ndeallocated.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-50422" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/117331a2a5227fb4369c2a1f321d3e3e2e2ef8fe", "url": "https://git.kernel.org/stable/c/117331a2a5227fb4369c2a1f321d3e3e2e2ef8fe" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/2e12ce270f0d926085c1209cc90397e307deef97", "url": "https://git.kernel.org/stable/c/2e12ce270f0d926085c1209cc90397e307deef97" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/46ba53c30666717cb06c2b3c5d896301cd00d0c0", "url": "https://git.kernel.org/stable/c/46ba53c30666717cb06c2b3c5d896301cd00d0c0" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a9e5176ead6de64f572ad5c87a72825d9d3c82ae", "url": "https://git.kernel.org/stable/c/a9e5176ead6de64f572ad5c87a72825d9d3c82ae" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/e45a1516d2933703a4823d9db71e17c3abeba24f", "url": "https://git.kernel.org/stable/c/e45a1516d2933703a4823d9db71e17c3abeba24f" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/f7a785177611ffc97d645fcbc196e6de6ad2421d", "url": "https://git.kernel.org/stable/c/f7a785177611ffc97d645fcbc196e6de6ad2421d" } ], "release_date": "2025-10-01T12:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2023-53587", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nring-buffer: Sync IRQ works before buffer destruction\n\nIf something was written to the buffer just before destruction,\nit may be possible (maybe not in a real system, but it did\nhappen in ARCH=um with time-travel) to destroy the ringbuffer\nbefore the IRQ work ran, leading this KASAN report (or a crash\nwithout KASAN):\n\n BUG: KASAN: slab-use-after-free in irq_work_run_list+0x11a/0x13a\n Read of size 8 at addr 000000006d640a48 by task swapper/0\n\n CPU: 0 PID: 0 Comm: swapper Tainted: G W O 6.3.0-rc1 #7\n Stack:\n 60c4f20f 0c203d48 41b58ab3 60f224fc\n 600477fa 60f35687 60c4f20f 601273dd\n 00000008 6101eb00 6101eab0 615be548\n Call Trace:\n [<60047a58>] show_stack+0x25e/0x282\n [<60c609e0>] dump_stack_lvl+0x96/0xfd\n [<60c50d4c>] print_report+0x1a7/0x5a8\n [<603078d3>] kasan_report+0xc1/0xe9\n [<60308950>] __asan_report_load8_noabort+0x1b/0x1d\n [<60232844>] irq_work_run_list+0x11a/0x13a\n [<602328b4>] irq_work_tick+0x24/0x34\n [<6017f9dc>] update_process_times+0x162/0x196\n [<6019f335>] tick_sched_handle+0x1a4/0x1c3\n [<6019fd9e>] tick_sched_timer+0x79/0x10c\n [<601812b9>] __hrtimer_run_queues.constprop.0+0x425/0x695\n [<60182913>] hrtimer_interrupt+0x16c/0x2c4\n [<600486a3>] um_timer+0x164/0x183\n [...]\n\n Allocated by task 411:\n save_stack_trace+0x99/0xb5\n stack_trace_save+0x81/0x9b\n kasan_save_stack+0x2d/0x54\n kasan_set_track+0x34/0x3e\n kasan_save_alloc_info+0x25/0x28\n ____kasan_kmalloc+0x8b/0x97\n __kasan_kmalloc+0x10/0x12\n __kmalloc+0xb2/0xe8\n load_elf_phdrs+0xee/0x182\n [...]\n\n The buggy address belongs to the object at 000000006d640800\n which belongs to the cache kmalloc-1k of size 1024\n The buggy address is located 584 bytes inside of\n freed 1024-byte region [000000006d640800, 000000006d640c00)\n\nAdd the appropriate irq_work_sync() so the work finishes before\nthe buffers are destroyed.\n\nPrior to the commit in the Fixes tag below, there was only a\nsingle global IRQ work, so this issue didn't exist.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2023-53587" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/0a65165bd24ee9231191597b7c232376fcd70cdb", "url": "https://git.kernel.org/stable/c/0a65165bd24ee9231191597b7c232376fcd70cdb" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/1c99f65d6af2a454bfd5207b4f6a97c8474a1191", "url": "https://git.kernel.org/stable/c/1c99f65d6af2a454bfd5207b4f6a97c8474a1191" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/2399b1fda025e939b6fb1ac94505bcf718534e65", "url": "https://git.kernel.org/stable/c/2399b1fda025e939b6fb1ac94505bcf718534e65" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/2702b67f59d455072a08dc40312f9b090d4dec04", "url": "https://git.kernel.org/stable/c/2702b67f59d455072a08dc40312f9b090d4dec04" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/372c5ee537b8366b64b691ba29e9335525e1655e", "url": "https://git.kernel.org/stable/c/372c5ee537b8366b64b691ba29e9335525e1655e" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/675751bb20634f981498c7d66161584080cc061e", "url": "https://git.kernel.org/stable/c/675751bb20634f981498c7d66161584080cc061e" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c63741e872fcfb10e153517750f7908f0c00f60d", "url": "https://git.kernel.org/stable/c/c63741e872fcfb10e153517750f7908f0c00f60d" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/d9834abd8b24d1fe8092859e436fe1e0fd467c61", "url": "https://git.kernel.org/stable/c/d9834abd8b24d1fe8092859e436fe1e0fd467c61" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/fc6858b7f8e1221f62ce8c6ff8a13a349c32cd76", "url": "https://git.kernel.org/stable/c/fc6858b7f8e1221f62ce8c6ff8a13a349c32cd76" } ], "release_date": "2025-10-04T16:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2022-49763", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nntfs: fix use-after-free in ntfs_attr_find()\n\nPatch series \"ntfs: fix bugs about Attribute\", v2.\n\nThis patchset fixes three bugs relative to Attribute in record:\n\nPatch 1 adds a sanity check to ensure that, attrs_offset field in first\nmft record loading from disk is within bounds.\n\nPatch 2 moves the ATTR_RECORD's bounds checking earlier, to avoid\ndereferencing ATTR_RECORD before checking this ATTR_RECORD is within\nbounds.\n\nPatch 3 adds an overflow checking to avoid possible forever loop in\nntfs_attr_find().\n\nWithout patch 1 and patch 2, the kernel triggersa KASAN use-after-free\ndetection as reported by Syzkaller.\n\nAlthough one of patch 1 or patch 2 can fix this, we still need both of\nthem. Because patch 1 fixes the root cause, and patch 2 not only fixes\nthe direct cause, but also fixes the potential out-of-bounds bug.\n\n\nThis patch (of 3):\n\nSyzkaller reported use-after-free read as follows:\n==================================================================\nBUG: KASAN: use-after-free in ntfs_attr_find+0xc02/0xce0 fs/ntfs/attrib.c:597\nRead of size 2 at addr ffff88807e352009 by task syz-executor153/3607\n\n[...]\nCall Trace:\n \n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0xcd/0x134 lib/dump_stack.c:106\n print_address_description mm/kasan/report.c:317 [inline]\n print_report.cold+0x2ba/0x719 mm/kasan/report.c:433\n kasan_report+0xb1/0x1e0 mm/kasan/report.c:495\n ntfs_attr_find+0xc02/0xce0 fs/ntfs/attrib.c:597\n ntfs_attr_lookup+0x1056/0x2070 fs/ntfs/attrib.c:1193\n ntfs_read_inode_mount+0x89a/0x2580 fs/ntfs/inode.c:1845\n ntfs_fill_super+0x1799/0x9320 fs/ntfs/super.c:2854\n mount_bdev+0x34d/0x410 fs/super.c:1400\n legacy_get_tree+0x105/0x220 fs/fs_context.c:610\n vfs_get_tree+0x89/0x2f0 fs/super.c:1530\n do_new_mount fs/namespace.c:3040 [inline]\n path_mount+0x1326/0x1e20 fs/namespace.c:3370\n do_mount fs/namespace.c:3383 [inline]\n __do_sys_mount fs/namespace.c:3591 [inline]\n __se_sys_mount fs/namespace.c:3568 [inline]\n __x64_sys_mount+0x27f/0x300 fs/namespace.c:3568\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n [...]\n \n\nThe buggy address belongs to the physical page:\npage:ffffea0001f8d400 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7e350\nhead:ffffea0001f8d400 order:3 compound_mapcount:0 compound_pincount:0\nflags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff)\nraw: 00fff00000010200 0000000000000000 dead000000000122 ffff888011842140\nraw: 0000000000000000 0000000000040004 00000001ffffffff 0000000000000000\npage dumped because: kasan: bad access detected\nMemory state around the buggy address:\n ffff88807e351f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc\n ffff88807e351f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc\n>ffff88807e352000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n ^\n ffff88807e352080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n ffff88807e352100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n==================================================================\n\nKernel will loads $MFT/$DATA's first mft record in\nntfs_read_inode_mount().\n\nYet the problem is that after loading, kernel doesn't check whether\nattrs_offset field is a valid value.\n\nTo be more specific, if attrs_offset field is larger than bytes_allocated\nfield, then it may trigger the out-of-bounds read bug(reported as\nuse-after-free bug) in ntfs_attr_find(), when kernel tries to access the\ncorresponding mft record's attribute.\n\nThis patch solves it by adding the sanity check between attrs_offset field\nand bytes_allocated field, after loading the first mft record.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-49763" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/266bd5306286316758e6246ea0345133427b0f62", "url": "https://git.kernel.org/stable/c/266bd5306286316758e6246ea0345133427b0f62" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/4863f815463034f588a035cfd99cdca97a4f1069", "url": "https://git.kernel.org/stable/c/4863f815463034f588a035cfd99cdca97a4f1069" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/5330c423b86263ac7883fef0260b9e2229cb531e", "url": "https://git.kernel.org/stable/c/5330c423b86263ac7883fef0260b9e2229cb531e" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/79f3ac7dcd12c05b7539239a4c6fa229a50d786c", "url": "https://git.kernel.org/stable/c/79f3ac7dcd12c05b7539239a4c6fa229a50d786c" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/b825bfbbaafbe8da2037e3a778ad660c59f9e054", "url": "https://git.kernel.org/stable/c/b825bfbbaafbe8da2037e3a778ad660c59f9e054" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/d0006d739738a658a9c29b438444259d9f71dfa0", "url": "https://git.kernel.org/stable/c/d0006d739738a658a9c29b438444259d9f71dfa0" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/d85a1bec8e8d552ab13163ca1874dcd82f3d1550", "url": "https://git.kernel.org/stable/c/d85a1bec8e8d552ab13163ca1874dcd82f3d1550" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/fb2004bafd1932e08d21ca604ee5844f2b7f212d", "url": "https://git.kernel.org/stable/c/fb2004bafd1932e08d21ca604ee5844f2b7f212d" } ], "release_date": "2025-05-01T15:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2023-53395", "cwe": { "id": "CWE-129", "name": "Improper Validation of Array Index" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nACPICA: Add AML_NO_OPERAND_RESOLVE flag to Timer\n\nACPICA commit 90310989a0790032f5a0140741ff09b545af4bc5\n\nAccording to the ACPI specification 19.6.134, no argument is required to be passed for ASL Timer instruction. For taking care of no argument, AML_NO_OPERAND_RESOLVE flag is added to ASL Timer instruction opcode.\n\nWhen ASL timer instruction interpreted by ACPI interpreter, getting error. After adding AML_NO_OPERAND_RESOLVE flag to ASL Timer instruction opcode, issue is not observed.\n\n=============================================================\nUBSAN: array-index-out-of-bounds in acpica/dswexec.c:401:12 index -1 is out of range for type 'union acpi_operand_object *[9]'\nCPU: 37 PID: 1678 Comm: cat Not tainted\n6.0.0-dev-th500-6.0.y-1+bcf8c46459e407-generic-64k\nHW name: NVIDIA BIOS v1.1.1-d7acbfc-dirty 12/19/2022 Call trace:\n dump_backtrace+0xe0/0x130\n show_stack+0x20/0x60\n dump_stack_lvl+0x68/0x84\n dump_stack+0x18/0x34\n ubsan_epilogue+0x10/0x50\n __ubsan_handle_out_of_bounds+0x80/0x90\n acpi_ds_exec_end_op+0x1bc/0x6d8\n acpi_ps_parse_loop+0x57c/0x618\n acpi_ps_parse_aml+0x1e0/0x4b4\n acpi_ps_execute_method+0x24c/0x2b8\n acpi_ns_evaluate+0x3a8/0x4bc\n acpi_evaluate_object+0x15c/0x37c\n acpi_evaluate_integer+0x54/0x15c\n show_power+0x8c/0x12c [acpi_power_meter]", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2023-53395" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/23c67fa615c52712bfa02a6dfadbd4656c87c066", "url": "https://git.kernel.org/stable/c/23c67fa615c52712bfa02a6dfadbd4656c87c066" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/2f2a5905303ae230b5159fcd8cdcd5b3e7ad5e2d", "url": "https://git.kernel.org/stable/c/2f2a5905303ae230b5159fcd8cdcd5b3e7ad5e2d" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/3a21ffdbc825e0919db9da0e27ee5ff2cc8a863e", "url": "https://git.kernel.org/stable/c/3a21ffdbc825e0919db9da0e27ee5ff2cc8a863e" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/3bf4463e40a17a23f2f261dfd7fe23129bdd04a4", "url": "https://git.kernel.org/stable/c/3bf4463e40a17a23f2f261dfd7fe23129bdd04a4" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/430787056dd3c591eb553d5c3b2717efcf307d4e", "url": "https://git.kernel.org/stable/c/430787056dd3c591eb553d5c3b2717efcf307d4e" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/625c12dc04a607b79f180ef3ee5a12bf2e3324c0", "url": "https://git.kernel.org/stable/c/625c12dc04a607b79f180ef3ee5a12bf2e3324c0" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/b102113469487b460e9e77fe9e00d49c50fe8c86", "url": "https://git.kernel.org/stable/c/b102113469487b460e9e77fe9e00d49c50fe8c86" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/e1f686930ee4b059c7baa3c3904b2401829f2589", "url": "https://git.kernel.org/stable/c/e1f686930ee4b059c7baa3c3904b2401829f2589" } ], "release_date": "2025-09-18T14:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2022-50394", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: ismt: Fix an out-of-bounds bug in ismt_access()\n\nWhen the driver does not check the data from the user, the variable\n'data->block[0]' may be very large to cause an out-of-bounds bug.\n\nThe following log can reveal it:\n\n[ 33.995542] i2c i2c-1: ioctl, cmd=0x720, arg=0x7ffcb3dc3a20\n[ 33.995978] ismt_smbus 0000:00:05.0: I2C_SMBUS_BLOCK_DATA: WRITE\n[ 33.996475] ==================================================================\n[ 33.996995] BUG: KASAN: out-of-bounds in ismt_access.cold+0x374/0x214b\n[ 33.997473] Read of size 18446744073709551615 at addr ffff88810efcfdb1 by task ismt_poc/485\n[ 33.999450] Call Trace:\n[ 34.001849] memcpy+0x20/0x60\n[ 34.002077] ismt_access.cold+0x374/0x214b\n[ 34.003382] __i2c_smbus_xfer+0x44f/0xfb0\n[ 34.004007] i2c_smbus_xfer+0x10a/0x390\n[ 34.004291] i2cdev_ioctl_smbus+0x2c8/0x710\n[ 34.005196] i2cdev_ioctl+0x5ec/0x74c\n\nFix this bug by checking the size of 'data->block[0]' first.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-50394" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/03b7ef7a6c5ca1ff553470166b4919db88b810f6", "url": "https://git.kernel.org/stable/c/03b7ef7a6c5ca1ff553470166b4919db88b810f6" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/233348a04becf133283f0076e20b317302de21d9", "url": "https://git.kernel.org/stable/c/233348a04becf133283f0076e20b317302de21d9" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/39244cc754829bf707dccd12e2ce37510f5b1f8d", "url": "https://git.kernel.org/stable/c/39244cc754829bf707dccd12e2ce37510f5b1f8d" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/4a7bb1d93addb2f67e36fed00a53cb7f270d7b7a", "url": "https://git.kernel.org/stable/c/4a7bb1d93addb2f67e36fed00a53cb7f270d7b7a" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/96c12fd0ec74641295e1c3c34dea3dce1b6c3422", "url": "https://git.kernel.org/stable/c/96c12fd0ec74641295e1c3c34dea3dce1b6c3422" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/9ac541a0898e8ec187a3fa7024b9701cffae6bf2", "url": "https://git.kernel.org/stable/c/9ac541a0898e8ec187a3fa7024b9701cffae6bf2" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a642469d464b2780a25a49b51ae56623c65eac34", "url": "https://git.kernel.org/stable/c/a642469d464b2780a25a49b51ae56623c65eac34" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/bfe41d966c860a8ad4c735639d616da270c92735", "url": "https://git.kernel.org/stable/c/bfe41d966c860a8ad4c735639d616da270c92735" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/cdcbae2c5003747ddfd14e29db9c1d5d7e7c44dd", "url": "https://git.kernel.org/stable/c/cdcbae2c5003747ddfd14e29db9c1d5d7e7c44dd" } ], "release_date": "2025-09-18T14:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2023-53311", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix use-after-free of nilfs_root in dirtying inodes via iput\n\nDuring unmount process of nilfs2, nothing holds nilfs_root structure after\nnilfs2 detaches its writer in nilfs_detach_log_writer(). Previously,\nnilfs_evict_inode() could cause use-after-free read for nilfs_root if\ninodes are left in \"garbage_list\" and released by nilfs_dispose_list at\nthe end of nilfs_detach_log_writer(), and this bug was fixed by commit\n9b5a04ac3ad9 (\"nilfs2: fix use-after-free bug of nilfs_root in\nnilfs_evict_inode()\").\n\nHowever, it turned out that there is another possibility of UAF in the\ncall path where mark_inode_dirty_sync() is called from iput():\n\nnilfs_detach_log_writer()\n nilfs_dispose_list()\n iput()\n mark_inode_dirty_sync()\n __mark_inode_dirty()\n nilfs_dirty_inode()\n __nilfs_mark_inode_dirty()\n nilfs_load_inode_block() --> causes UAF of nilfs_root struct\n\nThis can happen after commit 0ae45f63d4ef (\"vfs: add support for a\nlazytime mount option\"), which changed iput() to call\nmark_inode_dirty_sync() on its final reference if i_state has I_DIRTY_TIME\nflag and i_nlink is non-zero.\n\nThis issue appears after commit 28a65b49eb53 (\"nilfs2: do not write dirty\ndata after degenerating to read-only\") when using the syzbot reproducer,\nbut the issue has potentially existed before.\n\nFix this issue by adding a \"purging flag\" to the nilfs structure, setting\nthat flag while disposing the \"garbage_list\" and checking it in\n__nilfs_mark_inode_dirty().\n\nUnlike commit 9b5a04ac3ad9 (\"nilfs2: fix use-after-free bug of nilfs_root\nin nilfs_evict_inode()\"), this patch does not rely on ns_writer to\ndetermine whether to skip operations, so as not to break recovery on\nmount. The nilfs_salvage_orphan_logs routine dirties the buffer of\nsalvaged data before attaching the log writer, so changing\n__nilfs_mark_inode_dirty() to skip the operation when ns_writer is NULL\nwill cause recovery write to fail. The purpose of using the cleanup-only\nflag is to allow for narrowing of such conditions.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2023-53311" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/11afd67f1b3c28eb216e50a3ca8dbcb69bb71793", "url": "https://git.kernel.org/stable/c/11afd67f1b3c28eb216e50a3ca8dbcb69bb71793" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/3645510cf926e6af2f4d44899370d7e5331c93bd", "url": "https://git.kernel.org/stable/c/3645510cf926e6af2f4d44899370d7e5331c93bd" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/37207240872456fbab44a110bde6640445233963", "url": "https://git.kernel.org/stable/c/37207240872456fbab44a110bde6640445233963" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/5828d5f5dc877dcfdd7b23102e978e2ecfd86d82", "url": "https://git.kernel.org/stable/c/5828d5f5dc877dcfdd7b23102e978e2ecfd86d82" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/7532ff6edbf5242376b24a95a2fefb59bb653e5a", "url": "https://git.kernel.org/stable/c/7532ff6edbf5242376b24a95a2fefb59bb653e5a" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a3c3b4cbf9b8554120fb230e6516e980c6277487", "url": "https://git.kernel.org/stable/c/a3c3b4cbf9b8554120fb230e6516e980c6277487" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/d2c539c216cce74837a9cf5804eb205939b82227", "url": "https://git.kernel.org/stable/c/d2c539c216cce74837a9cf5804eb205939b82227" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/f8654743a0e6909dc634cbfad6db6816f10f3399", "url": "https://git.kernel.org/stable/c/f8654743a0e6909dc634cbfad6db6816f10f3399" } ], "release_date": "2025-09-16T17:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2023-53675", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ses: Fix possible desc_ptr out-of-bounds accesses\n\nSanitize possible desc_ptr out-of-bounds accesses in\nses_enclosure_data_process().", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2023-53675" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/414418abc19fa4ccf730d273061a426c07a061d6", "url": "https://git.kernel.org/stable/c/414418abc19fa4ccf730d273061a426c07a061d6" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/4b8cae410472653a59e15af62c57c49b8e0a1201", "url": "https://git.kernel.org/stable/c/4b8cae410472653a59e15af62c57c49b8e0a1201" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/584892fd29a41ef424a148118a3103b16b94fb8c", "url": "https://git.kernel.org/stable/c/584892fd29a41ef424a148118a3103b16b94fb8c" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/72021ae61a2bc6ca73cd593e255a10ed5f5dc5e7", "url": "https://git.kernel.org/stable/c/72021ae61a2bc6ca73cd593e255a10ed5f5dc5e7" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/79ec5dd5fb07ecaea2f978c2d7a9f2f3526e4d19", "url": "https://git.kernel.org/stable/c/79ec5dd5fb07ecaea2f978c2d7a9f2f3526e4d19" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/801ab13d50cf3d26170ee073ea8bb4eececb76ab", "url": "https://git.kernel.org/stable/c/801ab13d50cf3d26170ee073ea8bb4eececb76ab" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c315560e3ef77c1d822249f1743e647dc9c9912a", "url": "https://git.kernel.org/stable/c/c315560e3ef77c1d822249f1743e647dc9c9912a" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/cffe09ca0555e235a42d6fa065e463c4b3d5b657", "url": "https://git.kernel.org/stable/c/cffe09ca0555e235a42d6fa065e463c4b3d5b657" } ], "release_date": "2025-10-07T16:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2023-53676", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show()\n\nThe function lio_target_nacl_info_show() uses sprintf() in a loop to print\ndetails for every iSCSI connection in a session without checking for the\nbuffer length. With enough iSCSI connections it's possible to overflow the\nbuffer provided by configfs and corrupt the memory.\n\nThis patch replaces sprintf() with sysfs_emit_at() that checks for buffer\nboundries.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2023-53676" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/0cac6cbb9908309352a5d30c1876882771d3da50", "url": "https://git.kernel.org/stable/c/0cac6cbb9908309352a5d30c1876882771d3da50" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/114b44dddea1f8f99576de3c0e6e9059012002fc", "url": "https://git.kernel.org/stable/c/114b44dddea1f8f99576de3c0e6e9059012002fc" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/2cbe6a88fbdd6e8aeab358eef61472e2de43d6f6", "url": "https://git.kernel.org/stable/c/2cbe6a88fbdd6e8aeab358eef61472e2de43d6f6" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/4738bf8b2d3635c2944b81b2a84d97b8c8b0978d", "url": "https://git.kernel.org/stable/c/4738bf8b2d3635c2944b81b2a84d97b8c8b0978d" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/5353df78c22623b42a71d51226d228a8413097e2", "url": "https://git.kernel.org/stable/c/5353df78c22623b42a71d51226d228a8413097e2" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/801f287c93ff95582b0a2d2163f12870a2f076d4", "url": "https://git.kernel.org/stable/c/801f287c93ff95582b0a2d2163f12870a2f076d4" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/bbe3ff47bf09db8956bc2eeb49d2d514d256ad2a", "url": "https://git.kernel.org/stable/c/bbe3ff47bf09db8956bc2eeb49d2d514d256ad2a" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/df349e84c2cb0dd05d98c8e1189c26ab4b116083", "url": "https://git.kernel.org/stable/c/df349e84c2cb0dd05d98c8e1189c26ab4b116083" } ], "release_date": "2025-10-07T16:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2022-50101", "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvideo: fbdev: vt8623fb: Check the size of screen before memset_io()\n\nIn the function vt8623fb_set_par(), the value of 'screen_size' is\ncalculated by the user input. If the user provides the improper value,\nthe value of 'screen_size' may larger than 'info->screen_size', which\nmay cause the following bug:\n\n[ 583.339036] BUG: unable to handle page fault for address: ffffc90005000000\n[ 583.339049] #PF: supervisor write access in kernel mode\n[ 583.339052] #PF: error_code(0x0002) - not-present page\n[ 583.339074] RIP: 0010:memset_orig+0x33/0xb0\n[ 583.339110] Call Trace:\n[ 583.339118] vt8623fb_set_par+0x11cd/0x21e0\n[ 583.339146] fb_set_var+0x604/0xeb0\n[ 583.339181] do_fb_ioctl+0x234/0x670\n[ 583.339209] fb_ioctl+0xdd/0x130\n\nFix the this by checking the value of 'screen_size' before memset_io().", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-50101" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/4a3cef1eaced13ba9b55381d46bfad937a3dac2c", "url": "https://git.kernel.org/stable/c/4a3cef1eaced13ba9b55381d46bfad937a3dac2c" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/52ad9bfeb8a0e62de30de6d39e8a49a72dd78150", "url": "https://git.kernel.org/stable/c/52ad9bfeb8a0e62de30de6d39e8a49a72dd78150" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/73280a184aa2e1a625ce54ce761042955cc79cd0", "url": "https://git.kernel.org/stable/c/73280a184aa2e1a625ce54ce761042955cc79cd0" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/b17caec5127bba6f90af92bcc85871df54548ac0", "url": "https://git.kernel.org/stable/c/b17caec5127bba6f90af92bcc85871df54548ac0" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/bd8269e57621e5b38cc0b4bd2fa02e85c9f2a441", "url": "https://git.kernel.org/stable/c/bd8269e57621e5b38cc0b4bd2fa02e85c9f2a441" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c7a3f41e4b133d4dd25bc996b69039b19a34d69d", "url": "https://git.kernel.org/stable/c/c7a3f41e4b133d4dd25bc996b69039b19a34d69d" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/d71528ccdc7ae8d7500d414091d27805c51407a2", "url": "https://git.kernel.org/stable/c/d71528ccdc7ae8d7500d414091d27805c51407a2" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/ec0754c60217248fa77cc9005d66b2b55200ac06", "url": "https://git.kernel.org/stable/c/ec0754c60217248fa77cc9005d66b2b55200ac06" } ], "release_date": "2025-06-18T11:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2023-53668", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nring-buffer: Fix deadloop issue on reading trace_pipe\n\nSoft lockup occurs when reading file 'trace_pipe':\n\n watchdog: BUG: soft lockup - CPU#6 stuck for 22s! [cat:4488]\n [...]\n RIP: 0010:ring_buffer_empty_cpu+0xed/0x170\n RSP: 0018:ffff88810dd6fc48 EFLAGS: 00000246\n RAX: 0000000000000000 RBX: 0000000000000246 RCX: ffffffff93d1aaeb\n RDX: ffff88810a280040 RSI: 0000000000000008 RDI: ffff88811164b218\n RBP: ffff88811164b218 R08: 0000000000000000 R09: ffff88815156600f\n R10: ffffed102a2acc01 R11: 0000000000000001 R12: 0000000051651901\n R13: 0000000000000000 R14: ffff888115e49500 R15: 0000000000000000\n [...]\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f8d853c2000 CR3: 000000010dcd8000 CR4: 00000000000006e0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n __find_next_entry+0x1a8/0x4b0\n ? peek_next_entry+0x250/0x250\n ? down_write+0xa5/0x120\n ? down_write_killable+0x130/0x130\n trace_find_next_entry_inc+0x3b/0x1d0\n tracing_read_pipe+0x423/0xae0\n ? tracing_splice_read_pipe+0xcb0/0xcb0\n vfs_read+0x16b/0x490\n ksys_read+0x105/0x210\n ? __ia32_sys_pwrite64+0x200/0x200\n ? switch_fpu_return+0x108/0x220\n do_syscall_64+0x33/0x40\n entry_SYSCALL_64_after_hwframe+0x61/0xc6\n\nThrough the vmcore, I found it's because in tracing_read_pipe(),\nring_buffer_empty_cpu() found some buffer is not empty but then it\ncannot read anything due to \"rb_num_of_entries() == 0\" always true,\nThen it infinitely loop the procedure due to user buffer not been\nfilled, see following code path:\n\n tracing_read_pipe() {\n ... ...\n waitagain:\n tracing_wait_pipe() // 1. find non-empty buffer here\n trace_find_next_entry_inc() // 2. loop here try to find an entry\n __find_next_entry()\n ring_buffer_empty_cpu(); // 3. find non-empty buffer\n peek_next_entry() // 4. but peek always return NULL\n ring_buffer_peek()\n rb_buffer_peek()\n rb_get_reader_page()\n // 5. because rb_num_of_entries() == 0 always true here\n // then return NULL\n // 6. user buffer not been filled so goto 'waitgain'\n // and eventually leads to an deadloop in kernel!!!\n }\n\nBy some analyzing, I found that when resetting ringbuffer, the 'entries'\nof its pages are not all cleared (see rb_reset_cpu()). Then when reducing\nthe ringbuffer, and if some reduced pages exist dirty 'entries' data, they\nwill be added into 'cpu_buffer->overrun' (see rb_remove_pages()), which\ncause wrong 'overrun' count and eventually cause the deadloop issue.\n\nTo fix it, we need to clear every pages in rb_reset_cpu().", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2023-53668" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/0a29dae5786d263016a9aceb1e56bf3fd4cc6fa0", "url": "https://git.kernel.org/stable/c/0a29dae5786d263016a9aceb1e56bf3fd4cc6fa0" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/27bdd93e44cc28dd9b94893fae146b83d4f5b31e", "url": "https://git.kernel.org/stable/c/27bdd93e44cc28dd9b94893fae146b83d4f5b31e" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/5e68f1f3a20fe9b6bde018e353269fbfa289609c", "url": "https://git.kernel.org/stable/c/5e68f1f3a20fe9b6bde018e353269fbfa289609c" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/7e42907f3a7b4ce3a2d1757f6d78336984daf8f5", "url": "https://git.kernel.org/stable/c/7e42907f3a7b4ce3a2d1757f6d78336984daf8f5" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/8b0b63fdac6b70a45614e7d4b30e5bbb93deb007", "url": "https://git.kernel.org/stable/c/8b0b63fdac6b70a45614e7d4b30e5bbb93deb007" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a55e8a3596048c2f7b574049aeb1885b5abba1cc", "url": "https://git.kernel.org/stable/c/a55e8a3596048c2f7b574049aeb1885b5abba1cc" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/bb14a93bccc92766b1d9302c6bcbea17d4bce306", "url": "https://git.kernel.org/stable/c/bb14a93bccc92766b1d9302c6bcbea17d4bce306" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/e84829522fc72bb43556b31575731de0440ac0dd", "url": "https://git.kernel.org/stable/c/e84829522fc72bb43556b31575731de0440ac0dd" } ], "release_date": "2025-10-07T16:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2023-53259", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nVMCI: check context->notify_page after call to get_user_pages_fast() to avoid GPF\n\nThe call to get_user_pages_fast() in vmci_host_setup_notify() can return\nNULL context->notify_page causing a GPF. To avoid GPF check if\ncontext->notify_page == NULL and return error if so.\n\ngeneral protection fault, probably for non-canonical address\n 0xe0009d1000000060: 0000 [#1] PREEMPT SMP KASAN NOPTI\nKASAN: maybe wild-memory-access in range [0x0005088000000300-\n 0x0005088000000307]\nCPU: 2 PID: 26180 Comm: repro_34802241 Not tainted 6.1.0-rc4 #1\nHardware name: Red Hat KVM, BIOS 1.15.0-2.module+el8.6.0 04/01/2014\nRIP: 0010:vmci_ctx_check_signal_notify+0x91/0xe0\nCall Trace:\n \n vmci_host_unlocked_ioctl+0x362/0x1f40\n __x64_sys_ioctl+0x1a1/0x230\n do_syscall_64+0x3a/0x90\n entry_SYSCALL_64_after_hwframe+0x63/0xcd", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2023-53259" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/055891397f530f9b1b22be38d7eca8b08382941f", "url": "https://git.kernel.org/stable/c/055891397f530f9b1b22be38d7eca8b08382941f" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/1a726cb47fd204109c767409fa9ca15a96328f14", "url": "https://git.kernel.org/stable/c/1a726cb47fd204109c767409fa9ca15a96328f14" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/91b8e4f61f8f4594ee65368c8d89e6fdc29d3fb1", "url": "https://git.kernel.org/stable/c/91b8e4f61f8f4594ee65368c8d89e6fdc29d3fb1" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a3c89e8c69a58f62451c0a75b77fcab25979b897", "url": "https://git.kernel.org/stable/c/a3c89e8c69a58f62451c0a75b77fcab25979b897" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/b4239bfb260d1e6837766c41a0b241d7670f1402", "url": "https://git.kernel.org/stable/c/b4239bfb260d1e6837766c41a0b241d7670f1402" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/d4198f67e7556b1507f14f60d81a72660e5560e4", "url": "https://git.kernel.org/stable/c/d4198f67e7556b1507f14f60d81a72660e5560e4" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html" } ], "release_date": "2025-09-15T15:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2023-53305", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: L2CAP: Fix use-after-free\n\nFix potential use-after-free in l2cap_le_command_rej.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2023-53305" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/149daab45922ab1ac7f0cbeacab7251a46bf5e63", "url": "https://git.kernel.org/stable/c/149daab45922ab1ac7f0cbeacab7251a46bf5e63" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/1a40c56e8bff3e424724d78a9a6b3272dd8a371d", "url": "https://git.kernel.org/stable/c/1a40c56e8bff3e424724d78a9a6b3272dd8a371d" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/255be68150291440657b2cdb09420b69441af3d8", "url": "https://git.kernel.org/stable/c/255be68150291440657b2cdb09420b69441af3d8" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/2958cf9f805b9f0bdc4a761bf6ea281eb8d44f8e", "url": "https://git.kernel.org/stable/c/2958cf9f805b9f0bdc4a761bf6ea281eb8d44f8e" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/548a6b64b3c0688f01119a6fcccceb41f8c984e4", "url": "https://git.kernel.org/stable/c/548a6b64b3c0688f01119a6fcccceb41f8c984e4" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/e76bab1b7afa580cd76362540fc37551ada4359b", "url": "https://git.kernel.org/stable/c/e76bab1b7afa580cd76362540fc37551ada4359b" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/f752a0b334bb95fe9b42ecb511e0864e2768046f", "url": "https://git.kernel.org/stable/c/f752a0b334bb95fe9b42ecb511e0864e2768046f" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/fe49aa73cca6608714477b74bfc6874b9db979df", "url": "https://git.kernel.org/stable/c/fe49aa73cca6608714477b74bfc6874b9db979df" } ], "release_date": "2025-09-16T17:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-38250", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: hci_core: Fix use-after-free in vhci_flush()\n\nsyzbot reported use-after-free in vhci_flush() without repro. [0]\n\nFrom the splat, a thread close()d a vhci file descriptor while\nits device was being used by iotcl() on another thread.\n\nOnce the last fd refcnt is released, vhci_release() calls\nhci_unregister_dev(), hci_free_dev(), and kfree() for struct\nvhci_data, which is set to hci_dev->dev->driver_data.\n\nThe problem is that there is no synchronisation after unlinking\nhdev from hci_dev_list in hci_unregister_dev(). There might be\nanother thread still accessing the hdev which was fetched before\nthe unlink operation.\n\nWe can use SRCU for such synchronisation.\n\nLet's run hci_dev_reset() under SRCU and wait for its completion\nin hci_unregister_dev().\n\nAnother option would be to restore hci_dev->destruct(), which was\nremoved in commit 587ae086f6e4 (\"Bluetooth: Remove unused\nhci-destruct cb\"). However, this would not be a good solution, as\nwe should not run hci_unregister_dev() while there are in-flight\nioctl() requests, which could lead to another data-race KCSAN splat.\n\nNote that other drivers seem to have the same problem, for exmaple,\nvirtbt_remove().\n\n[0]:\nBUG: KASAN: slab-use-after-free in skb_queue_empty_lockless include/linux/skbuff.h:1891 [inline]\nBUG: KASAN: slab-use-after-free in skb_queue_purge_reason+0x99/0x360 net/core/skbuff.c:3937\nRead of size 8 at addr ffff88807cb8d858 by task syz.1.219/6718\n\nCPU: 1 UID: 0 PID: 6718 Comm: syz.1.219 Not tainted 6.16.0-rc1-syzkaller-00196-g08207f42d3ff #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025\nCall Trace:\n \n dump_stack_lvl+0x189/0x250 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:408 [inline]\n print_report+0xd2/0x2b0 mm/kasan/report.c:521\n kasan_report+0x118/0x150 mm/kasan/report.c:634\n skb_queue_empty_lockless include/linux/skbuff.h:1891 [inline]\n skb_queue_purge_reason+0x99/0x360 net/core/skbuff.c:3937\n skb_queue_purge include/linux/skbuff.h:3368 [inline]\n vhci_flush+0x44/0x50 drivers/bluetooth/hci_vhci.c:69\n hci_dev_do_reset net/bluetooth/hci_core.c:552 [inline]\n hci_dev_reset+0x420/0x5c0 net/bluetooth/hci_core.c:592\n sock_do_ioctl+0xd9/0x300 net/socket.c:1190\n sock_ioctl+0x576/0x790 net/socket.c:1311\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:907 [inline]\n __se_sys_ioctl+0xf9/0x170 fs/ioctl.c:893\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xfa/0x3b0 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7fcf5b98e929\nCode: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fcf5c7b9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 00007fcf5bbb6160 RCX: 00007fcf5b98e929\nRDX: 0000000000000000 RSI: 00000000400448cb RDI: 0000000000000009\nRBP: 00007fcf5ba10b39 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 0000000000000000 R14: 00007fcf5bbb6160 R15: 00007ffd6353d528\n \n\nAllocated by task 6535:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3e/0x80 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0x93/0xb0 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __kmalloc_cache_noprof+0x230/0x3d0 mm/slub.c:4359\n kmalloc_noprof include/linux/slab.h:905 [inline]\n kzalloc_noprof include/linux/slab.h:1039 [inline]\n vhci_open+0x57/0x360 drivers/bluetooth/hci_vhci.c:635\n misc_open+0x2bc/0x330 drivers/char/misc.c:161\n chrdev_open+0x4c9/0x5e0 fs/char_dev.c:414\n do_dentry_open+0xdf0/0x1970 fs/open.c:964\n vfs_open+0x3b/0x340 fs/open.c:1094\n do_open fs/namei.c:3887 [inline]\n path_openat+0x2ee5/0x3830 fs/name\n---truncated---", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-38250" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/0e5c144c557df910ab64d9c25d06399a9a735e65", "url": "https://git.kernel.org/stable/c/0e5c144c557df910ab64d9c25d06399a9a735e65" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/1d6123102e9fbedc8d25bf4731da6d513173e49e", "url": "https://git.kernel.org/stable/c/1d6123102e9fbedc8d25bf4731da6d513173e49e" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/bc0819a25e04cd68ef3568cfa51b63118fea39a7", "url": "https://git.kernel.org/stable/c/bc0819a25e04cd68ef3568cfa51b63118fea39a7" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c56b177efce8b62798e4d96bdb9867106cb7c4a0", "url": "https://git.kernel.org/stable/c/c56b177efce8b62798e4d96bdb9867106cb7c4a0" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/ce23b73f0f27e2dbeb81734a79db710f05aa33c6", "url": "https://git.kernel.org/stable/c/ce23b73f0f27e2dbeb81734a79db710f05aa33c6" } ], "release_date": "2025-07-09T11:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2022-21546", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: target: Fix WRITE_SAME No Data Buffer crash\n\nIn newer version of the SBC specs, we have a NDOB bit that indicates there\nis no data buffer that gets written out. If this bit is set using commands\nlike \"sg_write_same --ndob\" we will crash in target_core_iblock/file's\nexecute_write_same handlers when we go to access the se_cmd->t_data_sg\nbecause its NULL.\n\nThis patch adds a check for the NDOB bit in the common WRITE SAME code\nbecause we don't support it. And, it adds a check for zero SG elements in\neach handler in case the initiator tries to send a normal WRITE SAME with\nno data buffer.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-21546" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/4226622647e3e5ac06d3ebc1605b917446157510", "url": "https://git.kernel.org/stable/c/4226622647e3e5ac06d3ebc1605b917446157510" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/54e57be2573cf0b8bf650375fd8752987b6c3d3b", "url": "https://git.kernel.org/stable/c/54e57be2573cf0b8bf650375fd8752987b6c3d3b" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/ccd3f449052449a917a3e577d8ba0368f43b8f29", "url": "https://git.kernel.org/stable/c/ccd3f449052449a917a3e577d8ba0368f43b8f29" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/d8e6a27e9238dd294d6f2f401655f300dca20899", "url": "https://git.kernel.org/stable/c/d8e6a27e9238dd294d6f2f401655f300dca20899" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html" } ], "release_date": "2025-05-02T22:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2022-50386", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: L2CAP: Fix user-after-free\n\nThis uses l2cap_chan_hold_unless_zero() after calling\n__l2cap_get_chan_blah() to prevent the following trace:\n\nBluetooth: l2cap_core.c:static void l2cap_chan_destroy(struct kref\n*kref)\nBluetooth: chan 0000000023c4974d\nBluetooth: parent 00000000ae861c08\n==================================================================\nBUG: KASAN: use-after-free in __mutex_waiter_is_first\nkernel/locking/mutex.c:191 [inline]\nBUG: KASAN: use-after-free in __mutex_lock_common\nkernel/locking/mutex.c:671 [inline]\nBUG: KASAN: use-after-free in __mutex_lock+0x278/0x400\nkernel/locking/mutex.c:729\nRead of size 8 at addr ffff888006a49b08 by task kworker/u3:2/389", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-50386" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/0c108cf3ad386e0084277093b55a351c49e0be27", "url": "https://git.kernel.org/stable/c/0c108cf3ad386e0084277093b55a351c49e0be27" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/11e40d6c0823f699d8ad501e48d1c3ae4be386cd", "url": "https://git.kernel.org/stable/c/11e40d6c0823f699d8ad501e48d1c3ae4be386cd" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/15fc21695eb606bdc5d483b92118ee42610a952d", "url": "https://git.kernel.org/stable/c/15fc21695eb606bdc5d483b92118ee42610a952d" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/35fcbc4243aad7e7d020b7c1dfb14bb888b20a4f", "url": "https://git.kernel.org/stable/c/35fcbc4243aad7e7d020b7c1dfb14bb888b20a4f" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/6ffde6e03085874ae22263ff4cef4869f797e84f", "url": "https://git.kernel.org/stable/c/6ffde6e03085874ae22263ff4cef4869f797e84f" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/7d6f9cb24d2b2f6b6370eac074e2e6b1bafdad45", "url": "https://git.kernel.org/stable/c/7d6f9cb24d2b2f6b6370eac074e2e6b1bafdad45" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/843fc4e386dd84b806a7f07fb062d8c3a44e5364", "url": "https://git.kernel.org/stable/c/843fc4e386dd84b806a7f07fb062d8c3a44e5364" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/d1e894f950ad48897d1a7cb05909ea29d8c3810e", "url": "https://git.kernel.org/stable/c/d1e894f950ad48897d1a7cb05909ea29d8c3810e" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/d91fc2836562f299f34e361e089e9fe154da4f73", "url": "https://git.kernel.org/stable/c/d91fc2836562f299f34e361e089e9fe154da4f73" } ], "release_date": "2025-09-18T14:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-38556", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: core: Harden s32ton() against conversion to 0 bits\n\nTesting by the syzbot fuzzer showed that the HID core gets a\nshift-out-of-bounds exception when it tries to convert a 32-bit\nquantity to a 0-bit quantity. Ideally this should never occur, but\nthere are buggy devices and some might have a report field with size\nset to zero; we shouldn't reject the report or the device just because\nof that.\n\nInstead, harden the s32ton() routine so that it returns a reasonable\nresult instead of crashing when it is called with the number of bits\nset to 0 -- the same as what snto32() does.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-38556" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/3c86548a20d7bc2861aa4de044991a327bebad1a", "url": "https://git.kernel.org/stable/c/3c86548a20d7bc2861aa4de044991a327bebad1a" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/6cdf6c708717c5c6897d0800a1793e83757c7491", "url": "https://git.kernel.org/stable/c/6cdf6c708717c5c6897d0800a1793e83757c7491" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/810189546cb6c8f36443ed091d91f1f5d2fc2ec7", "url": "https://git.kernel.org/stable/c/810189546cb6c8f36443ed091d91f1f5d2fc2ec7" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/865ad8469fa24de1559f247d9426ab01e5ce3a56", "url": "https://git.kernel.org/stable/c/865ad8469fa24de1559f247d9426ab01e5ce3a56" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/8b4a94b1510f6a46ec48494b52ee8f67eb4fc836", "url": "https://git.kernel.org/stable/c/8b4a94b1510f6a46ec48494b52ee8f67eb4fc836" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a6b87bfc2ab5bccb7ad953693c85d9062aef3fdd", "url": "https://git.kernel.org/stable/c/a6b87bfc2ab5bccb7ad953693c85d9062aef3fdd" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/d3b504146c111548ab60b6ef7aad00bfb1db05a2", "url": "https://git.kernel.org/stable/c/d3b504146c111548ab60b6ef7aad00bfb1db05a2" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/eeeaba737919bdce9885e2a00ac2912f61a3684d", "url": "https://git.kernel.org/stable/c/eeeaba737919bdce9885e2a00ac2912f61a3684d" } ], "release_date": "2025-08-19T17:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2022-49775", "cwe": { "id": "CWE-415", "name": "Double Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: cdg: allow tcp_cdg_release() to be called multiple times\n\nApparently, mptcp is able to call tcp_disconnect() on an already\ndisconnected flow. This is generally fine, unless current congestion\ncontrol is CDG, because it might trigger a double-free [1]\n\nInstead of fixing MPTCP, and future bugs, we can make tcp_disconnect()\nmore resilient.\n\n[1]\nBUG: KASAN: double-free in slab_free mm/slub.c:3539 [inline]\nBUG: KASAN: double-free in kfree+0xe2/0x580 mm/slub.c:4567\n\nCPU: 0 PID: 3645 Comm: kworker/0:7 Not tainted 6.0.0-syzkaller-02734-g0326074ff465 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/22/2022\nWorkqueue: events mptcp_worker\nCall Trace:\n\n__dump_stack lib/dump_stack.c:88 [inline]\ndump_stack_lvl+0xcd/0x134 lib/dump_stack.c:106\nprint_address_description mm/kasan/report.c:317 [inline]\nprint_report.cold+0x2ba/0x719 mm/kasan/report.c:433\nkasan_report_invalid_free+0x81/0x190 mm/kasan/report.c:462\n____kasan_slab_free+0x18b/0x1c0 mm/kasan/common.c:356\nkasan_slab_free include/linux/kasan.h:200 [inline]\nslab_free_hook mm/slub.c:1759 [inline]\nslab_free_freelist_hook+0x8b/0x1c0 mm/slub.c:1785\nslab_free mm/slub.c:3539 [inline]\nkfree+0xe2/0x580 mm/slub.c:4567\ntcp_disconnect+0x980/0x1e20 net/ipv4/tcp.c:3145\n__mptcp_close_ssk+0x5ca/0x7e0 net/mptcp/protocol.c:2327\nmptcp_do_fastclose net/mptcp/protocol.c:2592 [inline]\nmptcp_worker+0x78c/0xff0 net/mptcp/protocol.c:2627\nprocess_one_work+0x991/0x1610 kernel/workqueue.c:2289\nworker_thread+0x665/0x1080 kernel/workqueue.c:2436\nkthread+0x2e4/0x3a0 kernel/kthread.c:376\nret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:306\n\n\nAllocated by task 3671:\nkasan_save_stack+0x1e/0x40 mm/kasan/common.c:38\nkasan_set_track mm/kasan/common.c:45 [inline]\nset_alloc_info mm/kasan/common.c:437 [inline]\n____kasan_kmalloc mm/kasan/common.c:516 [inline]\n____kasan_kmalloc mm/kasan/common.c:475 [inline]\n__kasan_kmalloc+0xa9/0xd0 mm/kasan/common.c:525\nkmalloc_array include/linux/slab.h:640 [inline]\nkcalloc include/linux/slab.h:671 [inline]\ntcp_cdg_init+0x10d/0x170 net/ipv4/tcp_cdg.c:380\ntcp_init_congestion_control+0xab/0x550 net/ipv4/tcp_cong.c:193\ntcp_reinit_congestion_control net/ipv4/tcp_cong.c:217 [inline]\ntcp_set_congestion_control+0x96c/0xaa0 net/ipv4/tcp_cong.c:391\ndo_tcp_setsockopt+0x505/0x2320 net/ipv4/tcp.c:3513\ntcp_setsockopt+0xd4/0x100 net/ipv4/tcp.c:3801\nmptcp_setsockopt+0x35f/0x2570 net/mptcp/sockopt.c:844\n__sys_setsockopt+0x2d6/0x690 net/socket.c:2252\n__do_sys_setsockopt net/socket.c:2263 [inline]\n__se_sys_setsockopt net/socket.c:2260 [inline]\n__x64_sys_setsockopt+0xba/0x150 net/socket.c:2260\ndo_syscall_x64 arch/x86/entry/common.c:50 [inline]\ndo_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80\nentry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nFreed by task 16:\nkasan_save_stack+0x1e/0x40 mm/kasan/common.c:38\nkasan_set_track+0x21/0x30 mm/kasan/common.c:45\nkasan_set_free_info+0x20/0x30 mm/kasan/generic.c:370\n____kasan_slab_free mm/kasan/common.c:367 [inline]\n____kasan_slab_free+0x166/0x1c0 mm/kasan/common.c:329\nkasan_slab_free include/linux/kasan.h:200 [inline]\nslab_free_hook mm/slub.c:1759 [inline]\nslab_free_freelist_hook+0x8b/0x1c0 mm/slub.c:1785\nslab_free mm/slub.c:3539 [inline]\nkfree+0xe2/0x580 mm/slub.c:4567\ntcp_cleanup_congestion_control+0x70/0x120 net/ipv4/tcp_cong.c:226\ntcp_v4_destroy_sock+0xdd/0x750 net/ipv4/tcp_ipv4.c:2254\ntcp_v6_destroy_sock+0x11/0x20 net/ipv6/tcp_ipv6.c:1969\ninet_csk_destroy_sock+0x196/0x440 net/ipv4/inet_connection_sock.c:1157\ntcp_done+0x23b/0x340 net/ipv4/tcp.c:4649\ntcp_rcv_state_process+0x40e7/0x4990 net/ipv4/tcp_input.c:6624\ntcp_v6_do_rcv+0x3fc/0x13c0 net/ipv6/tcp_ipv6.c:1525\ntcp_v6_rcv+0x2e8e/0x3830 net/ipv6/tcp_ipv6.c:1759\nip6_protocol_deliver_rcu+0x2db/0x1950 net/ipv6/ip6_input.c:439\nip6_input_finish+0x14c/0x2c0 net/ipv6/ip6_input.c:484\nNF_HOOK include/linux/netfilter.h:302 [inline]\nNF_HOOK include/linux/netfilter.h:296 [inline]\nip6_input+0x9c/0xd\n---truncated---", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-49775" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/0b19171439016a8e4c97eafe543670ac86e2b8fe", "url": "https://git.kernel.org/stable/c/0b19171439016a8e4c97eafe543670ac86e2b8fe" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/1b639be27cbf428a5ca01dcf8b5d654194c956f8", "url": "https://git.kernel.org/stable/c/1b639be27cbf428a5ca01dcf8b5d654194c956f8" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/35309be06b6feded2ab2cafbc2bca8534c2fa41e", "url": "https://git.kernel.org/stable/c/35309be06b6feded2ab2cafbc2bca8534c2fa41e" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/4026033907cc6186d86b48daa4a252c860db2536", "url": "https://git.kernel.org/stable/c/4026033907cc6186d86b48daa4a252c860db2536" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/72e560cb8c6f80fc2b4afc5d3634a32465e13a51", "url": "https://git.kernel.org/stable/c/72e560cb8c6f80fc2b4afc5d3634a32465e13a51" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/78be2ee0112409ae4e9ee9e326151e0559b3d239", "url": "https://git.kernel.org/stable/c/78be2ee0112409ae4e9ee9e326151e0559b3d239" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/9e481d87349d2282f400ee1d010a169c99f766b8", "url": "https://git.kernel.org/stable/c/9e481d87349d2282f400ee1d010a169c99f766b8" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/b49026d9c86f35a4c5bfb8d7345c9c4379828c6b", "url": "https://git.kernel.org/stable/c/b49026d9c86f35a4c5bfb8d7345c9c4379828c6b" } ], "release_date": "2025-05-01T15:16:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2023-53541", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmtd: rawnand: brcmnand: Fix potential out-of-bounds access in oob write\n\nWhen the oob buffer length is not in multiple of words, the oob write\nfunction does out-of-bounds read on the oob source buffer at the last\niteration. Fix that by always checking length limit on the oob buffer\nread and fill with 0xff when reaching the end of the buffer to the oob\nregisters.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2023-53541" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/14b1d00520b4d6a4818364334ce472b79cfc8976", "url": "https://git.kernel.org/stable/c/14b1d00520b4d6a4818364334ce472b79cfc8976" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/2353b7bb61e45e7cfd21505d0c6747ac8c9496a1", "url": "https://git.kernel.org/stable/c/2353b7bb61e45e7cfd21505d0c6747ac8c9496a1" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/2bc3d6ac704ea7263175ea3da663fdbbb7f3dd8b", "url": "https://git.kernel.org/stable/c/2bc3d6ac704ea7263175ea3da663fdbbb7f3dd8b" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/45fe4ad7f439799ee1b7b5f80bf82e8b34a98d25", "url": "https://git.kernel.org/stable/c/45fe4ad7f439799ee1b7b5f80bf82e8b34a98d25" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/5d53244186c9ac58cb88d76a0958ca55b83a15cd", "url": "https://git.kernel.org/stable/c/5d53244186c9ac58cb88d76a0958ca55b83a15cd" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/648d1150a688698e37f7aaf302860180901cb30e", "url": "https://git.kernel.org/stable/c/648d1150a688698e37f7aaf302860180901cb30e" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/aae45746f4aee9818296e0500e0703e9d8caa5b8", "url": "https://git.kernel.org/stable/c/aae45746f4aee9818296e0500e0703e9d8caa5b8" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/d00b031266514a9395124704630b056a5185ec17", "url": "https://git.kernel.org/stable/c/d00b031266514a9395124704630b056a5185ec17" } ], "release_date": "2025-10-04T16:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2023-53506", "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nudf: Do not bother merging very long extents\n\nWhen merging very long extents we try to push as much length as possible\nto the first extent. However this is unnecessarily complicated and not\nreally worth the trouble. Furthermore there was a bug in the logic\nresulting in corrupting extents in the file as syzbot reproducer shows.\nSo just don't bother with the merging of extents that are too long\ntogether.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2023-53506" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/3d20e3b768aff32112bdce8d3219d923ae75f9f1", "url": "https://git.kernel.org/stable/c/3d20e3b768aff32112bdce8d3219d923ae75f9f1" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/53cafe1d6d8ef9f93318e5bfccc0d24f27d41ced", "url": "https://git.kernel.org/stable/c/53cafe1d6d8ef9f93318e5bfccc0d24f27d41ced" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/5d029799d381a9ee06209a222cae75f04c5d5304", "url": "https://git.kernel.org/stable/c/5d029799d381a9ee06209a222cae75f04c5d5304" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/7a965da79f2d22601f329cbfce588386b0847544", "url": "https://git.kernel.org/stable/c/7a965da79f2d22601f329cbfce588386b0847544" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/965982feb333aefa9256c0fe188b5f1b958aef63", "url": "https://git.kernel.org/stable/c/965982feb333aefa9256c0fe188b5f1b958aef63" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/9a8d602f0723586e668bae7e65c832ceb9bcc8bc", "url": "https://git.kernel.org/stable/c/9a8d602f0723586e668bae7e65c832ceb9bcc8bc" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/adac9ac6d2e04ea0782b91a00ba10706002f3ec4", "url": "https://git.kernel.org/stable/c/adac9ac6d2e04ea0782b91a00ba10706002f3ec4" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/d52252a1de4cf96a34f722b0cd8902d8ff78eb57", "url": "https://git.kernel.org/stable/c/d52252a1de4cf96a34f722b0cd8902d8ff78eb57" } ], "release_date": "2025-10-01T12:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-37810", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: dwc3: gadget: check that event count does not exceed event buffer length\n\nThe event count is read from register DWC3_GEVNTCOUNT.\nThere is a check for the count being zero, but not for exceeding the\nevent buffer length.\nCheck that event count does not exceed event buffer length,\navoiding an out-of-bounds access when memcpy'ing the event.\nCrash log:\nUnable to handle kernel paging request at virtual address ffffffc0129be000\npc : __memcpy+0x114/0x180\nlr : dwc3_check_event_buf+0xec/0x348\nx3 : 0000000000000030 x2 : 000000000000dfc4\nx1 : ffffffc0129be000 x0 : ffffff87aad60080\nCall trace:\n__memcpy+0x114/0x180\ndwc3_interrupt+0x24/0x34", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-37810" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/015c39f38e69a491d2abd5e98869a500a9459b3b", "url": "https://git.kernel.org/stable/c/015c39f38e69a491d2abd5e98869a500a9459b3b" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/52a7c9d930b95aa8b1620edaba4818040c32631f", "url": "https://git.kernel.org/stable/c/52a7c9d930b95aa8b1620edaba4818040c32631f" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/63ccd26cd1f6600421795f6ca3e625076be06c9f", "url": "https://git.kernel.org/stable/c/63ccd26cd1f6600421795f6ca3e625076be06c9f" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/99d655119b870ee60e4dbf310aa9a1ed8d9ede3d", "url": "https://git.kernel.org/stable/c/99d655119b870ee60e4dbf310aa9a1ed8d9ede3d" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a44547015287a19001384fe94dbff84c92ce4ee1", "url": "https://git.kernel.org/stable/c/a44547015287a19001384fe94dbff84c92ce4ee1" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/b43225948b231b3f331194010f84512bee4d9f59", "url": "https://git.kernel.org/stable/c/b43225948b231b3f331194010f84512bee4d9f59" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c0079630f268843a25ed75226169cba40e0d8880", "url": "https://git.kernel.org/stable/c/c0079630f268843a25ed75226169cba40e0d8880" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c4d80e41cb42008dceb35e5dbf52574d93beac0d", "url": "https://git.kernel.org/stable/c/c4d80e41cb42008dceb35e5dbf52574d93beac0d" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html", "url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html", "url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html" } ], "release_date": "2025-05-08T07:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-38416", "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFC: nci: uart: Set tty->disc_data only in success path\n\nSetting tty->disc_data before opening the NCI device means we need to\nclean it up on error paths. This also opens some short window if device\nstarts sending data, even before NCIUARTSETDRIVER IOCTL succeeded\n(broken hardware?). Close the window by exposing tty->disc_data only on\nthe success path, when opening of the NCI device and try_module_get()\nsucceeds.\n\nThe code differs in error path in one aspect: tty->disc_data won't be\never assigned thus NULL-ified. This however should not be relevant\ndifference, because of \"tty->disc_data=NULL\" in nci_uart_tty_open().", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-38416" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/000bfbc6bc334a93fffca8f5aa9583e7b6356cb5", "url": "https://git.kernel.org/stable/c/000bfbc6bc334a93fffca8f5aa9583e7b6356cb5" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/55c3dbd8389636161090a2b2b6d2d709b9602e9c", "url": "https://git.kernel.org/stable/c/55c3dbd8389636161090a2b2b6d2d709b9602e9c" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a514fca2b8e95838a3ba600f31a18fa60b76d893", "url": "https://git.kernel.org/stable/c/a514fca2b8e95838a3ba600f31a18fa60b76d893" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a8acc7080ad55c5402a1b818b3008998247dda87", "url": "https://git.kernel.org/stable/c/a8acc7080ad55c5402a1b818b3008998247dda87" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/ac6992f72bd8e22679c1e147ac214de6a7093c23", "url": "https://git.kernel.org/stable/c/ac6992f72bd8e22679c1e147ac214de6a7093c23" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/dc7722619a9c307e9938d735cf4a2210d3d48dcb", "url": "https://git.kernel.org/stable/c/dc7722619a9c307e9938d735cf4a2210d3d48dcb" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/e9799db771b2d574d5bf0dfb3177485e5f40d4d6", "url": "https://git.kernel.org/stable/c/e9799db771b2d574d5bf0dfb3177485e5f40d4d6" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/fc27ab48904ceb7e4792f0c400f1ef175edf16fe", "url": "https://git.kernel.org/stable/c/fc27ab48904ceb7e4792f0c400f1ef175edf16fe" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html" } ], "release_date": "2025-07-25T14:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2022-50258", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcmfmac: Fix potential stack-out-of-bounds in brcmf_c_preinit_dcmds()\n\nThis patch fixes a stack-out-of-bounds read in brcmfmac that occurs\nwhen 'buf' that is not null-terminated is passed as an argument of\nstrsep() in brcmf_c_preinit_dcmds(). This buffer is filled with a firmware\nversion string by memcpy() in brcmf_fil_iovar_data_get().\nThe patch ensures buf is null-terminated.\n\nFound by a modified version of syzkaller.\n\n[ 47.569679][ T1897] brcmfmac: brcmf_fw_alloc_request: using brcm/brcmfmac43236b for chip BCM43236/3\n[ 47.582839][ T1897] brcmfmac: brcmf_c_process_clm_blob: no clm_blob available (err=-2), device may have limited channels available\n[ 47.601565][ T1897] ==================================================================\n[ 47.602574][ T1897] BUG: KASAN: stack-out-of-bounds in strsep+0x1b2/0x1f0\n[ 47.603447][ T1897] Read of size 1 at addr ffffc90001f6f000 by task kworker/0:2/1897\n[ 47.604336][ T1897]\n[ 47.604621][ T1897] CPU: 0 PID: 1897 Comm: kworker/0:2 Tainted: G O 5.14.0+ #131\n[ 47.605617][ T1897] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.12.1-0-ga5cab58e9a3f-prebuilt.qemu.org 04/01/2014\n[ 47.606907][ T1897] Workqueue: usb_hub_wq hub_event\n[ 47.607453][ T1897] Call Trace:\n[ 47.607801][ T1897] dump_stack_lvl+0x8e/0xd1\n[ 47.608295][ T1897] print_address_description.constprop.0.cold+0xf/0x334\n[ 47.609009][ T1897] ? strsep+0x1b2/0x1f0\n[ 47.609434][ T1897] ? strsep+0x1b2/0x1f0\n[ 47.609863][ T1897] kasan_report.cold+0x83/0xdf\n[ 47.610366][ T1897] ? strsep+0x1b2/0x1f0\n[ 47.610882][ T1897] strsep+0x1b2/0x1f0\n[ 47.611300][ T1897] ? brcmf_fil_iovar_data_get+0x3a/0xf0\n[ 47.611883][ T1897] brcmf_c_preinit_dcmds+0x995/0xc40\n[ 47.612434][ T1897] ? brcmf_c_set_joinpref_default+0x100/0x100\n[ 47.613078][ T1897] ? rcu_read_lock_sched_held+0xa1/0xd0\n[ 47.613662][ T1897] ? rcu_read_lock_bh_held+0xb0/0xb0\n[ 47.614208][ T1897] ? lock_acquire+0x19d/0x4e0\n[ 47.614704][ T1897] ? find_held_lock+0x2d/0x110\n[ 47.615236][ T1897] ? brcmf_usb_deq+0x1a7/0x260\n[ 47.615741][ T1897] ? brcmf_usb_rx_fill_all+0x5a/0xf0\n[ 47.616288][ T1897] brcmf_attach+0x246/0xd40\n[ 47.616758][ T1897] ? wiphy_new_nm+0x1703/0x1dd0\n[ 47.617280][ T1897] ? kmemdup+0x43/0x50\n[ 47.617720][ T1897] brcmf_usb_probe+0x12de/0x1690\n[ 47.618244][ T1897] ? brcmf_usbdev_qinit.constprop.0+0x470/0x470\n[ 47.618901][ T1897] usb_probe_interface+0x2aa/0x760\n[ 47.619429][ T1897] ? usb_probe_device+0x250/0x250\n[ 47.619950][ T1897] really_probe+0x205/0xb70\n[ 47.620435][ T1897] ? driver_allows_async_probing+0x130/0x130\n[ 47.621048][ T1897] __driver_probe_device+0x311/0x4b0\n[ 47.621595][ T1897] ? driver_allows_async_probing+0x130/0x130\n[ 47.622209][ T1897] driver_probe_device+0x4e/0x150\n[ 47.622739][ T1897] __device_attach_driver+0x1cc/0x2a0\n[ 47.623287][ T1897] bus_for_each_drv+0x156/0x1d0\n[ 47.623796][ T1897] ? bus_rescan_devices+0x30/0x30\n[ 47.624309][ T1897] ? lockdep_hardirqs_on_prepare+0x273/0x3e0\n[ 47.624907][ T1897] ? trace_hardirqs_on+0x46/0x160\n[ 47.625437][ T1897] __device_attach+0x23f/0x3a0\n[ 47.625924][ T1897] ? device_bind_driver+0xd0/0xd0\n[ 47.626433][ T1897] ? kobject_uevent_env+0x287/0x14b0\n[ 47.627057][ T1897] bus_probe_device+0x1da/0x290\n[ 47.627557][ T1897] device_add+0xb7b/0x1eb0\n[ 47.628027][ T1897] ? wait_for_completion+0x290/0x290\n[ 47.628593][ T1897] ? __fw_devlink_link_to_suppliers+0x5a0/0x5a0\n[ 47.629249][ T1897] usb_set_configuration+0xf59/0x16f0\n[ 47.629829][ T1897] usb_generic_driver_probe+0x82/0xa0\n[ 47.630385][ T1897] usb_probe_device+0xbb/0x250\n[ 47.630927][ T1897] ? usb_suspend+0x590/0x590\n[ 47.631397][ T1897] really_probe+0x205/0xb70\n[ 47.631855][ T1897] ? driver_allows_async_probing+0x130/0x130\n[ 47.632469][ T1897] __driver_probe_device+0x311/0x4b0\n[ 47.633002][ \n---truncated---", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-50258" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/0a06cadcc2a0044e4a117cc0e61436fc3a0dad69", "url": "https://git.kernel.org/stable/c/0a06cadcc2a0044e4a117cc0e61436fc3a0dad69" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/17dbe90e13f52848c460d253f15b765038ec6dc0", "url": "https://git.kernel.org/stable/c/17dbe90e13f52848c460d253f15b765038ec6dc0" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/3a3a5e3f94068cd562d62a57da6983c8cd07d53c", "url": "https://git.kernel.org/stable/c/3a3a5e3f94068cd562d62a57da6983c8cd07d53c" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/881f50d76c3892262730ddf5c894eb00310e736c", "url": "https://git.kernel.org/stable/c/881f50d76c3892262730ddf5c894eb00310e736c" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/89243a7b0ea19606ba1c2873c9d569026ccb344f", "url": "https://git.kernel.org/stable/c/89243a7b0ea19606ba1c2873c9d569026ccb344f" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/ba166e0ebdde3dfa833f0a3edaf2b2934d4a87f7", "url": "https://git.kernel.org/stable/c/ba166e0ebdde3dfa833f0a3edaf2b2934d4a87f7" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/d481fd6064bf215d7c5068e15aa390c3b16c9cd0", "url": "https://git.kernel.org/stable/c/d481fd6064bf215d7c5068e15aa390c3b16c9cd0" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/d6ef66194bb4a6c18f5b9649bf62597909b040e4", "url": "https://git.kernel.org/stable/c/d6ef66194bb4a6c18f5b9649bf62597909b040e4" } ], "release_date": "2025-09-15T14:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2022-49917", "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipvs: fix WARNING in ip_vs_app_net_cleanup()\n\nDuring the initialization of ip_vs_app_net_init(), if file ip_vs_app\nfails to be created, the initialization is successful by default.\nTherefore, the ip_vs_app file doesn't be found during the remove in\nip_vs_app_net_cleanup(). It will cause WRNING.\n\nThe following is the stack information:\nname 'ip_vs_app'\nWARNING: CPU: 1 PID: 9 at fs/proc/generic.c:712 remove_proc_entry+0x389/0x460\nModules linked in:\nWorkqueue: netns cleanup_net\nRIP: 0010:remove_proc_entry+0x389/0x460\nCall Trace:\n\nops_exit_list+0x125/0x170\ncleanup_net+0x4ea/0xb00\nprocess_one_work+0x9bf/0x1710\nworker_thread+0x665/0x1080\nkthread+0x2e4/0x3a0\nret_from_fork+0x1f/0x30\n", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-49917" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/06d7596d18725f1a93cf817662d36050e5afb989", "url": "https://git.kernel.org/stable/c/06d7596d18725f1a93cf817662d36050e5afb989" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/2c8d81bdb2684d53d6cedad7410ba4cf9090e343", "url": "https://git.kernel.org/stable/c/2c8d81bdb2684d53d6cedad7410ba4cf9090e343" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/5663ed63adb9619c98ab7479aa4606fa9b7a548c", "url": "https://git.kernel.org/stable/c/5663ed63adb9619c98ab7479aa4606fa9b7a548c" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/8457a00c981fe1a799ce34123908856b0f5973b8", "url": "https://git.kernel.org/stable/c/8457a00c981fe1a799ce34123908856b0f5973b8" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/97f872b00937f2689bff2dab4ad9ed259482840f", "url": "https://git.kernel.org/stable/c/97f872b00937f2689bff2dab4ad9ed259482840f" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/adc76740ccd52e4a1d910767cd1223e134a7078b", "url": "https://git.kernel.org/stable/c/adc76740ccd52e4a1d910767cd1223e134a7078b" } ], "release_date": "2025-05-01T15:16:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-22083", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvhost-scsi: Fix handling of multiple calls to vhost_scsi_set_endpoint\n\nIf vhost_scsi_set_endpoint is called multiple times without a\nvhost_scsi_clear_endpoint between them, we can hit multiple bugs\nfound by Haoran Zhang:\n\n1. Use-after-free when no tpgs are found:\n\nThis fixes a use after free that occurs when vhost_scsi_set_endpoint is\ncalled more than once and calls after the first call do not find any\ntpgs to add to the vs_tpg. When vhost_scsi_set_endpoint first finds\ntpgs to add to the vs_tpg array match=true, so we will do:\n\nvhost_vq_set_backend(vq, vs_tpg);\n...\n\nkfree(vs->vs_tpg);\nvs->vs_tpg = vs_tpg;\n\nIf vhost_scsi_set_endpoint is called again and no tpgs are found\nmatch=false so we skip the vhost_vq_set_backend call leaving the\npointer to the vs_tpg we then free via:\n\nkfree(vs->vs_tpg);\nvs->vs_tpg = vs_tpg;\n\nIf a scsi request is then sent we do:\n\nvhost_scsi_handle_vq -> vhost_scsi_get_req -> vhost_vq_get_backend\n\nwhich sees the vs_tpg we just did a kfree on.\n\n2. Tpg dir removal hang:\n\nThis patch fixes an issue where we cannot remove a LIO/target layer\ntpg (and structs above it like the target) dir due to the refcount\ndropping to -1.\n\nThe problem is that if vhost_scsi_set_endpoint detects a tpg is already\nin the vs->vs_tpg array or if the tpg has been removed so\ntarget_depend_item fails, the undepend goto handler will do\ntarget_undepend_item on all tpgs in the vs_tpg array dropping their\nrefcount to 0. At this time vs_tpg contains both the tpgs we have added\nin the current vhost_scsi_set_endpoint call as well as tpgs we added in\nprevious calls which are also in vs->vs_tpg.\n\nLater, when vhost_scsi_clear_endpoint runs it will do\ntarget_undepend_item on all the tpgs in the vs->vs_tpg which will drop\ntheir refcount to -1. Userspace will then not be able to remove the tpg\nand will hang when it tries to do rmdir on the tpg dir.\n\n3. Tpg leak:\n\nThis fixes a bug where we can leak tpgs and cause them to be\nun-removable because the target name is overwritten when\nvhost_scsi_set_endpoint is called multiple times but with different\ntarget names.\n\nThe bug occurs if a user has called VHOST_SCSI_SET_ENDPOINT and setup\na vhost-scsi device to target/tpg mapping, then calls\nVHOST_SCSI_SET_ENDPOINT again with a new target name that has tpgs we\nhaven't seen before (target1 has tpg1 but target2 has tpg2). When this\nhappens we don't teardown the old target tpg mapping and just overwrite\nthe target name and the vs->vs_tpg array. Later when we do\nvhost_scsi_clear_endpoint, we are passed in either target1 or target2's\nname and we will only match that target's tpgs when we loop over the\nvs->vs_tpg. We will then return from the function without doing\ntarget_undepend_item on the tpgs.\n\nBecause of all these bugs, it looks like being able to call\nvhost_scsi_set_endpoint multiple times was never supported. The major\nuser, QEMU, already has checks to prevent this use case. So to fix the\nissues, this patch prevents vhost_scsi_set_endpoint from being called\nif it's already successfully added tpgs. To add, remove or change the\ntpg config or target name, you must do a vhost_scsi_clear_endpoint\nfirst.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-22083" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/2b34bdc42df047794542f3e220fe989124e4499a", "url": "https://git.kernel.org/stable/c/2b34bdc42df047794542f3e220fe989124e4499a" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/3a19eb3d9818e28f14c818a18dc913344a52ca92", "url": "https://git.kernel.org/stable/c/3a19eb3d9818e28f14c818a18dc913344a52ca92" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/3fd054baf382a426bbf5135ede0fc5673db74d3e", "url": "https://git.kernel.org/stable/c/3fd054baf382a426bbf5135ede0fc5673db74d3e" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/451c72f5e7cf5d339a6410a635cee0825687c3dc", "url": "https://git.kernel.org/stable/c/451c72f5e7cf5d339a6410a635cee0825687c3dc" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/5dd639a1646ef5fe8f4bf270fad47c5c3755b9b6", "url": "https://git.kernel.org/stable/c/5dd639a1646ef5fe8f4bf270fad47c5c3755b9b6" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/63b449f73ab0dcc0ba11ceaa4c5c70bc86ccf03c", "url": "https://git.kernel.org/stable/c/63b449f73ab0dcc0ba11ceaa4c5c70bc86ccf03c" } ], "release_date": "2025-04-16T15:16:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2023-53485", "cwe": { "id": "CWE-129", "name": "Improper Validation of Array Index" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs: jfs: Fix UBSAN: array-index-out-of-bounds in dbAllocDmapLev\n\nSyzkaller reported the following issue:\n\nUBSAN: array-index-out-of-bounds in fs/jfs/jfs_dmap.c:1965:6\nindex -84 is out of range for type 's8[341]' (aka 'signed char[341]')\nCPU: 1 PID: 4995 Comm: syz-executor146 Not tainted 6.4.0-rc6-syzkaller-00037-gb6dad5178cea #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023\nCall Trace:\n \n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x1e7/0x2d0 lib/dump_stack.c:106\n ubsan_epilogue lib/ubsan.c:217 [inline]\n __ubsan_handle_out_of_bounds+0x11c/0x150 lib/ubsan.c:348\n dbAllocDmapLev+0x3e5/0x430 fs/jfs/jfs_dmap.c:1965\n dbAllocCtl+0x113/0x920 fs/jfs/jfs_dmap.c:1809\n dbAllocAG+0x28f/0x10b0 fs/jfs/jfs_dmap.c:1350\n dbAlloc+0x658/0xca0 fs/jfs/jfs_dmap.c:874\n dtSplitUp fs/jfs/jfs_dtree.c:974 [inline]\n dtInsert+0xda7/0x6b00 fs/jfs/jfs_dtree.c:863\n jfs_create+0x7b6/0xbb0 fs/jfs/namei.c:137\n lookup_open fs/namei.c:3492 [inline]\n open_last_lookups fs/namei.c:3560 [inline]\n path_openat+0x13df/0x3170 fs/namei.c:3788\n do_filp_open+0x234/0x490 fs/namei.c:3818\n do_sys_openat2+0x13f/0x500 fs/open.c:1356\n do_sys_open fs/open.c:1372 [inline]\n __do_sys_openat fs/open.c:1388 [inline]\n __se_sys_openat fs/open.c:1383 [inline]\n __x64_sys_openat+0x247/0x290 fs/open.c:1383\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\nRIP: 0033:0x7f1f4e33f7e9\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007ffc21129578 EFLAGS: 00000246 ORIG_RAX: 0000000000000101\nRAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f1f4e33f7e9\nRDX: 000000000000275a RSI: 0000000020000040 RDI: 00000000ffffff9c\nRBP: 00007f1f4e2ff080 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 00007f1f4e2ff110\nR13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000\n \n\nThe bug occurs when the dbAllocDmapLev()function attempts to access\ndp->tree.stree[leafidx + LEAFIND] while the leafidx value is negative.\n\nTo rectify this, the patch introduces a safeguard within the\ndbAllocDmapLev() function. A check has been added to verify if leafidx is\nnegative. If it is, the function immediately returns an I/O error, preventing\nany further execution that could potentially cause harm.\n\nTested via syzbot.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2023-53485" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/0d9e678a82915633b99603f744e7735d1a673d72", "url": "https://git.kernel.org/stable/c/0d9e678a82915633b99603f744e7735d1a673d72" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/39f6292d75959e8accac0b3e24090094ba0824e9", "url": "https://git.kernel.org/stable/c/39f6292d75959e8accac0b3e24090094ba0824e9" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/4e302336d5ca1767a06beee7596a72d3bdc8d983", "url": "https://git.kernel.org/stable/c/4e302336d5ca1767a06beee7596a72d3bdc8d983" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/53b0a362aca2583729e8ca2936ca657ff3247d88", "url": "https://git.kernel.org/stable/c/53b0a362aca2583729e8ca2936ca657ff3247d88" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/6e7d9d76e5654bcdd3cdb7c9441a8113428ecebb", "url": "https://git.kernel.org/stable/c/6e7d9d76e5654bcdd3cdb7c9441a8113428ecebb" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/911b48eec45152822bccf45cd3563b48256b1520", "url": "https://git.kernel.org/stable/c/911b48eec45152822bccf45cd3563b48256b1520" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/bdf07ab1595b613b03f32dbb5cb379edfa1a7334", "url": "https://git.kernel.org/stable/c/bdf07ab1595b613b03f32dbb5cb379edfa1a7334" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/f2af019091f904ca08b3572ab0111238ad6d17b3", "url": "https://git.kernel.org/stable/c/f2af019091f904ca08b3572ab0111238ad6d17b3" } ], "release_date": "2025-10-01T12:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-37739", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: fix to avoid out-of-bounds access in f2fs_truncate_inode_blocks()\n\nsyzbot reports an UBSAN issue as below:\n\n------------[ cut here ]------------\nUBSAN: array-index-out-of-bounds in fs/f2fs/node.h:381:10\nindex 18446744073709550692 is out of range for type '__le32[5]' (aka 'unsigned int[5]')\nCPU: 0 UID: 0 PID: 5318 Comm: syz.0.0 Not tainted 6.14.0-rc3-syzkaller-00060-g6537cfb395f3 #0\nCall Trace:\n \n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n ubsan_epilogue lib/ubsan.c:231 [inline]\n __ubsan_handle_out_of_bounds+0x121/0x150 lib/ubsan.c:429\n get_nid fs/f2fs/node.h:381 [inline]\n f2fs_truncate_inode_blocks+0xa5e/0xf60 fs/f2fs/node.c:1181\n f2fs_do_truncate_blocks+0x782/0x1030 fs/f2fs/file.c:808\n f2fs_truncate_blocks+0x10d/0x300 fs/f2fs/file.c:836\n f2fs_truncate+0x417/0x720 fs/f2fs/file.c:886\n f2fs_file_write_iter+0x1bdb/0x2550 fs/f2fs/file.c:5093\n aio_write+0x56b/0x7c0 fs/aio.c:1633\n io_submit_one+0x8a7/0x18a0 fs/aio.c:2052\n __do_sys_io_submit fs/aio.c:2111 [inline]\n __se_sys_io_submit+0x171/0x2e0 fs/aio.c:2081\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7f238798cde9\n\nindex 18446744073709550692 (decimal, unsigned long long)\n= 0xfffffffffffffc64 (hexadecimal, unsigned long long)\n= -924 (decimal, long long)\n\nIn f2fs_truncate_inode_blocks(), UBSAN detects that get_nid() tries to\naccess .i_nid[-924], it means both offset[0] and level should zero.\n\nThe possible case should be in f2fs_do_truncate_blocks(), we try to\ntruncate inode size to zero, however, dn.ofs_in_node is zero and\ndn.node_page is not an inode page, so it fails to truncate inode page,\nand then pass zeroed free_from to f2fs_truncate_inode_blocks(), result\nin this issue.\n\n\tif (dn.ofs_in_node || IS_INODE(dn.node_page)) {\n\t\tf2fs_truncate_data_blocks_range(&dn, count);\n\t\tfree_from += count;\n\t}\n\nI guess the reason why dn.node_page is not an inode page could be: there\nare multiple nat entries share the same node block address, once the node\nblock address was reused, f2fs_get_node_page() may load a non-inode block.\n\nLet's add a sanity check for such condition to avoid out-of-bounds access\nissue.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-37739" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/67e16ccba74dd8de0a7b10062f1e02d77432f573", "url": "https://git.kernel.org/stable/c/67e16ccba74dd8de0a7b10062f1e02d77432f573" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/6ba8b41d0aa4b82f90f0c416cb53fcef9696525d", "url": "https://git.kernel.org/stable/c/6ba8b41d0aa4b82f90f0c416cb53fcef9696525d" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/8b5e5aac44fee122947a269f9034c048e4c295de", "url": "https://git.kernel.org/stable/c/8b5e5aac44fee122947a269f9034c048e4c295de" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/98dbf2af63de0b551082c9bc48333910e009b09f", "url": "https://git.kernel.org/stable/c/98dbf2af63de0b551082c9bc48333910e009b09f" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a67e1bf03c609a751d1740a1789af25e599966fa", "url": "https://git.kernel.org/stable/c/a67e1bf03c609a751d1740a1789af25e599966fa" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/d7242fd7946d4cba0411effb6b5048ca55125747", "url": "https://git.kernel.org/stable/c/d7242fd7946d4cba0411effb6b5048ca55125747" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/e6494977bd4a83862118a05f57a8df40256951c0", "url": "https://git.kernel.org/stable/c/e6494977bd4a83862118a05f57a8df40256951c0" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/ecc461331604b07cdbdb7360dbdf78471653264c", "url": "https://git.kernel.org/stable/c/ecc461331604b07cdbdb7360dbdf78471653264c" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html", "url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html", "url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html" } ], "release_date": "2025-05-01T13:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-38212", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipc: fix to protect IPCS lookups using RCU\n\nsyzbot reported that it discovered a use-after-free vulnerability, [0]\n\n[0]: https://lore.kernel.org/all/67af13f8.050a0220.21dd3.0038.GAE@google.com/\n\nidr_for_each() is protected by rwsem, but this is not enough. If it is\nnot protected by RCU read-critical region, when idr_for_each() calls\nradix_tree_node_free() through call_rcu() to free the radix_tree_node\nstructure, the node will be freed immediately, and when reading the next\nnode in radix_tree_for_each_slot(), the already freed memory may be read.\n\nTherefore, we need to add code to make sure that idr_for_each() is\nprotected within the RCU read-critical region when we call it in\nshm_destroy_orphaned().", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-38212" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/5180561afff8e0f029073c8c8117c95c6512d1f9", "url": "https://git.kernel.org/stable/c/5180561afff8e0f029073c8c8117c95c6512d1f9" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/5f1e1573bf103303944fd7225559de5d8297539c", "url": "https://git.kernel.org/stable/c/5f1e1573bf103303944fd7225559de5d8297539c" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/68c173ea138b66d7dd1fd980c9bc578a18e11884", "url": "https://git.kernel.org/stable/c/68c173ea138b66d7dd1fd980c9bc578a18e11884" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/74bc813d11c30e28fc5261dc877cca662ccfac68", "url": "https://git.kernel.org/stable/c/74bc813d11c30e28fc5261dc877cca662ccfac68" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/78297d53d3878d43c1d627d20cd09f611fa4b91d", "url": "https://git.kernel.org/stable/c/78297d53d3878d43c1d627d20cd09f611fa4b91d" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/b0b6bf90ce2699a574b3683e22c44d0dcdd7a057", "url": "https://git.kernel.org/stable/c/b0b6bf90ce2699a574b3683e22c44d0dcdd7a057" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/b968ba8bfd9f90914957bbbd815413bf6a98eca7", "url": "https://git.kernel.org/stable/c/b968ba8bfd9f90914957bbbd815413bf6a98eca7" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/d66adabe91803ef34a8b90613c81267b5ded1472", "url": "https://git.kernel.org/stable/c/d66adabe91803ef34a8b90613c81267b5ded1472" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html" } ], "release_date": "2025-07-04T14:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2022-50229", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: bcd2000: Fix a UAF bug on the error path of probing\n\nWhen the driver fails in snd_card_register() at probe time, it will free\nthe 'bcd2k->midi_out_urb' before killing it, which may cause a UAF bug.\n\nThe following log can reveal it:\n\n[ 50.727020] BUG: KASAN: use-after-free in bcd2000_input_complete+0x1f1/0x2e0 [snd_bcd2000]\n[ 50.727623] Read of size 8 at addr ffff88810fab0e88 by task swapper/4/0\n[ 50.729530] Call Trace:\n[ 50.732899] bcd2000_input_complete+0x1f1/0x2e0 [snd_bcd2000]\n\nFix this by adding usb_kill_urb() before usb_free_urb().", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-50229" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/05e0bb8c3c4dde3e21b9c1cf9395afb04e8b24db", "url": "https://git.kernel.org/stable/c/05e0bb8c3c4dde3e21b9c1cf9395afb04e8b24db" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/1d6a246cf97c380f2da76591f03019dd9c9599c3", "url": "https://git.kernel.org/stable/c/1d6a246cf97c380f2da76591f03019dd9c9599c3" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/348620464a5c127399ac09b266f494f393661952", "url": "https://git.kernel.org/stable/c/348620464a5c127399ac09b266f494f393661952" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/4fc41f7ebb7efca282f1740ea934d16f33c1d109", "url": "https://git.kernel.org/stable/c/4fc41f7ebb7efca282f1740ea934d16f33c1d109" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/5e7338f4dd92b2f8915a82abfa1dd3ad3464bea0", "url": "https://git.kernel.org/stable/c/5e7338f4dd92b2f8915a82abfa1dd3ad3464bea0" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/64ca7f50ad96c2c65ae390b954925a36eabe04aa", "url": "https://git.kernel.org/stable/c/64ca7f50ad96c2c65ae390b954925a36eabe04aa" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a718eba7e458e2f40531be3c6b6a0028ca7fcace", "url": "https://git.kernel.org/stable/c/a718eba7e458e2f40531be3c6b6a0028ca7fcace" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/b0d4af0a4763ddc02344789ef2a281c494bc330d", "url": "https://git.kernel.org/stable/c/b0d4af0a4763ddc02344789ef2a281c494bc330d" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/ffb2759df7efbc00187bfd9d1072434a13a54139", "url": "https://git.kernel.org/stable/c/ffb2759df7efbc00187bfd9d1072434a13a54139" } ], "release_date": "2025-06-18T11:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-04-10T00:04:16.241593Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453", "product_ids": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1775779453" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-buildinfo-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-cloud-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-doc-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.all", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-headers-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-image-unsigned-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-libc-dev-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-modules-extra-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-source-4.4.0-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-generic-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-4.4.0-281-tuxcare.els51-lowlatency-0:4.4.0-281.315.amd64", "Ubuntu-16:linux-tools-common-0:4.4.0-281.315.all", "Ubuntu-16:linux-tools-host-0:4.4.0-281.315.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] } ] }