{ "document": { "aggregate_severity": { "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "TuxCare License Agreement", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Cloud Linux Inc. and provide a link to the original.", "title": "Terms of Use" }, { "category": "details", "text": "* CVE-2025-38699\n - scsi: bfa: Double-free fix {CVE-2025-38699}\n * CVE-2025-38697\n - jfs: upper bound check of tree index in dbAllocAG {CVE-2025-38697}\n * CVE-2025-39823\n - KVM: x86: use array_index_nospec with indices that come from guest\n {CVE-2025-39823}\n * CVE-2025-39689\n - ftrace: Also allocate and copy hash for reading of filter files\n {CVE-2025-39689}\n * CVE-2025-39749\n - rcu: Protect ->defer_qs_iw_pending from data race {CVE-2025-39749}\n * CVE-2025-38728\n - smb3: fix for slab out of bounds on mount to ksmbd {CVE-2025-38728}\n * CVE-2025-38676\n - iommu/amd: Avoid stack buffer overflow from kernel cmdline {CVE-2025-38676}\n * CVE-2025-38574\n - pptp: ensure minimal skb length in pptp_xmit() {CVE-2025-38574}\n * CVE-2025-38572\n - ipv6: reject malicious packets in ipv6_gso_segment() {CVE-2025-38572}\n * CVE-2025-38685\n - fbdev: Fix vmalloc out-of-bounds write in fast_imageblit {CVE-2025-38685}\n * CVE-2025-38563\n - vm_ops: rename .split() callback to .may_split() {CVE-2025-38563}\n - perf/core: Prevent VMA split of buffer mappings {CVE-2025-38563}\n * CVE-2025-38702\n - fbdev: fix potential buffer overflow in do_register_framebuffer()\n {CVE-2025-38702}\n * CVE-2025-39911\n - i40e: fix IRQ freeing in i40e_vsi_request_irq_msix error path\n {CVE-2025-39911}\n * CVE-2025-39971\n - i40e: fix idx validation in config queues msg {CVE-2025-39971}\n * CVE-2025-40154\n - ASoC: Intel: bytcr_rt5640: Fix invalid quirk input mapping {CVE-2025-40154}\n * CVE-2025-39973\n - i40e: increase max descriptors for XL710 {CVE-2025-39973}\n - i40e: add validation for ring_len param {CVE-2025-39973}\n * CVE-2022-49026\n - e100: Fix possible use after free in e100_xmit_prepare {CVE-2022-49026}\n * CVE-2025-38724\n - nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm()\n {CVE-2025-38724}\n * CVE-2025-39853\n - i40e: Fix potential invalid access when MAC list is empty {CVE-2025-39853}\n * CVE-2025-39860\n - Bluetooth: Fix use-after-free in l2cap_sock_cleanup_listen()\n {CVE-2025-39860}\n * CVE-2025-39891\n - wifi: mwifiex: Initialize the chan_stats array to zero {CVE-2025-39891}\n * CVE-2025-38530\n - comedi: pcl812: Fix bit shift out of bounds {CVE-2025-38530}\n * CVE-2025-38529\n - comedi: aio_iiro_16: Fix bit shift out of bounds {CVE-2025-38529}\n * CVE-2025-38497\n - usb: gadget: configfs: Fix OOB read on empty string write {CVE-2025-38497}\n * CVE-2025-38483\n - comedi: das16m1: Fix bit shift out of bounds {CVE-2025-38483}\n * CVE-2025-38482\n - comedi: das6402: Fix bit shift out of bounds {CVE-2025-38482}\n * CVE-2025-39702\n - ipv6: sr: Fix MAC comparison to be constant-time {CVE-2025-39702}\n * CVE-2025-39730\n - NFS: Fix filehandle bounds checking in nfs_fh_to_dentry() {CVE-2025-39730}\n * CVE-2025-39841\n - scsi: lpfc: Fix buffer free/clear order in deferred receive path\n {CVE-2025-39841}\n * CVE-2025-39817\n - efivarfs: Fix slab-out-of-bounds in efivarfs_d_compare {CVE-2025-39817}\n * CVE-2025-38494\n - HID: core: ensure the allocated report buffer can contain the reserved\n report ID {CVE-2025-38494}\n - HID: core: ensure __hid_request reserves the report ID as the first byte\n {CVE-2025-38494}\n - HID: core: do not bypass hid_hw_raw_request {CVE-2025-38494}\n * CVE-2025-39757\n - ALSA: usb-audio: Validate UAC3 cluster segment descriptors {CVE-2025-39757}\n * CVE-2025-38527\n - smb: client: fix use-after-free in cifs_oplock_break {CVE-2025-38527}\n * CVE-2023-52854\n - padata: Fix refcnt handling in padata_free_shell() {CVE-2023-52854}\n * CVE-2024-35867\n - smb: client: fix potential UAF in cifs_stats_proc_show() {CVE-2024-35867}\n * CVE-2024-50061\n - i3c: master: cdns: Fix use after free vulnerability in cdns_i3c_master\n Driver Due to Race Condition {CVE-2024-50061}\n * CVE-2025-39965\n - xfrm: Duplicate SPI Handling {CVE-2025-39965}\n * CVE-2025-22107\n - net: dsa: sja1105: fix kasan out-of-bounds warning in\n sja1105_table_delete_entry() {CVE-2025-22107}\n * CVE-2025-37928\n - dm-bufio: don't schedule in atomic context {CVE-2025-37928}\n * CVE-2025-37927\n - iommu/amd: Fix potential buffer overflow in parse_ivrs_acpihid\n {CVE-2025-37927}\n * CVE-2025-37915\n - net_sched: drr: Fix double list add in class with netem as child qdisc\n {CVE-2025-37915}\n * CVE-2025-37913\n - net_sched: qfq: Fix double list add in class with netem as child qdisc\n {CVE-2025-37913}\n * CVE-2025-37817\n - mcb: fix a double free bug in chameleon_parse_gdd() {CVE-2025-37817}\n * CVE-2025-38204\n - jfs: fix array-index-out-of-bounds read in add_missing_indices\n {CVE-2025-38204}\n * CVE-2025-38323\n - net: atm: add lec_mutex {CVE-2025-38323}\n * CVE-2025-38346\n - ftrace: Fix UAF when lookup kallsym after ftrace disabled {CVE-2025-38346}\n * CVE-2025-38348\n - wifi: p54: prevent buffer-overflow in p54_rx_eeprom_readback()\n {CVE-2025-38348}\n * CVE-2025-38415\n - Squashfs: check return result of sb_min_blocksize {CVE-2025-38415}\n * CVE-2025-38416\n - NFC: nci: uart: Set tty->disc_data only in success path {CVE-2025-38416}\n * CVE-2025-38428\n - Input: ims-pcu - check record size in ims_pcu_flash_firmware()\n {CVE-2025-38428}\n * CVE-2025-38102\n - VMCI: fix race between vmci_host_setup_notify and vmci_ctx_unset_notify\n {CVE-2025-38102}\n * CVE-2025-38245\n - atm: Release atm_dev_mutex after removing procfs in atm_dev_deregister().\n {CVE-2025-38245}\n * CVE-2025-38249\n - ALSA: usb-audio: Fix out-of-bounds read in snd_usb_get_audioformat_uac3()\n {CVE-2025-38249}\n * CVE-2025-38377\n - rose: fix dangling neighbour pointers in rose_rt_device_down()\n {CVE-2025-38377}\n * CVE-2025-38389\n - drm/i915/gt: Fix timeline left held on VMA alloc error {CVE-2025-38389}\n * CVE-2025-38395\n - regulator: gpio: Fix the out-of-bounds access to drvdata::gpiods\n {CVE-2025-38395}\n * CVE-2025-38401\n - mtk-sd: Prevent memory corruption from DMA map failure {CVE-2025-38401}\n * CVE-2025-38445\n - md/raid1: Fix stack memory use after return in raid1_reshape\n {CVE-2025-38445}\n * CVE-2025-38459\n - atm: clip: Fix infinite recursive call of clip_push(). {CVE-2025-38459}\n * CVE-2025-39863\n - wifi: brcmfmac: fix use-after-free when rescheduling brcmf_btcoex_info work\n {CVE-2025-39863}\n * CVE-2025-38068\n - crypto: lzo - Fix compression buffer overrun {CVE-2025-38068}\n * CVE-2025-21726\n - padata: avoid UAF for reorder_work {CVE-2025-21726}\n * CVE-2025-39760\n - usb: core: config: Prevent OOB read in SS endpoint companion parsing\n {CVE-2025-39760}\n * CVE-2022-49698\n - netfilter: use get_random_u32 instead of prandom {CVE-2022-49698}\n * CVE-2025-38198\n - fbcon: Introduce wrapper for console->fb_info lookup {CVE-2025-38198}\n - fbcon: Make sure modelist not set on unregistered console {CVE-2025-38198}\n * CVE-2025-38422\n - net: lan743x: Add support for 4 Tx queues {CVE-2025-38422}\n - net: lan743x: Modify the EEPROM and OTP size for PCI1xxxx devices\n {CVE-2025-38422}\n - net: lan743x: Add PCI11010 / PCI11414 device IDs {CVE-2025-38422}\n * CVE-2025-38375\n - virtio-net: ensure the received length does not exceed allocated size\n {CVE-2025-38375}\n * CVE-2025-39901\n - i40e: remove read access to debugfs files {CVE-2025-39901}\n * CVE-2025-39810\n - bnxt_en: Fix memory corruption when FW resources change during ifdown\n {CVE-2025-39810}\n * CVE-2025-39905\n - net: phylink: add lock for serializing concurrent pl->phydev writes with\n resolver {CVE-2025-39905}\n * CVE-2025-39993\n - media: imon: reorganize serialization {CVE-2025-39993}\n - media: rc: fix races with imon_disconnect() {CVE-2025-39993}\n * CVE-2025-39883\n - mm/memory-failure: fix VM_BUG_ON_PAGE(PagePoisoned(page)) when unpoison\n memory {CVE-2025-39883}\n * Miscellaneous upstream changes\n - net: atm: fix /proc/net/atm/lec handling {CVE-2025-38323}", "title": "Details" } ], "publisher": { "category": "vendor", "contact_details": "https://tuxcare.com/contact/", "name": "TuxCare", "namespace": "https://tuxcare.com/" }, "references": [ { "category": "self", "summary": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.tuxcare.com/csaf/v2/els_os/ubuntu20.04els/advisories/2026/clsa-2026_1772815097.json" } ], "tracking": { "current_release_date": "2026-03-06T16:49:13Z", "generator": { "date": "2026-03-06T16:49:13Z", "engine": { "name": "pyCSAF" } }, "id": "CLSA-2026:1772815097", "initial_release_date": "2026-03-06T16:49:13Z", "revision_history": [ { "date": "2026-03-06T16:49:13Z", "number": "1", "summary": "Initial version" } ], "status": "final", "version": "1" }, "title": "Fix of 72 CVEs" }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Ubuntu 20.04", "product": { "name": "Ubuntu 20.04", "product_id": "Ubuntu-20", "product_identification_helper": { "cpe": "cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*" } } } ], "category": "product_family", "name": "Ubuntu" } ], "category": "vendor", "name": "Canonical Ltd." }, { "branches": [ { "branches": [ { "category": "product_version", "name": "linux-libc-dev-0:5.4.0-225.245.amd64", "product": { "name": "linux-libc-dev-0:5.4.0-225.245.amd64", "product_id": "linux-libc-dev-0:5.4.0-225.245.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/linux-libc-dev@5.4.0-225.245?arch=amd64" } } }, { "category": "product_version", "name": "linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "product": { "name": "linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "product_id": "linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/linux-tools-5.4.0-225-tuxcare.els7-lowlatency@5.4.0-225.245?arch=amd64" } } }, { "category": "product_version", "name": "linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "product": { "name": "linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "product_id": "linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/linux-headers-5.4.0-225-tuxcare.els7-generic@5.4.0-225.245?arch=amd64" } } }, { "category": "product_version", "name": "linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "product": { "name": "linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "product_id": "linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/linux-modules-extra-5.4.0-225-tuxcare.els7-generic@5.4.0-225.245?arch=amd64" } } }, { "category": "product_version", "name": "linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "product": { "name": "linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "product_id": "linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/linux-modules-5.4.0-225-tuxcare.els7-generic@5.4.0-225.245?arch=amd64" } } }, { "category": "product_version", "name": "linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "product": { "name": "linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "product_id": "linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/linux-modules-5.4.0-225-tuxcare.els7-lowlatency@5.4.0-225.245?arch=amd64" } } }, { "category": "product_version", "name": "linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "product": { "name": "linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "product_id": "linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/linux-buildinfo-5.4.0-225-tuxcare.els7-generic@5.4.0-225.245?arch=amd64" } } }, { "category": "product_version", "name": "linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "product": { "name": "linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "product_id": "linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/linux-headers-5.4.0-225-tuxcare.els7-lowlatency@5.4.0-225.245?arch=amd64" } } }, { "category": "product_version", "name": "linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "product": { "name": "linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "product_id": "linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/linux-tools-5.4.0-225-tuxcare.els7@5.4.0-225.245?arch=amd64" } } }, { "category": "product_version", "name": "linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "product": { "name": "linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "product_id": "linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/linux-cloud-tools-5.4.0-225-tuxcare.els7@5.4.0-225.245?arch=amd64" } } }, { "category": "product_version", "name": "linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "product": { "name": "linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "product_id": "linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/linux-tools-5.4.0-225-tuxcare.els7-generic@5.4.0-225.245?arch=amd64" } } }, { "category": "product_version", "name": "linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "product": { "name": "linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "product_id": "linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/linux-cloud-tools-5.4.0-225-tuxcare.els7-generic@5.4.0-225.245?arch=amd64" } } }, { "category": "product_version", "name": "linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "product": { "name": "linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "product_id": "linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency@5.4.0-225.245?arch=amd64" } } }, { "category": "product_version", "name": "linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "product": { "name": "linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "product_id": "linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency@5.4.0-225.245?arch=amd64" } } }, { "category": "product_version", "name": "linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "product": { "name": "linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "product_id": "linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency@5.4.0-225.245?arch=amd64" } } }, { "category": "product_version", "name": "linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "product": { "name": "linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "product_id": "linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/linux-image-unsigned-5.4.0-225-tuxcare.els7-generic@5.4.0-225.245?arch=amd64" } } } ], "category": "architecture", "name": "amd64" }, { "branches": [ { "category": "product_version", "name": "linux-doc-0:5.4.0-225.245.all", "product": { "name": "linux-doc-0:5.4.0-225.245.all", "product_id": "linux-doc-0:5.4.0-225.245.all", "product_identification_helper": { "purl": "pkg:deb/tuxcare/linux-doc@5.4.0-225.245?arch=all" } } }, { "category": "product_version", "name": "linux-source-5.4.0-0:5.4.0-225.245.all", "product": { "name": "linux-source-5.4.0-0:5.4.0-225.245.all", "product_id": "linux-source-5.4.0-0:5.4.0-225.245.all", "product_identification_helper": { "purl": "pkg:deb/tuxcare/linux-source-5.4.0@5.4.0-225.245?arch=all" } } }, { "category": "product_version", "name": "linux-tools-common-0:5.4.0-225.245.all", "product": { "name": "linux-tools-common-0:5.4.0-225.245.all", "product_id": "linux-tools-common-0:5.4.0-225.245.all", "product_identification_helper": { "purl": "pkg:deb/tuxcare/linux-tools-common@5.4.0-225.245?arch=all" } } }, { "category": "product_version", "name": "linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "product": { "name": "linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "product_id": "linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "product_identification_helper": { "purl": "pkg:deb/tuxcare/linux-headers-5.4.0-225-tuxcare.els7@5.4.0-225.245?arch=all" } } }, { "category": "product_version", "name": "linux-tools-host-0:5.4.0-225.245.all", "product": { "name": "linux-tools-host-0:5.4.0-225.245.all", "product_id": "linux-tools-host-0:5.4.0-225.245.all", "product_identification_helper": { "purl": "pkg:deb/tuxcare/linux-tools-host@5.4.0-225.245?arch=all" } } }, { "category": "product_version", "name": "linux-cloud-tools-common-0:5.4.0-225.245.all", "product": { "name": "linux-cloud-tools-common-0:5.4.0-225.245.all", "product_id": "linux-cloud-tools-common-0:5.4.0-225.245.all", "product_identification_helper": { "purl": "pkg:deb/tuxcare/linux-cloud-tools-common@5.4.0-225.245?arch=all" } } } ], "category": "architecture", "name": "all" } ], "category": "vendor", "name": "TuxCare" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "linux-libc-dev-0:5.4.0-225.245.amd64 as a component of Ubuntu 20.04", "product_id": "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64" }, "product_reference": "linux-libc-dev-0:5.4.0-225.245.amd64", "relates_to_product_reference": "Ubuntu-20" }, { "category": "default_component_of", "full_product_name": { "name": "linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64 as a component of Ubuntu 20.04", "product_id": "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64" }, "product_reference": "linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "relates_to_product_reference": "Ubuntu-20" }, { "category": "default_component_of", "full_product_name": { "name": "linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64 as a component of Ubuntu 20.04", "product_id": "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64" }, "product_reference": "linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "relates_to_product_reference": "Ubuntu-20" }, { "category": "default_component_of", "full_product_name": { "name": "linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64 as a component of Ubuntu 20.04", "product_id": "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64" }, "product_reference": "linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "relates_to_product_reference": "Ubuntu-20" }, { "category": "default_component_of", "full_product_name": { "name": "linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64 as a component of Ubuntu 20.04", "product_id": "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64" }, "product_reference": "linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "relates_to_product_reference": "Ubuntu-20" }, { "category": "default_component_of", "full_product_name": { "name": "linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64 as a component of Ubuntu 20.04", "product_id": "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64" }, "product_reference": "linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "relates_to_product_reference": "Ubuntu-20" }, { "category": "default_component_of", "full_product_name": { "name": "linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64 as a component of Ubuntu 20.04", "product_id": "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64" }, "product_reference": "linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "relates_to_product_reference": "Ubuntu-20" }, { "category": "default_component_of", "full_product_name": { "name": "linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64 as a component of Ubuntu 20.04", "product_id": "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64" }, "product_reference": "linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "relates_to_product_reference": "Ubuntu-20" }, { "category": "default_component_of", "full_product_name": { "name": "linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64 as a component of Ubuntu 20.04", "product_id": "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64" }, "product_reference": "linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "relates_to_product_reference": "Ubuntu-20" }, { "category": "default_component_of", "full_product_name": { "name": "linux-doc-0:5.4.0-225.245.all as a component of Ubuntu 20.04", "product_id": "Ubuntu-20:linux-doc-0:5.4.0-225.245.all" }, "product_reference": "linux-doc-0:5.4.0-225.245.all", "relates_to_product_reference": "Ubuntu-20" }, { "category": "default_component_of", "full_product_name": { "name": "linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64 as a component of Ubuntu 20.04", "product_id": "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64" }, "product_reference": "linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "relates_to_product_reference": "Ubuntu-20" }, { "category": "default_component_of", "full_product_name": { "name": "linux-source-5.4.0-0:5.4.0-225.245.all as a component of Ubuntu 20.04", "product_id": "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all" }, "product_reference": "linux-source-5.4.0-0:5.4.0-225.245.all", "relates_to_product_reference": "Ubuntu-20" }, { "category": "default_component_of", "full_product_name": { "name": "linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64 as a component of Ubuntu 20.04", "product_id": "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64" }, "product_reference": "linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "relates_to_product_reference": "Ubuntu-20" }, { "category": "default_component_of", "full_product_name": { "name": "linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64 as a component of Ubuntu 20.04", "product_id": "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64" }, "product_reference": "linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "relates_to_product_reference": "Ubuntu-20" }, { "category": "default_component_of", "full_product_name": { "name": "linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64 as a component of Ubuntu 20.04", "product_id": "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64" }, "product_reference": "linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "relates_to_product_reference": "Ubuntu-20" }, { "category": "default_component_of", "full_product_name": { "name": "linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64 as a component of Ubuntu 20.04", "product_id": "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64" }, "product_reference": "linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "relates_to_product_reference": "Ubuntu-20" }, { "category": "default_component_of", "full_product_name": { "name": "linux-tools-common-0:5.4.0-225.245.all as a component of Ubuntu 20.04", "product_id": "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all" }, "product_reference": "linux-tools-common-0:5.4.0-225.245.all", "relates_to_product_reference": "Ubuntu-20" }, { "category": "default_component_of", "full_product_name": { "name": "linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all as a component of Ubuntu 20.04", "product_id": "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all" }, "product_reference": "linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "relates_to_product_reference": "Ubuntu-20" }, { "category": "default_component_of", "full_product_name": { "name": "linux-tools-host-0:5.4.0-225.245.all as a component of Ubuntu 20.04", "product_id": "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" }, "product_reference": "linux-tools-host-0:5.4.0-225.245.all", "relates_to_product_reference": "Ubuntu-20" }, { "category": "default_component_of", "full_product_name": { "name": "linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64 as a component of Ubuntu 20.04", "product_id": "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64" }, "product_reference": "linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "relates_to_product_reference": "Ubuntu-20" }, { "category": "default_component_of", "full_product_name": { "name": "linux-cloud-tools-common-0:5.4.0-225.245.all as a component of Ubuntu 20.04", "product_id": "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all" }, "product_reference": "linux-cloud-tools-common-0:5.4.0-225.245.all", "relates_to_product_reference": "Ubuntu-20" }, { "category": "default_component_of", "full_product_name": { "name": "linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64 as a component of Ubuntu 20.04", "product_id": "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64" }, "product_reference": "linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "relates_to_product_reference": "Ubuntu-20" } ] }, "vulnerabilities": [ { "cve": "CVE-2025-38348", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: p54: prevent buffer-overflow in p54_rx_eeprom_readback()\n\nRobert Morris reported:\n\n|If a malicious USB device pretends to be an Intersil p54 wifi\n|interface and generates an eeprom_readback message with a large\n|eeprom->v1.len, p54_rx_eeprom_readback() will copy data from the\n|message beyond the end of priv->eeprom.\n|\n|static void p54_rx_eeprom_readback(struct p54_common *priv,\n| struct sk_buff *skb)\n|{\n| struct p54_hdr *hdr = (struct p54_hdr *) skb->data;\n| struct p54_eeprom_lm86 *eeprom = (struct p54_eeprom_lm86 *) hdr->data;\n|\n| if (priv->fw_var >= 0x509) {\n| memcpy(priv->eeprom, eeprom->v2.data,\n| le16_to_cpu(eeprom->v2.len));\n| } else {\n| memcpy(priv->eeprom, eeprom->v1.data,\n| le16_to_cpu(eeprom->v1.len));\n| }\n| [...]\n\nThe eeprom->v{1,2}.len is set by the driver in p54_download_eeprom().\nThe device is supposed to provide the same length back to the driver.\nBut yes, it's possible (like shown in the report) to alter the value\nto something that causes a crash/panic due to overrun.\n\nThis patch addresses the issue by adding the size to the common device\ncontext, so p54_rx_eeprom_readback no longer relies on possibly tampered\nvalues... That said, it also checks if the \"firmware\" altered the value\nand no longer copies them.\n\nThe one, small saving grace is: Before the driver tries to read the eeprom,\nit needs to upload >a< firmware. the vendor firmware has a proprietary\nlicense and as a reason, it is not present on most distributions by\ndefault.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-38348" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/0e4dc150423b829c35cbcf399481ca11594fc036", "url": "https://git.kernel.org/stable/c/0e4dc150423b829c35cbcf399481ca11594fc036" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/12134f79e53eb56b0b0b7447fa0c512acf6a8422", "url": "https://git.kernel.org/stable/c/12134f79e53eb56b0b0b7447fa0c512acf6a8422" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/1f7f8168abe8cbe845ab8bb557228d44784a6b57", "url": "https://git.kernel.org/stable/c/1f7f8168abe8cbe845ab8bb557228d44784a6b57" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/6d05390d20f110de37d051a3e063ef0a542d01fb", "url": "https://git.kernel.org/stable/c/6d05390d20f110de37d051a3e063ef0a542d01fb" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/714afb4c38edd19a057d519c1f9c5d164b43de94", "url": "https://git.kernel.org/stable/c/714afb4c38edd19a057d519c1f9c5d164b43de94" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/9701f842031b825e2fd5f22d064166f8f13f6e4d", "url": "https://git.kernel.org/stable/c/9701f842031b825e2fd5f22d064166f8f13f6e4d" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/da1b9a55ff116cb040528ef664c70a4eec03ae99", "url": "https://git.kernel.org/stable/c/da1b9a55ff116cb040528ef664c70a4eec03ae99" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/f39b2f8c1549a539846e083790fad396ef6cd802", "url": "https://git.kernel.org/stable/c/f39b2f8c1549a539846e083790fad396ef6cd802" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html" } ], "release_date": "2025-07-10T09:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-38572", "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: reject malicious packets in ipv6_gso_segment()\n\nsyzbot was able to craft a packet with very long IPv6 extension headers\nleading to an overflow of skb->transport_header.\n\nThis 16bit field has a limited range.\n\nAdd skb_reset_transport_header_careful() helper and use it\nfrom ipv6_gso_segment()\n\nWARNING: CPU: 0 PID: 5871 at ./include/linux/skbuff.h:3032 skb_reset_transport_header include/linux/skbuff.h:3032 [inline]\nWARNING: CPU: 0 PID: 5871 at ./include/linux/skbuff.h:3032 ipv6_gso_segment+0x15e2/0x21e0 net/ipv6/ip6_offload.c:151\nModules linked in:\nCPU: 0 UID: 0 PID: 5871 Comm: syz-executor211 Not tainted 6.16.0-rc6-syzkaller-g7abc678e3084 #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025\n RIP: 0010:skb_reset_transport_header include/linux/skbuff.h:3032 [inline]\n RIP: 0010:ipv6_gso_segment+0x15e2/0x21e0 net/ipv6/ip6_offload.c:151\nCall Trace:\n \n skb_mac_gso_segment+0x31c/0x640 net/core/gso.c:53\n nsh_gso_segment+0x54a/0xe10 net/nsh/nsh.c:110\n skb_mac_gso_segment+0x31c/0x640 net/core/gso.c:53\n __skb_gso_segment+0x342/0x510 net/core/gso.c:124\n skb_gso_segment include/net/gso.h:83 [inline]\n validate_xmit_skb+0x857/0x11b0 net/core/dev.c:3950\n validate_xmit_skb_list+0x84/0x120 net/core/dev.c:4000\n sch_direct_xmit+0xd3/0x4b0 net/sched/sch_generic.c:329\n __dev_xmit_skb net/core/dev.c:4102 [inline]\n __dev_queue_xmit+0x17b6/0x3a70 net/core/dev.c:4679", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-38572" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/09ff062b89d8e48165247d677d1ca23d6d607e9b", "url": "https://git.kernel.org/stable/c/09ff062b89d8e48165247d677d1ca23d6d607e9b" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/3f638e0b28bde7c3354a0df938ab3a96739455d1", "url": "https://git.kernel.org/stable/c/3f638e0b28bde7c3354a0df938ab3a96739455d1" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/5489e7fc6f8be3062f8cb7e49406de4bfd94db67", "url": "https://git.kernel.org/stable/c/5489e7fc6f8be3062f8cb7e49406de4bfd94db67" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/573b8250fc2554761db3bc2bbdbab23789d52d4e", "url": "https://git.kernel.org/stable/c/573b8250fc2554761db3bc2bbdbab23789d52d4e" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/5dc60b2a00ed7629214ac0c48e43f40af2078703", "url": "https://git.kernel.org/stable/c/5dc60b2a00ed7629214ac0c48e43f40af2078703" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/d45cf1e7d7180256e17c9ce88e32e8061a7887fe", "url": "https://git.kernel.org/stable/c/d45cf1e7d7180256e17c9ce88e32e8061a7887fe" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/de322cdf600fc9433845a9e944d1ca6b31cfb67e", "url": "https://git.kernel.org/stable/c/de322cdf600fc9433845a9e944d1ca6b31cfb67e" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/ee851768e4b8371ce151fd446d24bf3ae2d18789", "url": "https://git.kernel.org/stable/c/ee851768e4b8371ce151fd446d24bf3ae2d18789" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/ef05007b403dcc21e701cb1f30d4572ac0a9da20", "url": "https://git.kernel.org/stable/c/ef05007b403dcc21e701cb1f30d4572ac0a9da20" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html" } ], "release_date": "2025-08-19T17:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-38563", "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/core: Prevent VMA split of buffer mappings\n\nThe perf mmap code is careful about mmap()'ing the user page with the\nringbuffer and additionally the auxiliary buffer, when the event supports\nit. Once the first mapping is established, subsequent mapping have to use\nthe same offset and the same size in both cases. The reference counting for\nthe ringbuffer and the auxiliary buffer depends on this being correct.\n\nThough perf does not prevent that a related mapping is split via mmap(2),\nmunmap(2) or mremap(2). A split of a VMA results in perf_mmap_open() calls,\nwhich take reference counts, but then the subsequent perf_mmap_close()\ncalls are not longer fulfilling the offset and size checks. This leads to\nreference count leaks.\n\nAs perf already has the requirement for subsequent mappings to match the\ninitial mapping, the obvious consequence is that VMA splits, caused by\nresizing of a mapping or partial unmapping, have to be prevented.\n\nImplement the vm_operations_struct::may_split() callback and return\nunconditionally -EINVAL.\n\nThat ensures that the mapping offsets and sizes cannot be changed after the\nfact. Remapping to a different fixed address with the same size is still\npossible as it takes the references for the new mapping and drops those of\nthe old mapping.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-38563" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/3bd518cc7ea61076bcd725e36ff0e690754977c0", "url": "https://git.kernel.org/stable/c/3bd518cc7ea61076bcd725e36ff0e690754977c0" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/65311aad4c808bedad0c05d9bb8b06c47dae73eb", "url": "https://git.kernel.org/stable/c/65311aad4c808bedad0c05d9bb8b06c47dae73eb" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/6757a31a8e295ae4f01717a954afda173f25a121", "url": "https://git.kernel.org/stable/c/6757a31a8e295ae4f01717a954afda173f25a121" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/7b84cb58d1f0aa07656802eae24689566e5f5b1b", "url": "https://git.kernel.org/stable/c/7b84cb58d1f0aa07656802eae24689566e5f5b1b" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/b024d7b56c77191cde544f838debb7f8451cd0d6", "url": "https://git.kernel.org/stable/c/b024d7b56c77191cde544f838debb7f8451cd0d6" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/d52451a9210f2e5a079ba052918c93563518a9ff", "url": "https://git.kernel.org/stable/c/d52451a9210f2e5a079ba052918c93563518a9ff" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/e4346ffec2c44d6b0be834d59b20632b5bb5729e", "url": "https://git.kernel.org/stable/c/e4346ffec2c44d6b0be834d59b20632b5bb5729e" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/e529888b7e8092912dd8789bdfc76685ccd2ff5f", "url": "https://git.kernel.org/stable/c/e529888b7e8092912dd8789bdfc76685ccd2ff5f" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/ff668930871e0198c7f4e325058b8b7c286787bd", "url": "https://git.kernel.org/stable/c/ff668930871e0198c7f4e325058b8b7c286787bd" }, { "category": "external", "summary": "https://www.zerodayinitiative.com/advisories/ZDI-25-873/", "url": "https://www.zerodayinitiative.com/advisories/ZDI-25-873/" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html" } ], "release_date": "2025-08-19T17:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-39730", "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFS: Fix filehandle bounds checking in nfs_fh_to_dentry()\n\nThe function needs to check the minimal filehandle length before it can\naccess the embedded filehandle.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-39730" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/12ad3def2e5e0b120e3d0cb6ce8b7b796819ad40", "url": "https://git.kernel.org/stable/c/12ad3def2e5e0b120e3d0cb6ce8b7b796819ad40" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/2ad40b7992aa26bc631afc1a995b0e3ddc30de3f", "url": "https://git.kernel.org/stable/c/2ad40b7992aa26bc631afc1a995b0e3ddc30de3f" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/3570ef5c31314c13274c935a20b91768ab5bf412", "url": "https://git.kernel.org/stable/c/3570ef5c31314c13274c935a20b91768ab5bf412" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/763810bb883cb4de412a72f338d80947d97df67b", "url": "https://git.kernel.org/stable/c/763810bb883cb4de412a72f338d80947d97df67b" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/7dd36f7477d1e03a1fcf8d13531ca326c4fb599f", "url": "https://git.kernel.org/stable/c/7dd36f7477d1e03a1fcf8d13531ca326c4fb599f" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/7f8eca87fef7519e9c41f3258f25ebc2752247ee", "url": "https://git.kernel.org/stable/c/7f8eca87fef7519e9c41f3258f25ebc2752247ee" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/b7f7866932466332a2528fda099000b035303485", "url": "https://git.kernel.org/stable/c/b7f7866932466332a2528fda099000b035303485" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/cb09afa0948d96b1e385d609ed044bb1aa043536", "url": "https://git.kernel.org/stable/c/cb09afa0948d96b1e385d609ed044bb1aa043536" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/ef93a685e01a281b5e2a25ce4e3428cf9371a205", "url": "https://git.kernel.org/stable/c/ef93a685e01a281b5e2a25ce4e3428cf9371a205" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html" } ], "release_date": "2025-09-07T16:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-39689", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nftrace: Also allocate and copy hash for reading of filter files\n\nCurrently the reader of set_ftrace_filter and set_ftrace_notrace just adds\nthe pointer to the global tracer hash to its iterator. Unlike the writer\nthat allocates a copy of the hash, the reader keeps the pointer to the\nfilter hashes. This is problematic because this pointer is static across\nfunction calls that release the locks that can update the global tracer\nhashes. This can cause UAF and similar bugs.\n\nAllocate and copy the hash for reading the filter files like it is done\nfor the writers. This not only fixes UAF bugs, but also makes the code a\nbit simpler as it doesn't have to differentiate when to free the\niterator's hash between writers and readers.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-39689" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/12064e1880fc9202be75ff668205b1703d92f74f", "url": "https://git.kernel.org/stable/c/12064e1880fc9202be75ff668205b1703d92f74f" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/3b114a3282ab1a12cb4618a8f45db5d7185e784a", "url": "https://git.kernel.org/stable/c/3b114a3282ab1a12cb4618a8f45db5d7185e784a" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/64db338140d2bad99a0a8c6a118dd60b3e1fb8cb", "url": "https://git.kernel.org/stable/c/64db338140d2bad99a0a8c6a118dd60b3e1fb8cb" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a40c69f4f1ed96acbcd62e9b5ff3a596f0a91309", "url": "https://git.kernel.org/stable/c/a40c69f4f1ed96acbcd62e9b5ff3a596f0a91309" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/bfb336cf97df7b37b2b2edec0f69773e06d11955", "url": "https://git.kernel.org/stable/c/bfb336cf97df7b37b2b2edec0f69773e06d11955" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c4cd93811e038d19f961985735ef7bb128078dfb", "url": "https://git.kernel.org/stable/c/c4cd93811e038d19f961985735ef7bb128078dfb" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c591ba1acd081d4980713e47869dd1cc3d963d19", "url": "https://git.kernel.org/stable/c/c591ba1acd081d4980713e47869dd1cc3d963d19" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/e0b6b223167e1edde5c82edf38e393c06eda1f13", "url": "https://git.kernel.org/stable/c/e0b6b223167e1edde5c82edf38e393c06eda1f13" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html" } ], "release_date": "2025-09-05T18:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-38377", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrose: fix dangling neighbour pointers in rose_rt_device_down()\n\nThere are two bugs in rose_rt_device_down() that can cause\nuse-after-free:\n\n1. The loop bound `t->count` is modified within the loop, which can\n cause the loop to terminate early and miss some entries.\n\n2. When removing an entry from the neighbour array, the subsequent entries\n are moved up to fill the gap, but the loop index `i` is still\n incremented, causing the next entry to be skipped.\n\nFor example, if a node has three neighbours (A, A, B) with count=3 and A\nis being removed, the second A is not checked.\n\n i=0: (A, A, B) -> (A, B) with count=2\n ^ checked\n i=1: (A, B) -> (A, B) with count=2\n ^ checked (B, not A!)\n i=2: (doesn't occur because i < count is false)\n\nThis leaves the second A in the array with count=2, but the rose_neigh\nstructure has been freed. Code that accesses these entries assumes that\nthe first `count` entries are valid pointers, causing a use-after-free\nwhen it accesses the dangling pointer.\n\nFix both issues by iterating over the array in reverse order with a fixed\nloop bound. This ensures that all entries are examined and that the removal\nof an entry doesn't affect subsequent iterations.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-38377" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/2b952dbb32fef835756f07ff0cd77efbb836dfea", "url": "https://git.kernel.org/stable/c/2b952dbb32fef835756f07ff0cd77efbb836dfea" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/2c6c82ee074bfcfd1bc978ec45bfea37703d840a", "url": "https://git.kernel.org/stable/c/2c6c82ee074bfcfd1bc978ec45bfea37703d840a" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/34a500caf48c47d5171f4aa1f237da39b07c6157", "url": "https://git.kernel.org/stable/c/34a500caf48c47d5171f4aa1f237da39b07c6157" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/446ac00b86be1670838e513b643933d78837d8db", "url": "https://git.kernel.org/stable/c/446ac00b86be1670838e513b643933d78837d8db" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/7a1841c9609377e989ec41c16551309ce79c39e4", "url": "https://git.kernel.org/stable/c/7a1841c9609377e989ec41c16551309ce79c39e4" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/94e0918e39039c47ddceb609500817f7266be756", "url": "https://git.kernel.org/stable/c/94e0918e39039c47ddceb609500817f7266be756" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/b6b232e16e08c6dc120672b4753392df0d28c1b4", "url": "https://git.kernel.org/stable/c/b6b232e16e08c6dc120672b4753392df0d28c1b4" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/fe62a35fb1f77f494ed534fc69a9043dc5a30ce1", "url": "https://git.kernel.org/stable/c/fe62a35fb1f77f494ed534fc69a9043dc5a30ce1" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html" } ], "release_date": "2025-07-25T13:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-39749", "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrcu: Protect ->defer_qs_iw_pending from data race\n\nOn kernels built with CONFIG_IRQ_WORK=y, when rcu_read_unlock() is\ninvoked within an interrupts-disabled region of code [1], it will invoke\nrcu_read_unlock_special(), which uses an irq-work handler to force the\nsystem to notice when the RCU read-side critical section actually ends.\nThat end won't happen until interrupts are enabled at the soonest.\n\nIn some kernels, such as those booted with rcutree.use_softirq=y, the\nirq-work handler is used unconditionally.\n\nThe per-CPU rcu_data structure's ->defer_qs_iw_pending field is\nupdated by the irq-work handler and is both read and updated by\nrcu_read_unlock_special(). This resulted in the following KCSAN splat:\n\n------------------------------------------------------------------------\n\nBUG: KCSAN: data-race in rcu_preempt_deferred_qs_handler / rcu_read_unlock_special\n\nread to 0xffff96b95f42d8d8 of 1 bytes by task 90 on cpu 8:\n rcu_read_unlock_special+0x175/0x260\n __rcu_read_unlock+0x92/0xa0\n rt_spin_unlock+0x9b/0xc0\n __local_bh_enable+0x10d/0x170\n __local_bh_enable_ip+0xfb/0x150\n rcu_do_batch+0x595/0xc40\n rcu_cpu_kthread+0x4e9/0x830\n smpboot_thread_fn+0x24d/0x3b0\n kthread+0x3bd/0x410\n ret_from_fork+0x35/0x40\n ret_from_fork_asm+0x1a/0x30\n\nwrite to 0xffff96b95f42d8d8 of 1 bytes by task 88 on cpu 8:\n rcu_preempt_deferred_qs_handler+0x1e/0x30\n irq_work_single+0xaf/0x160\n run_irq_workd+0x91/0xc0\n smpboot_thread_fn+0x24d/0x3b0\n kthread+0x3bd/0x410\n ret_from_fork+0x35/0x40\n ret_from_fork_asm+0x1a/0x30\n\nno locks held by irq_work/8/88.\nirq event stamp: 200272\nhardirqs last enabled at (200272): [] finish_task_switch+0x131/0x320\nhardirqs last disabled at (200271): [] __schedule+0x129/0xd70\nsoftirqs last enabled at (0): [] copy_process+0x4df/0x1cc0\nsoftirqs last disabled at (0): [<0000000000000000>] 0x0\n\n------------------------------------------------------------------------\n\nThe problem is that irq-work handlers run with interrupts enabled, which\nmeans that rcu_preempt_deferred_qs_handler() could be interrupted,\nand that interrupt handler might contain an RCU read-side critical\nsection, which might invoke rcu_read_unlock_special(). In the strict\nKCSAN mode of operation used by RCU, this constitutes a data race on\nthe ->defer_qs_iw_pending field.\n\nThis commit therefore disables interrupts across the portion of the\nrcu_preempt_deferred_qs_handler() that updates the ->defer_qs_iw_pending\nfield. This suffices because this handler is not a fast path.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-39749" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/0ad84d62217488e679ecc90e8628980dcc003de3", "url": "https://git.kernel.org/stable/c/0ad84d62217488e679ecc90e8628980dcc003de3" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/55e11f6776798b27cf09a7aa0d718415d4fc9cf5", "url": "https://git.kernel.org/stable/c/55e11f6776798b27cf09a7aa0d718415d4fc9cf5" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/74f58f382a7c8333f8d09701aefaa25913bdbe0e", "url": "https://git.kernel.org/stable/c/74f58f382a7c8333f8d09701aefaa25913bdbe0e" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/90c09d57caeca94e6f3f87c49e96a91edd40cbfd", "url": "https://git.kernel.org/stable/c/90c09d57caeca94e6f3f87c49e96a91edd40cbfd" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/90de9c94ea72327cfa9c2c9f6113c23a513af60b", "url": "https://git.kernel.org/stable/c/90de9c94ea72327cfa9c2c9f6113c23a513af60b" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/b55947b725f190396f475d5d0c59aa855a4d8895", "url": "https://git.kernel.org/stable/c/b55947b725f190396f475d5d0c59aa855a4d8895" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/b5de8d80b5d049f051b95d9b1ee50ae4ab656124", "url": "https://git.kernel.org/stable/c/b5de8d80b5d049f051b95d9b1ee50ae4ab656124" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/e35e711c78c8a4c43330c0dcb1c4d507a19c20f4", "url": "https://git.kernel.org/stable/c/e35e711c78c8a4c43330c0dcb1c4d507a19c20f4" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/f937759c7432d6151b73e1393b6517661813d506", "url": "https://git.kernel.org/stable/c/f937759c7432d6151b73e1393b6517661813d506" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html" } ], "release_date": "2025-09-11T17:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-39823", "cwe": { "id": "CWE-129", "name": "Improper Validation of Array Index" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86: use array_index_nospec with indices that come from guest\n\nmin and dest_id are guest-controlled indices. Using array_index_nospec()\nafter the bounds checks clamps these values to mitigate speculative execution\nside-channels.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-39823" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/31a0ad2f60cb4816e06218b63e695eb72ce74974", "url": "https://git.kernel.org/stable/c/31a0ad2f60cb4816e06218b63e695eb72ce74974" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/33e974c2d5a82b2f9d9ba0ad9cbaabc1c8e3985f", "url": "https://git.kernel.org/stable/c/33e974c2d5a82b2f9d9ba0ad9cbaabc1c8e3985f" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/67a05679621b7f721bdba37a5d18665d3aceb695", "url": "https://git.kernel.org/stable/c/67a05679621b7f721bdba37a5d18665d3aceb695" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/72777fc31aa7ab2ce00f44bfa3929c6eabbeaf48", "url": "https://git.kernel.org/stable/c/72777fc31aa7ab2ce00f44bfa3929c6eabbeaf48" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c87bd4dd43a624109c3cc42d843138378a7f4548", "url": "https://git.kernel.org/stable/c/c87bd4dd43a624109c3cc42d843138378a7f4548" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/d51e381beed5e2f50f85f49f6c90e023754efa12", "url": "https://git.kernel.org/stable/c/d51e381beed5e2f50f85f49f6c90e023754efa12" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/f49161646e03d107ce81a99c6ca5da682fe5fb69", "url": "https://git.kernel.org/stable/c/f49161646e03d107ce81a99c6ca5da682fe5fb69" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/f57a4bd8d6cb5af05b8ac1be9098e249034639fb", "url": "https://git.kernel.org/stable/c/f57a4bd8d6cb5af05b8ac1be9098e249034639fb" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html" } ], "release_date": "2025-09-16T13:16:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-39911", "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni40e: fix IRQ freeing in i40e_vsi_request_irq_msix error path\n\nIf request_irq() in i40e_vsi_request_irq_msix() fails in an iteration\nlater than the first, the error path wants to free the IRQs requested\nso far. However, it uses the wrong dev_id argument for free_irq(), so\nit does not free the IRQs correctly and instead triggers the warning:\n\n Trying to free already-free IRQ 173\n WARNING: CPU: 25 PID: 1091 at kernel/irq/manage.c:1829 __free_irq+0x192/0x2c0\n Modules linked in: i40e(+) [...]\n CPU: 25 UID: 0 PID: 1091 Comm: NetworkManager Not tainted 6.17.0-rc1+ #1 PREEMPT(lazy)\n Hardware name: [...]\n RIP: 0010:__free_irq+0x192/0x2c0\n [...]\n Call Trace:\n \n free_irq+0x32/0x70\n i40e_vsi_request_irq_msix.cold+0x63/0x8b [i40e]\n i40e_vsi_request_irq+0x79/0x80 [i40e]\n i40e_vsi_open+0x21f/0x2f0 [i40e]\n i40e_open+0x63/0x130 [i40e]\n __dev_open+0xfc/0x210\n __dev_change_flags+0x1fc/0x240\n netif_change_flags+0x27/0x70\n do_setlink.isra.0+0x341/0xc70\n rtnl_newlink+0x468/0x860\n rtnetlink_rcv_msg+0x375/0x450\n netlink_rcv_skb+0x5c/0x110\n netlink_unicast+0x288/0x3c0\n netlink_sendmsg+0x20d/0x430\n ____sys_sendmsg+0x3a2/0x3d0\n ___sys_sendmsg+0x99/0xe0\n __sys_sendmsg+0x8a/0xf0\n do_syscall_64+0x82/0x2c0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n [...]\n \n ---[ end trace 0000000000000000 ]---\n\nUse the same dev_id for free_irq() as for request_irq().\n\nI tested this with inserting code to fail intentionally.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-39911" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/13ab9adef3cd386511c930a9660ae06595007f89", "url": "https://git.kernel.org/stable/c/13ab9adef3cd386511c930a9660ae06595007f89" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/23431998a37764c464737b855c71a81d50992e98", "url": "https://git.kernel.org/stable/c/23431998a37764c464737b855c71a81d50992e98" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/6e4016c0dca53afc71e3b99e24252b63417395df", "url": "https://git.kernel.org/stable/c/6e4016c0dca53afc71e3b99e24252b63417395df" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/915470e1b44e71d1dd07ee067276f003c3521ee3", "url": "https://git.kernel.org/stable/c/915470e1b44e71d1dd07ee067276f003c3521ee3" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a30afd6617c30aaa338d1dbcb1e34e7a1890085c", "url": "https://git.kernel.org/stable/c/a30afd6617c30aaa338d1dbcb1e34e7a1890085c" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/b905b2acb3a0bbb08ad9be9984d8cdabdf827315", "url": "https://git.kernel.org/stable/c/b905b2acb3a0bbb08ad9be9984d8cdabdf827315" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/b9721a023df38cf44a88f2739b4cf51efd051f85", "url": "https://git.kernel.org/stable/c/b9721a023df38cf44a88f2739b4cf51efd051f85" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c62580674ce5feb1be4f90b5873ff3ce50e0a1db", "url": "https://git.kernel.org/stable/c/c62580674ce5feb1be4f90b5873ff3ce50e0a1db" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html" } ], "release_date": "2025-10-01T08:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-39797", "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: Duplicate SPI Handling\n\nThe issue originates when Strongswan initiates an XFRM_MSG_ALLOCSPI\nNetlink message, which triggers the kernel function xfrm_alloc_spi().\nThis function is expected to ensure uniqueness of the Security Parameter\nIndex (SPI) for inbound Security Associations (SAs). However, it can\nreturn success even when the requested SPI is already in use, leading\nto duplicate SPIs assigned to multiple inbound SAs, differentiated\nonly by their destination addresses.\n\nThis behavior causes inconsistencies during SPI lookups for inbound packets.\nSince the lookup may return an arbitrary SA among those with the same SPI,\npacket processing can fail, resulting in packet drops.\n\nAccording to RFC 4301 section 4.4.2 , for inbound processing a unicast SA\nis uniquely identified by the SPI and optionally protocol.\n\nReproducing the Issue Reliably:\nTo consistently reproduce the problem, restrict the available SPI range in\ncharon.conf : spi_min = 0x10000000 spi_max = 0x10000002\nThis limits the system to only 2 usable SPI values.\nNext, create more than 2 Child SA. each using unique pair of src/dst address.\nAs soon as the 3rd Child SA is initiated, it will be assigned a duplicate\nSPI, since the SPI pool is already exhausted.\nWith a narrow SPI range, the issue is consistently reproducible.\nWith a broader/default range, it becomes rare and unpredictable.\n\nCurrent implementation:\nxfrm_spi_hash() lookup function computes hash using daddr, proto, and family.\nSo if two SAs have the same SPI but different destination addresses, then\nthey will:\na. Hash into different buckets\nb. Be stored in different linked lists (byspi + h)\nc. Not be seen in the same hlist_for_each_entry_rcu() iteration.\nAs a result, the lookup will result in NULL and kernel allows that Duplicate SPI\n\nProposed Change:\nxfrm_state_lookup_spi_proto() does a truly global search - across all states,\nregardless of hash bucket and matches SPI and proto.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-39797" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/29e9158f91f99057dbd35db5e8674d93b38549fe", "url": "https://git.kernel.org/stable/c/29e9158f91f99057dbd35db5e8674d93b38549fe" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/2fc5b54368a1bf1d2d74b4d3b8eea5309a653e38", "url": "https://git.kernel.org/stable/c/2fc5b54368a1bf1d2d74b4d3b8eea5309a653e38" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/3d8090bb53424432fa788fe9a49e8ceca74f0544", "url": "https://git.kernel.org/stable/c/3d8090bb53424432fa788fe9a49e8ceca74f0544" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/94f39804d891cffe4ce17737d295f3b195bc7299", "url": "https://git.kernel.org/stable/c/94f39804d891cffe4ce17737d295f3b195bc7299" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c67d4e7a8f90fb6361ca89d4d5c9a28f4e935e47", "url": "https://git.kernel.org/stable/c/c67d4e7a8f90fb6361ca89d4d5c9a28f4e935e47" } ], "release_date": "2025-09-12T16:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2024-50061", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni3c: master: cdns: Fix use after free vulnerability in cdns_i3c_master Driver Due to Race Condition\n\nIn the cdns_i3c_master_probe function, &master->hj_work is bound with\ncdns_i3c_master_hj. And cdns_i3c_master_interrupt can call\ncnds_i3c_master_demux_ibis function to start the work.\n\nIf we remove the module which will call cdns_i3c_master_remove to\nmake cleanup, it will free master->base through i3c_master_unregister\nwhile the work mentioned above will be used. The sequence of operations\nthat may lead to a UAF bug is as follows:\n\nCPU0 CPU1\n\n | cdns_i3c_master_hj\ncdns_i3c_master_remove |\ni3c_master_unregister(&master->base) |\ndevice_unregister(&master->dev) |\ndevice_release |\n//free master->base |\n | i3c_master_do_daa(&master->base)\n | //use master->base\n\nFix it by ensuring that the work is canceled before proceeding with\nthe cleanup in cdns_i3c_master_remove.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2024-50061" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/2a21bad9964c91b34d65ba269914233720c0b1ce", "url": "https://git.kernel.org/stable/c/2a21bad9964c91b34d65ba269914233720c0b1ce" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/609366e7a06d035990df78f1562291c3bf0d4a12", "url": "https://git.kernel.org/stable/c/609366e7a06d035990df78f1562291c3bf0d4a12" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/687016d6a1efbfacdd2af913e2108de6b75a28d5", "url": "https://git.kernel.org/stable/c/687016d6a1efbfacdd2af913e2108de6b75a28d5" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/ea0256e393e0072e8c80fd941547807f0c28108b", "url": "https://git.kernel.org/stable/c/ea0256e393e0072e8c80fd941547807f0c28108b" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/03/msg00028.html", "url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00028.html" } ], "release_date": "2024-10-21T20:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-38676", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/amd: Avoid stack buffer overflow from kernel cmdline\n\nWhile the kernel command line is considered trusted in most environments,\navoid writing 1 byte past the end of \"acpiid\" if the \"str\" argument is\nmaximum length.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-38676" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/0ad8509b468fa1058f4f400a1829f29e4ccc4de8", "url": "https://git.kernel.org/stable/c/0ad8509b468fa1058f4f400a1829f29e4ccc4de8" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/4bdb0f78bddbfa77d3ab458a21dd9cec495d317a", "url": "https://git.kernel.org/stable/c/4bdb0f78bddbfa77d3ab458a21dd9cec495d317a" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/736db11c86f03e717fc4bf771d05efdf10d23acb", "url": "https://git.kernel.org/stable/c/736db11c86f03e717fc4bf771d05efdf10d23acb" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/8503d0fcb1086a7cfe26df67ca4bd9bd9e99bdec", "url": "https://git.kernel.org/stable/c/8503d0fcb1086a7cfe26df67ca4bd9bd9e99bdec" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/8f80c633cba144f721d38d9380f23d23ab7db10e", "url": "https://git.kernel.org/stable/c/8f80c633cba144f721d38d9380f23d23ab7db10e" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/9ff52d3af0ef286535749e14e3fe9eceb39a8349", "url": "https://git.kernel.org/stable/c/9ff52d3af0ef286535749e14e3fe9eceb39a8349" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a732502bf3bbe859613b6d7b2b0313b11f0474ac", "url": "https://git.kernel.org/stable/c/a732502bf3bbe859613b6d7b2b0313b11f0474ac" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html" } ], "release_date": "2025-08-26T13:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2024-35867", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential UAF in cifs_stats_proc_show()\n\nSkip sessions that are being teared down (status == SES_EXITING) to\navoid UAF.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2024-35867" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/0865ffefea197b437ba78b5dd8d8e256253efd65", "url": "https://git.kernel.org/stable/c/0865ffefea197b437ba78b5dd8d8e256253efd65" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/16b7d785775eb03929766819415055e367398f49", "url": "https://git.kernel.org/stable/c/16b7d785775eb03929766819415055e367398f49" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/1e12f0d5c66f07c934041621351973a116fa13c7", "url": "https://git.kernel.org/stable/c/1e12f0d5c66f07c934041621351973a116fa13c7" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/838ec01ea8d3deb5d123e8ed9022e8162dc3f503", "url": "https://git.kernel.org/stable/c/838ec01ea8d3deb5d123e8ed9022e8162dc3f503" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/bb6570085826291dc392005f9fec16ea5da3c8ad", "url": "https://git.kernel.org/stable/c/bb6570085826291dc392005f9fec16ea5da3c8ad" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c3cf8b74c57924c0985e49a1fdf02d3395111f39", "url": "https://git.kernel.org/stable/c/c3cf8b74c57924c0985e49a1fdf02d3395111f39" }, { "category": "external", "summary": "http://www.openwall.com/lists/oss-security/2024/05/29/2", "url": "http://www.openwall.com/lists/oss-security/2024/05/29/2" }, { "category": "external", "summary": "http://www.openwall.com/lists/oss-security/2024/05/30/1", "url": "http://www.openwall.com/lists/oss-security/2024/05/30/1" }, { "category": "external", "summary": "http://www.openwall.com/lists/oss-security/2024/05/30/2", "url": "http://www.openwall.com/lists/oss-security/2024/05/30/2" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html", "url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html" } ], "release_date": "2024-05-19T09:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-38728", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb3: fix for slab out of bounds on mount to ksmbd\n\nWith KASAN enabled, it is possible to get a slab out of bounds\nduring mount to ksmbd due to missing check in parse_server_interfaces()\n(see below):\n\n BUG: KASAN: slab-out-of-bounds in\n parse_server_interfaces+0x14ee/0x1880 [cifs]\n Read of size 4 at addr ffff8881433dba98 by task mount/9827\n\n CPU: 5 UID: 0 PID: 9827 Comm: mount Tainted: G\n OE 6.16.0-rc2-kasan #2 PREEMPT(voluntary)\n Tainted: [O]=OOT_MODULE, [E]=UNSIGNED_MODULE\n Hardware name: Dell Inc. Precision Tower 3620/0MWYPT,\n BIOS 2.13.1 06/14/2019\n Call Trace:\n \n dump_stack_lvl+0x9f/0xf0\n print_report+0xd1/0x670\n __virt_addr_valid+0x22c/0x430\n ? parse_server_interfaces+0x14ee/0x1880 [cifs]\n ? kasan_complete_mode_report_info+0x2a/0x1f0\n ? parse_server_interfaces+0x14ee/0x1880 [cifs]\n kasan_report+0xd6/0x110\n parse_server_interfaces+0x14ee/0x1880 [cifs]\n __asan_report_load_n_noabort+0x13/0x20\n parse_server_interfaces+0x14ee/0x1880 [cifs]\n ? __pfx_parse_server_interfaces+0x10/0x10 [cifs]\n ? trace_hardirqs_on+0x51/0x60\n SMB3_request_interfaces+0x1ad/0x3f0 [cifs]\n ? __pfx_SMB3_request_interfaces+0x10/0x10 [cifs]\n ? SMB2_tcon+0x23c/0x15d0 [cifs]\n smb3_qfs_tcon+0x173/0x2b0 [cifs]\n ? __pfx_smb3_qfs_tcon+0x10/0x10 [cifs]\n ? cifs_get_tcon+0x105d/0x2120 [cifs]\n ? do_raw_spin_unlock+0x5d/0x200\n ? cifs_get_tcon+0x105d/0x2120 [cifs]\n ? __pfx_smb3_qfs_tcon+0x10/0x10 [cifs]\n cifs_mount_get_tcon+0x369/0xb90 [cifs]\n ? dfs_cache_find+0xe7/0x150 [cifs]\n dfs_mount_share+0x985/0x2970 [cifs]\n ? check_path.constprop.0+0x28/0x50\n ? save_trace+0x54/0x370\n ? __pfx_dfs_mount_share+0x10/0x10 [cifs]\n ? __lock_acquire+0xb82/0x2ba0\n ? __kasan_check_write+0x18/0x20\n cifs_mount+0xbc/0x9e0 [cifs]\n ? __pfx_cifs_mount+0x10/0x10 [cifs]\n ? do_raw_spin_unlock+0x5d/0x200\n ? cifs_setup_cifs_sb+0x29d/0x810 [cifs]\n cifs_smb3_do_mount+0x263/0x1990 [cifs]", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-38728" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/7d34ec36abb84fdfb6632a0f2cbda90379ae21fc", "url": "https://git.kernel.org/stable/c/7d34ec36abb84fdfb6632a0f2cbda90379ae21fc" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/8de33d4d72e8fae3502ec3850bd7b14e7c7328b6", "url": "https://git.kernel.org/stable/c/8de33d4d72e8fae3502ec3850bd7b14e7c7328b6" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/9bdb8e98a0073c73ab3e6c631ec78877ceb64565", "url": "https://git.kernel.org/stable/c/9bdb8e98a0073c73ab3e6c631ec78877ceb64565" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a0620e1525663edd8c4594f49fb75fe5be4724b0", "url": "https://git.kernel.org/stable/c/a0620e1525663edd8c4594f49fb75fe5be4724b0" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a542f93a123555d09c3ce8bc947f7b56ad8e6463", "url": "https://git.kernel.org/stable/c/a542f93a123555d09c3ce8bc947f7b56ad8e6463" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/f6eda5b0e8f8123564c5b34f5801d63243032eac", "url": "https://git.kernel.org/stable/c/f6eda5b0e8f8123564c5b34f5801d63243032eac" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html" } ], "release_date": "2025-09-04T16:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-21727", "cwe": { "id": "CWE-820", "name": "Missing Synchronization" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\npadata: fix UAF in padata_reorder\nA bug was found when run ltp test:\nBUG: KASAN: slab-use-after-free in padata_find_next+0x29/0x1a0\nRead of size 4 at addr ffff88bbfe003524 by task kworker/u113:2/3039206\nCPU: 0 PID: 3039206 Comm: kworker/u113:2 Kdump: loaded Not tainted 6.6.0+\nWorkqueue: pdecrypt_parallel padata_parallel_worker\nCall Trace:\n\ndump_stack_lvl+0x32/0x50\nprint_address_description.constprop.0+0x6b/0x3d0\nprint_report+0xdd/0x2c0\nkasan_report+0xa5/0xd0\npadata_find_next+0x29/0x1a0\npadata_reorder+0x131/0x220\npadata_parallel_worker+0x3d/0xc0\nprocess_one_work+0x2ec/0x5a0\nIf 'mdelay(10)' is added before calling 'padata_find_next' in the\n'padata_reorder' function, this issue could be reproduced easily with\nltp test (pcrypt_aead01).\nThis can be explained as bellow:\npcrypt_aead_encrypt\n...\npadata_do_parallel\nrefcount_inc(&pd->refcnt); // add refcnt\n...\npadata_do_serial\npadata_reorder // pd\nwhile (1) {\npadata_find_next(pd, true); // using pd\nqueue_work_on\n...\npadata_serial_workercrypto_del_alg\npadata_put_pd_cnt // sub refcnt\npadata_free_shell\npadata_put_pd(ps->pd);\n// pd is freed\n// loop again, but pd is freed\n// call padata_find_next, UAF\n}\nIn the padata_reorder function, when it loops in 'while', if the alg is\ndeleted, the refcnt may be decreased to 0 before entering\n'padata_find_next', which leads to UAF.\nAs mentioned in [1], do_serial is supposed to be called with BHs disabled\nand always happen under RCU protection, to address this issue, add\nsynchronize_rcu() in 'padata_free_shell' wait for all _do_serial calls\nto finish.\n[1] https://lore.kernel.org/all/20221028160401.cccypv4euxikusiq@parnassus.localdomain/\n[2] https://lore.kernel.org/linux-kernel/jfjz5d7zwbytztackem7ibzalm5lnxldi2eofeiczqmqs2m7o6@fq426cwnjtkm/", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-21727" } ], "release_date": "2025-02-27T00:00:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-39901", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni40e: remove read access to debugfs files\n\nThe 'command' and 'netdev_ops' debugfs files are a legacy debugging\ninterface supported by the i40e driver since its early days by commit\n02e9c290814c (\"i40e: debugfs interface\").\n\nBoth of these debugfs files provide a read handler which is mostly useless,\nand which is implemented with questionable logic. They both use a static\n256 byte buffer which is initialized to the empty string. In the case of\nthe 'command' file this buffer is literally never used and simply wastes\nspace. In the case of the 'netdev_ops' file, the last command written is\nsaved here.\n\nOn read, the files contents are presented as the name of the device\nfollowed by a colon and then the contents of their respective static\nbuffer. For 'command' this will always be \": \". For 'netdev_ops',\nthis will be \": \". But note the buffer is\nshared between all devices operated by this module. At best, it is mostly\nmeaningless information, and at worse it could be accessed simultaneously\nas there doesn't appear to be any locking mechanism.\n\nWe have also recently received multiple reports for both read functions\nabout their use of snprintf and potential overflow that could result in\nreading arbitrary kernel memory. For the 'command' file, this is definitely\nimpossible, since the static buffer is always zero and never written to.\nFor the 'netdev_ops' file, it does appear to be possible, if the user\ncarefully crafts the command input, it will be copied into the buffer,\nwhich could be large enough to cause snprintf to truncate, which then\ncauses the copy_to_user to read beyond the length of the buffer allocated\nby kzalloc.\n\nA minimal fix would be to replace snprintf() with scnprintf() which would\ncap the return to the number of bytes written, preventing an overflow. A\nmore involved fix would be to drop the mostly useless static buffers,\nsaving 512 bytes and modifying the read functions to stop needing those as\ninput.\n\nInstead, lets just completely drop the read access to these files. These\nare debug interfaces exposed as part of debugfs, and I don't believe that\ndropping read access will break any script, as the provided output is\npretty useless. You can find the netdev name through other more standard\ninterfaces, and the 'netdev_ops' interface can easily result in garbage if\nyou issue simultaneous writes to multiple devices at once.\n\nIn order to properly remove the i40e_dbg_netdev_ops_buf, we need to\nrefactor its write function to avoid using the static buffer. Instead, use\nthe same logic as the i40e_dbg_command_write, with an allocated buffer.\nUpdate the code to use this instead of the static buffer, and ensure we\nfree the buffer on exit. This fixes simultaneous writes to 'netdev_ops' on\nmultiple devices, and allows us to remove the now unused static buffer\nalong with removing the read access.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-39901" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/70d3dad7d5ad077965d7a63eed1942b7ba49bfb4", "url": "https://git.kernel.org/stable/c/70d3dad7d5ad077965d7a63eed1942b7ba49bfb4" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/7d190963b80f4cd99d7008615600aa7cc993c6ba", "url": "https://git.kernel.org/stable/c/7d190963b80f4cd99d7008615600aa7cc993c6ba" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/9fcdb1c3c4ba134434694c001dbff343f1ffa319", "url": "https://git.kernel.org/stable/c/9fcdb1c3c4ba134434694c001dbff343f1ffa319" } ], "release_date": "2025-10-01T08:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-21726", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\npadata: avoid UAF for reorder_work\nAlthough the previous patch can avoid ps and ps UAF for _do_serial, it\ncan not avoid potential UAF issue for reorder_work. This issue can\nhappen just as below:\ncrypto_requestcrypto_requestcrypto_del_alg\npadata_do_serial\n...\npadata_reorder\n// processes all remaining\n// requests then breaks\nwhile (1) {\nif (!padata)\nbreak;\n...\n}\npadata_do_serial\n// new request added\nlist_add\n// sees the new request\nqueue_work(reorder_work)\npadata_reorder\nqueue_work_on(squeue->work)\n...\n\npadata_serial_worker\n// completes new request,\n// no more outstanding\n// requests\ncrypto_del_alg\n// free pd\n\ninvoke_padata_reorder\n// UAF of pd\nTo avoid UAF for 'reorder_work', get 'pd' ref before put 'reorder_work'\ninto the 'serial_wq' and put 'pd' ref until the 'serial_wq' finish.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-21726" } ], "release_date": "2025-02-27T00:00:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-39883", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/memory-failure: fix VM_BUG_ON_PAGE(PagePoisoned(page)) when unpoison memory\n\nWhen I did memory failure tests, below panic occurs:\n\npage dumped because: VM_BUG_ON_PAGE(PagePoisoned(page))\nkernel BUG at include/linux/page-flags.h:616!\nOops: invalid opcode: 0000 [#1] PREEMPT SMP NOPTI\nCPU: 3 PID: 720 Comm: bash Not tainted 6.10.0-rc1-00195-g148743902568 #40\nRIP: 0010:unpoison_memory+0x2f3/0x590\nRSP: 0018:ffffa57fc8787d60 EFLAGS: 00000246\nRAX: 0000000000000037 RBX: 0000000000000009 RCX: ffff9be25fcdc9c8\nRDX: 0000000000000000 RSI: 0000000000000027 RDI: ffff9be25fcdc9c0\nRBP: 0000000000300000 R08: ffffffffb4956f88 R09: 0000000000009ffb\nR10: 0000000000000284 R11: ffffffffb4926fa0 R12: ffffe6b00c000000\nR13: ffff9bdb453dfd00 R14: 0000000000000000 R15: fffffffffffffffe\nFS: 00007f08f04e4740(0000) GS:ffff9be25fcc0000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000564787a30410 CR3: 000000010d4e2000 CR4: 00000000000006f0\nCall Trace:\n \n unpoison_memory+0x2f3/0x590\n simple_attr_write_xsigned.constprop.0.isra.0+0xb3/0x110\n debugfs_attr_write+0x42/0x60\n full_proxy_write+0x5b/0x80\n vfs_write+0xd5/0x540\n ksys_write+0x64/0xe0\n do_syscall_64+0xb9/0x1d0\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7f08f0314887\nRSP: 002b:00007ffece710078 EFLAGS: 00000246 ORIG_RAX: 0000000000000001\nRAX: ffffffffffffffda RBX: 0000000000000009 RCX: 00007f08f0314887\nRDX: 0000000000000009 RSI: 0000564787a30410 RDI: 0000000000000001\nRBP: 0000564787a30410 R08: 000000000000fefe R09: 000000007fffffff\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000009\nR13: 00007f08f041b780 R14: 00007f08f0417600 R15: 00007f08f0416a00\n \nModules linked in: hwpoison_inject\n---[ end trace 0000000000000000 ]---\nRIP: 0010:unpoison_memory+0x2f3/0x590\nRSP: 0018:ffffa57fc8787d60 EFLAGS: 00000246\nRAX: 0000000000000037 RBX: 0000000000000009 RCX: ffff9be25fcdc9c8\nRDX: 0000000000000000 RSI: 0000000000000027 RDI: ffff9be25fcdc9c0\nRBP: 0000000000300000 R08: ffffffffb4956f88 R09: 0000000000009ffb\nR10: 0000000000000284 R11: ffffffffb4926fa0 R12: ffffe6b00c000000\nR13: ffff9bdb453dfd00 R14: 0000000000000000 R15: fffffffffffffffe\nFS: 00007f08f04e4740(0000) GS:ffff9be25fcc0000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000564787a30410 CR3: 000000010d4e2000 CR4: 00000000000006f0\nKernel panic - not syncing: Fatal exception\nKernel Offset: 0x31c00000 from 0xffffffff81000000 (relocation range: 0xffffffff80000000-0xffffffffbfffffff)\n---[ end Kernel panic - not syncing: Fatal exception ]---\n\nThe root cause is that unpoison_memory() tries to check the PG_HWPoison\nflags of an uninitialized page. So VM_BUG_ON_PAGE(PagePoisoned(page)) is\ntriggered. This can be reproduced by below steps:\n\n1.Offline memory block:\n\n echo offline > /sys/devices/system/memory/memory12/state\n\n2.Get offlined memory pfn:\n\n page-types -b n -rlN\n\n3.Write pfn to unpoison-pfn\n\n echo > /sys/kernel/debug/hwpoison/unpoison-pfn\n\nThis scenario can be identified by pfn_to_online_page() returning NULL. \nAnd ZONE_DEVICE pages are never expected, so we can simply fail if\npfn_to_online_page() == NULL to fix the bug.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-39883" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/3d278e89c2ea62b1aaa4b0d8a9766a35b3a3164a", "url": "https://git.kernel.org/stable/c/3d278e89c2ea62b1aaa4b0d8a9766a35b3a3164a" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/63a327a2375a8ce7a47dec5aaa4d8a9ae0a00b96", "url": "https://git.kernel.org/stable/c/63a327a2375a8ce7a47dec5aaa4d8a9ae0a00b96" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/7618fd443aa4cfa553a64cacf5721581653ee7b0", "url": "https://git.kernel.org/stable/c/7618fd443aa4cfa553a64cacf5721581653ee7b0" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/8e01ea186a52c90694c08a9ff57bea1b0e78256a", "url": "https://git.kernel.org/stable/c/8e01ea186a52c90694c08a9ff57bea1b0e78256a" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/99f7048957f5ae3cee1c01189147e73a9a96de02", "url": "https://git.kernel.org/stable/c/99f7048957f5ae3cee1c01189147e73a9a96de02" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/d613f53c83ec47089c4e25859d5e8e0359f6f8da", "url": "https://git.kernel.org/stable/c/d613f53c83ec47089c4e25859d5e8e0359f6f8da" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/e4ec6def5643a1c9511115b3884eb879572294c6", "url": "https://git.kernel.org/stable/c/e4ec6def5643a1c9511115b3884eb879572294c6" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/fb65803ccff37cf9123c50c1c02efd1ed73c4ed5", "url": "https://git.kernel.org/stable/c/fb65803ccff37cf9123c50c1c02efd1ed73c4ed5" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html" } ], "release_date": "2025-09-23T06:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-37915", "cwe": { "id": "CWE-415", "name": "Double Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: drr: Fix double list add in class with netem as child qdisc\n\nAs described in Gerrard's report [1], there are use cases where a netem\nchild qdisc will make the parent qdisc's enqueue callback reentrant.\nIn the case of drr, there won't be a UAF, but the code will add the same\nclassifier to the list twice, which will cause memory corruption.\n\nIn addition to checking for qlen being zero, this patch checks whether the\nclass was already added to the active_list (cl_is_active) before adding\nto the list to cover for the reentrant case.\n\n[1] https://lore.kernel.org/netdev/CAHcdcOm+03OD2j6R0=YHKqmy=VgJ8xEOKuP6c7mSgnp-TEJJbw@mail.gmail.com/", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-37915" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/26e75716b94d6ff9be5ea07d63675c4d189f30b4", "url": "https://git.kernel.org/stable/c/26e75716b94d6ff9be5ea07d63675c4d189f30b4" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/2968632880f1792007eedd12eeedf7f6e2b7e9f3", "url": "https://git.kernel.org/stable/c/2968632880f1792007eedd12eeedf7f6e2b7e9f3" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/4b07ac06b0a712923255aaf2691637693fc7100d", "url": "https://git.kernel.org/stable/c/4b07ac06b0a712923255aaf2691637693fc7100d" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/4f0ecf50cdf76da95828578a92f130b653ac2fcf", "url": "https://git.kernel.org/stable/c/4f0ecf50cdf76da95828578a92f130b653ac2fcf" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/5da3aad1a13e7edb8ff0778a444ccf49930313e9", "url": "https://git.kernel.org/stable/c/5da3aad1a13e7edb8ff0778a444ccf49930313e9" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/ab2248110738d4429668140ad22f530a9ee730e1", "url": "https://git.kernel.org/stable/c/ab2248110738d4429668140ad22f530a9ee730e1" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/db205b92dfe0501e5b92fb7cf00971d0e44ba3eb", "url": "https://git.kernel.org/stable/c/db205b92dfe0501e5b92fb7cf00971d0e44ba3eb" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/f99a3fbf023e20b626be4b0f042463d598050c9a", "url": "https://git.kernel.org/stable/c/f99a3fbf023e20b626be4b0f042463d598050c9a" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/08/msg00010.html", "url": "https://lists.debian.org/debian-lts-announce/2025/08/msg00010.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html" } ], "release_date": "2025-05-20T16:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-38497", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: configfs: Fix OOB read on empty string write\n\nWhen writing an empty string to either 'qw_sign' or 'landingPage'\nsysfs attributes, the store functions attempt to access page[l - 1]\nbefore validating that the length 'l' is greater than zero.\n\nThis patch fixes the vulnerability by adding a check at the beginning\nof os_desc_qw_sign_store() and webusb_landingPage_store() to handle\nthe zero-length input case gracefully by returning immediately.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-38497" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/15a87206879951712915c03c8952a73d6a74721e", "url": "https://git.kernel.org/stable/c/15a87206879951712915c03c8952a73d6a74721e" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/22b7897c289cc25d99c603f5144096142a30d897", "url": "https://git.kernel.org/stable/c/22b7897c289cc25d99c603f5144096142a30d897" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/2798111f8e504ac747cce911226135d50b8de468", "url": "https://git.kernel.org/stable/c/2798111f8e504ac747cce911226135d50b8de468" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/3014168731b7930300aab656085af784edc861f6", "url": "https://git.kernel.org/stable/c/3014168731b7930300aab656085af784edc861f6" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/58bdd5160184645771553ea732da5c2887fc9bd1", "url": "https://git.kernel.org/stable/c/58bdd5160184645771553ea732da5c2887fc9bd1" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/783ea37b237a9b524f1e5ca018ea17d772ee0ea0", "url": "https://git.kernel.org/stable/c/783ea37b237a9b524f1e5ca018ea17d772ee0ea0" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/78b41148cfea2a3f04d87adf3a71b21735820a37", "url": "https://git.kernel.org/stable/c/78b41148cfea2a3f04d87adf3a71b21735820a37" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/d68b7c8fefbaeae8f065b84e40cf64baf4cc0c76", "url": "https://git.kernel.org/stable/c/d68b7c8fefbaeae8f065b84e40cf64baf4cc0c76" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html" } ], "release_date": "2025-07-28T12:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-38389", "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/i915/gt: Fix timeline left held on VMA alloc error\n\nThe following error has been reported sporadically by CI when a test\nunbinds the i915 driver on a ring submission platform:\n\n<4> [239.330153] ------------[ cut here ]------------\n<4> [239.330166] i915 0000:00:02.0: [drm] drm_WARN_ON(dev_priv->mm.shrink_count)\n<4> [239.330196] WARNING: CPU: 1 PID: 18570 at drivers/gpu/drm/i915/i915_gem.c:1309 i915_gem_cleanup_early+0x13e/0x150 [i915]\n...\n<4> [239.330640] RIP: 0010:i915_gem_cleanup_early+0x13e/0x150 [i915]\n...\n<4> [239.330942] Call Trace:\n<4> [239.330944] \n<4> [239.330949] i915_driver_late_release+0x2b/0xa0 [i915]\n<4> [239.331202] i915_driver_release+0x86/0xa0 [i915]\n<4> [239.331482] devm_drm_dev_init_release+0x61/0x90\n<4> [239.331494] devm_action_release+0x15/0x30\n<4> [239.331504] release_nodes+0x3d/0x120\n<4> [239.331517] devres_release_all+0x96/0xd0\n<4> [239.331533] device_unbind_cleanup+0x12/0x80\n<4> [239.331543] device_release_driver_internal+0x23a/0x280\n<4> [239.331550] ? bus_find_device+0xa5/0xe0\n<4> [239.331563] device_driver_detach+0x14/0x20\n...\n<4> [357.719679] ---[ end trace 0000000000000000 ]---\n\nIf the test also unloads the i915 module then that's followed with:\n\n<3> [357.787478] =============================================================================\n<3> [357.788006] BUG i915_vma (Tainted: G U W N ): Objects remaining on __kmem_cache_shutdown()\n<3> [357.788031] -----------------------------------------------------------------------------\n<3> [357.788204] Object 0xffff888109e7f480 @offset=29824\n<3> [357.788670] Allocated in i915_vma_instance+0xee/0xc10 [i915] age=292729 cpu=4 pid=2244\n<4> [357.788994] i915_vma_instance+0xee/0xc10 [i915]\n<4> [357.789290] init_status_page+0x7b/0x420 [i915]\n<4> [357.789532] intel_engines_init+0x1d8/0x980 [i915]\n<4> [357.789772] intel_gt_init+0x175/0x450 [i915]\n<4> [357.790014] i915_gem_init+0x113/0x340 [i915]\n<4> [357.790281] i915_driver_probe+0x847/0xed0 [i915]\n<4> [357.790504] i915_pci_probe+0xe6/0x220 [i915]\n...\n\nCloser analysis of CI results history has revealed a dependency of the\nerror on a few IGT tests, namely:\n- igt@api_intel_allocator@fork-simple-stress-signal,\n- igt@api_intel_allocator@two-level-inception-interruptible,\n- igt@gem_linear_blits@interruptible,\n- igt@prime_mmap_coherency@ioctl-errors,\nwhich invisibly trigger the issue, then exhibited with first driver unbind\nattempt.\n\nAll of the above tests perform actions which are actively interrupted with\nsignals. Further debugging has allowed to narrow that scope down to\nDRM_IOCTL_I915_GEM_EXECBUFFER2, and ring_context_alloc(), specific to ring\nsubmission, in particular.\n\nIf successful then that function, or its execlists or GuC submission\nequivalent, is supposed to be called only once per GEM context engine,\nfollowed by raise of a flag that prevents the function from being called\nagain. The function is expected to unwind its internal errors itself, so\nit may be safely called once more after it returns an error.\n\nIn case of ring submission, the function first gets a reference to the\nengine's legacy timeline and then allocates a VMA. If the VMA allocation\nfails, e.g. when i915_vma_instance() called from inside is interrupted\nwith a signal, then ring_context_alloc() fails, leaving the timeline held\nreferenced. On next I915_GEM_EXECBUFFER2 IOCTL, another reference to the\ntimeline is got, and only that last one is put on successful completion.\nAs a consequence, the legacy timeline, with its underlying engine status\npage's VMA object, is still held and not released on driver unbind.\n\nGet the legacy timeline only after successful allocation of the context\nengine's VMA.\n\nv2: Add a note on other submission methods (Krzysztof Karas):\n Both execlists and GuC submission use lrc_alloc() which seems free\n from a similar issue.\n\n(cherry picked from commit cc43422b3cc79eacff4c5a8ba0d224688ca9dd4f)", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-38389" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/40e09506aea1fde1f3e0e04eca531bbb23404baf", "url": "https://git.kernel.org/stable/c/40e09506aea1fde1f3e0e04eca531bbb23404baf" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/4c778c96e469fb719b11683e0a3be8ea68052fa2", "url": "https://git.kernel.org/stable/c/4c778c96e469fb719b11683e0a3be8ea68052fa2" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/5a7ae7bebdc4c2ecd48a2c061319956f65c09473", "url": "https://git.kernel.org/stable/c/5a7ae7bebdc4c2ecd48a2c061319956f65c09473" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/60b757730884e4a223152a68d9b5f625dac94119", "url": "https://git.kernel.org/stable/c/60b757730884e4a223152a68d9b5f625dac94119" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a5aa7bc1fca78c7fa127d9e33aa94a0c9066c1d6", "url": "https://git.kernel.org/stable/c/a5aa7bc1fca78c7fa127d9e33aa94a0c9066c1d6" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c542d62883f62ececafcb630a1c5010133826bea", "url": "https://git.kernel.org/stable/c/c542d62883f62ececafcb630a1c5010133826bea" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/e47d7d6edc40a6ace7cc04e5893759fee68569f5", "url": "https://git.kernel.org/stable/c/e47d7d6edc40a6ace7cc04e5893759fee68569f5" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/f10af34261448610d4048ac6e6af87f80e3881a4", "url": "https://git.kernel.org/stable/c/f10af34261448610d4048ac6e6af87f80e3881a4" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html" } ], "release_date": "2025-07-25T13:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-38415", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nSquashfs: check return result of sb_min_blocksize\n\nSyzkaller reports an \"UBSAN: shift-out-of-bounds in squashfs_bio_read\" bug.\n\nSyzkaller forks multiple processes which after mounting the Squashfs\nfilesystem, issues an ioctl(\"/dev/loop0\", LOOP_SET_BLOCK_SIZE, 0x8000). \nNow if this ioctl occurs at the same time another process is in the\nprocess of mounting a Squashfs filesystem on /dev/loop0, the failure\noccurs. When this happens the following code in squashfs_fill_super()\nfails.\n\n----\nmsblk->devblksize = sb_min_blocksize(sb, SQUASHFS_DEVBLK_SIZE);\nmsblk->devblksize_log2 = ffz(~msblk->devblksize);\n----\n\nsb_min_blocksize() returns 0, which means msblk->devblksize is set to 0.\n\nAs a result, ffz(~msblk->devblksize) returns 64, and msblk->devblksize_log2\nis set to 64.\n\nThis subsequently causes the\n\nUBSAN: shift-out-of-bounds in fs/squashfs/block.c:195:36\nshift exponent 64 is too large for 64-bit type 'u64' (aka\n'unsigned long long')\n\nThis commit adds a check for a 0 return by sb_min_blocksize().", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-38415" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/0aff95d9bc7fb5400ca8af507429c4b067bdb425", "url": "https://git.kernel.org/stable/c/0aff95d9bc7fb5400ca8af507429c4b067bdb425" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/295ab18c2dbce8d0ac6ecf7c5187e16e1ac8b282", "url": "https://git.kernel.org/stable/c/295ab18c2dbce8d0ac6ecf7c5187e16e1ac8b282" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/4f99357dadbf9c979ad737156ad4c37fadf7c56b", "url": "https://git.kernel.org/stable/c/4f99357dadbf9c979ad737156ad4c37fadf7c56b" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/549f9e3d7b60d53808c98b9fde49b4f46d0524a5", "url": "https://git.kernel.org/stable/c/549f9e3d7b60d53808c98b9fde49b4f46d0524a5" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/5c51aa862cbeed2f3887f0382a2708956710bd68", "url": "https://git.kernel.org/stable/c/5c51aa862cbeed2f3887f0382a2708956710bd68" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/6abf6b78c6fb112eee495f5636ffcc350dd2ce25", "url": "https://git.kernel.org/stable/c/6abf6b78c6fb112eee495f5636ffcc350dd2ce25" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/734aa85390ea693bb7eaf2240623d41b03705c84", "url": "https://git.kernel.org/stable/c/734aa85390ea693bb7eaf2240623d41b03705c84" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/db7096ea160e40d78c67fce52e7cc51bde049497", "url": "https://git.kernel.org/stable/c/db7096ea160e40d78c67fce52e7cc51bde049497" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html" } ], "release_date": "2025-07-25T14:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-39905", "cwe": { "id": "CWE-362", "name": "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: phylink: add lock for serializing concurrent pl->phydev writes with resolver\n\nCurrently phylink_resolve() protects itself against concurrent\nphylink_bringup_phy() or phylink_disconnect_phy() calls which modify\npl->phydev by relying on pl->state_mutex.\n\nThe problem is that in phylink_resolve(), pl->state_mutex is in a lock\ninversion state with pl->phydev->lock. So pl->phydev->lock needs to be\nacquired prior to pl->state_mutex. But that requires dereferencing\npl->phydev in the first place, and without pl->state_mutex, that is\nracy.\n\nHence the reason for the extra lock. Currently it is redundant, but it\nwill serve a functional purpose once mutex_lock(&phy->lock) will be\nmoved outside of the mutex_lock(&pl->state_mutex) section.\n\nAnother alternative considered would have been to let phylink_resolve()\nacquire the rtnl_mutex, which is also held when phylink_bringup_phy()\nand phylink_disconnect_phy() are called. But since phylink_disconnect_phy()\nruns under rtnl_lock(), it would deadlock with phylink_resolve() when\ncalling flush_work(&pl->resolve). Additionally, it would have been\nundesirable because it would have unnecessarily blocked many other call\npaths as well in the entire kernel, so the smaller-scoped lock was\npreferred.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-39905" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/0ba5b2f2c381dbec9ed9e4ab3ae5d3e667de0dc3", "url": "https://git.kernel.org/stable/c/0ba5b2f2c381dbec9ed9e4ab3ae5d3e667de0dc3" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/56fe63b05ec84ae6674269d78397cec43a7a295a", "url": "https://git.kernel.org/stable/c/56fe63b05ec84ae6674269d78397cec43a7a295a" } ], "release_date": "2025-10-01T08:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-37879", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\n9p/net: fix improper handling of bogus negative read/write replies\n\nIn p9_client_write() and p9_client_read_once(), if the server\nincorrectly replies with success but a negative write/read count then we\nwould consider written (negative) <= rsize (positive) because both\nvariables were signed.\n\nMake variables unsigned to avoid this problem.\n\nThe reproducer linked below now fails with the following error instead\nof a null pointer deref:\n9pnet: bogus RWRITE count (4294967295 > 3)", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-37879" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/374e4cd75617c8c2552f562f39dd989583f5c330", "url": "https://git.kernel.org/stable/c/374e4cd75617c8c2552f562f39dd989583f5c330" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/468ff4a7c61fb811c596a7c44b6a5455e40fd12b", "url": "https://git.kernel.org/stable/c/468ff4a7c61fb811c596a7c44b6a5455e40fd12b" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a68768e280b7d0c967ea509e791bb9b90adc94a5", "url": "https://git.kernel.org/stable/c/a68768e280b7d0c967ea509e791bb9b90adc94a5" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c548f95688e2b5ae0e2ae43d53cf717156c7d034", "url": "https://git.kernel.org/stable/c/c548f95688e2b5ae0e2ae43d53cf717156c7d034" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/d0259a856afca31d699b706ed5e2adf11086c73b", "url": "https://git.kernel.org/stable/c/d0259a856afca31d699b706ed5e2adf11086c73b" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html", "url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html" } ], "release_date": "2025-05-09T07:16:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-40154", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\nASoC: Intel: bytcr_rt5640: Fix invalid quirk input mapping\nWhen an invalid value is passed via quirk option, currently\nbytcr_rt5640 driver only shows an error message but leaves as is.\nThis may lead to unepxected results like OOB access.\nThis patch corrects the input mapping to the certain default value if\nan invalid value is passed.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-40154" } ], "release_date": "2025-11-12T00:00:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-37927", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/amd: Fix potential buffer overflow in parse_ivrs_acpihid\n\nThere is a string parsing logic error which can lead to an overflow of hid\nor uid buffers. Comparing ACPIID_LEN against a total string length doesn't\ntake into account the lengths of individual hid and uid buffers so the\ncheck is insufficient in some cases. For example if the length of hid\nstring is 4 and the length of the uid string is 260, the length of str\nwill be equal to ACPIID_LEN + 1 but uid string will overflow uid buffer\nwhich size is 256.\n\nThe same applies to the hid string with length 13 and uid string with\nlength 250.\n\nCheck the length of hid and uid strings separately to prevent\nbuffer overflow.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-37927" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/10d901a95f8e766e5aa0bb9a983fb41271f64718", "url": "https://git.kernel.org/stable/c/10d901a95f8e766e5aa0bb9a983fb41271f64718" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/13d67528e1ae4486e9ab24b70122fab104c73c29", "url": "https://git.kernel.org/stable/c/13d67528e1ae4486e9ab24b70122fab104c73c29" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/2b65060c84ee4d8dc64fae6d2728b528e9e832e1", "url": "https://git.kernel.org/stable/c/2b65060c84ee4d8dc64fae6d2728b528e9e832e1" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/466d9da267079a8d3b69fa72dfa3a732e1f6dbb5", "url": "https://git.kernel.org/stable/c/466d9da267079a8d3b69fa72dfa3a732e1f6dbb5" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/8dee308e4c01dea48fc104d37f92d5b58c50b96c", "url": "https://git.kernel.org/stable/c/8dee308e4c01dea48fc104d37f92d5b58c50b96c" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a65ebfed65fa62797ec1f5f1dcf7adb157a2de1e", "url": "https://git.kernel.org/stable/c/a65ebfed65fa62797ec1f5f1dcf7adb157a2de1e" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c3f37faa71f5d26dd2144b3f2b14525ec8f5e41f", "url": "https://git.kernel.org/stable/c/c3f37faa71f5d26dd2144b3f2b14525ec8f5e41f" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c8bdfc0297965bb13fa439d36ca9c4f7c8447f0f", "url": "https://git.kernel.org/stable/c/c8bdfc0297965bb13fa439d36ca9c4f7c8447f0f" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/08/msg00010.html", "url": "https://lists.debian.org/debian-lts-announce/2025/08/msg00010.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html" } ], "release_date": "2025-05-20T16:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-39841", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: lpfc: Fix buffer free/clear order in deferred receive path\n\nFix a use-after-free window by correcting the buffer release sequence in\nthe deferred receive path. The code freed the RQ buffer first and only\nthen cleared the context pointer under the lock. Concurrent paths (e.g.,\nABTS and the repost path) also inspect and release the same pointer under\nthe lock, so the old order could lead to double-free/UAF.\n\nNote that the repost path already uses the correct pattern: detach the\npointer under the lock, then free it after dropping the lock. The\ndeferred path should do the same.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-39841" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/367cb5ffd8a8a4c85dc89f55e7fa7cc191425b11", "url": "https://git.kernel.org/stable/c/367cb5ffd8a8a4c85dc89f55e7fa7cc191425b11" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/55658c7501467ca9ef3bd4453dd920010db8bc13", "url": "https://git.kernel.org/stable/c/55658c7501467ca9ef3bd4453dd920010db8bc13" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/897f64b01c1249ac730329b83f4f40bab71e86c7", "url": "https://git.kernel.org/stable/c/897f64b01c1249ac730329b83f4f40bab71e86c7" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/95b63d15fce5c54a73bbf195e1aacb5a75b128e2", "url": "https://git.kernel.org/stable/c/95b63d15fce5c54a73bbf195e1aacb5a75b128e2" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/9dba9a45c348e8460da97c450cddf70b2056deb3", "url": "https://git.kernel.org/stable/c/9dba9a45c348e8460da97c450cddf70b2056deb3" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/ab34084f42ee06a9028d67c78feafb911d33d111", "url": "https://git.kernel.org/stable/c/ab34084f42ee06a9028d67c78feafb911d33d111" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/baa39f6ad79d372a6ce0aa639fbb2f1578479f57", "url": "https://git.kernel.org/stable/c/baa39f6ad79d372a6ce0aa639fbb2f1578479f57" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/d96cc9a1b57725930c60b607423759d563b4d900", "url": "https://git.kernel.org/stable/c/d96cc9a1b57725930c60b607423759d563b4d900" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html" } ], "release_date": "2025-09-19T16:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-38069", "cwe": { "id": "CWE-415", "name": "Double Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: endpoint: pci-epf-test: Fix double free that causes kernel to oops\n\nFix a kernel oops found while testing the stm32_pcie Endpoint driver\nwith handling of PERST# deassertion:\n\nDuring EP initialization, pci_epf_test_alloc_space() allocates all BARs,\nwhich are further freed if epc_set_bar() fails (for instance, due to no\nfree inbound window).\n\nHowever, when pci_epc_set_bar() fails, the error path:\n\n pci_epc_set_bar() ->\n pci_epf_free_space()\n\ndoes not clear the previous assignment to epf_test->reg[bar].\n\nThen, if the host reboots, the PERST# deassertion restarts the BAR\nallocation sequence with the same allocation failure (no free inbound\nwindow), creating a double free situation since epf_test->reg[bar] was\ndeallocated and is still non-NULL.\n\nThus, make sure that pci_epf_alloc_space() and pci_epf_free_space()\ninvocations are symmetric, and as such, set epf_test->reg[bar] to NULL\nwhen memory is freed.\n\n[kwilczynski: commit log]", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-38069" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/8b83893d1f6c6061a7d58169ecdf9d5ee9f306ee", "url": "https://git.kernel.org/stable/c/8b83893d1f6c6061a7d58169ecdf9d5ee9f306ee" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/934e9d137d937706004c325fa1474f9e3f1ba10a", "url": "https://git.kernel.org/stable/c/934e9d137d937706004c325fa1474f9e3f1ba10a" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/fe2329eff5bee461ebcafadb6ca1df0cbf5945fd", "url": "https://git.kernel.org/stable/c/fe2329eff5bee461ebcafadb6ca1df0cbf5945fd" } ], "release_date": "2025-06-18T10:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2022-49698", "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: use get_random_u32 instead of prandom\n\nbh might occur while updating per-cpu rnd_state from user context,\nie. local_out path.\n\nBUG: using smp_processor_id() in preemptible [00000000] code: nginx/2725\ncaller is nft_ng_random_eval+0x24/0x54 [nft_numgen]\nCall Trace:\n check_preemption_disabled+0xde/0xe0\n nft_ng_random_eval+0x24/0x54 [nft_numgen]\n\nUse the random driver instead, this also avoids need for local prandom\nstate. Moreover, prandom now uses the random driver since d4150779e60f\n(\"random32: use real rng for non-deterministic randomness\").\n\nBased on earlier patch from Pablo Neira.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-49698" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/15cc30ac2a8d7185f8ebf97dd1ddd90a7c79783b", "url": "https://git.kernel.org/stable/c/15cc30ac2a8d7185f8ebf97dd1ddd90a7c79783b" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/6ce71f83f798be7e1ca68707fec449fbecb38852", "url": "https://git.kernel.org/stable/c/6ce71f83f798be7e1ca68707fec449fbecb38852" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/b1fd94e704571f98b21027340eecf821b2bdffba", "url": "https://git.kernel.org/stable/c/b1fd94e704571f98b21027340eecf821b2bdffba" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/d0906b0fffc9f19bc42708ca3e84e2089088386c", "url": "https://git.kernel.org/stable/c/d0906b0fffc9f19bc42708ca3e84e2089088386c" } ], "release_date": "2025-02-26T07:01:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-38718", "cwe": { "id": "CWE-908", "name": "Use of Uninitialized Resource" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: linearize cloned gso packets in sctp_rcv\n\nA cloned head skb still shares these frag skbs in fraglist with the\noriginal head skb. It's not safe to access these frag skbs.\n\nsyzbot reported two use-of-uninitialized-memory bugs caused by this:\n\n BUG: KMSAN: uninit-value in sctp_inq_pop+0x15b7/0x1920 net/sctp/inqueue.c:211\n sctp_inq_pop+0x15b7/0x1920 net/sctp/inqueue.c:211\n sctp_assoc_bh_rcv+0x1a7/0xc50 net/sctp/associola.c:998\n sctp_inq_push+0x2ef/0x380 net/sctp/inqueue.c:88\n sctp_backlog_rcv+0x397/0xdb0 net/sctp/input.c:331\n sk_backlog_rcv+0x13b/0x420 include/net/sock.h:1122\n __release_sock+0x1da/0x330 net/core/sock.c:3106\n release_sock+0x6b/0x250 net/core/sock.c:3660\n sctp_wait_for_connect+0x487/0x820 net/sctp/socket.c:9360\n sctp_sendmsg_to_asoc+0x1ec1/0x1f00 net/sctp/socket.c:1885\n sctp_sendmsg+0x32b9/0x4a80 net/sctp/socket.c:2031\n inet_sendmsg+0x25a/0x280 net/ipv4/af_inet.c:851\n sock_sendmsg_nosec net/socket.c:718 [inline]\n\nand\n\n BUG: KMSAN: uninit-value in sctp_assoc_bh_rcv+0x34e/0xbc0 net/sctp/associola.c:987\n sctp_assoc_bh_rcv+0x34e/0xbc0 net/sctp/associola.c:987\n sctp_inq_push+0x2a3/0x350 net/sctp/inqueue.c:88\n sctp_backlog_rcv+0x3c7/0xda0 net/sctp/input.c:331\n sk_backlog_rcv+0x142/0x420 include/net/sock.h:1148\n __release_sock+0x1d3/0x330 net/core/sock.c:3213\n release_sock+0x6b/0x270 net/core/sock.c:3767\n sctp_wait_for_connect+0x458/0x820 net/sctp/socket.c:9367\n sctp_sendmsg_to_asoc+0x223a/0x2260 net/sctp/socket.c:1886\n sctp_sendmsg+0x3910/0x49f0 net/sctp/socket.c:2032\n inet_sendmsg+0x269/0x2a0 net/ipv4/af_inet.c:851\n sock_sendmsg_nosec net/socket.c:712 [inline]\n\nThis patch fixes it by linearizing cloned gso packets in sctp_rcv().", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-38718" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/03d0cc6889e02420125510b5444b570f4bbf53d5", "url": "https://git.kernel.org/stable/c/03d0cc6889e02420125510b5444b570f4bbf53d5" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/1bd5214ea681584c5886fea3ba03e49f93a43c0e", "url": "https://git.kernel.org/stable/c/1bd5214ea681584c5886fea3ba03e49f93a43c0e" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/4506bcaabe004d07be8ff09116a3024fbd6aa965", "url": "https://git.kernel.org/stable/c/4506bcaabe004d07be8ff09116a3024fbd6aa965" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/7d757f17bc2ef2727994ffa6d5d6e4bc4789a770", "url": "https://git.kernel.org/stable/c/7d757f17bc2ef2727994ffa6d5d6e4bc4789a770" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/cd0e92bb2b7542fb96397ffac639b4f5b099d0cb", "url": "https://git.kernel.org/stable/c/cd0e92bb2b7542fb96397ffac639b4f5b099d0cb" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/d0194e391bb493aa6cec56d177b14df6b29188d5", "url": "https://git.kernel.org/stable/c/d0194e391bb493aa6cec56d177b14df6b29188d5" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/ea094f38d387d1b0ded5dee4a3e5720aa4ce0139", "url": "https://git.kernel.org/stable/c/ea094f38d387d1b0ded5dee4a3e5720aa4ce0139" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/fc66772607101bd2030a4332b3bd0ea3b3605250", "url": "https://git.kernel.org/stable/c/fc66772607101bd2030a4332b3bd0ea3b3605250" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/fd60d8a086191fe33c2d719732d2482052fa6805", "url": "https://git.kernel.org/stable/c/fd60d8a086191fe33c2d719732d2482052fa6805" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html" } ], "release_date": "2025-09-04T16:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-39757", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: usb-audio: Validate UAC3 cluster segment descriptors\n\nUAC3 class segment descriptors need to be verified whether their sizes\nmatch with the declared lengths and whether they fit with the\nallocated buffer sizes, too. Otherwise malicious firmware may lead to\nthe unexpected OOB accesses.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-39757" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/1034719fdefd26caeec0a44a868bb5a412c2c1a5", "url": "https://git.kernel.org/stable/c/1034719fdefd26caeec0a44a868bb5a412c2c1a5" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/275e37532e8ebe25e8a4069b2d9f955bfd202a46", "url": "https://git.kernel.org/stable/c/275e37532e8ebe25e8a4069b2d9f955bfd202a46" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/47ab3d820cb0a502bd0074f83bb3cf7ab5d79902", "url": "https://git.kernel.org/stable/c/47ab3d820cb0a502bd0074f83bb3cf7ab5d79902" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/786571b10b1ae6d90e1242848ce78ee7e1d493c4", "url": "https://git.kernel.org/stable/c/786571b10b1ae6d90e1242848ce78ee7e1d493c4" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/799c06ad4c9c790c265e8b6b94947213f1fb389c", "url": "https://git.kernel.org/stable/c/799c06ad4c9c790c265e8b6b94947213f1fb389c" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/7ef3fd250f84494fb2f7871f357808edaa1fc6ce", "url": "https://git.kernel.org/stable/c/7ef3fd250f84494fb2f7871f357808edaa1fc6ce" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/ae17b3b5e753efc239421d186cd1ff06e5ac296e", "url": "https://git.kernel.org/stable/c/ae17b3b5e753efc239421d186cd1ff06e5ac296e" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/dfdcbcde5c20df878178245d4449feada7d5b201", "url": "https://git.kernel.org/stable/c/dfdcbcde5c20df878178245d4449feada7d5b201" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/ecfd41166b72b67d3bdeb88d224ff445f6163869", "url": "https://git.kernel.org/stable/c/ecfd41166b72b67d3bdeb88d224ff445f6163869" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html" } ], "release_date": "2025-09-11T17:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2022-49026", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ne100: Fix possible use after free in e100_xmit_prepare\n\nIn e100_xmit_prepare(), if we can't map the skb, then return -ENOMEM, so\ne100_xmit_frame() will return NETDEV_TX_BUSY and the upper layer will\nresend the skb. But the skb is already freed, which will cause UAF bug\nwhen the upper layer resends the skb.\n\nRemove the harmful free.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-49026" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/45605c75c52c7ae7bfe902214343aabcfe5ba0ff", "url": "https://git.kernel.org/stable/c/45605c75c52c7ae7bfe902214343aabcfe5ba0ff" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/9fc27d22cdb9b1fcd754599d216a8992fed280cd", "url": "https://git.kernel.org/stable/c/9fc27d22cdb9b1fcd754599d216a8992fed280cd" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/b46f6144ab89d3d757ead940759c505091626a7d", "url": "https://git.kernel.org/stable/c/b46f6144ab89d3d757ead940759c505091626a7d" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/b775f37d943966f6f77dca402f5a9dedce502c25", "url": "https://git.kernel.org/stable/c/b775f37d943966f6f77dca402f5a9dedce502c25" } ], "release_date": "2024-10-21T20:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2022-49975", "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Don't redirect packets with invalid pkt_len\n\nSyzbot found an issue [1]: fq_codel_drop() try to drop a flow whitout any\nskbs, that is, the flow->head is null.\nThe root cause, as the [2] says, is because that bpf_prog_test_run_skb()\nrun a bpf prog which redirects empty skbs.\nSo we should determine whether the length of the packet modified by bpf\nprog or others like bpf_prog_test is valid before forwarding it directly.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-49975" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/6204bf78b2a903b96ba43afff6abc0b04d6e0462", "url": "https://git.kernel.org/stable/c/6204bf78b2a903b96ba43afff6abc0b04d6e0462" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/72f2dc8993f10262092745a88cb2dd0fef094f23", "url": "https://git.kernel.org/stable/c/72f2dc8993f10262092745a88cb2dd0fef094f23" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/8b68e53d56697a59b5c53893b53f508bbdf272a0", "url": "https://git.kernel.org/stable/c/8b68e53d56697a59b5c53893b53f508bbdf272a0" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a75987714bd2d8e59840667a28e15c1fa5c47554", "url": "https://git.kernel.org/stable/c/a75987714bd2d8e59840667a28e15c1fa5c47554" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/fd1894224407c484f652ad456e1ce423e89bb3eb", "url": "https://git.kernel.org/stable/c/fd1894224407c484f652ad456e1ce423e89bb3eb" } ], "release_date": "2025-06-18T11:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-39751", "notes": [ { "category": "description", "text": "Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.", "title": "Vulnerability description" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-39751" } ], "release_date": "2025-09-11T17:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-39702", "cwe": { "id": "CWE-203", "name": "Observable Discrepancy" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: sr: Fix MAC comparison to be constant-time\n\nTo prevent timing attacks, MACs need to be compared in constant time.\nUse the appropriate helper function for this.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-39702" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/3b348c9c8d2ca2c67559ffd0e258ae7e1107d4f0", "url": "https://git.kernel.org/stable/c/3b348c9c8d2ca2c67559ffd0e258ae7e1107d4f0" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/3ddd55cf19ed6cc62def5e3af10c2a9df1b861c3", "url": "https://git.kernel.org/stable/c/3ddd55cf19ed6cc62def5e3af10c2a9df1b861c3" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/86b6d34717fe0570afce07ee79b8eeb40341f831", "url": "https://git.kernel.org/stable/c/86b6d34717fe0570afce07ee79b8eeb40341f831" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a458b2902115b26a25d67393b12ddd57d1216aaa", "url": "https://git.kernel.org/stable/c/a458b2902115b26a25d67393b12ddd57d1216aaa" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/b3967c493799e63f648e9c7b6cb063aa2aed04e7", "url": "https://git.kernel.org/stable/c/b3967c493799e63f648e9c7b6cb063aa2aed04e7" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/f7878d47560d61e3f370aca3cebb8f42a55b990a", "url": "https://git.kernel.org/stable/c/f7878d47560d61e3f370aca3cebb8f42a55b990a" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/ff55a452d56490047f5233cc48c5d933f8586884", "url": "https://git.kernel.org/stable/c/ff55a452d56490047f5233cc48c5d933f8586884" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html" } ], "release_date": "2025-09-05T18:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-38527", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix use-after-free in cifs_oplock_break\n\nA race condition can occur in cifs_oplock_break() leading to a\nuse-after-free of the cinode structure when unmounting:\n\n cifs_oplock_break()\n _cifsFileInfo_put(cfile)\n cifsFileInfo_put_final()\n cifs_sb_deactive()\n [last ref, start releasing sb]\n kill_sb()\n kill_anon_super()\n generic_shutdown_super()\n evict_inodes()\n dispose_list()\n evict()\n destroy_inode()\n call_rcu(&inode->i_rcu, i_callback)\n spin_lock(&cinode->open_file_lock) <- OK\n [later] i_callback()\n cifs_free_inode()\n kmem_cache_free(cinode)\n spin_unlock(&cinode->open_file_lock) <- UAF\n cifs_done_oplock_break(cinode) <- UAF\n\nThe issue occurs when umount has already released its reference to the\nsuperblock. When _cifsFileInfo_put() calls cifs_sb_deactive(), this\nreleases the last reference, triggering the immediate cleanup of all\ninodes under RCU. However, cifs_oplock_break() continues to access the\ncinode after this point, resulting in use-after-free.\n\nFix this by holding an extra reference to the superblock during the\nentire oplock break operation. This ensures that the superblock and\nits inodes remain valid until the oplock break completes.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-38527" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/09bce2138a30ef10d8821c8c3f73a4ab7a5726bc", "url": "https://git.kernel.org/stable/c/09bce2138a30ef10d8821c8c3f73a4ab7a5726bc" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/0a4eec84d4d2c4085d4ed8630fd74e4b39033c1b", "url": "https://git.kernel.org/stable/c/0a4eec84d4d2c4085d4ed8630fd74e4b39033c1b" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/2baaf5bbab2ac474c4f92c10fcb3310f824db995", "url": "https://git.kernel.org/stable/c/2baaf5bbab2ac474c4f92c10fcb3310f824db995" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/4256a483fe58af66a46cbf3dc48ff26e580d3308", "url": "https://git.kernel.org/stable/c/4256a483fe58af66a46cbf3dc48ff26e580d3308" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/705c79101ccf9edea5a00d761491a03ced314210", "url": "https://git.kernel.org/stable/c/705c79101ccf9edea5a00d761491a03ced314210" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/da11bd4b697b393a207f19a2ed7d382a811a3ddc", "url": "https://git.kernel.org/stable/c/da11bd4b697b393a207f19a2ed7d382a811a3ddc" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html" } ], "release_date": "2025-08-16T12:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-39853", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni40e: Fix potential invalid access when MAC list is empty\n\nlist_first_entry() never returns NULL - if the list is empty, it still\nreturns a pointer to an invalid object, leading to potential invalid\nmemory access when dereferenced.\n\nFix this by using list_first_entry_or_null instead of list_first_entry.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-39853" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/1eadabcf5623f1237a539b16586b4ed8ac8dffcd", "url": "https://git.kernel.org/stable/c/1eadabcf5623f1237a539b16586b4ed8ac8dffcd" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/3c6fb929afa313d9d11f780451d113f73922fe5d", "url": "https://git.kernel.org/stable/c/3c6fb929afa313d9d11f780451d113f73922fe5d" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/66e7cdbda74ee823ec2bf7b830ebd235c54f5ddf", "url": "https://git.kernel.org/stable/c/66e7cdbda74ee823ec2bf7b830ebd235c54f5ddf" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/971feafe157afac443027acdc235badc6838560b", "url": "https://git.kernel.org/stable/c/971feafe157afac443027acdc235badc6838560b" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/9c21fc4cebd44dd21016c61261a683af390343f8", "url": "https://git.kernel.org/stable/c/9c21fc4cebd44dd21016c61261a683af390343f8" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a556f06338e1d5a85af0e32ecb46e365547f92b9", "url": "https://git.kernel.org/stable/c/a556f06338e1d5a85af0e32ecb46e365547f92b9" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/e2a5e74879f9b494bbd66fa93f355feacde450c7", "url": "https://git.kernel.org/stable/c/e2a5e74879f9b494bbd66fa93f355feacde450c7" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/fb216d980fae6561c7c70af8ef826faf059c6515", "url": "https://git.kernel.org/stable/c/fb216d980fae6561c7c70af8ef826faf059c6515" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html" } ], "release_date": "2025-09-19T16:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2023-53282", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: lpfc: Fix use-after-free KFENCE violation during sysfs firmware write\n\nDuring the sysfs firmware write process, a use-after-free read warning is\nlogged from the lpfc_wr_object() routine:\n\n BUG: KFENCE: use-after-free read in lpfc_wr_object+0x235/0x310 [lpfc]\n Use-after-free read at 0x0000000000cf164d (in kfence-#111):\n lpfc_wr_object+0x235/0x310 [lpfc]\n lpfc_write_firmware.cold+0x206/0x30d [lpfc]\n lpfc_sli4_request_firmware_update+0xa6/0x100 [lpfc]\n lpfc_request_firmware_upgrade_store+0x66/0xb0 [lpfc]\n kernfs_fop_write_iter+0x121/0x1b0\n new_sync_write+0x11c/0x1b0\n vfs_write+0x1ef/0x280\n ksys_write+0x5f/0xe0\n do_syscall_64+0x59/0x90\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nThe driver accessed wr_object pointer data, which was initialized into\nmailbox payload memory, after the mailbox object was released back to the\nmailbox pool.\n\nFix by moving the mailbox free calls to the end of the routine ensuring\nthat we don't reference internal mailbox memory after release.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2023-53282" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/21681b81b9ae548c5dae7ae00d931197a27f480c", "url": "https://git.kernel.org/stable/c/21681b81b9ae548c5dae7ae00d931197a27f480c" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/51ab4eb1a25e73c7fc2ad9026520c4d8369c93cc", "url": "https://git.kernel.org/stable/c/51ab4eb1a25e73c7fc2ad9026520c4d8369c93cc" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/8becb97918f04bb177bc9c4e00c2bdb302e00944", "url": "https://git.kernel.org/stable/c/8becb97918f04bb177bc9c4e00c2bdb302e00944" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/8dfefa8f424ab208e552df1bfd008b732f3d0ad1", "url": "https://git.kernel.org/stable/c/8dfefa8f424ab208e552df1bfd008b732f3d0ad1" } ], "release_date": "2025-09-16T08:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-37839", "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\njbd2: remove wrong sb->s_sequence check\n\nJournal emptiness is not determined by sb->s_sequence == 0 but rather by\nsb->s_start == 0 (which is set a few lines above). Furthermore 0 is a\nvalid transaction ID so the check can spuriously trigger. Remove the\ninvalid WARN_ON.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-37839" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/3b4643ffaf72d7a5a357e9bf68b1775f8cfe7e77", "url": "https://git.kernel.org/stable/c/3b4643ffaf72d7a5a357e9bf68b1775f8cfe7e77" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/9eaec071f111cd2124ce9a5b93536d3f6837d457", "url": "https://git.kernel.org/stable/c/9eaec071f111cd2124ce9a5b93536d3f6837d457" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/ad926f735b4d4f10768fec7d080cadeb6d075cac", "url": "https://git.kernel.org/stable/c/ad926f735b4d4f10768fec7d080cadeb6d075cac" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/b0cca357f85beb6144ab60c62dcc98508cc044bf", "url": "https://git.kernel.org/stable/c/b0cca357f85beb6144ab60c62dcc98508cc044bf" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/b479839525fe7906966cdc4b5b2afbca048558a1", "url": "https://git.kernel.org/stable/c/b479839525fe7906966cdc4b5b2afbca048558a1" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c88f7328bb0fff66520fc9164f02b1d06e083c1b", "url": "https://git.kernel.org/stable/c/c88f7328bb0fff66520fc9164f02b1d06e083c1b" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c98eb9ffb1d9c98237b5e1668eee17654e129fb0", "url": "https://git.kernel.org/stable/c/c98eb9ffb1d9c98237b5e1668eee17654e129fb0" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/cf30432f5b3064ff85d85639c2f0106f89c566f6", "url": "https://git.kernel.org/stable/c/cf30432f5b3064ff85d85639c2f0106f89c566f6" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/e6eff39dd0fe4190c6146069cc16d160e71d1148", "url": "https://git.kernel.org/stable/c/e6eff39dd0fe4190c6146069cc16d160e71d1148" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html", "url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html", "url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html" } ], "release_date": "2025-05-09T07:16:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-39973", "cwe": { "id": "CWE-131", "name": "Incorrect Calculation of Buffer Size" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\ni40e: add validation for ring_len param\nThe `ring_len` parameter provided by the virtual function (VF)\nis assigned directly to the hardware memory context (HMC) without\nany validation.\nTo address this, introduce an upper boundary check for both Tx and Rx\nqueue lengths. The maximum number of descriptors supported by the\nhardware is 8k-32.\nAdditionally, enforce alignment constraints: Tx rings must be a multiple\nof 8, and Rx rings must be a multiple of 32.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-39973" } ], "release_date": "2025-10-15T00:00:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-37823", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too\n\nSimilarly to the previous patch, we need to safe guard hfsc_dequeue()\ntoo. But for this one, we don't have a reliable reproducer.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-37823" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/11bccb054c1462fb069219f8e98e97a5a730758e", "url": "https://git.kernel.org/stable/c/11bccb054c1462fb069219f8e98e97a5a730758e" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/2f46d14919c39528c6e540ebc43f90055993eedc", "url": "https://git.kernel.org/stable/c/2f46d14919c39528c6e540ebc43f90055993eedc" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/68f256305ceb426d545a0dc31f83c2ab1d211a1e", "url": "https://git.kernel.org/stable/c/68f256305ceb426d545a0dc31f83c2ab1d211a1e" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/6ccbda44e2cc3d26fd22af54c650d6d5d801addf", "url": "https://git.kernel.org/stable/c/6ccbda44e2cc3d26fd22af54c650d6d5d801addf" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/76c4c22c2437d3d3880efc0f62eca06ef078d290", "url": "https://git.kernel.org/stable/c/76c4c22c2437d3d3880efc0f62eca06ef078d290" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c6936266f8bf98a53f28ef9a820e6a501e946d09", "url": "https://git.kernel.org/stable/c/c6936266f8bf98a53f28ef9a820e6a501e946d09" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c6f035044104c6ff656f4565cd22938dc892528c", "url": "https://git.kernel.org/stable/c/c6f035044104c6ff656f4565cd22938dc892528c" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/da7936518996d290e2fcfcaf6cd7e15bfd87804a", "url": "https://git.kernel.org/stable/c/da7936518996d290e2fcfcaf6cd7e15bfd87804a" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html", "url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html", "url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html" } ], "release_date": "2025-05-08T07:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-38346", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nftrace: Fix UAF when lookup kallsym after ftrace disabled\n\nThe following issue happens with a buggy module:\n\nBUG: unable to handle page fault for address: ffffffffc05d0218\nPGD 1bd66f067 P4D 1bd66f067 PUD 1bd671067 PMD 101808067 PTE 0\nOops: Oops: 0000 [#1] SMP KASAN PTI\nTainted: [O]=OOT_MODULE, [E]=UNSIGNED_MODULE\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS\nRIP: 0010:sized_strscpy+0x81/0x2f0\nRSP: 0018:ffff88812d76fa08 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: ffffffffc0601010 RCX: dffffc0000000000\nRDX: 0000000000000038 RSI: dffffc0000000000 RDI: ffff88812608da2d\nRBP: 8080808080808080 R08: ffff88812608da2d R09: ffff88812608da68\nR10: ffff88812608d82d R11: ffff88812608d810 R12: 0000000000000038\nR13: ffff88812608da2d R14: ffffffffc05d0218 R15: fefefefefefefeff\nFS: 00007fef552de740(0000) GS:ffff8884251c7000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: ffffffffc05d0218 CR3: 00000001146f0000 CR4: 00000000000006f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \n ftrace_mod_get_kallsym+0x1ac/0x590\n update_iter_mod+0x239/0x5b0\n s_next+0x5b/0xa0\n seq_read_iter+0x8c9/0x1070\n seq_read+0x249/0x3b0\n proc_reg_read+0x1b0/0x280\n vfs_read+0x17f/0x920\n ksys_read+0xf3/0x1c0\n do_syscall_64+0x5f/0x2e0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nThe above issue may happen as follows:\n(1) Add kprobe tracepoint;\n(2) insmod test.ko;\n(3) Module triggers ftrace disabled;\n(4) rmmod test.ko;\n(5) cat /proc/kallsyms; --> Will trigger UAF as test.ko already removed;\nftrace_mod_get_kallsym()\n...\nstrscpy(module_name, mod_map->mod->name, MODULE_NAME_LEN);\n...\n\nThe problem is when a module triggers an issue with ftrace and\nsets ftrace_disable. The ftrace_disable is set when an anomaly is\ndiscovered and to prevent any more damage, ftrace stops all text\nmodification. The issue that happened was that the ftrace_disable stops\nmore than just the text modification.\n\nWhen a module is loaded, its init functions can also be traced. Because\nkallsyms deletes the init functions after a module has loaded, ftrace\nsaves them when the module is loaded and function tracing is enabled. This\nallows the output of the function trace to show the init function names\ninstead of just their raw memory addresses.\n\nWhen a module is removed, ftrace_release_mod() is called, and if\nftrace_disable is set, it just returns without doing anything more. The\nproblem here is that it leaves the mod_list still around and if kallsyms\nis called, it will call into this code and access the module memory that\nhas already been freed as it will return:\n\n strscpy(module_name, mod_map->mod->name, MODULE_NAME_LEN);\n\nWhere the \"mod\" no longer exists and triggers a UAF bug.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-38346" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/03a162933c4a03b9f1a84f7d8482903c7e1e11bb", "url": "https://git.kernel.org/stable/c/03a162933c4a03b9f1a84f7d8482903c7e1e11bb" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/6805582abb720681dd1c87ff677f155dcf4e86c9", "url": "https://git.kernel.org/stable/c/6805582abb720681dd1c87ff677f155dcf4e86c9" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/83a692a9792aa86249d68a8ac0b9d55ecdd255fa", "url": "https://git.kernel.org/stable/c/83a692a9792aa86249d68a8ac0b9d55ecdd255fa" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/8690cd3258455bbae64f809e1d3ee0f043661c71", "url": "https://git.kernel.org/stable/c/8690cd3258455bbae64f809e1d3ee0f043661c71" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/8e89c17dc8970c5f71a3a991f5724d4c8de42d8c", "url": "https://git.kernel.org/stable/c/8e89c17dc8970c5f71a3a991f5724d4c8de42d8c" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/d064c68781c19f378af1ae741d9132d35d24b2bb", "url": "https://git.kernel.org/stable/c/d064c68781c19f378af1ae741d9132d35d24b2bb" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/f78a786ad9a5443a29eef4dae60cde85b7375129", "url": "https://git.kernel.org/stable/c/f78a786ad9a5443a29eef4dae60cde85b7375129" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/f914b52c379c12288b7623bb814d0508dbe7481d", "url": "https://git.kernel.org/stable/c/f914b52c379c12288b7623bb814d0508dbe7481d" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html" } ], "release_date": "2025-07-10T09:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-39965", "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: xfrm_alloc_spi shouldn't use 0 as SPI\n\nx->id.spi == 0 means \"no SPI assigned\", but since commit\n94f39804d891 (\"xfrm: Duplicate SPI Handling\"), we now create states\nand add them to the byspi list with this value.\n\n__xfrm_state_delete doesn't remove those states from the byspi list,\nsince they shouldn't be there, and this shows up as a UAF the next\ntime we go through the byspi list.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-39965" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/0baf92d0b1590b903c1f4ead75e61715e50e8146", "url": "https://git.kernel.org/stable/c/0baf92d0b1590b903c1f4ead75e61715e50e8146" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/9fcedabaae0096f712bbb4ccca6a8538af1cd1c8", "url": "https://git.kernel.org/stable/c/9fcedabaae0096f712bbb4ccca6a8538af1cd1c8" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a78e55776522373c446f18d5002a8de4b09e6bf7", "url": "https://git.kernel.org/stable/c/a78e55776522373c446f18d5002a8de4b09e6bf7" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/cd8ae32e4e4652db55bce6b9c79267d8946765a9", "url": "https://git.kernel.org/stable/c/cd8ae32e4e4652db55bce6b9c79267d8946765a9" } ], "release_date": "2025-10-13T14:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ] }, { "cve": "CVE-2025-38323", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: atm: add lec_mutex\n\nsyzbot found its way in net/atm/lec.c, and found an error path\nin lecd_attach() could leave a dangling pointer in dev_lec[].\n\nAdd a mutex to protect dev_lecp[] uses from lecd_attach(),\nlec_vcc_attach() and lec_mcast_attach().\n\nFollowing patch will use this mutex for /proc/net/atm/lec.\n\nBUG: KASAN: slab-use-after-free in lecd_attach net/atm/lec.c:751 [inline]\nBUG: KASAN: slab-use-after-free in lane_ioctl+0x2224/0x23e0 net/atm/lec.c:1008\nRead of size 8 at addr ffff88807c7b8e68 by task syz.1.17/6142\n\nCPU: 1 UID: 0 PID: 6142 Comm: syz.1.17 Not tainted 6.16.0-rc1-syzkaller-00239-g08215f5486ec #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025\nCall Trace:\n \n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:408 [inline]\n print_report+0xcd/0x680 mm/kasan/report.c:521\n kasan_report+0xe0/0x110 mm/kasan/report.c:634\n lecd_attach net/atm/lec.c:751 [inline]\n lane_ioctl+0x2224/0x23e0 net/atm/lec.c:1008\n do_vcc_ioctl+0x12c/0x930 net/atm/ioctl.c:159\n sock_do_ioctl+0x118/0x280 net/socket.c:1190\n sock_ioctl+0x227/0x6b0 net/socket.c:1311\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:907 [inline]\n __se_sys_ioctl fs/ioctl.c:893 [inline]\n __x64_sys_ioctl+0x18e/0x210 fs/ioctl.c:893\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xcd/0x4c0 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n \n\nAllocated by task 6132:\n kasan_save_stack+0x33/0x60 mm/kasan/common.c:47\n kasan_save_track+0x14/0x30 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0xaa/0xb0 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __do_kmalloc_node mm/slub.c:4328 [inline]\n __kvmalloc_node_noprof+0x27b/0x620 mm/slub.c:5015\n alloc_netdev_mqs+0xd2/0x1570 net/core/dev.c:11711\n lecd_attach net/atm/lec.c:737 [inline]\n lane_ioctl+0x17db/0x23e0 net/atm/lec.c:1008\n do_vcc_ioctl+0x12c/0x930 net/atm/ioctl.c:159\n sock_do_ioctl+0x118/0x280 net/socket.c:1190\n sock_ioctl+0x227/0x6b0 net/socket.c:1311\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:907 [inline]\n __se_sys_ioctl fs/ioctl.c:893 [inline]\n __x64_sys_ioctl+0x18e/0x210 fs/ioctl.c:893\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xcd/0x4c0 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nFreed by task 6132:\n kasan_save_stack+0x33/0x60 mm/kasan/common.c:47\n kasan_save_track+0x14/0x30 mm/kasan/common.c:68\n kasan_save_free_info+0x3b/0x60 mm/kasan/generic.c:576\n poison_slab_object mm/kasan/common.c:247 [inline]\n __kasan_slab_free+0x51/0x70 mm/kasan/common.c:264\n kasan_slab_free include/linux/kasan.h:233 [inline]\n slab_free_hook mm/slub.c:2381 [inline]\n slab_free mm/slub.c:4643 [inline]\n kfree+0x2b4/0x4d0 mm/slub.c:4842\n free_netdev+0x6c5/0x910 net/core/dev.c:11892\n lecd_attach net/atm/lec.c:744 [inline]\n lane_ioctl+0x1ce8/0x23e0 net/atm/lec.c:1008\n do_vcc_ioctl+0x12c/0x930 net/atm/ioctl.c:159\n sock_do_ioctl+0x118/0x280 net/socket.c:1190\n sock_ioctl+0x227/0x6b0 net/socket.c:1311\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:907 [inline]\n __se_sys_ioctl fs/ioctl.c:893 [inline]\n __x64_sys_ioctl+0x18e/0x210 fs/ioctl.c:893", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-38323" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/17e156a94e94a906a570dbf9b48877956c60bef8", "url": "https://git.kernel.org/stable/c/17e156a94e94a906a570dbf9b48877956c60bef8" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/18e8f0c4f826fb08c2d3825cdd6c57e24b207e0a", "url": "https://git.kernel.org/stable/c/18e8f0c4f826fb08c2d3825cdd6c57e24b207e0a" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/64b378db28a967f7b271b055380c2360279aa424", "url": "https://git.kernel.org/stable/c/64b378db28a967f7b271b055380c2360279aa424" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a7a713dfb5f9477345450f27c7c0741864511192", "url": "https://git.kernel.org/stable/c/a7a713dfb5f9477345450f27c7c0741864511192" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/d13a3824bfd2b4774b671a75cf766a16637a0e67", "url": "https://git.kernel.org/stable/c/d13a3824bfd2b4774b671a75cf766a16637a0e67" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/dffd03422ae6a459039c8602f410e6c0f4cbc6c8", "url": "https://git.kernel.org/stable/c/dffd03422ae6a459039c8602f410e6c0f4cbc6c8" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/e91274cc7ed88ab5bdc62d426067c82b0b118a0b", "url": "https://git.kernel.org/stable/c/e91274cc7ed88ab5bdc62d426067c82b0b118a0b" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/f4d80b16ecc4229f7e6345158ef34c36be323f0e", "url": "https://git.kernel.org/stable/c/f4d80b16ecc4229f7e6345158ef34c36be323f0e" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html" } ], "release_date": "2025-07-10T09:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2022-49980", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: gadget: Fix use-after-free Read in usb_udc_uevent()\n\nThe syzbot fuzzer found a race between uevent callbacks and gadget\ndriver unregistration that can cause a use-after-free bug:\n\n---------------------------------------------------------------\nBUG: KASAN: use-after-free in usb_udc_uevent+0x11f/0x130\ndrivers/usb/gadget/udc/core.c:1732\nRead of size 8 at addr ffff888078ce2050 by task udevd/2968\n\nCPU: 1 PID: 2968 Comm: udevd Not tainted 5.19.0-rc4-next-20220628-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google\n06/29/2022\nCall Trace:\n \n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0xcd/0x134 lib/dump_stack.c:106\n print_address_description mm/kasan/report.c:317 [inline]\n print_report.cold+0x2ba/0x719 mm/kasan/report.c:433\n kasan_report+0xbe/0x1f0 mm/kasan/report.c:495\n usb_udc_uevent+0x11f/0x130 drivers/usb/gadget/udc/core.c:1732\n dev_uevent+0x290/0x770 drivers/base/core.c:2424\n---------------------------------------------------------------\n\nThe bug occurs because usb_udc_uevent() dereferences udc->driver but\ndoes so without acquiring the udc_lock mutex, which protects this\nfield. If the gadget driver is unbound from the udc concurrently with\nuevent processing, the driver structure may be accessed after it has\nbeen deallocated.\n\nTo prevent the race, we make sure that the routine holds the mutex\naround the racing accesses.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-49980" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/2191c00855b03aa59c20e698be713d952d51fc18", "url": "https://git.kernel.org/stable/c/2191c00855b03aa59c20e698be713d952d51fc18" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/f44b0b95d50fffeca036e1ba36770390e0b519dd", "url": "https://git.kernel.org/stable/c/f44b0b95d50fffeca036e1ba36770390e0b519dd" } ], "release_date": "2025-06-18T11:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-38422", "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: lan743x: Modify the EEPROM and OTP size for PCI1xxxx devices\n\nMaximum OTP and EEPROM size for hearthstone PCI1xxxx devices are 8 Kb\nand 64 Kb respectively. Adjust max size definitions and return correct\nEEPROM length based on device. Also prevent out-of-bound read/write.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-38422" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/088279ff18cdc437d6fac5890e0c52c624f78a5b", "url": "https://git.kernel.org/stable/c/088279ff18cdc437d6fac5890e0c52c624f78a5b" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/3b9935586a9b54d2da27901b830d3cf46ad66a1e", "url": "https://git.kernel.org/stable/c/3b9935586a9b54d2da27901b830d3cf46ad66a1e" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/51318d644c993b3f7a60b8616a6a5adc1e967cd2", "url": "https://git.kernel.org/stable/c/51318d644c993b3f7a60b8616a6a5adc1e967cd2" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/6b4201d74d0a49af2123abf2c9d142e59566714b", "url": "https://git.kernel.org/stable/c/6b4201d74d0a49af2123abf2c9d142e59566714b" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/9c41d2a2aa3817946eb613522200cab55513ddaa", "url": "https://git.kernel.org/stable/c/9c41d2a2aa3817946eb613522200cab55513ddaa" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html" } ], "release_date": "2025-07-25T15:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-39817", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nefivarfs: Fix slab-out-of-bounds in efivarfs_d_compare\n\nObserved on kernel 6.6 (present on master as well):\n\n BUG: KASAN: slab-out-of-bounds in memcmp+0x98/0xd0\n Call trace:\n kasan_check_range+0xe8/0x190\n __asan_loadN+0x1c/0x28\n memcmp+0x98/0xd0\n efivarfs_d_compare+0x68/0xd8\n __d_lookup_rcu_op_compare+0x178/0x218\n __d_lookup_rcu+0x1f8/0x228\n d_alloc_parallel+0x150/0x648\n lookup_open.isra.0+0x5f0/0x8d0\n open_last_lookups+0x264/0x828\n path_openat+0x130/0x3f8\n do_filp_open+0x114/0x248\n do_sys_openat2+0x340/0x3c0\n __arm64_sys_openat+0x120/0x1a0\n\nIf dentry->d_name.len < EFI_VARIABLE_GUID_LEN , 'guid' can become\nnegative, leadings to oob. The issue can be triggered by parallel\nlookups using invalid filename:\n\n T1\t\t\tT2\n lookup_open\n ->lookup\n simple_lookup\n d_add\n // invalid dentry is added to hash list\n\n\t\t\tlookup_open\n\t\t\t d_alloc_parallel\n\t\t\t __d_lookup_rcu\n\t\t\t __d_lookup_rcu_op_compare\n\t\t\t hlist_bl_for_each_entry_rcu\n\t\t\t // invalid dentry can be retrieved\n\t\t\t ->d_compare\n\t\t\t efivarfs_d_compare\n\t\t\t // oob\n\nFix it by checking 'guid' before cmp.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-39817" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/0f63fbabeaaaaaaf5b742a2f4c1b4590d50bf1f6", "url": "https://git.kernel.org/stable/c/0f63fbabeaaaaaaf5b742a2f4c1b4590d50bf1f6" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/568e7761279b99c6daa3002290fd6d8047ddb6d2", "url": "https://git.kernel.org/stable/c/568e7761279b99c6daa3002290fd6d8047ddb6d2" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/71581a82f38e5a4d807d71fc1bb59aead80ccf95", "url": "https://git.kernel.org/stable/c/71581a82f38e5a4d807d71fc1bb59aead80ccf95" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/794399019301944fd6d2e0d7a51b3327e26c410e", "url": "https://git.kernel.org/stable/c/794399019301944fd6d2e0d7a51b3327e26c410e" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/925599eba46045930b850a98ae594d2e3028ac40", "url": "https://git.kernel.org/stable/c/925599eba46045930b850a98ae594d2e3028ac40" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a6358f8cf64850f3f27857b8ed8c1b08cfc4685c", "url": "https://git.kernel.org/stable/c/a6358f8cf64850f3f27857b8ed8c1b08cfc4685c" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c2925cd6207079c3f4d040d082515db78d63afbf", "url": "https://git.kernel.org/stable/c/c2925cd6207079c3f4d040d082515db78d63afbf" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/d7f5e35e70507d10cbaff5f9e194ed54c4ee14f7", "url": "https://git.kernel.org/stable/c/d7f5e35e70507d10cbaff5f9e194ed54c4ee14f7" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html" } ], "release_date": "2025-09-16T13:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-37882", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: xhci: Fix isochronous Ring Underrun/Overrun event handling\n\nThe TRB pointer of these events points at enqueue at the time of error\noccurrence on xHCI 1.1+ HCs or it's NULL on older ones. By the time we\nare handling the event, a new TD may be queued at this ring position.\n\nI can trigger this race by rising interrupt moderation to increase IRQ\nhandling delay. Similar delay may occur naturally due to system load.\n\nIf this ever happens after a Missed Service Error, missed TDs will be\nskipped and the new TD processed as if it matched the event. It could\nbe given back prematurely, risking data loss or buffer UAF by the xHC.\n\nDon't complete TDs on xrun events and don't warn if queued TDs don't\nmatch the event's TRB pointer, which can be NULL or a link/no-op TRB.\nDon't warn if there are no queued TDs at all.\n\nNow that it's safe, also handle xrun events if the skip flag is clear.\nThis ensures completion of any TD stuck in 'error mid TD' state right\nbefore the xrun event, which could happen if a driver submits a finite\nnumber of URBs to a buggy HC and then an error occurs on the last TD.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-37882" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/16a7a8e6c47fea5c847beb696c8c21a7a44c1915", "url": "https://git.kernel.org/stable/c/16a7a8e6c47fea5c847beb696c8c21a7a44c1915" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/39a080a2925c81b0f1da0add44722ef2b78e5454", "url": "https://git.kernel.org/stable/c/39a080a2925c81b0f1da0add44722ef2b78e5454" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/906dec15b9b321b546fd31a3c99ffc13724c7af4", "url": "https://git.kernel.org/stable/c/906dec15b9b321b546fd31a3c99ffc13724c7af4" } ], "release_date": "2025-05-09T07:16:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-38702", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: fix potential buffer overflow in do_register_framebuffer()\n\nThe current implementation may lead to buffer overflow when:\n1. Unregistration creates NULL gaps in registered_fb[]\n2. All array slots become occupied despite num_registered_fb < FB_MAX\n3. The registration loop exceeds array bounds\n\nAdd boundary check to prevent registered_fb[FB_MAX] access.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-38702" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/248b2aab9b2af5ecf89d9d7955a2ff20c4b4a399", "url": "https://git.kernel.org/stable/c/248b2aab9b2af5ecf89d9d7955a2ff20c4b4a399" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/2828a433c7d7a05b6f27c8148502095101dd0b09", "url": "https://git.kernel.org/stable/c/2828a433c7d7a05b6f27c8148502095101dd0b09" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/523b84dc7ccea9c4d79126d6ed1cf9033cf83b05", "url": "https://git.kernel.org/stable/c/523b84dc7ccea9c4d79126d6ed1cf9033cf83b05" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/5c3f5a25c62230b7965804ce7a2e9305c3ca3961", "url": "https://git.kernel.org/stable/c/5c3f5a25c62230b7965804ce7a2e9305c3ca3961" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/806f85bdd3a60187c21437fc51baace11f659f35", "url": "https://git.kernel.org/stable/c/806f85bdd3a60187c21437fc51baace11f659f35" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/cbe740de32bb0fb7a5213731ff5f26ea6718fca3", "url": "https://git.kernel.org/stable/c/cbe740de32bb0fb7a5213731ff5f26ea6718fca3" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html" } ], "release_date": "2025-09-04T16:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-39860", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: Fix use-after-free in l2cap_sock_cleanup_listen()\n\nsyzbot reported the splat below without a repro.\n\nIn the splat, a single thread calling bt_accept_dequeue() freed sk\nand touched it after that.\n\nThe root cause would be the racy l2cap_sock_cleanup_listen() call\nadded by the cited commit.\n\nbt_accept_dequeue() is called under lock_sock() except for\nl2cap_sock_release().\n\nTwo threads could see the same socket during the list iteration\nin bt_accept_dequeue():\n\n CPU1 CPU2 (close())\n ---- ----\n sock_hold(sk) sock_hold(sk);\n lock_sock(sk) <-- block close()\n sock_put(sk)\n bt_accept_unlink(sk)\n sock_put(sk) <-- refcnt by bt_accept_enqueue()\n release_sock(sk)\n lock_sock(sk)\n sock_put(sk)\n bt_accept_unlink(sk)\n sock_put(sk) <-- last refcnt\n bt_accept_unlink(sk) <-- UAF\n\nDepending on the timing, the other thread could show up in the\n\"Freed by task\" part.\n\nLet's call l2cap_sock_cleanup_listen() under lock_sock() in\nl2cap_sock_release().\n\n[0]:\nBUG: KASAN: slab-use-after-free in debug_spin_lock_before kernel/locking/spinlock_debug.c:86 [inline]\nBUG: KASAN: slab-use-after-free in do_raw_spin_lock+0x26f/0x2b0 kernel/locking/spinlock_debug.c:115\nRead of size 4 at addr ffff88803b7eb1c4 by task syz.5.3276/16995\nCPU: 3 UID: 0 PID: 16995 Comm: syz.5.3276 Not tainted syzkaller #0 PREEMPT(full)\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nCall Trace:\n \n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0xcd/0x630 mm/kasan/report.c:482\n kasan_report+0xe0/0x110 mm/kasan/report.c:595\n debug_spin_lock_before kernel/locking/spinlock_debug.c:86 [inline]\n do_raw_spin_lock+0x26f/0x2b0 kernel/locking/spinlock_debug.c:115\n spin_lock_bh include/linux/spinlock.h:356 [inline]\n release_sock+0x21/0x220 net/core/sock.c:3746\n bt_accept_dequeue+0x505/0x600 net/bluetooth/af_bluetooth.c:312\n l2cap_sock_cleanup_listen+0x5c/0x2a0 net/bluetooth/l2cap_sock.c:1451\n l2cap_sock_release+0x5c/0x210 net/bluetooth/l2cap_sock.c:1425\n __sock_release+0xb3/0x270 net/socket.c:649\n sock_close+0x1c/0x30 net/socket.c:1439\n __fput+0x3ff/0xb70 fs/file_table.c:468\n task_work_run+0x14d/0x240 kernel/task_work.c:227\n resume_user_mode_work include/linux/resume_user_mode.h:50 [inline]\n exit_to_user_mode_loop+0xeb/0x110 kernel/entry/common.c:43\n exit_to_user_mode_prepare include/linux/irq-entry-common.h:225 [inline]\n syscall_exit_to_user_mode_work include/linux/entry-common.h:175 [inline]\n syscall_exit_to_user_mode include/linux/entry-common.h:210 [inline]\n do_syscall_64+0x3f6/0x4c0 arch/x86/entry/syscall_64.c:100\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7f2accf8ebe9\nCode: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007ffdb6cb1378 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4\nRAX: 0000000000000000 RBX: 00000000000426fb RCX: 00007f2accf8ebe9\nRDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003\nRBP: 00007f2acd1b7da0 R08: 0000000000000001 R09: 00000012b6cb166f\nR10: 0000001b30e20000 R11: 0000000000000246 R12: 00007f2acd1b609c\nR13: 00007f2acd1b6090 R14: ffffffffffffffff R15: 00007ffdb6cb1490\n \n\nAllocated by task 5326:\n kasan_save_stack+0x33/0x60 mm/kasan/common.c:47\n kasan_save_track+0x14/0x30 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:388 [inline]\n __kasan_kmalloc+0xaa/0xb0 mm/kasan/common.c:405\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __do_kmalloc_node mm/slub.c:4365 [inline]\n __kmalloc_nopro\n---truncated---", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-39860" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/2ca99fc3512a8074de20ee52a87b492dfcc41a4d", "url": "https://git.kernel.org/stable/c/2ca99fc3512a8074de20ee52a87b492dfcc41a4d" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/306b0991413b482dbf5585b423022123bb505966", "url": "https://git.kernel.org/stable/c/306b0991413b482dbf5585b423022123bb505966" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/3dff390f55ccd9ce12e91233849769b5312180c2", "url": "https://git.kernel.org/stable/c/3dff390f55ccd9ce12e91233849769b5312180c2" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/47f6090bcf75c369695d21c3f179db8a56bbbd49", "url": "https://git.kernel.org/stable/c/47f6090bcf75c369695d21c3f179db8a56bbbd49" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/6077d16b5c0f65d571eee709de2f0541fb5ef0ca", "url": "https://git.kernel.org/stable/c/6077d16b5c0f65d571eee709de2f0541fb5ef0ca" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/83e1d9892ef51785cf0760b7681436760dda435a", "url": "https://git.kernel.org/stable/c/83e1d9892ef51785cf0760b7681436760dda435a" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/862c628108562d8c7a516a900034823b381d3cba", "url": "https://git.kernel.org/stable/c/862c628108562d8c7a516a900034823b381d3cba" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/964cbb198f9c46c2b2358cd1faffc04c1e8248cf", "url": "https://git.kernel.org/stable/c/964cbb198f9c46c2b2358cd1faffc04c1e8248cf" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html" } ], "release_date": "2025-09-19T16:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-38529", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncomedi: aio_iiro_16: Fix bit shift out of bounds\n\nWhen checking for a supported IRQ number, the following test is used:\n\n\tif ((1 << it->options[1]) & 0xdcfc) {\n\nHowever, `it->options[i]` is an unchecked `int` value from userspace, so\nthe shift amount could be negative or out of bounds. Fix the test by\nrequiring `it->options[1]` to be within bounds before proceeding with\nthe original test. Valid `it->options[1]` values that select the IRQ\nwill be in the range [1,15]. The value 0 explicitly disables the use of\ninterrupts.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-38529" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/43ddd82e6a91913cea1c078e782afd8de60c3a53", "url": "https://git.kernel.org/stable/c/43ddd82e6a91913cea1c078e782afd8de60c3a53" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/5ac7c60439236fb691b8c7987390e2327bbf18fa", "url": "https://git.kernel.org/stable/c/5ac7c60439236fb691b8c7987390e2327bbf18fa" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/66acb1586737a22dd7b78abc63213b1bcaa100e4", "url": "https://git.kernel.org/stable/c/66acb1586737a22dd7b78abc63213b1bcaa100e4" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/955e8835855fed8e87f7d8c8075564a1746c1b4c", "url": "https://git.kernel.org/stable/c/955e8835855fed8e87f7d8c8075564a1746c1b4c" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a88692245c315bf8e225f205297a6f4b13d6856a", "url": "https://git.kernel.org/stable/c/a88692245c315bf8e225f205297a6f4b13d6856a" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c593215385f0c0163015cca4512ed3ff42875d19", "url": "https://git.kernel.org/stable/c/c593215385f0c0163015cca4512ed3ff42875d19" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/e0f3c0867d7d231c70984f05c97752caacd0daba", "url": "https://git.kernel.org/stable/c/e0f3c0867d7d231c70984f05c97752caacd0daba" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/ff30dd3f15f443d2a0085b12ec2cc95d44f35fa7", "url": "https://git.kernel.org/stable/c/ff30dd3f15f443d2a0085b12ec2cc95d44f35fa7" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html" } ], "release_date": "2025-08-16T12:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-38445", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd/raid1: Fix stack memory use after return in raid1_reshape\n\nIn the raid1_reshape function, newpool is\nallocated on the stack and assigned to conf->r1bio_pool.\nThis results in conf->r1bio_pool.wait.head pointing\nto a stack address.\nAccessing this address later can lead to a kernel panic.\n\nExample access path:\n\nraid1_reshape()\n{\n\t// newpool is on the stack\n\tmempool_t newpool, oldpool;\n\t// initialize newpool.wait.head to stack address\n\tmempool_init(&newpool, ...);\n\tconf->r1bio_pool = newpool;\n}\n\nraid1_read_request() or raid1_write_request()\n{\n\talloc_r1bio()\n\t{\n\t\tmempool_alloc()\n\t\t{\n\t\t\t// if pool->alloc fails\n\t\t\tremove_element()\n\t\t\t{\n\t\t\t\t--pool->curr_nr;\n\t\t\t}\n\t\t}\n\t}\n}\n\nmempool_free()\n{\n\tif (pool->curr_nr < pool->min_nr) {\n\t\t// pool->wait.head is a stack address\n\t\t// wake_up() will try to access this invalid address\n\t\t// which leads to a kernel panic\n\t\treturn;\n\t\twake_up(&pool->wait);\n\t}\n}\n\nFix:\nreinit conf->r1bio_pool.wait after assigning newpool.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-38445" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/12b00ec99624f8da8c325f2dd6e807df26df0025", "url": "https://git.kernel.org/stable/c/12b00ec99624f8da8c325f2dd6e807df26df0025" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/48da050b4f54ed639b66278d0ae6f4107b2c4e2d", "url": "https://git.kernel.org/stable/c/48da050b4f54ed639b66278d0ae6f4107b2c4e2d" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/5f35e48b76655e45522df338876dfef88dafcc71", "url": "https://git.kernel.org/stable/c/5f35e48b76655e45522df338876dfef88dafcc71" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/61fd5e93006cf82ec8ee5c115ab5cf4bbd104bdb", "url": "https://git.kernel.org/stable/c/61fd5e93006cf82ec8ee5c115ab5cf4bbd104bdb" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/776e6186dc9ecbdb8a1b706e989166c8a99bbf64", "url": "https://git.kernel.org/stable/c/776e6186dc9ecbdb8a1b706e989166c8a99bbf64" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/d67ed2ccd2d1dcfda9292c0ea8697a9d0f2f0d98", "url": "https://git.kernel.org/stable/c/d67ed2ccd2d1dcfda9292c0ea8697a9d0f2f0d98" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/d8a6853d00fbaa810765c8ed2f452a5832273968", "url": "https://git.kernel.org/stable/c/d8a6853d00fbaa810765c8ed2f452a5832273968" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/df5894014a92ff0196dbc212a7764e97366fd2b7", "url": "https://git.kernel.org/stable/c/df5894014a92ff0196dbc212a7764e97366fd2b7" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html" } ], "release_date": "2025-07-25T16:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-37817", "cwe": { "id": "CWE-415", "name": "Double Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmcb: fix a double free bug in chameleon_parse_gdd()\n\nIn chameleon_parse_gdd(), if mcb_device_register() fails, 'mdev'\nwould be released in mcb_device_register() via put_device().\nThus, goto 'err' label and free 'mdev' again causes a double free.\nJust return if mcb_device_register() fails.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-37817" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/4ffe8c9fb561e4427dd1a3056cd5b3685b74f78d", "url": "https://git.kernel.org/stable/c/4ffe8c9fb561e4427dd1a3056cd5b3685b74f78d" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/59f993cd36b6e28a394ba3d977e8ffe5c9884e3b", "url": "https://git.kernel.org/stable/c/59f993cd36b6e28a394ba3d977e8ffe5c9884e3b" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/7c7f1bfdb2249f854a736d9b79778c7e5a29a150", "url": "https://git.kernel.org/stable/c/7c7f1bfdb2249f854a736d9b79778c7e5a29a150" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/96838eb1836fd372e42be5db84f0b333b65146a6", "url": "https://git.kernel.org/stable/c/96838eb1836fd372e42be5db84f0b333b65146a6" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/bcc7d58ee5173e34306026bd01e1fbf75e169d37", "url": "https://git.kernel.org/stable/c/bcc7d58ee5173e34306026bd01e1fbf75e169d37" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c5b8a549ef1fcc6066b037a3962c79d60465ba0b", "url": "https://git.kernel.org/stable/c/c5b8a549ef1fcc6066b037a3962c79d60465ba0b" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/d70184958b0ea8c0fd52e2b456654b503e769fc8", "url": "https://git.kernel.org/stable/c/d70184958b0ea8c0fd52e2b456654b503e769fc8" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/df1a5d5c6134224f9298e5189230f9d29ae50cac", "url": "https://git.kernel.org/stable/c/df1a5d5c6134224f9298e5189230f9d29ae50cac" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html", "url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html", "url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html" } ], "release_date": "2025-05-08T07:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-37913", "cwe": { "id": "CWE-415", "name": "Double Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: qfq: Fix double list add in class with netem as child qdisc\n\nAs described in Gerrard's report [1], there are use cases where a netem\nchild qdisc will make the parent qdisc's enqueue callback reentrant.\nIn the case of qfq, there won't be a UAF, but the code will add the same\nclassifier to the list twice, which will cause memory corruption.\n\nThis patch checks whether the class was already added to the agg->active\nlist (cl_is_active) before doing the addition to cater for the reentrant\ncase.\n\n[1] https://lore.kernel.org/netdev/CAHcdcOm+03OD2j6R0=YHKqmy=VgJ8xEOKuP6c7mSgnp-TEJJbw@mail.gmail.com/", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-37913" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/005a479540478a820c52de098e5e767e63e36f0a", "url": "https://git.kernel.org/stable/c/005a479540478a820c52de098e5e767e63e36f0a" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/041f410aec2c1751ee22b8b73ba05d38c3a6a602", "url": "https://git.kernel.org/stable/c/041f410aec2c1751ee22b8b73ba05d38c3a6a602" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/0aa23e0856b7cedb3c88d8e3d281c212c7e4fbeb", "url": "https://git.kernel.org/stable/c/0aa23e0856b7cedb3c88d8e3d281c212c7e4fbeb" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/0bf32d6fb1fcbf841bb9945570e0e2a70072c00f", "url": "https://git.kernel.org/stable/c/0bf32d6fb1fcbf841bb9945570e0e2a70072c00f" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/370218e8ce711684acc4cdd3cc3c6dd7956bc165", "url": "https://git.kernel.org/stable/c/370218e8ce711684acc4cdd3cc3c6dd7956bc165" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/53bc0b55178bd59bdd4bcd16349505cabf54b1a2", "url": "https://git.kernel.org/stable/c/53bc0b55178bd59bdd4bcd16349505cabf54b1a2" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a43783119e01849fbf2fe8855634e8989b240cb4", "url": "https://git.kernel.org/stable/c/a43783119e01849fbf2fe8855634e8989b240cb4" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/f139f37dcdf34b67f5bf92bc8e0f7f6b3ac63aa4", "url": "https://git.kernel.org/stable/c/f139f37dcdf34b67f5bf92bc8e0f7f6b3ac63aa4" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/08/msg00010.html", "url": "https://lists.debian.org/debian-lts-announce/2025/08/msg00010.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html" } ], "release_date": "2025-05-20T16:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-38697", "cwe": { "id": "CWE-129", "name": "Improper Validation of Array Index" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: upper bound check of tree index in dbAllocAG\n\nWhen computing the tree index in dbAllocAG, we never check if we are\nout of bounds realative to the size of the stree.\nThis could happen in a scenario where the filesystem metadata are\ncorrupted.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-38697" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/1467a75819e41341cd5ebd16faa2af1ca3c8f4fe", "url": "https://git.kernel.org/stable/c/1467a75819e41341cd5ebd16faa2af1ca3c8f4fe" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/173cfd741ad7073640bfb7e2344c2a0ee005e769", "url": "https://git.kernel.org/stable/c/173cfd741ad7073640bfb7e2344c2a0ee005e769" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/2dd05f09cc323018136a7ecdb3d1007be9ede27f", "url": "https://git.kernel.org/stable/c/2dd05f09cc323018136a7ecdb3d1007be9ede27f" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/30e19a884c0b11f33821aacda7e72e914bec26ef", "url": "https://git.kernel.org/stable/c/30e19a884c0b11f33821aacda7e72e914bec26ef" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/49ea46d9025aa1914b24ea957636cbe4367a7311", "url": "https://git.kernel.org/stable/c/49ea46d9025aa1914b24ea957636cbe4367a7311" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/5bdb9553fb134fd52ec208a8b378120670f6e784", "url": "https://git.kernel.org/stable/c/5bdb9553fb134fd52ec208a8b378120670f6e784" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a4f199203f79ca9cd7355799ccb26800174ff093", "url": "https://git.kernel.org/stable/c/a4f199203f79ca9cd7355799ccb26800174ff093" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c214006856ff52a8ff17ed8da52d50601d54f9ce", "url": "https://git.kernel.org/stable/c/c214006856ff52a8ff17ed8da52d50601d54f9ce" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c8ca21a2836993d7cb816668458e05e598574e55", "url": "https://git.kernel.org/stable/c/c8ca21a2836993d7cb816668458e05e598574e55" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html" } ], "release_date": "2025-09-04T16:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-37892", "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmtd: inftlcore: Add error check for inftl_read_oob()\n\nIn INFTL_findwriteunit(), the return value of inftl_read_oob()\nneed to be checked. A proper implementation can be\nfound in INFTL_deleteblock(). The status will be set as\nSECTOR_IGNORE to break from the while-loop correctly\nif the inftl_read_oob() fails.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-37892" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/0300e751170cf80c05ca1a762a7b449e8ca6b693", "url": "https://git.kernel.org/stable/c/0300e751170cf80c05ca1a762a7b449e8ca6b693" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/114d94f095aa405fa9a51484c4be34846d7bb386", "url": "https://git.kernel.org/stable/c/114d94f095aa405fa9a51484c4be34846d7bb386" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/1c22356dfb041e5292835c9ff44d5f91bef8dd18", "url": "https://git.kernel.org/stable/c/1c22356dfb041e5292835c9ff44d5f91bef8dd18" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/5479a6af3c96f73bec2d2819532b6d6814f52dd6", "url": "https://git.kernel.org/stable/c/5479a6af3c96f73bec2d2819532b6d6814f52dd6" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/6af3b92b1c0b58ca281d0e1501bad2567f73c1a5", "url": "https://git.kernel.org/stable/c/6af3b92b1c0b58ca281d0e1501bad2567f73c1a5" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/7772621041ee78823ccc5f1fe38f6faa22af7023", "url": "https://git.kernel.org/stable/c/7772621041ee78823ccc5f1fe38f6faa22af7023" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/b828d394308e8e00df0a6f57e7dabae609bb8b7b", "url": "https://git.kernel.org/stable/c/b828d394308e8e00df0a6f57e7dabae609bb8b7b" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/d027951dc85cb2e15924c980dc22a6754d100c7c", "url": "https://git.kernel.org/stable/c/d027951dc85cb2e15924c980dc22a6754d100c7c" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/e7d6ceff95c55297f0ee8f9dbc4da5c558f30e9e", "url": "https://git.kernel.org/stable/c/e7d6ceff95c55297f0ee8f9dbc4da5c558f30e9e" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html", "url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html" } ], "release_date": "2025-05-20T11:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-38574", "cwe": { "id": "CWE-908", "name": "Use of Uninitialized Resource" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\npptp: ensure minimal skb length in pptp_xmit()\n\nCommit aabc6596ffb3 (\"net: ppp: Add bound checking for skb data\non ppp_sync_txmung\") fixed ppp_sync_txmunge()\n\nWe need a similar fix in pptp_xmit(), otherwise we might\nread uninit data as reported by syzbot.\n\nBUG: KMSAN: uninit-value in pptp_xmit+0xc34/0x2720 drivers/net/ppp/pptp.c:193\n pptp_xmit+0xc34/0x2720 drivers/net/ppp/pptp.c:193\n ppp_channel_bridge_input drivers/net/ppp/ppp_generic.c:2290 [inline]\n ppp_input+0x1d6/0xe60 drivers/net/ppp/ppp_generic.c:2314\n pppoe_rcv_core+0x1e8/0x760 drivers/net/ppp/pppoe.c:379\n sk_backlog_rcv+0x142/0x420 include/net/sock.h:1148\n __release_sock+0x1d3/0x330 net/core/sock.c:3213\n release_sock+0x6b/0x270 net/core/sock.c:3767\n pppoe_sendmsg+0x15d/0xcb0 drivers/net/ppp/pppoe.c:904\n sock_sendmsg_nosec net/socket.c:712 [inline]\n __sock_sendmsg+0x330/0x3d0 net/socket.c:727\n ____sys_sendmsg+0x893/0xd80 net/socket.c:2566\n ___sys_sendmsg+0x271/0x3b0 net/socket.c:2620\n __sys_sendmmsg+0x2d9/0x7c0 net/socket.c:2709", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-38574" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/1a04db0fd75cb6034fc27a56b67b3b8b9022a98c", "url": "https://git.kernel.org/stable/c/1a04db0fd75cb6034fc27a56b67b3b8b9022a98c" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/26672f1679b143aa34fca0b6046b7fd0c184770d", "url": "https://git.kernel.org/stable/c/26672f1679b143aa34fca0b6046b7fd0c184770d" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/5005d24377378a20e5c0e53052fc4ebdcdcbc611", "url": "https://git.kernel.org/stable/c/5005d24377378a20e5c0e53052fc4ebdcdcbc611" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/504cc4ab91073d2ac7404ad146139f86ecee7193", "url": "https://git.kernel.org/stable/c/504cc4ab91073d2ac7404ad146139f86ecee7193" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/5de7513f38f3c19c0610294ee478242bea356f8c", "url": "https://git.kernel.org/stable/c/5de7513f38f3c19c0610294ee478242bea356f8c" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/97b8c5d322c5c0038cac4bc56fdbe237d0be426f", "url": "https://git.kernel.org/stable/c/97b8c5d322c5c0038cac4bc56fdbe237d0be426f" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/b7dcda76fd0615c0599c89f36873a6cd48e02dbb", "url": "https://git.kernel.org/stable/c/b7dcda76fd0615c0599c89f36873a6cd48e02dbb" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/de9c4861fb42f0cd72da844c3c34f692d5895b7b", "url": "https://git.kernel.org/stable/c/de9c4861fb42f0cd72da844c3c34f692d5895b7b" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/ea99b88b1999ebcb24d5d3a6b7910030f40d3bba", "url": "https://git.kernel.org/stable/c/ea99b88b1999ebcb24d5d3a6b7910030f40d3bba" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html" } ], "release_date": "2025-08-19T17:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-38102", "cwe": { "id": "CWE-362", "name": "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nVMCI: fix race between vmci_host_setup_notify and vmci_ctx_unset_notify\n\nDuring our test, it is found that a warning can be trigger in try_grab_folio\nas follow:\n\n ------------[ cut here ]------------\n WARNING: CPU: 0 PID: 1678 at mm/gup.c:147 try_grab_folio+0x106/0x130\n Modules linked in:\n CPU: 0 UID: 0 PID: 1678 Comm: syz.3.31 Not tainted 6.15.0-rc5 #163 PREEMPT(undef)\n RIP: 0010:try_grab_folio+0x106/0x130\n Call Trace:\n \n follow_huge_pmd+0x240/0x8e0\n follow_pmd_mask.constprop.0.isra.0+0x40b/0x5c0\n follow_pud_mask.constprop.0.isra.0+0x14a/0x170\n follow_page_mask+0x1c2/0x1f0\n __get_user_pages+0x176/0x950\n __gup_longterm_locked+0x15b/0x1060\n ? gup_fast+0x120/0x1f0\n gup_fast_fallback+0x17e/0x230\n get_user_pages_fast+0x5f/0x80\n vmci_host_unlocked_ioctl+0x21c/0xf80\n RIP: 0033:0x54d2cd\n ---[ end trace 0000000000000000 ]---\n\nDigging into the source, context->notify_page may init by get_user_pages_fast\nand can be seen in vmci_ctx_unset_notify which will try to put_page. However\nget_user_pages_fast is not finished here and lead to following\ntry_grab_folio warning. The race condition is shown as follow:\n\ncpu0\t\t\tcpu1\nvmci_host_do_set_notify\nvmci_host_setup_notify\nget_user_pages_fast(uva, 1, FOLL_WRITE, &context->notify_page);\nlockless_pages_from_mm\ngup_pgd_range\ngup_huge_pmd // update &context->notify_page\n\t\t\tvmci_host_do_set_notify\n\t\t\tvmci_ctx_unset_notify\n\t\t\tnotify_page = context->notify_page;\n\t\t\tif (notify_page)\n\t\t\tput_page(notify_page);\t// page is freed\n__gup_longterm_locked\n__get_user_pages\nfollow_trans_huge_pmd\ntry_grab_folio // warn here\n\nTo slove this, use local variable page to make notify_page can be seen\nafter finish get_user_pages_fast.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-38102" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/00ddc7dad55b7bbb78df80d6e174d0c4764dea0c", "url": "https://git.kernel.org/stable/c/00ddc7dad55b7bbb78df80d6e174d0c4764dea0c" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/1bd6406fb5f36c2bb1e96e27d4c3e9f4d09edde4", "url": "https://git.kernel.org/stable/c/1bd6406fb5f36c2bb1e96e27d4c3e9f4d09edde4" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/468aec888f838ce5174b96e0cb4396790d6f60ca", "url": "https://git.kernel.org/stable/c/468aec888f838ce5174b96e0cb4396790d6f60ca" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/58a90db70aa6616411e5f69d1982d9b1dd97d774", "url": "https://git.kernel.org/stable/c/58a90db70aa6616411e5f69d1982d9b1dd97d774" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/6e3af836805ed1d7a699f76ec798626198917aa4", "url": "https://git.kernel.org/stable/c/6e3af836805ed1d7a699f76ec798626198917aa4" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/74095bbbb19ca74a0368d857603a2438c88ca86c", "url": "https://git.kernel.org/stable/c/74095bbbb19ca74a0368d857603a2438c88ca86c" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/75b5313c80c39a26d27cbb602f968a05576c36f9", "url": "https://git.kernel.org/stable/c/75b5313c80c39a26d27cbb602f968a05576c36f9" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/b4209e4b778e4e57d0636e1c9fc07a924dbc6043", "url": "https://git.kernel.org/stable/c/b4209e4b778e4e57d0636e1c9fc07a924dbc6043" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html" } ], "release_date": "2025-07-03T09:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-38459", "cwe": { "id": "CWE-674", "name": "Uncontrolled Recursion" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: clip: Fix infinite recursive call of clip_push().\n\nsyzbot reported the splat below. [0]\n\nThis happens if we call ioctl(ATMARP_MKIP) more than once.\n\nDuring the first call, clip_mkip() sets clip_push() to vcc->push(),\nand the second call copies it to clip_vcc->old_push().\n\nLater, when the socket is close()d, vcc_destroy_socket() passes\nNULL skb to clip_push(), which calls clip_vcc->old_push(),\ntriggering the infinite recursion.\n\nLet's prevent the second ioctl(ATMARP_MKIP) by checking\nvcc->user_back, which is allocated by the first call as clip_vcc.\n\nNote also that we use lock_sock() to prevent racy calls.\n\n[0]:\nBUG: TASK stack guard page was hit at ffffc9000d66fff8 (stack is ffffc9000d670000..ffffc9000d678000)\nOops: stack guard page: 0000 [#1] SMP KASAN NOPTI\nCPU: 0 UID: 0 PID: 5322 Comm: syz.0.0 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full)\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nRIP: 0010:clip_push+0x5/0x720 net/atm/clip.c:191\nCode: e0 8f aa 8c e8 1c ad 5b fa eb ae 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 55 <41> 57 41 56 41 55 41 54 53 48 83 ec 20 48 89 f3 49 89 fd 48 bd 00\nRSP: 0018:ffffc9000d670000 EFLAGS: 00010246\nRAX: 1ffff1100235a4a5 RBX: ffff888011ad2508 RCX: ffff8880003c0000\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff888037f01000\nRBP: dffffc0000000000 R08: ffffffff8fa104f7 R09: 1ffffffff1f4209e\nR10: dffffc0000000000 R11: ffffffff8a99b300 R12: ffffffff8a99b300\nR13: ffff888037f01000 R14: ffff888011ad2500 R15: ffff888037f01578\nFS: 000055557ab6d500(0000) GS:ffff88808d250000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: ffffc9000d66fff8 CR3: 0000000043172000 CR4: 0000000000352ef0\nCall Trace:\n \n clip_push+0x6dc/0x720 net/atm/clip.c:200\n clip_push+0x6dc/0x720 net/atm/clip.c:200\n clip_push+0x6dc/0x720 net/atm/clip.c:200\n...\n clip_push+0x6dc/0x720 net/atm/clip.c:200\n clip_push+0x6dc/0x720 net/atm/clip.c:200\n clip_push+0x6dc/0x720 net/atm/clip.c:200\n vcc_destroy_socket net/atm/common.c:183 [inline]\n vcc_release+0x157/0x460 net/atm/common.c:205\n __sock_release net/socket.c:647 [inline]\n sock_close+0xc0/0x240 net/socket.c:1391\n __fput+0x449/0xa70 fs/file_table.c:465\n task_work_run+0x1d1/0x260 kernel/task_work.c:227\n resume_user_mode_work include/linux/resume_user_mode.h:50 [inline]\n exit_to_user_mode_loop+0xec/0x110 kernel/entry/common.c:114\n exit_to_user_mode_prepare include/linux/entry-common.h:330 [inline]\n syscall_exit_to_user_mode_work include/linux/entry-common.h:414 [inline]\n syscall_exit_to_user_mode include/linux/entry-common.h:449 [inline]\n do_syscall_64+0x2bd/0x3b0 arch/x86/entry/syscall_64.c:100\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7ff31c98e929\nCode: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fffb5aa1f78 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4\nRAX: 0000000000000000 RBX: 0000000000012747 RCX: 00007ff31c98e929\nRDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003\nRBP: 00007ff31cbb7ba0 R08: 0000000000000001 R09: 0000000db5aa226f\nR10: 00007ff31c7ff030 R11: 0000000000000246 R12: 00007ff31cbb608c\nR13: 00007ff31cbb6080 R14: ffffffffffffffff R15: 00007fffb5aa2090\n \nModules linked in:", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-38459" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/024876b247a882972095b22087734dcd23396a4e", "url": "https://git.kernel.org/stable/c/024876b247a882972095b22087734dcd23396a4e" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/125166347d5676466d368aadc0bbc31ee7714352", "url": "https://git.kernel.org/stable/c/125166347d5676466d368aadc0bbc31ee7714352" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/1579a2777cb914a249de22c789ba4d41b154509f", "url": "https://git.kernel.org/stable/c/1579a2777cb914a249de22c789ba4d41b154509f" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/3f61b997fe014bbfcc208a9fcbd363a1fe7e3a31", "url": "https://git.kernel.org/stable/c/3f61b997fe014bbfcc208a9fcbd363a1fe7e3a31" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/5641019dfbaee5e85fe093b590f0451c9dd4d6f8", "url": "https://git.kernel.org/stable/c/5641019dfbaee5e85fe093b590f0451c9dd4d6f8" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c489f3283dbfc0f3c00c312149cae90d27552c45", "url": "https://git.kernel.org/stable/c/c489f3283dbfc0f3c00c312149cae90d27552c45" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/df0312d8859763aa15b8b56ac151a1ea4a4e5b88", "url": "https://git.kernel.org/stable/c/df0312d8859763aa15b8b56ac151a1ea4a4e5b88" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/f493f31a63847624fd3199ac836a8bd8828e50e2", "url": "https://git.kernel.org/stable/c/f493f31a63847624fd3199ac836a8bd8828e50e2" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html" } ], "release_date": "2025-07-25T16:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-37923", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing: Fix oob write in trace_seq_to_buffer()\n\nsyzbot reported this bug:\n==================================================================\nBUG: KASAN: slab-out-of-bounds in trace_seq_to_buffer kernel/trace/trace.c:1830 [inline]\nBUG: KASAN: slab-out-of-bounds in tracing_splice_read_pipe+0x6be/0xdd0 kernel/trace/trace.c:6822\nWrite of size 4507 at addr ffff888032b6b000 by task syz.2.320/7260\n\nCPU: 1 UID: 0 PID: 7260 Comm: syz.2.320 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025\nCall Trace:\n \n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:408 [inline]\n print_report+0xc3/0x670 mm/kasan/report.c:521\n kasan_report+0xe0/0x110 mm/kasan/report.c:634\n check_region_inline mm/kasan/generic.c:183 [inline]\n kasan_check_range+0xef/0x1a0 mm/kasan/generic.c:189\n __asan_memcpy+0x3c/0x60 mm/kasan/shadow.c:106\n trace_seq_to_buffer kernel/trace/trace.c:1830 [inline]\n tracing_splice_read_pipe+0x6be/0xdd0 kernel/trace/trace.c:6822\n ....\n==================================================================\n\nIt has been reported that trace_seq_to_buffer() tries to copy more data\nthan PAGE_SIZE to buf. Therefore, to prevent this, we should use the\nsmaller of trace_seq_used(&iter->seq) and PAGE_SIZE as an argument.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-37923" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/056ebbddb8faf4ddf83d005454dd78fc25c2d897", "url": "https://git.kernel.org/stable/c/056ebbddb8faf4ddf83d005454dd78fc25c2d897" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/1a3f9482b50b74fa9421bff8ceecfefd0dc06f8f", "url": "https://git.kernel.org/stable/c/1a3f9482b50b74fa9421bff8ceecfefd0dc06f8f" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/1f27a3e93b8d674b24b27fcdbc6f72743cd96c0d", "url": "https://git.kernel.org/stable/c/1f27a3e93b8d674b24b27fcdbc6f72743cd96c0d" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/441021e5b3c7d9bd1b963590652c415929f3b157", "url": "https://git.kernel.org/stable/c/441021e5b3c7d9bd1b963590652c415929f3b157" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/665ce421041890571852422487f4c613d1824ba9", "url": "https://git.kernel.org/stable/c/665ce421041890571852422487f4c613d1824ba9" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c5d2b66c5ef5037b4b4360e5447605ff00ba1bd4", "url": "https://git.kernel.org/stable/c/c5d2b66c5ef5037b4b4360e5447605ff00ba1bd4" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/f4b0174e9f18aaba59ee6ffdaf8827a7f94eb606", "url": "https://git.kernel.org/stable/c/f4b0174e9f18aaba59ee6ffdaf8827a7f94eb606" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/f5178c41bb43444a6008150fe6094497135d07cb", "url": "https://git.kernel.org/stable/c/f5178c41bb43444a6008150fe6094497135d07cb" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/08/msg00010.html", "url": "https://lists.debian.org/debian-lts-announce/2025/08/msg00010.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html" } ], "release_date": "2025-05-20T16:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-38724", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm()\n\nLei Lu recently reported that nfsd4_setclientid_confirm() did not check\nthe return value from get_client_locked(). a SETCLIENTID_CONFIRM could\nrace with a confirmed client expiring and fail to get a reference. That\ncould later lead to a UAF.\n\nFix this by getting a reference early in the case where there is an\nextant confirmed client. If that fails then treat it as if there were no\nconfirmed client found at all.\n\nIn the case where the unconfirmed client is expiring, just fail and\nreturn the result from get_client_locked().", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-38724" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/22f45cedf281e6171817c8a3432c44d788c550e1", "url": "https://git.kernel.org/stable/c/22f45cedf281e6171817c8a3432c44d788c550e1" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/36e83eda90e0e4ac52f259f775b40b2841f8a0a3", "url": "https://git.kernel.org/stable/c/36e83eda90e0e4ac52f259f775b40b2841f8a0a3" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/3f252a73e81aa01660cb426735eab932e6182e8d", "url": "https://git.kernel.org/stable/c/3f252a73e81aa01660cb426735eab932e6182e8d" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/571a5e46c71490285d2d8c06f6b5a7cbf6c7edd1", "url": "https://git.kernel.org/stable/c/571a5e46c71490285d2d8c06f6b5a7cbf6c7edd1" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/74ad36ed60df561a303a19ecef400c7096b20306", "url": "https://git.kernel.org/stable/c/74ad36ed60df561a303a19ecef400c7096b20306" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/908e4ead7f757504d8b345452730636e298cbf68", "url": "https://git.kernel.org/stable/c/908e4ead7f757504d8b345452730636e298cbf68" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/d35ac850410966010e92f401f4e21868a9ea4d8b", "url": "https://git.kernel.org/stable/c/d35ac850410966010e92f401f4e21868a9ea4d8b" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/d71abd1ae4e0413707cd42b10c24a11d1aa71772", "url": "https://git.kernel.org/stable/c/d71abd1ae4e0413707cd42b10c24a11d1aa71772" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/f3aac6cf390d8b80e1d82975faf4ac61175519c0", "url": "https://git.kernel.org/stable/c/f3aac6cf390d8b80e1d82975faf4ac61175519c0" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html" } ], "release_date": "2025-09-04T16:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-22107", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: sja1105: fix kasan out-of-bounds warning in sja1105_table_delete_entry()\n\nThere are actually 2 problems:\n- deleting the last element doesn't require the memmove of elements\n [i + 1, end) over it. Actually, element i+1 is out of bounds.\n- The memmove itself should move size - i - 1 elements, because the last\n element is out of bounds.\n\nThe out-of-bounds element still remains out of bounds after being\naccessed, so the problem is only that we touch it, not that it becomes\nin active use. But I suppose it can lead to issues if the out-of-bounds\nelement is part of an unmapped page.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-22107" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/031e00249e9e6bee72ba66701c8f83b45fc4b8a2", "url": "https://git.kernel.org/stable/c/031e00249e9e6bee72ba66701c8f83b45fc4b8a2" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/4584486cfcca24b7b586da3377eb3cffd48669ec", "url": "https://git.kernel.org/stable/c/4584486cfcca24b7b586da3377eb3cffd48669ec" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/59b97641de03c081f26b3a8876628c765b5faa25", "url": "https://git.kernel.org/stable/c/59b97641de03c081f26b3a8876628c765b5faa25" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/5f2b28b79d2d1946ee36ad8b3dc0066f73c90481", "url": "https://git.kernel.org/stable/c/5f2b28b79d2d1946ee36ad8b3dc0066f73c90481" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/b52153da1f42e2f4d6259257a7ba027331671a93", "url": "https://git.kernel.org/stable/c/b52153da1f42e2f4d6259257a7ba027331671a93" } ], "release_date": "2025-04-16T15:16:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-38494", "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: core: do not bypass hid_hw_raw_request\n\nhid_hw_raw_request() is actually useful to ensure the provided buffer\nand length are valid. Directly calling in the low level transport driver\nfunction bypassed those checks and allowed invalid paramto be used.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-38494" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/0e5017d84d650ca0eeaf4a3fe9264c5dbc886b81", "url": "https://git.kernel.org/stable/c/0e5017d84d650ca0eeaf4a3fe9264c5dbc886b81" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/19d1314d46c0d8a5c08ab53ddeb62280c77698c0", "url": "https://git.kernel.org/stable/c/19d1314d46c0d8a5c08ab53ddeb62280c77698c0" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/40e25aa7e4e0f2440c73a683ee448e41c7c344ed", "url": "https://git.kernel.org/stable/c/40e25aa7e4e0f2440c73a683ee448e41c7c344ed" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a62a895edb2bfebffa865b5129a66e3b4287f34f", "url": "https://git.kernel.org/stable/c/a62a895edb2bfebffa865b5129a66e3b4287f34f" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c2ca42f190b6714d6c481dfd3d9b62ea091c946b", "url": "https://git.kernel.org/stable/c/c2ca42f190b6714d6c481dfd3d9b62ea091c946b" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/d18f63e848840100dbc351a82e7042eac5a28cf5", "url": "https://git.kernel.org/stable/c/d18f63e848840100dbc351a82e7042eac5a28cf5" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/dd8e8314f2ce225dade5248dcfb9e2ac0edda624", "url": "https://git.kernel.org/stable/c/dd8e8314f2ce225dade5248dcfb9e2ac0edda624" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/f10923b8d32a473b229477b63f23bbd72b1e9910", "url": "https://git.kernel.org/stable/c/f10923b8d32a473b229477b63f23bbd72b1e9910" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html" } ], "release_date": "2025-07-28T12:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-38395", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nregulator: gpio: Fix the out-of-bounds access to drvdata::gpiods\n\ndrvdata::gpiods is supposed to hold an array of 'gpio_desc' pointers. But\nthe memory is allocated for only one pointer. This will lead to\nout-of-bounds access later in the code if 'config::ngpios' is > 1. So\nfix the code to allocate enough memory to hold 'config::ngpios' of GPIO\ndescriptors.\n\nWhile at it, also move the check for memory allocation failure to be below\nthe allocation to make it more readable.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-38395" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/24418bc77a66cb5be9f5a837431ba3674ed8b52f", "url": "https://git.kernel.org/stable/c/24418bc77a66cb5be9f5a837431ba3674ed8b52f" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/3830ab97cda9599872625cc0dc7b00160193634f", "url": "https://git.kernel.org/stable/c/3830ab97cda9599872625cc0dc7b00160193634f" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/56738cbac3bbb1d39a71a07f57484dec1db8b239", "url": "https://git.kernel.org/stable/c/56738cbac3bbb1d39a71a07f57484dec1db8b239" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/9fe71972869faed1f8f9b3beb9040f9c1b300c79", "url": "https://git.kernel.org/stable/c/9fe71972869faed1f8f9b3beb9040f9c1b300c79" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a1e12fac214d4f49fcb186dbdf9c5592e7fa0a7a", "url": "https://git.kernel.org/stable/c/a1e12fac214d4f49fcb186dbdf9c5592e7fa0a7a" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a3cd5ae7befbac849e0e0529c94ca04e8093cfd2", "url": "https://git.kernel.org/stable/c/a3cd5ae7befbac849e0e0529c94ca04e8093cfd2" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c9764fd88bc744592b0604ccb6b6fc1a5f76b4e3", "url": "https://git.kernel.org/stable/c/c9764fd88bc744592b0604ccb6b6fc1a5f76b4e3" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/e4d19e5d71b217940e33f2ef6c6962b7b68c5606", "url": "https://git.kernel.org/stable/c/e4d19e5d71b217940e33f2ef6c6962b7b68c5606" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html" } ], "release_date": "2025-07-25T13:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-39863", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcmfmac: fix use-after-free when rescheduling brcmf_btcoex_info work\n\nThe brcmf_btcoex_detach() only shuts down the btcoex timer, if the\nflag timer_on is false. However, the brcmf_btcoex_timerfunc(), which\nruns as timer handler, sets timer_on to false. This creates critical\nrace conditions:\n\n1.If brcmf_btcoex_detach() is called while brcmf_btcoex_timerfunc()\nis executing, it may observe timer_on as false and skip the call to\ntimer_shutdown_sync().\n\n2.The brcmf_btcoex_timerfunc() may then reschedule the brcmf_btcoex_info\nworker after the cancel_work_sync() has been executed, resulting in\nuse-after-free bugs.\n\nThe use-after-free bugs occur in two distinct scenarios, depending on\nthe timing of when the brcmf_btcoex_info struct is freed relative to\nthe execution of its worker thread.\n\nScenario 1: Freed before the worker is scheduled\n\nThe brcmf_btcoex_info is deallocated before the worker is scheduled.\nA race condition can occur when schedule_work(&bt_local->work) is\ncalled after the target memory has been freed. The sequence of events\nis detailed below:\n\nCPU0 | CPU1\nbrcmf_btcoex_detach | brcmf_btcoex_timerfunc\n | bt_local->timer_on = false;\n if (cfg->btcoex->timer_on) |\n ... |\n cancel_work_sync(); |\n ... |\n kfree(cfg->btcoex); // FREE |\n | schedule_work(&bt_local->work); // USE\n\nScenario 2: Freed after the worker is scheduled\n\nThe brcmf_btcoex_info is freed after the worker has been scheduled\nbut before or during its execution. In this case, statements within\nthe brcmf_btcoex_handler() — such as the container_of macro and\nsubsequent dereferences of the brcmf_btcoex_info object will cause\na use-after-free access. The following timeline illustrates this\nscenario:\n\nCPU0 | CPU1\nbrcmf_btcoex_detach | brcmf_btcoex_timerfunc\n | bt_local->timer_on = false;\n if (cfg->btcoex->timer_on) |\n ... |\n cancel_work_sync(); |\n ... | schedule_work(); // Reschedule\n |\n kfree(cfg->btcoex); // FREE | brcmf_btcoex_handler() // Worker\n /* | btci = container_of(....); // USE\n The kfree() above could | ...\n also occur at any point | btci-> // USE\n during the worker's execution|\n */ |\n\nTo resolve the race conditions, drop the conditional check and call\ntimer_shutdown_sync() directly. It can deactivate the timer reliably,\nregardless of its current state. Once stopped, the timer_on state is\nthen set to false.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-39863" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/2f6fbc8e04ca1d1d5c560be694199f847229c625", "url": "https://git.kernel.org/stable/c/2f6fbc8e04ca1d1d5c560be694199f847229c625" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/3e789f8475f6c857c88de5c5bf4b24b11a477dd7", "url": "https://git.kernel.org/stable/c/3e789f8475f6c857c88de5c5bf4b24b11a477dd7" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/9cb83d4be0b9b697eae93d321e0da999f9cdfcfc", "url": "https://git.kernel.org/stable/c/9cb83d4be0b9b697eae93d321e0da999f9cdfcfc" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/f1150153c4e5940fe49ab51136343c5b4fe49d63", "url": "https://git.kernel.org/stable/c/f1150153c4e5940fe49ab51136343c5b4fe49d63" } ], "release_date": "2025-09-19T16:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-38699", "cwe": { "id": "CWE-415", "name": "Double Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: bfa: Double-free fix\n\nWhen the bfad_im_probe() function fails during initialization, the memory\npointed to by bfad->im is freed without setting bfad->im to NULL.\n\nSubsequently, during driver uninstallation, when the state machine enters\nthe bfad_sm_stopping state and calls the bfad_im_probe_undo() function,\nit attempts to free the memory pointed to by bfad->im again, thereby\ntriggering a double-free vulnerability.\n\nSet bfad->im to NULL if probing fails.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-38699" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/13f613228cf3c96a038424cd97aa4d6aadc66294", "url": "https://git.kernel.org/stable/c/13f613228cf3c96a038424cd97aa4d6aadc66294" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/39cfe2c83146aad956318f866d0ee471b7a61fa5", "url": "https://git.kernel.org/stable/c/39cfe2c83146aad956318f866d0ee471b7a61fa5" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/50d9bd48321038bd6e15af5a454bbcd180cf6f80", "url": "https://git.kernel.org/stable/c/50d9bd48321038bd6e15af5a454bbcd180cf6f80" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/684c92bb08a25ed3c0356bc7eb532ed5b19588dd", "url": "https://git.kernel.org/stable/c/684c92bb08a25ed3c0356bc7eb532ed5b19588dd" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/8456f862cb95bcc3a831e1ba87c0c17068be0f3f", "url": "https://git.kernel.org/stable/c/8456f862cb95bcc3a831e1ba87c0c17068be0f3f" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/8e03dd9fadf76db5b9799583074a1a2a54f787f1", "url": "https://git.kernel.org/stable/c/8e03dd9fadf76db5b9799583074a1a2a54f787f1" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/9337c2affbaebe00b75fdf84ea0e2fcf93c140af", "url": "https://git.kernel.org/stable/c/9337c2affbaebe00b75fdf84ea0e2fcf93c140af" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/add4c4850363d7c1b72e8fce9ccb21fdd2cf5dc9", "url": "https://git.kernel.org/stable/c/add4c4850363d7c1b72e8fce9ccb21fdd2cf5dc9" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/ba024d92564580bb90ec367248ace8efe16ce815", "url": "https://git.kernel.org/stable/c/ba024d92564580bb90ec367248ace8efe16ce815" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html" } ], "release_date": "2025-09-04T16:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-38428", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nInput: ims-pcu - check record size in ims_pcu_flash_firmware()\n\nThe \"len\" variable comes from the firmware and we generally do\ntrust firmware, but it's always better to double check. If the \"len\"\nis too large it could result in memory corruption when we do\n\"memcpy(fragment->data, rec->data, len);\"", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-38428" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/17474a56acf708bf6b2d174c06ed26abad0a9fd6", "url": "https://git.kernel.org/stable/c/17474a56acf708bf6b2d174c06ed26abad0a9fd6" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/5a8cd6ae8393e2eaebf51d420d5374821ef2af87", "url": "https://git.kernel.org/stable/c/5a8cd6ae8393e2eaebf51d420d5374821ef2af87" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/74661516daee1eadebede8dc607b6830530096ec", "url": "https://git.kernel.org/stable/c/74661516daee1eadebede8dc607b6830530096ec" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/8e03f1c7d50343bf21da54873301bc4fa647479f", "url": "https://git.kernel.org/stable/c/8e03f1c7d50343bf21da54873301bc4fa647479f" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a95ef0199e80f3384eb992889322957d26c00102", "url": "https://git.kernel.org/stable/c/a95ef0199e80f3384eb992889322957d26c00102" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c1b9d140b0807c6aee4bb53e1bfa4e391e3dc204", "url": "https://git.kernel.org/stable/c/c1b9d140b0807c6aee4bb53e1bfa4e391e3dc204" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/d63706d9f73846106fde28b284f08e01b92ce9f1", "url": "https://git.kernel.org/stable/c/d63706d9f73846106fde28b284f08e01b92ce9f1" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/e5a2481dc2a0b430f49276d7482793a8923631d6", "url": "https://git.kernel.org/stable/c/e5a2481dc2a0b430f49276d7482793a8923631d6" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html" } ], "release_date": "2025-07-25T15:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-38482", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncomedi: das6402: Fix bit shift out of bounds\n\nWhen checking for a supported IRQ number, the following test is used:\n\n\t/* IRQs 2,3,5,6,7, 10,11,15 are valid for \"enhanced\" mode */\n\tif ((1 << it->options[1]) & 0x8cec) {\n\nHowever, `it->options[i]` is an unchecked `int` value from userspace, so\nthe shift amount could be negative or out of bounds. Fix the test by\nrequiring `it->options[1]` to be within bounds before proceeding with\nthe original test. Valid `it->options[1]` values that select the IRQ\nwill be in the range [1,15]. The value 0 explicitly disables the use of\ninterrupts.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-38482" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/3eab654f5d199ecd45403c6588cda63e491fcfca", "url": "https://git.kernel.org/stable/c/3eab654f5d199ecd45403c6588cda63e491fcfca" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/4a3c18cde02e35aba87e0ad5672b3e1c72dda5a4", "url": "https://git.kernel.org/stable/c/4a3c18cde02e35aba87e0ad5672b3e1c72dda5a4" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/70f2b28b5243df557f51c054c20058ae207baaac", "url": "https://git.kernel.org/stable/c/70f2b28b5243df557f51c054c20058ae207baaac" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/73f34d609397805c20d6b2ef5c07a4cbf7c4d63a", "url": "https://git.kernel.org/stable/c/73f34d609397805c20d6b2ef5c07a4cbf7c4d63a" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/8a3637027ceeba4ca5e500b23cb7d24c25592513", "url": "https://git.kernel.org/stable/c/8a3637027ceeba4ca5e500b23cb7d24c25592513" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a15e9c175f783298c4ee48146be6841335400406", "url": "https://git.kernel.org/stable/c/a15e9c175f783298c4ee48146be6841335400406" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a18a42e77545afcacd6a2b8d9fc16191b87454df", "url": "https://git.kernel.org/stable/c/a18a42e77545afcacd6a2b8d9fc16191b87454df" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/de8da1063cce9234d55c8270d9bdf4cf84411c80", "url": "https://git.kernel.org/stable/c/de8da1063cce9234d55c8270d9bdf4cf84411c80" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html" } ], "release_date": "2025-07-28T12:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-38245", "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: Release atm_dev_mutex after removing procfs in atm_dev_deregister().\n\nsyzbot reported a warning below during atm_dev_register(). [0]\n\nBefore creating a new device and procfs/sysfs for it, atm_dev_register()\nlooks up a duplicated device by __atm_dev_lookup(). These operations are\ndone under atm_dev_mutex.\n\nHowever, when removing a device in atm_dev_deregister(), it releases the\nmutex just after removing the device from the list that __atm_dev_lookup()\niterates over.\n\nSo, there will be a small race window where the device does not exist on\nthe device list but procfs/sysfs are still not removed, triggering the\nsplat.\n\nLet's hold the mutex until procfs/sysfs are removed in\natm_dev_deregister().\n\n[0]:\nproc_dir_entry 'atm/atmtcp:0' already registered\nWARNING: CPU: 0 PID: 5919 at fs/proc/generic.c:377 proc_register+0x455/0x5f0 fs/proc/generic.c:377\nModules linked in:\nCPU: 0 UID: 0 PID: 5919 Comm: syz-executor284 Not tainted 6.16.0-rc2-syzkaller-00047-g52da431bf03b #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025\nRIP: 0010:proc_register+0x455/0x5f0 fs/proc/generic.c:377\nCode: 48 89 f9 48 c1 e9 03 80 3c 01 00 0f 85 a2 01 00 00 48 8b 44 24 10 48 c7 c7 20 c0 c2 8b 48 8b b0 d8 00 00 00 e8 0c 02 1c ff 90 <0f> 0b 90 90 48 c7 c7 80 f2 82 8e e8 0b de 23 09 48 8b 4c 24 28 48\nRSP: 0018:ffffc9000466fa30 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff817ae248\nRDX: ffff888026280000 RSI: ffffffff817ae255 RDI: 0000000000000001\nRBP: ffff8880232bed48 R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000001 R12: ffff888076ed2140\nR13: dffffc0000000000 R14: ffff888078a61340 R15: ffffed100edda444\nFS: 00007f38b3b0c6c0(0000) GS:ffff888124753000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f38b3bdf953 CR3: 0000000076d58000 CR4: 00000000003526f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \n proc_create_data+0xbe/0x110 fs/proc/generic.c:585\n atm_proc_dev_register+0x112/0x1e0 net/atm/proc.c:361\n atm_dev_register+0x46d/0x890 net/atm/resources.c:113\n atmtcp_create+0x77/0x210 drivers/atm/atmtcp.c:369\n atmtcp_attach drivers/atm/atmtcp.c:403 [inline]\n atmtcp_ioctl+0x2f9/0xd60 drivers/atm/atmtcp.c:464\n do_vcc_ioctl+0x12c/0x930 net/atm/ioctl.c:159\n sock_do_ioctl+0x115/0x280 net/socket.c:1190\n sock_ioctl+0x227/0x6b0 net/socket.c:1311\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:907 [inline]\n __se_sys_ioctl fs/ioctl.c:893 [inline]\n __x64_sys_ioctl+0x18b/0x210 fs/ioctl.c:893\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xcd/0x4c0 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7f38b3b74459\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f38b3b0c198 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 00007f38b3bfe318 RCX: 00007f38b3b74459\nRDX: 0000000000000000 RSI: 0000000000006180 RDI: 0000000000000005\nRBP: 00007f38b3bfe310 R08: 65732f636f72702f R09: 65732f636f72702f\nR10: 65732f636f72702f R11: 0000000000000246 R12: 00007f38b3bcb0ac\nR13: 00007f38b3b0c1a0 R14: 0000200000000200 R15: 00007f38b3bcb03b\n ", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-38245" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/26248d5d68c865b888d632162abbf8130645622c", "url": "https://git.kernel.org/stable/c/26248d5d68c865b888d632162abbf8130645622c" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/2a8dcee649d12f69713f2589171a1caf6d4fa439", "url": "https://git.kernel.org/stable/c/2a8dcee649d12f69713f2589171a1caf6d4fa439" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/4bb1bb438134d9ee6b97cc07289dd7c569092eec", "url": "https://git.kernel.org/stable/c/4bb1bb438134d9ee6b97cc07289dd7c569092eec" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/6922f1a048c090f10704bbef4a3a1e81932d2e0a", "url": "https://git.kernel.org/stable/c/6922f1a048c090f10704bbef4a3a1e81932d2e0a" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a433791aeaea6e84df709e0b9584b9bbe040cd1c", "url": "https://git.kernel.org/stable/c/a433791aeaea6e84df709e0b9584b9bbe040cd1c" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/ae539d963a17443ec54cba8a767e4ffa318264f4", "url": "https://git.kernel.org/stable/c/ae539d963a17443ec54cba8a767e4ffa318264f4" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/b2e40fcfe1575faaa548f87614006d3fe44c779e", "url": "https://git.kernel.org/stable/c/b2e40fcfe1575faaa548f87614006d3fe44c779e" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/cabed6ba92a9a8c09da02a3f20e32ecd80989896", "url": "https://git.kernel.org/stable/c/cabed6ba92a9a8c09da02a3f20e32ecd80989896" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html" } ], "release_date": "2025-07-09T11:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-38530", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncomedi: pcl812: Fix bit shift out of bounds\n\nWhen checking for a supported IRQ number, the following test is used:\n\n\tif ((1 << it->options[1]) & board->irq_bits) {\n\nHowever, `it->options[i]` is an unchecked `int` value from userspace, so\nthe shift amount could be negative or out of bounds. Fix the test by\nrequiring `it->options[1]` to be within bounds before proceeding with\nthe original test. Valid `it->options[1]` values that select the IRQ\nwill be in the range [1,15]. The value 0 explicitly disables the use of\ninterrupts.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-38530" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/0489c30d080f07cc7f09d04de723d8c2ccdb61ef", "url": "https://git.kernel.org/stable/c/0489c30d080f07cc7f09d04de723d8c2ccdb61ef" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/16c173abee315953fd17a279352fec4a1faee862", "url": "https://git.kernel.org/stable/c/16c173abee315953fd17a279352fec4a1faee862" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/29ef03e5b84431171d6b77b822985b54bc44b793", "url": "https://git.kernel.org/stable/c/29ef03e5b84431171d6b77b822985b54bc44b793" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/374d9b3eb4b08407997ef1fce96119d31e0c0bc4", "url": "https://git.kernel.org/stable/c/374d9b3eb4b08407997ef1fce96119d31e0c0bc4" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/5bfa301e1e59a9b1a7b62a800b54852337c97416", "url": "https://git.kernel.org/stable/c/5bfa301e1e59a9b1a7b62a800b54852337c97416" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/7e470d8efd10725b189ca8951973a8425932398a", "url": "https://git.kernel.org/stable/c/7e470d8efd10725b189ca8951973a8425932398a" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a27e27eee313fe1c450b6af1e80e64412546cab4", "url": "https://git.kernel.org/stable/c/a27e27eee313fe1c450b6af1e80e64412546cab4" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/b14b076ce593f72585412fc7fd3747e03a5e3632", "url": "https://git.kernel.org/stable/c/b14b076ce593f72585412fc7fd3747e03a5e3632" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html" } ], "release_date": "2025-08-16T12:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-39971", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\ni40e: fix idx validation in config queues msg\nEnsure idx is within range of active/initialized TCs when iterating over\nvf->ch[idx] in i40e_vc_config_queues_msg().", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-39971" } ], "release_date": "2025-10-15T00:00:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.6, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-38483", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncomedi: das16m1: Fix bit shift out of bounds\n\nWhen checking for a supported IRQ number, the following test is used:\n\n\t/* only irqs 2, 3, 4, 5, 6, 7, 10, 11, 12, 14, and 15 are valid */\n\tif ((1 << it->options[1]) & 0xdcfc) {\n\nHowever, `it->options[i]` is an unchecked `int` value from userspace, so\nthe shift amount could be negative or out of bounds. Fix the test by\nrequiring `it->options[1]` to be within bounds before proceeding with\nthe original test.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-38483" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/076b13ee60eb01ed0d140ef261f95534562a3077", "url": "https://git.kernel.org/stable/c/076b13ee60eb01ed0d140ef261f95534562a3077" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/539bdff832adac9ea653859fa0b6bc62e743329c", "url": "https://git.kernel.org/stable/c/539bdff832adac9ea653859fa0b6bc62e743329c" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/65c03e6fc524eb2868abedffd8a4613d78abc288", "url": "https://git.kernel.org/stable/c/65c03e6fc524eb2868abedffd8a4613d78abc288" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/adb7df8a8f9d788423e161b779764527dd3ec2d0", "url": "https://git.kernel.org/stable/c/adb7df8a8f9d788423e161b779764527dd3ec2d0" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/b3c95fa508e5dc3da60520eea92a5241095ceef1", "url": "https://git.kernel.org/stable/c/b3c95fa508e5dc3da60520eea92a5241095ceef1" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/d1291c69f46d6572b2cf75960dd8975d7ab2176b", "url": "https://git.kernel.org/stable/c/d1291c69f46d6572b2cf75960dd8975d7ab2176b" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/ed93c6f68a3be06e4e0c331c6e751f462dee3932", "url": "https://git.kernel.org/stable/c/ed93c6f68a3be06e4e0c331c6e751f462dee3932" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/f211572818ed5bec2b3f5d4e0719ef8699b3c269", "url": "https://git.kernel.org/stable/c/f211572818ed5bec2b3f5d4e0719ef8699b3c269" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html" } ], "release_date": "2025-07-28T12:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-37928", "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm-bufio: don't schedule in atomic context\n\nA BUG was reported as below when CONFIG_DEBUG_ATOMIC_SLEEP and\ntry_verify_in_tasklet are enabled.\n[ 129.444685][ T934] BUG: sleeping function called from invalid context at drivers/md/dm-bufio.c:2421\n[ 129.444723][ T934] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 934, name: kworker/1:4\n[ 129.444740][ T934] preempt_count: 201, expected: 0\n[ 129.444756][ T934] RCU nest depth: 0, expected: 0\n[ 129.444781][ T934] Preemption disabled at:\n[ 129.444789][ T934] [] shrink_work+0x21c/0x248\n[ 129.445167][ T934] kernel BUG at kernel/sched/walt/walt_debug.c:16!\n[ 129.445183][ T934] Internal error: Oops - BUG: 00000000f2000800 [#1] PREEMPT SMP\n[ 129.445204][ T934] Skip md ftrace buffer dump for: 0x1609e0\n[ 129.447348][ T934] CPU: 1 PID: 934 Comm: kworker/1:4 Tainted: G W OE 6.6.56-android15-8-o-g6f82312b30b9-debug #1 1400000003000000474e5500b3187743670464e8\n[ 129.447362][ T934] Hardware name: Qualcomm Technologies, Inc. Parrot QRD, Alpha-M (DT)\n[ 129.447373][ T934] Workqueue: dm_bufio_cache shrink_work\n[ 129.447394][ T934] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 129.447406][ T934] pc : android_rvh_schedule_bug+0x0/0x8 [sched_walt_debug]\n[ 129.447435][ T934] lr : __traceiter_android_rvh_schedule_bug+0x44/0x6c\n[ 129.447451][ T934] sp : ffffffc0843dbc90\n[ 129.447459][ T934] x29: ffffffc0843dbc90 x28: ffffffffffffffff x27: 0000000000000c8b\n[ 129.447479][ T934] x26: 0000000000000040 x25: ffffff804b3d6260 x24: ffffffd816232b68\n[ 129.447497][ T934] x23: ffffff805171c5b4 x22: 0000000000000000 x21: ffffffd816231900\n[ 129.447517][ T934] x20: ffffff80306ba898 x19: 0000000000000000 x18: ffffffc084159030\n[ 129.447535][ T934] x17: 00000000d2b5dd1f x16: 00000000d2b5dd1f x15: ffffffd816720358\n[ 129.447554][ T934] x14: 0000000000000004 x13: ffffff89ef978000 x12: 0000000000000003\n[ 129.447572][ T934] x11: ffffffd817a823c4 x10: 0000000000000202 x9 : 7e779c5735de9400\n[ 129.447591][ T934] x8 : ffffffd81560d004 x7 : 205b5d3938373434 x6 : ffffffd8167397c8\n[ 129.447610][ T934] x5 : 0000000000000000 x4 : 0000000000000001 x3 : ffffffc0843db9e0\n[ 129.447629][ T934] x2 : 0000000000002f15 x1 : 0000000000000000 x0 : 0000000000000000\n[ 129.447647][ T934] Call trace:\n[ 129.447655][ T934] android_rvh_schedule_bug+0x0/0x8 [sched_walt_debug 1400000003000000474e550080cce8a8a78606b6]\n[ 129.447681][ T934] __might_resched+0x190/0x1a8\n[ 129.447694][ T934] shrink_work+0x180/0x248\n[ 129.447706][ T934] process_one_work+0x260/0x624\n[ 129.447718][ T934] worker_thread+0x28c/0x454\n[ 129.447729][ T934] kthread+0x118/0x158\n[ 129.447742][ T934] ret_from_fork+0x10/0x20\n[ 129.447761][ T934] Code: ???????? ???????? ???????? d2b5dd1f (d4210000)\n[ 129.447772][ T934] ---[ end trace 0000000000000000 ]---\n\ndm_bufio_lock will call spin_lock_bh when try_verify_in_tasklet\nis enabled, and __scan will be called in atomic context.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-37928" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/69a37b3ba85088fc6b903b8e1db7f0a1d4d0b52d", "url": "https://git.kernel.org/stable/c/69a37b3ba85088fc6b903b8e1db7f0a1d4d0b52d" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a3d8f0a7f5e8b193db509c7191fefeed3533fc44", "url": "https://git.kernel.org/stable/c/a3d8f0a7f5e8b193db509c7191fefeed3533fc44" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a99f5bf4f7197009859dbce14c12f8e2ce5a5a69", "url": "https://git.kernel.org/stable/c/a99f5bf4f7197009859dbce14c12f8e2ce5a5a69" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c8c83052283bcf2fdd467a33d1d2bd5ba36e935a", "url": "https://git.kernel.org/stable/c/c8c83052283bcf2fdd467a33d1d2bd5ba36e935a" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/f45108257280e0a1cc951ce254853721b40c0812", "url": "https://git.kernel.org/stable/c/f45108257280e0a1cc951ce254853721b40c0812" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/08/msg00010.html", "url": "https://lists.debian.org/debian-lts-announce/2025/08/msg00010.html" } ], "release_date": "2025-05-20T16:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-38204", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: fix array-index-out-of-bounds read in add_missing_indices\n\nstbl is s8 but it must contain offsets into slot which can go from 0 to\n127.\n\nAdded a bound check for that error and return -EIO if the check fails.\nAlso make jfs_readdir return with error if add_missing_indices returns\nwith an error.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-38204" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/44618bee303bed151ef3a525ff79fbd7689593b5", "url": "https://git.kernel.org/stable/c/44618bee303bed151ef3a525ff79fbd7689593b5" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/5dff41a86377563f7a2b968aae00d25b4ceb37c9", "url": "https://git.kernel.org/stable/c/5dff41a86377563f7a2b968aae00d25b4ceb37c9" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/81af4b34fd72d390d7f237c6a545cc6d09707956", "url": "https://git.kernel.org/stable/c/81af4b34fd72d390d7f237c6a545cc6d09707956" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/bfa4655d28f338e68d345aed80d19be7999bbce2", "url": "https://git.kernel.org/stable/c/bfa4655d28f338e68d345aed80d19be7999bbce2" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c8399564a58fb6ea2ff21a6fd278417943cb51a5", "url": "https://git.kernel.org/stable/c/c8399564a58fb6ea2ff21a6fd278417943cb51a5" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html" } ], "release_date": "2025-07-04T14:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-39810", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbnxt_en: Fix memory corruption when FW resources change during ifdown\n\nbnxt_set_dflt_rings() assumes that it is always called before any TC has\nbeen created. So it doesn't take bp->num_tc into account and assumes\nthat it is always 0 or 1.\n\nIn the FW resource or capability change scenario, the FW will return\nflags in bnxt_hwrm_if_change() that will cause the driver to\nreinitialize and call bnxt_cancel_reservations(). This will lead to\nbnxt_init_dflt_ring_mode() calling bnxt_set_dflt_rings() and bp->num_tc\nmay be greater than 1. This will cause bp->tx_ring[] to be sized too\nsmall and cause memory corruption in bnxt_alloc_cp_rings().\n\nFix it by properly scaling the TX rings by bp->num_tc in the code\npaths mentioned above. Add 2 helper functions to determine\nbp->tx_nr_rings and bp->tx_nr_rings_per_tc.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-39810" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/2747328ba2714f1a7454208dbbc1dc0631990b4a", "url": "https://git.kernel.org/stable/c/2747328ba2714f1a7454208dbbc1dc0631990b4a" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/9ab6a9950f152e094395d2e3967f889857daa185", "url": "https://git.kernel.org/stable/c/9ab6a9950f152e094395d2e3967f889857daa185" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/d00e98977ef519280b075d783653e2c492fffbb6", "url": "https://git.kernel.org/stable/c/d00e98977ef519280b075d783653e2c492fffbb6" } ], "release_date": "2025-09-16T13:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2023-52854", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\npadata: Fix refcnt handling in padata_free_shell()\n\nIn a high-load arm64 environment, the pcrypt_aead01 test in LTP can lead\nto system UAF (Use-After-Free) issues. Due to the lengthy analysis of\nthe pcrypt_aead01 function call, I'll describe the problem scenario\nusing a simplified model:\n\nSuppose there's a user of padata named `user_function` that adheres to\nthe padata requirement of calling `padata_free_shell` after `serial()`\nhas been invoked, as demonstrated in the following code:\n\n```c\nstruct request {\n struct padata_priv padata;\n struct completion *done;\n};\n\nvoid parallel(struct padata_priv *padata) {\n do_something();\n}\n\nvoid serial(struct padata_priv *padata) {\n struct request *request = container_of(padata,\n \t\t\t\tstruct request,\n\t\t\t\tpadata);\n complete(request->done);\n}\n\nvoid user_function() {\n DECLARE_COMPLETION(done)\n padata->parallel = parallel;\n padata->serial = serial;\n padata_do_parallel();\n wait_for_completion(&done);\n padata_free_shell();\n}\n```\n\nIn the corresponding padata.c file, there's the following code:\n\n```c\nstatic void padata_serial_worker(struct work_struct *serial_work) {\n ...\n cnt = 0;\n\n while (!list_empty(&local_list)) {\n ...\n padata->serial(padata);\n cnt++;\n }\n\n local_bh_enable();\n\n if (refcount_sub_and_test(cnt, &pd->refcnt))\n padata_free_pd(pd);\n}\n```\n\nBecause of the high system load and the accumulation of unexecuted\nsoftirq at this moment, `local_bh_enable()` in padata takes longer\nto execute than usual. Subsequently, when accessing `pd->refcnt`,\n`pd` has already been released by `padata_free_shell()`, resulting\nin a UAF issue with `pd->refcnt`.\n\nThe fix is straightforward: add `refcount_dec_and_test` before calling\n`padata_free_pd` in `padata_free_shell`.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2023-52854" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/0dd34a7ad395dbcf6ae60e48e9786050e25b9bc5", "url": "https://git.kernel.org/stable/c/0dd34a7ad395dbcf6ae60e48e9786050e25b9bc5" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/1734a79e951914f1db2c65e635012a35db1c674b", "url": "https://git.kernel.org/stable/c/1734a79e951914f1db2c65e635012a35db1c674b" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/1e901bcb8af19416b65f5063a4af7996e5a51d7f", "url": "https://git.kernel.org/stable/c/1e901bcb8af19416b65f5063a4af7996e5a51d7f" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/41aad9d6953984d134fc50f631f24ef476875d4d", "url": "https://git.kernel.org/stable/c/41aad9d6953984d134fc50f631f24ef476875d4d" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/7ddc21e317b360c3444de3023bcc83b85fabae2f", "url": "https://git.kernel.org/stable/c/7ddc21e317b360c3444de3023bcc83b85fabae2f" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c7c26d0ef5d20f00dbb2ae3befcabbe0efa77275", "url": "https://git.kernel.org/stable/c/c7c26d0ef5d20f00dbb2ae3befcabbe0efa77275" } ], "release_date": "2024-05-21T16:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-38068", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: lzo - Fix compression buffer overrun\n\nUnlike the decompression code, the compression code in LZO never\nchecked for output overruns. It instead assumes that the caller\nalways provides enough buffer space, disregarding the buffer length\nprovided by the caller.\n\nAdd a safe compression interface that checks for the end of buffer\nbefore each write. Use the safe interface in crypto/lzo.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-38068" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/0acdc4d6e679ba31d01e3e7e2e4124b76d6d8e2a", "url": "https://git.kernel.org/stable/c/0acdc4d6e679ba31d01e3e7e2e4124b76d6d8e2a" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/167373d77c70c2b558aae3e327b115249bb2652c", "url": "https://git.kernel.org/stable/c/167373d77c70c2b558aae3e327b115249bb2652c" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/4b173bb2c4665c23f8fcf5241c7b06dfa6b5b111", "url": "https://git.kernel.org/stable/c/4b173bb2c4665c23f8fcf5241c7b06dfa6b5b111" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/7caad075acb634a74911830d6386c50ea12566cd", "url": "https://git.kernel.org/stable/c/7caad075acb634a74911830d6386c50ea12566cd" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a98bd864e16f91c70b2469adf013d713d04d1d13", "url": "https://git.kernel.org/stable/c/a98bd864e16f91c70b2469adf013d713d04d1d13" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/cc47f07234f72cbd8e2c973cdbf2a6730660a463", "url": "https://git.kernel.org/stable/c/cc47f07234f72cbd8e2c973cdbf2a6730660a463" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html" } ], "release_date": "2025-06-18T10:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-38198", "cwe": { "id": "CWE-129", "name": "Improper Validation of Array Index" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbcon: Make sure modelist not set on unregistered console\n\nIt looks like attempting to write to the \"store_modes\" sysfs node will\nrun afoul of unregistered consoles:\n\nUBSAN: array-index-out-of-bounds in drivers/video/fbdev/core/fbcon.c:122:28\nindex -1 is out of range for type 'fb_info *[32]'\n...\n fbcon_info_from_console+0x192/0x1a0 drivers/video/fbdev/core/fbcon.c:122\n fbcon_new_modelist+0xbf/0x2d0 drivers/video/fbdev/core/fbcon.c:3048\n fb_new_modelist+0x328/0x440 drivers/video/fbdev/core/fbmem.c:673\n store_modes+0x1c9/0x3e0 drivers/video/fbdev/core/fbsysfs.c:113\n dev_attr_store+0x55/0x80 drivers/base/core.c:2439\n\nstatic struct fb_info *fbcon_registered_fb[FB_MAX];\n...\nstatic signed char con2fb_map[MAX_NR_CONSOLES];\n...\nstatic struct fb_info *fbcon_info_from_console(int console)\n...\n return fbcon_registered_fb[con2fb_map[console]];\n\nIf con2fb_map contains a -1 things go wrong here. Instead, return NULL,\nas callers of fbcon_info_from_console() are trying to compare against\nexisting \"info\" pointers, so error handling should kick in correctly.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-38198" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/519ba75728ee8cd561dce25fc52a2ec5c47171dc", "url": "https://git.kernel.org/stable/c/519ba75728ee8cd561dce25fc52a2ec5c47171dc" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/54b28f7c567dd659e5f9562f518e4d7f3f6a367b", "url": "https://git.kernel.org/stable/c/54b28f7c567dd659e5f9562f518e4d7f3f6a367b" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/b3237d451bf3a4490cb1a76f3b7c91d9888f1c4b", "url": "https://git.kernel.org/stable/c/b3237d451bf3a4490cb1a76f3b7c91d9888f1c4b" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/cedc1b63394a866bf8663a3e40f4546f1d28c8d8", "url": "https://git.kernel.org/stable/c/cedc1b63394a866bf8663a3e40f4546f1d28c8d8" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/f28f1f578cd810779d01999c60618cda14c281dd", "url": "https://git.kernel.org/stable/c/f28f1f578cd810779d01999c60618cda14c281dd" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html" } ], "release_date": "2025-07-04T14:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-38685", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: Fix vmalloc out-of-bounds write in fast_imageblit\n\nThis issue triggers when a userspace program does an ioctl\nFBIOPUT_CON2FBMAP by passing console number and frame buffer number.\nIdeally this maps console to frame buffer and updates the screen if\nconsole is visible.\n\nAs part of mapping it has to do resize of console according to frame\nbuffer info. if this resize fails and returns from vc_do_resize() and\ncontinues further. At this point console and new frame buffer are mapped\nand sets display vars. Despite failure still it continue to proceed\nupdating the screen at later stages where vc_data is related to previous\nframe buffer and frame buffer info and display vars are mapped to new\nframe buffer and eventully leading to out-of-bounds write in\nfast_imageblit(). This bheviour is excepted only when fg_console is\nequal to requested console which is a visible console and updates screen\nwith invalid struct references in fbcon_putcs().", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-38685" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/078e62bffca4b7e72e8f3550eb063ab981c36c7a", "url": "https://git.kernel.org/stable/c/078e62bffca4b7e72e8f3550eb063ab981c36c7a" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/27b118aebdd84161c8ff5ce49d9d536f2af10754", "url": "https://git.kernel.org/stable/c/27b118aebdd84161c8ff5ce49d9d536f2af10754" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/4c4d7ddaf1d43780b106bedc692679f965dc5a3a", "url": "https://git.kernel.org/stable/c/4c4d7ddaf1d43780b106bedc692679f965dc5a3a" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/56701bf9eeb63219e378cb7fcbd066ea4eaeeb50", "url": "https://git.kernel.org/stable/c/56701bf9eeb63219e378cb7fcbd066ea4eaeeb50" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/af0db3c1f898144846d4c172531a199bb3ca375d", "url": "https://git.kernel.org/stable/c/af0db3c1f898144846d4c172531a199bb3ca375d" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/cfec17721265e72e50cc69c6004fe3475cd38df2", "url": "https://git.kernel.org/stable/c/cfec17721265e72e50cc69c6004fe3475cd38df2" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/ed9b8e5016230868c8d813d9179523f729fec8c6", "url": "https://git.kernel.org/stable/c/ed9b8e5016230868c8d813d9179523f729fec8c6" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html" } ], "release_date": "2025-09-04T16:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-38375", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvirtio-net: ensure the received length does not exceed allocated size\n\nIn xdp_linearize_page, when reading the following buffers from the ring,\nwe forget to check the received length with the true allocate size. This\ncan lead to an out-of-bound read. This commit adds that missing check.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-38375" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/11f2d0e8be2b5e784ac45fa3da226492c3e506d8", "url": "https://git.kernel.org/stable/c/11f2d0e8be2b5e784ac45fa3da226492c3e506d8" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/315dbdd7cdf6aa533829774caaf4d25f1fd20e73", "url": "https://git.kernel.org/stable/c/315dbdd7cdf6aa533829774caaf4d25f1fd20e73" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/6aca3dad2145e864dfe4d1060f45eb1bac75dd58", "url": "https://git.kernel.org/stable/c/6aca3dad2145e864dfe4d1060f45eb1bac75dd58" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/773e95c268b5d859f51f7547559734fd2a57660c", "url": "https://git.kernel.org/stable/c/773e95c268b5d859f51f7547559734fd2a57660c" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/80b971be4c37a4d23a7f1abc5ff33dc7733d649b", "url": "https://git.kernel.org/stable/c/80b971be4c37a4d23a7f1abc5ff33dc7733d649b" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/982beb7582c193544eb9c6083937ec5ac1c9d651", "url": "https://git.kernel.org/stable/c/982beb7582c193544eb9c6083937ec5ac1c9d651" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/bc68bc3563344ccdc57d1961457cdeecab8f81ef", "url": "https://git.kernel.org/stable/c/bc68bc3563344ccdc57d1961457cdeecab8f81ef" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/ddc8649d363141fb3371dd81a73e1cb4ef8ed1e1", "url": "https://git.kernel.org/stable/c/ddc8649d363141fb3371dd81a73e1cb4ef8ed1e1" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html" } ], "release_date": "2025-07-25T13:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-38250", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: hci_core: Fix use-after-free in vhci_flush()\n\nsyzbot reported use-after-free in vhci_flush() without repro. [0]\n\nFrom the splat, a thread close()d a vhci file descriptor while\nits device was being used by iotcl() on another thread.\n\nOnce the last fd refcnt is released, vhci_release() calls\nhci_unregister_dev(), hci_free_dev(), and kfree() for struct\nvhci_data, which is set to hci_dev->dev->driver_data.\n\nThe problem is that there is no synchronisation after unlinking\nhdev from hci_dev_list in hci_unregister_dev(). There might be\nanother thread still accessing the hdev which was fetched before\nthe unlink operation.\n\nWe can use SRCU for such synchronisation.\n\nLet's run hci_dev_reset() under SRCU and wait for its completion\nin hci_unregister_dev().\n\nAnother option would be to restore hci_dev->destruct(), which was\nremoved in commit 587ae086f6e4 (\"Bluetooth: Remove unused\nhci-destruct cb\"). However, this would not be a good solution, as\nwe should not run hci_unregister_dev() while there are in-flight\nioctl() requests, which could lead to another data-race KCSAN splat.\n\nNote that other drivers seem to have the same problem, for exmaple,\nvirtbt_remove().\n\n[0]:\nBUG: KASAN: slab-use-after-free in skb_queue_empty_lockless include/linux/skbuff.h:1891 [inline]\nBUG: KASAN: slab-use-after-free in skb_queue_purge_reason+0x99/0x360 net/core/skbuff.c:3937\nRead of size 8 at addr ffff88807cb8d858 by task syz.1.219/6718\n\nCPU: 1 UID: 0 PID: 6718 Comm: syz.1.219 Not tainted 6.16.0-rc1-syzkaller-00196-g08207f42d3ff #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025\nCall Trace:\n \n dump_stack_lvl+0x189/0x250 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:408 [inline]\n print_report+0xd2/0x2b0 mm/kasan/report.c:521\n kasan_report+0x118/0x150 mm/kasan/report.c:634\n skb_queue_empty_lockless include/linux/skbuff.h:1891 [inline]\n skb_queue_purge_reason+0x99/0x360 net/core/skbuff.c:3937\n skb_queue_purge include/linux/skbuff.h:3368 [inline]\n vhci_flush+0x44/0x50 drivers/bluetooth/hci_vhci.c:69\n hci_dev_do_reset net/bluetooth/hci_core.c:552 [inline]\n hci_dev_reset+0x420/0x5c0 net/bluetooth/hci_core.c:592\n sock_do_ioctl+0xd9/0x300 net/socket.c:1190\n sock_ioctl+0x576/0x790 net/socket.c:1311\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:907 [inline]\n __se_sys_ioctl+0xf9/0x170 fs/ioctl.c:893\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xfa/0x3b0 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7fcf5b98e929\nCode: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fcf5c7b9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 00007fcf5bbb6160 RCX: 00007fcf5b98e929\nRDX: 0000000000000000 RSI: 00000000400448cb RDI: 0000000000000009\nRBP: 00007fcf5ba10b39 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 0000000000000000 R14: 00007fcf5bbb6160 R15: 00007ffd6353d528\n \n\nAllocated by task 6535:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3e/0x80 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0x93/0xb0 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __kmalloc_cache_noprof+0x230/0x3d0 mm/slub.c:4359\n kmalloc_noprof include/linux/slab.h:905 [inline]\n kzalloc_noprof include/linux/slab.h:1039 [inline]\n vhci_open+0x57/0x360 drivers/bluetooth/hci_vhci.c:635\n misc_open+0x2bc/0x330 drivers/char/misc.c:161\n chrdev_open+0x4c9/0x5e0 fs/char_dev.c:414\n do_dentry_open+0xdf0/0x1970 fs/open.c:964\n vfs_open+0x3b/0x340 fs/open.c:1094\n do_open fs/namei.c:3887 [inline]\n path_openat+0x2ee5/0x3830 fs/name\n---truncated---", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-38250" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/0e5c144c557df910ab64d9c25d06399a9a735e65", "url": "https://git.kernel.org/stable/c/0e5c144c557df910ab64d9c25d06399a9a735e65" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/1d6123102e9fbedc8d25bf4731da6d513173e49e", "url": "https://git.kernel.org/stable/c/1d6123102e9fbedc8d25bf4731da6d513173e49e" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/bc0819a25e04cd68ef3568cfa51b63118fea39a7", "url": "https://git.kernel.org/stable/c/bc0819a25e04cd68ef3568cfa51b63118fea39a7" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/ce23b73f0f27e2dbeb81734a79db710f05aa33c6", "url": "https://git.kernel.org/stable/c/ce23b73f0f27e2dbeb81734a79db710f05aa33c6" } ], "release_date": "2025-07-09T11:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2022-21546", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: target: Fix WRITE_SAME No Data Buffer crash\n\nIn newer version of the SBC specs, we have a NDOB bit that indicates there\nis no data buffer that gets written out. If this bit is set using commands\nlike \"sg_write_same --ndob\" we will crash in target_core_iblock/file's\nexecute_write_same handlers when we go to access the se_cmd->t_data_sg\nbecause its NULL.\n\nThis patch adds a check for the NDOB bit in the common WRITE SAME code\nbecause we don't support it. And, it adds a check for zero SG elements in\neach handler in case the initiator tries to send a normal WRITE SAME with\nno data buffer.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-21546" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/4226622647e3e5ac06d3ebc1605b917446157510", "url": "https://git.kernel.org/stable/c/4226622647e3e5ac06d3ebc1605b917446157510" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/54e57be2573cf0b8bf650375fd8752987b6c3d3b", "url": "https://git.kernel.org/stable/c/54e57be2573cf0b8bf650375fd8752987b6c3d3b" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/ccd3f449052449a917a3e577d8ba0368f43b8f29", "url": "https://git.kernel.org/stable/c/ccd3f449052449a917a3e577d8ba0368f43b8f29" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/d8e6a27e9238dd294d6f2f401655f300dca20899", "url": "https://git.kernel.org/stable/c/d8e6a27e9238dd294d6f2f401655f300dca20899" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html" } ], "release_date": "2025-05-02T22:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-38556", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: core: Harden s32ton() against conversion to 0 bits\n\nTesting by the syzbot fuzzer showed that the HID core gets a\nshift-out-of-bounds exception when it tries to convert a 32-bit\nquantity to a 0-bit quantity. Ideally this should never occur, but\nthere are buggy devices and some might have a report field with size\nset to zero; we shouldn't reject the report or the device just because\nof that.\n\nInstead, harden the s32ton() routine so that it returns a reasonable\nresult instead of crashing when it is called with the number of bits\nset to 0 -- the same as what snto32() does.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-38556" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/3c86548a20d7bc2861aa4de044991a327bebad1a", "url": "https://git.kernel.org/stable/c/3c86548a20d7bc2861aa4de044991a327bebad1a" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/6cdf6c708717c5c6897d0800a1793e83757c7491", "url": "https://git.kernel.org/stable/c/6cdf6c708717c5c6897d0800a1793e83757c7491" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/810189546cb6c8f36443ed091d91f1f5d2fc2ec7", "url": "https://git.kernel.org/stable/c/810189546cb6c8f36443ed091d91f1f5d2fc2ec7" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/865ad8469fa24de1559f247d9426ab01e5ce3a56", "url": "https://git.kernel.org/stable/c/865ad8469fa24de1559f247d9426ab01e5ce3a56" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/8b4a94b1510f6a46ec48494b52ee8f67eb4fc836", "url": "https://git.kernel.org/stable/c/8b4a94b1510f6a46ec48494b52ee8f67eb4fc836" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a6b87bfc2ab5bccb7ad953693c85d9062aef3fdd", "url": "https://git.kernel.org/stable/c/a6b87bfc2ab5bccb7ad953693c85d9062aef3fdd" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/d3b504146c111548ab60b6ef7aad00bfb1db05a2", "url": "https://git.kernel.org/stable/c/d3b504146c111548ab60b6ef7aad00bfb1db05a2" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/eeeaba737919bdce9885e2a00ac2912f61a3684d", "url": "https://git.kernel.org/stable/c/eeeaba737919bdce9885e2a00ac2912f61a3684d" } ], "release_date": "2025-08-19T17:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-39760", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: core: config: Prevent OOB read in SS endpoint companion parsing\n\nusb_parse_ss_endpoint_companion() checks descriptor type before length,\nenabling a potentially odd read outside of the buffer size.\n\nFix this up by checking the size first before looking at any of the\nfields in the descriptor.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-39760" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/058ad2b722812708fe90567875704ae36563e33b", "url": "https://git.kernel.org/stable/c/058ad2b722812708fe90567875704ae36563e33b" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/4fe6f472f0beef4281e6f03bc38a910a33be663f", "url": "https://git.kernel.org/stable/c/4fe6f472f0beef4281e6f03bc38a910a33be663f" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/5badd56c711e2c8371d1670f9bd486697575423c", "url": "https://git.kernel.org/stable/c/5badd56c711e2c8371d1670f9bd486697575423c" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/5c3097ede7835d3caf6543eb70ff689af4550cd2", "url": "https://git.kernel.org/stable/c/5c3097ede7835d3caf6543eb70ff689af4550cd2" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/9512510cee7d1becdb0e9413fdd3ab783e4e30ee", "url": "https://git.kernel.org/stable/c/9512510cee7d1becdb0e9413fdd3ab783e4e30ee" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/9843bcb187cb933861f7805022e6873905f669e4", "url": "https://git.kernel.org/stable/c/9843bcb187cb933861f7805022e6873905f669e4" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/b10e0f868067c6f25bbfabdcf3e1e6432c24ca55", "url": "https://git.kernel.org/stable/c/b10e0f868067c6f25bbfabdcf3e1e6432c24ca55" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/cf16f408364efd8a68f39011a3b073c83a03612d", "url": "https://git.kernel.org/stable/c/cf16f408364efd8a68f39011a3b073c83a03612d" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html" } ], "release_date": "2025-09-11T17:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-38401", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmtk-sd: Prevent memory corruption from DMA map failure\n\nIf msdc_prepare_data() fails to map the DMA region, the request is\nnot prepared for data receiving, but msdc_start_data() proceeds\nthe DMA with previous setting.\nSince this will lead a memory corruption, we have to stop the\nrequest operation soon after the msdc_prepare_data() fails to\nprepare it.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-38401" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/3419bc6a7b65cbbb91417bb9970208478e034c79", "url": "https://git.kernel.org/stable/c/3419bc6a7b65cbbb91417bb9970208478e034c79" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/48bf4f3dfcdab02b22581d8e350a2d23130b72c0", "url": "https://git.kernel.org/stable/c/48bf4f3dfcdab02b22581d8e350a2d23130b72c0" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/5ac9e9e2e9cd6247d8c2d99780eae4556049e1cc", "url": "https://git.kernel.org/stable/c/5ac9e9e2e9cd6247d8c2d99780eae4556049e1cc" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/61cdd663564674ea21ceb50aa9d3697cbe9e45f9", "url": "https://git.kernel.org/stable/c/61cdd663564674ea21ceb50aa9d3697cbe9e45f9" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/63e8953f16acdcb23e2d4dd8a566d3c34df3e200", "url": "https://git.kernel.org/stable/c/63e8953f16acdcb23e2d4dd8a566d3c34df3e200" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a5f5f67b284d81776d4a3eb1f8607e4b7f91f11c", "url": "https://git.kernel.org/stable/c/a5f5f67b284d81776d4a3eb1f8607e4b7f91f11c" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/d54771571f74a82c59830a32e76af78a8e57ac69", "url": "https://git.kernel.org/stable/c/d54771571f74a82c59830a32e76af78a8e57ac69" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/f5de469990f19569627ea0dd56536ff5a13beaa3", "url": "https://git.kernel.org/stable/c/f5de469990f19569627ea0dd56536ff5a13beaa3" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html" } ], "release_date": "2025-07-25T13:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-39993", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\nmedia: rc: fix races with imon_disconnect()\nSyzbot reports a KASAN issue as below:\nBUG: KASAN: use-after-free in __create_pipe include/linux/usb.h:1945 [inline]\nBUG: KASAN: use-after-free in send_packet+0xa2d/0xbc0 drivers/media/rc/imon.c:627\nRead of size 4 at addr ffff8880256fb000 by task syz-executor314/4465\nCPU: 2 PID: 4465 Comm: syz-executor314 Not tainted 6.0.0-rc1-syzkaller #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014\nCall Trace:\n\n__dump_stack lib/dump_stack.c:88 [inline]\ndump_stack_lvl+0xcd/0x134 lib/dump_stack.c:106\nprint_address_description mm/kasan/report.c:317 [inline]\nprint_report.cold+0x2ba/0x6e9 mm/kasan/report.c:433\nkasan_report+0xb1/0x1e0 mm/kasan/report.c:495\n__create_pipe include/linux/usb.h:1945 [inline]\nsend_packet+0xa2d/0xbc0 drivers/media/rc/imon.c:627\nvfd_write+0x2d9/0x550 drivers/media/rc/imon.c:991\nvfs_write+0x2d7/0xdd0 fs/read_write.c:576\nksys_write+0x127/0x250 fs/read_write.c:631\ndo_syscall_x64 arch/x86/entry/common.c:50 [inline]\ndo_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80\nentry_SYSCALL_64_after_hwframe+0x63/0xcd\nThe iMON driver improperly releases the usb_device reference in\nimon_disconnect without coordinating with active users of the\ndevice.\nSpecifically, the fields usbdev_intf0 and usbdev_intf1 are not\nprotected by the users counter (ictx->users). During probe,\nimon_init_intf0 or imon_init_intf1 increments the usb_device\nreference count depending on the interface. However, during\ndisconnect, usb_put_dev is called unconditionally, regardless of\nactual usage.\nAs a result, if vfd_write or other operations are still in\nprogress after disconnect, this can lead to a use-after-free of\nthe usb_device pointer.\nThread 1 vfd_write Thread 2 imon_disconnect\n...\nif\nusb_put_dev(ictx->usbdev_intf0)\nelse\nusb_put_dev(ictx->usbdev_intf1)\n...\nwhile\nsend_packet\nif\npipe = usb_sndintpipe(\nictx->usbdev_intf0) UAF\nelse\npipe = usb_sndctrlpipe(\nictx->usbdev_intf0, 0) UAF\nGuard access to usbdev_intf0 and usbdev_intf1 after disconnect by\nchecking ictx->disconnected in all writer paths. Add early return\nwith -ENODEV in send_packet(), vfd_write(), lcd_write() and\ndisplay_open() if the device is no longer present.\nSet and read ictx->disconnected under ictx->lock to ensure memory\nsynchronization. Acquire the lock in imon_disconnect() before setting\nthe flag to synchronize with any ongoing operations.\nEnsure writers exit early and safely after disconnect before the USB\ncore proceeds with cleanup.\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-39993" } ], "release_date": "2025-10-15T00:00:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-37810", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: dwc3: gadget: check that event count does not exceed event buffer length\n\nThe event count is read from register DWC3_GEVNTCOUNT.\nThere is a check for the count being zero, but not for exceeding the\nevent buffer length.\nCheck that event count does not exceed event buffer length,\navoiding an out-of-bounds access when memcpy'ing the event.\nCrash log:\nUnable to handle kernel paging request at virtual address ffffffc0129be000\npc : __memcpy+0x114/0x180\nlr : dwc3_check_event_buf+0xec/0x348\nx3 : 0000000000000030 x2 : 000000000000dfc4\nx1 : ffffffc0129be000 x0 : ffffff87aad60080\nCall trace:\n__memcpy+0x114/0x180\ndwc3_interrupt+0x24/0x34", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-37810" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/015c39f38e69a491d2abd5e98869a500a9459b3b", "url": "https://git.kernel.org/stable/c/015c39f38e69a491d2abd5e98869a500a9459b3b" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/52a7c9d930b95aa8b1620edaba4818040c32631f", "url": "https://git.kernel.org/stable/c/52a7c9d930b95aa8b1620edaba4818040c32631f" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/63ccd26cd1f6600421795f6ca3e625076be06c9f", "url": "https://git.kernel.org/stable/c/63ccd26cd1f6600421795f6ca3e625076be06c9f" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/99d655119b870ee60e4dbf310aa9a1ed8d9ede3d", "url": "https://git.kernel.org/stable/c/99d655119b870ee60e4dbf310aa9a1ed8d9ede3d" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a44547015287a19001384fe94dbff84c92ce4ee1", "url": "https://git.kernel.org/stable/c/a44547015287a19001384fe94dbff84c92ce4ee1" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/b43225948b231b3f331194010f84512bee4d9f59", "url": "https://git.kernel.org/stable/c/b43225948b231b3f331194010f84512bee4d9f59" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c0079630f268843a25ed75226169cba40e0d8880", "url": "https://git.kernel.org/stable/c/c0079630f268843a25ed75226169cba40e0d8880" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c4d80e41cb42008dceb35e5dbf52574d93beac0d", "url": "https://git.kernel.org/stable/c/c4d80e41cb42008dceb35e5dbf52574d93beac0d" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html", "url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html", "url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html" } ], "release_date": "2025-05-08T07:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-38416", "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFC: nci: uart: Set tty->disc_data only in success path\n\nSetting tty->disc_data before opening the NCI device means we need to\nclean it up on error paths. This also opens some short window if device\nstarts sending data, even before NCIUARTSETDRIVER IOCTL succeeded\n(broken hardware?). Close the window by exposing tty->disc_data only on\nthe success path, when opening of the NCI device and try_module_get()\nsucceeds.\n\nThe code differs in error path in one aspect: tty->disc_data won't be\never assigned thus NULL-ified. This however should not be relevant\ndifference, because of \"tty->disc_data=NULL\" in nci_uart_tty_open().", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-38416" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/000bfbc6bc334a93fffca8f5aa9583e7b6356cb5", "url": "https://git.kernel.org/stable/c/000bfbc6bc334a93fffca8f5aa9583e7b6356cb5" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/55c3dbd8389636161090a2b2b6d2d709b9602e9c", "url": "https://git.kernel.org/stable/c/55c3dbd8389636161090a2b2b6d2d709b9602e9c" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a514fca2b8e95838a3ba600f31a18fa60b76d893", "url": "https://git.kernel.org/stable/c/a514fca2b8e95838a3ba600f31a18fa60b76d893" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a8acc7080ad55c5402a1b818b3008998247dda87", "url": "https://git.kernel.org/stable/c/a8acc7080ad55c5402a1b818b3008998247dda87" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/ac6992f72bd8e22679c1e147ac214de6a7093c23", "url": "https://git.kernel.org/stable/c/ac6992f72bd8e22679c1e147ac214de6a7093c23" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/dc7722619a9c307e9938d735cf4a2210d3d48dcb", "url": "https://git.kernel.org/stable/c/dc7722619a9c307e9938d735cf4a2210d3d48dcb" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/e9799db771b2d574d5bf0dfb3177485e5f40d4d6", "url": "https://git.kernel.org/stable/c/e9799db771b2d574d5bf0dfb3177485e5f40d4d6" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/fc27ab48904ceb7e4792f0c400f1ef175edf16fe", "url": "https://git.kernel.org/stable/c/fc27ab48904ceb7e4792f0c400f1ef175edf16fe" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html" } ], "release_date": "2025-07-25T14:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-38249", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: usb-audio: Fix out-of-bounds read in snd_usb_get_audioformat_uac3()\n\nIn snd_usb_get_audioformat_uac3(), the length value returned from\nsnd_usb_ctl_msg() is used directly for memory allocation without\nvalidation. This length is controlled by the USB device.\n\nThe allocated buffer is cast to a uac3_cluster_header_descriptor\nand its fields are accessed without verifying that the buffer\nis large enough. If the device returns a smaller than expected\nlength, this leads to an out-of-bounds read.\n\nAdd a length check to ensure the buffer is large enough for\nuac3_cluster_header_descriptor.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-38249" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/0ee87c2814deb5e42921281116ac3abcb326880b", "url": "https://git.kernel.org/stable/c/0ee87c2814deb5e42921281116ac3abcb326880b" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/11e740dc1a2c8590eb7074b5c4ab921bb6224c36", "url": "https://git.kernel.org/stable/c/11e740dc1a2c8590eb7074b5c4ab921bb6224c36" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/24ff7d465c4284529bbfa207757bffb6f44b6403", "url": "https://git.kernel.org/stable/c/24ff7d465c4284529bbfa207757bffb6f44b6403" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/2dc1c3edf67abd30c757f8054a5da61927cdda21", "url": "https://git.kernel.org/stable/c/2dc1c3edf67abd30c757f8054a5da61927cdda21" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/6eb211788e1370af52a245d4d7da35c374c7b401", "url": "https://git.kernel.org/stable/c/6eb211788e1370af52a245d4d7da35c374c7b401" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/74fcb3852a2f579151ce80b9ed96cd916ba0d5d8", "url": "https://git.kernel.org/stable/c/74fcb3852a2f579151ce80b9ed96cd916ba0d5d8" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/c3fb926abe90d86f5e3055e0035f04d9892a118b", "url": "https://git.kernel.org/stable/c/c3fb926abe90d86f5e3055e0035f04d9892a118b" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/fb4e2a6e8f28a3c0ad382e363aeb9cd822007b8a", "url": "https://git.kernel.org/stable/c/fb4e2a6e8f28a3c0ad382e363aeb9cd822007b8a" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html" } ], "release_date": "2025-07-09T11:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2024-56664", "cwe": { "id": "CWE-362", "name": "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, sockmap: Fix race between element replace and close()\n\nElement replace (with a socket different from the one stored) may race\nwith socket's close() link popping & unlinking. __sock_map_delete()\nunconditionally unrefs the (wrong) element:\n\n// set map[0] = s0\nmap_update_elem(map, 0, s0)\n\n// drop fd of s0\nclose(s0)\n sock_map_close()\n lock_sock(sk) (s0!)\n sock_map_remove_links(sk)\n link = sk_psock_link_pop()\n sock_map_unlink(sk, link)\n sock_map_delete_from_link\n // replace map[0] with s1\n map_update_elem(map, 0, s1)\n sock_map_update_elem\n (s1!) lock_sock(sk)\n sock_map_update_common\n psock = sk_psock(sk)\n spin_lock(&stab->lock)\n osk = stab->sks[idx]\n sock_map_add_link(..., &stab->sks[idx])\n sock_map_unref(osk, &stab->sks[idx])\n psock = sk_psock(osk)\n sk_psock_put(sk, psock)\n if (refcount_dec_and_test(&psock))\n sk_psock_drop(sk, psock)\n spin_unlock(&stab->lock)\n unlock_sock(sk)\n __sock_map_delete\n spin_lock(&stab->lock)\n sk = *psk // s1 replaced s0; sk == s1\n if (!sk_test || sk_test == sk) // sk_test (s0) != sk (s1); no branch\n sk = xchg(psk, NULL)\n if (sk)\n sock_map_unref(sk, psk) // unref s1; sks[idx] will dangle\n psock = sk_psock(sk)\n sk_psock_put(sk, psock)\n if (refcount_dec_and_test())\n sk_psock_drop(sk, psock)\n spin_unlock(&stab->lock)\n release_sock(sk)\n\nThen close(map) enqueues bpf_map_free_deferred, which finally calls\nsock_map_free(). This results in some refcount_t warnings along with\na KASAN splat [1].\n\nFix __sock_map_delete(), do not allow sock_map_unref() on elements that\nmay have been replaced.\n\n[1]:\nBUG: KASAN: slab-use-after-free in sock_map_free+0x10e/0x330\nWrite of size 4 at addr ffff88811f5b9100 by task kworker/u64:12/1063\n\nCPU: 14 UID: 0 PID: 1063 Comm: kworker/u64:12 Not tainted 6.12.0+ #125\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Arch Linux 1.16.3-1-1 04/01/2014\nWorkqueue: events_unbound bpf_map_free_deferred\nCall Trace:\n \n dump_stack_lvl+0x68/0x90\n print_report+0x174/0x4f6\n kasan_report+0xb9/0x190\n kasan_check_range+0x10f/0x1e0\n sock_map_free+0x10e/0x330\n bpf_map_free_deferred+0x173/0x320\n process_one_work+0x846/0x1420\n worker_thread+0x5b3/0xf80\n kthread+0x29e/0x360\n ret_from_fork+0x2d/0x70\n ret_from_fork_asm+0x1a/0x30\n \n\nAllocated by task 1202:\n kasan_save_stack+0x1e/0x40\n kasan_save_track+0x10/0x30\n __kasan_slab_alloc+0x85/0x90\n kmem_cache_alloc_noprof+0x131/0x450\n sk_prot_alloc+0x5b/0x220\n sk_alloc+0x2c/0x870\n unix_create1+0x88/0x8a0\n unix_create+0xc5/0x180\n __sock_create+0x241/0x650\n __sys_socketpair+0x1ce/0x420\n __x64_sys_socketpair+0x92/0x100\n do_syscall_64+0x93/0x180\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nFreed by task 46:\n kasan_save_stack+0x1e/0x40\n kasan_save_track+0x10/0x30\n kasan_save_free_info+0x37/0x60\n __kasan_slab_free+0x4b/0x70\n kmem_cache_free+0x1a1/0x590\n __sk_destruct+0x388/0x5a0\n sk_psock_destroy+0x73e/0xa50\n process_one_work+0x846/0x1420\n worker_thread+0x5b3/0xf80\n kthread+0x29e/0x360\n ret_from_fork+0x2d/0x70\n ret_from_fork_asm+0x1a/0x30\n\nThe bu\n---truncated---", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2024-56664" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/6deb9e85dc9a2ba4414b91c1b5b00b8415910890", "url": "https://git.kernel.org/stable/c/6deb9e85dc9a2ba4414b91c1b5b00b8415910890" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/b015f19fedd2e12283a8450dd0aefce49ec57015", "url": "https://git.kernel.org/stable/c/b015f19fedd2e12283a8450dd0aefce49ec57015" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/b79a0d1e9a374d1b376933a354c4fcd01fce0365", "url": "https://git.kernel.org/stable/c/b79a0d1e9a374d1b376933a354c4fcd01fce0365" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/bf2318e288f636a882eea39f7e1015623629f168", "url": "https://git.kernel.org/stable/c/bf2318e288f636a882eea39f7e1015623629f168" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/ed1fc5d76b81a4d681211333c026202cad4d5649", "url": "https://git.kernel.org/stable/c/ed1fc5d76b81a4d681211333c026202cad4d5649" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/fdb2cd8957ac51f84c9e742ba866087944bb834b", "url": "https://git.kernel.org/stable/c/fdb2cd8957ac51f84c9e742ba866087944bb834b" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html", "url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html", "url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html" } ], "release_date": "2024-12-27T15:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-22083", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvhost-scsi: Fix handling of multiple calls to vhost_scsi_set_endpoint\n\nIf vhost_scsi_set_endpoint is called multiple times without a\nvhost_scsi_clear_endpoint between them, we can hit multiple bugs\nfound by Haoran Zhang:\n\n1. Use-after-free when no tpgs are found:\n\nThis fixes a use after free that occurs when vhost_scsi_set_endpoint is\ncalled more than once and calls after the first call do not find any\ntpgs to add to the vs_tpg. When vhost_scsi_set_endpoint first finds\ntpgs to add to the vs_tpg array match=true, so we will do:\n\nvhost_vq_set_backend(vq, vs_tpg);\n...\n\nkfree(vs->vs_tpg);\nvs->vs_tpg = vs_tpg;\n\nIf vhost_scsi_set_endpoint is called again and no tpgs are found\nmatch=false so we skip the vhost_vq_set_backend call leaving the\npointer to the vs_tpg we then free via:\n\nkfree(vs->vs_tpg);\nvs->vs_tpg = vs_tpg;\n\nIf a scsi request is then sent we do:\n\nvhost_scsi_handle_vq -> vhost_scsi_get_req -> vhost_vq_get_backend\n\nwhich sees the vs_tpg we just did a kfree on.\n\n2. Tpg dir removal hang:\n\nThis patch fixes an issue where we cannot remove a LIO/target layer\ntpg (and structs above it like the target) dir due to the refcount\ndropping to -1.\n\nThe problem is that if vhost_scsi_set_endpoint detects a tpg is already\nin the vs->vs_tpg array or if the tpg has been removed so\ntarget_depend_item fails, the undepend goto handler will do\ntarget_undepend_item on all tpgs in the vs_tpg array dropping their\nrefcount to 0. At this time vs_tpg contains both the tpgs we have added\nin the current vhost_scsi_set_endpoint call as well as tpgs we added in\nprevious calls which are also in vs->vs_tpg.\n\nLater, when vhost_scsi_clear_endpoint runs it will do\ntarget_undepend_item on all the tpgs in the vs->vs_tpg which will drop\ntheir refcount to -1. Userspace will then not be able to remove the tpg\nand will hang when it tries to do rmdir on the tpg dir.\n\n3. Tpg leak:\n\nThis fixes a bug where we can leak tpgs and cause them to be\nun-removable because the target name is overwritten when\nvhost_scsi_set_endpoint is called multiple times but with different\ntarget names.\n\nThe bug occurs if a user has called VHOST_SCSI_SET_ENDPOINT and setup\na vhost-scsi device to target/tpg mapping, then calls\nVHOST_SCSI_SET_ENDPOINT again with a new target name that has tpgs we\nhaven't seen before (target1 has tpg1 but target2 has tpg2). When this\nhappens we don't teardown the old target tpg mapping and just overwrite\nthe target name and the vs->vs_tpg array. Later when we do\nvhost_scsi_clear_endpoint, we are passed in either target1 or target2's\nname and we will only match that target's tpgs when we loop over the\nvs->vs_tpg. We will then return from the function without doing\ntarget_undepend_item on the tpgs.\n\nBecause of all these bugs, it looks like being able to call\nvhost_scsi_set_endpoint multiple times was never supported. The major\nuser, QEMU, already has checks to prevent this use case. So to fix the\nissues, this patch prevents vhost_scsi_set_endpoint from being called\nif it's already successfully added tpgs. To add, remove or change the\ntpg config or target name, you must do a vhost_scsi_clear_endpoint\nfirst.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-22083" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/2b34bdc42df047794542f3e220fe989124e4499a", "url": "https://git.kernel.org/stable/c/2b34bdc42df047794542f3e220fe989124e4499a" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/3a19eb3d9818e28f14c818a18dc913344a52ca92", "url": "https://git.kernel.org/stable/c/3a19eb3d9818e28f14c818a18dc913344a52ca92" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/3fd054baf382a426bbf5135ede0fc5673db74d3e", "url": "https://git.kernel.org/stable/c/3fd054baf382a426bbf5135ede0fc5673db74d3e" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/451c72f5e7cf5d339a6410a635cee0825687c3dc", "url": "https://git.kernel.org/stable/c/451c72f5e7cf5d339a6410a635cee0825687c3dc" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/5dd639a1646ef5fe8f4bf270fad47c5c3755b9b6", "url": "https://git.kernel.org/stable/c/5dd639a1646ef5fe8f4bf270fad47c5c3755b9b6" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/63b449f73ab0dcc0ba11ceaa4c5c70bc86ccf03c", "url": "https://git.kernel.org/stable/c/63b449f73ab0dcc0ba11ceaa4c5c70bc86ccf03c" } ], "release_date": "2025-04-16T15:16:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-39891", "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mwifiex: Initialize the chan_stats array to zero\n\nThe adapter->chan_stats[] array is initialized in\nmwifiex_init_channel_scan_gap() with vmalloc(), which doesn't zero out\nmemory. The array is filled in mwifiex_update_chan_statistics()\nand then the user can query the data in mwifiex_cfg80211_dump_survey().\n\nThere are two potential issues here. What if the user calls\nmwifiex_cfg80211_dump_survey() before the data has been filled in.\nAlso the mwifiex_update_chan_statistics() function doesn't necessarily\ninitialize the whole array. Since the array was not initialized at\nthe start that could result in an information leak.\n\nAlso this array is pretty small. It's a maximum of 900 bytes so it's\nmore appropriate to use kcalloc() instead vmalloc().", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-39891" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/05daef0442d28350a1a0d6d0e2cab4a7a91df475", "url": "https://git.kernel.org/stable/c/05daef0442d28350a1a0d6d0e2cab4a7a91df475" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/06616410a3e5e6cd1de5b7cbc668f1a7edeedad9", "url": "https://git.kernel.org/stable/c/06616410a3e5e6cd1de5b7cbc668f1a7edeedad9" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/0e20450829ca3c1dbc2db536391537c57a40fe0b", "url": "https://git.kernel.org/stable/c/0e20450829ca3c1dbc2db536391537c57a40fe0b" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/32c124c9c03aa755cbaf60ef7f76afd918d47659", "url": "https://git.kernel.org/stable/c/32c124c9c03aa755cbaf60ef7f76afd918d47659" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/5285b7009dc1e09d5bb9e05fae82e1a807882dbc", "url": "https://git.kernel.org/stable/c/5285b7009dc1e09d5bb9e05fae82e1a807882dbc" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/9df29aa5637d94d24f7c5f054ef4feaa7b766111", "url": "https://git.kernel.org/stable/c/9df29aa5637d94d24f7c5f054ef4feaa7b766111" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/9eb0118b3470b4d2e4e3bbb1fc088b30c0285d65", "url": "https://git.kernel.org/stable/c/9eb0118b3470b4d2e4e3bbb1fc088b30c0285d65" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/acdf26a912190fc6746e2a890d7d0338190527b4", "url": "https://git.kernel.org/stable/c/acdf26a912190fc6746e2a890d7d0338190527b4" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html", "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html" } ], "release_date": "2025-10-01T08:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2025-37739", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "description", "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: fix to avoid out-of-bounds access in f2fs_truncate_inode_blocks()\n\nsyzbot reports an UBSAN issue as below:\n\n------------[ cut here ]------------\nUBSAN: array-index-out-of-bounds in fs/f2fs/node.h:381:10\nindex 18446744073709550692 is out of range for type '__le32[5]' (aka 'unsigned int[5]')\nCPU: 0 UID: 0 PID: 5318 Comm: syz.0.0 Not tainted 6.14.0-rc3-syzkaller-00060-g6537cfb395f3 #0\nCall Trace:\n \n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n ubsan_epilogue lib/ubsan.c:231 [inline]\n __ubsan_handle_out_of_bounds+0x121/0x150 lib/ubsan.c:429\n get_nid fs/f2fs/node.h:381 [inline]\n f2fs_truncate_inode_blocks+0xa5e/0xf60 fs/f2fs/node.c:1181\n f2fs_do_truncate_blocks+0x782/0x1030 fs/f2fs/file.c:808\n f2fs_truncate_blocks+0x10d/0x300 fs/f2fs/file.c:836\n f2fs_truncate+0x417/0x720 fs/f2fs/file.c:886\n f2fs_file_write_iter+0x1bdb/0x2550 fs/f2fs/file.c:5093\n aio_write+0x56b/0x7c0 fs/aio.c:1633\n io_submit_one+0x8a7/0x18a0 fs/aio.c:2052\n __do_sys_io_submit fs/aio.c:2111 [inline]\n __se_sys_io_submit+0x171/0x2e0 fs/aio.c:2081\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7f238798cde9\n\nindex 18446744073709550692 (decimal, unsigned long long)\n= 0xfffffffffffffc64 (hexadecimal, unsigned long long)\n= -924 (decimal, long long)\n\nIn f2fs_truncate_inode_blocks(), UBSAN detects that get_nid() tries to\naccess .i_nid[-924], it means both offset[0] and level should zero.\n\nThe possible case should be in f2fs_do_truncate_blocks(), we try to\ntruncate inode size to zero, however, dn.ofs_in_node is zero and\ndn.node_page is not an inode page, so it fails to truncate inode page,\nand then pass zeroed free_from to f2fs_truncate_inode_blocks(), result\nin this issue.\n\n\tif (dn.ofs_in_node || IS_INODE(dn.node_page)) {\n\t\tf2fs_truncate_data_blocks_range(&dn, count);\n\t\tfree_from += count;\n\t}\n\nI guess the reason why dn.node_page is not an inode page could be: there\nare multiple nat entries share the same node block address, once the node\nblock address was reused, f2fs_get_node_page() may load a non-inode block.\n\nLet's add a sanity check for such condition to avoid out-of-bounds access\nissue.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2025-37739" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/67e16ccba74dd8de0a7b10062f1e02d77432f573", "url": "https://git.kernel.org/stable/c/67e16ccba74dd8de0a7b10062f1e02d77432f573" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/6ba8b41d0aa4b82f90f0c416cb53fcef9696525d", "url": "https://git.kernel.org/stable/c/6ba8b41d0aa4b82f90f0c416cb53fcef9696525d" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/8b5e5aac44fee122947a269f9034c048e4c295de", "url": "https://git.kernel.org/stable/c/8b5e5aac44fee122947a269f9034c048e4c295de" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/98dbf2af63de0b551082c9bc48333910e009b09f", "url": "https://git.kernel.org/stable/c/98dbf2af63de0b551082c9bc48333910e009b09f" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/a67e1bf03c609a751d1740a1789af25e599966fa", "url": "https://git.kernel.org/stable/c/a67e1bf03c609a751d1740a1789af25e599966fa" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/d7242fd7946d4cba0411effb6b5048ca55125747", "url": "https://git.kernel.org/stable/c/d7242fd7946d4cba0411effb6b5048ca55125747" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/e6494977bd4a83862118a05f57a8df40256951c0", "url": "https://git.kernel.org/stable/c/e6494977bd4a83862118a05f57a8df40256951c0" }, { "category": "external", "summary": "https://git.kernel.org/stable/c/ecc461331604b07cdbdb7360dbdf78471653264c", "url": "https://git.kernel.org/stable/c/ecc461331604b07cdbdb7360dbdf78471653264c" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html", "url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html" }, { "category": "external", "summary": "https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html", "url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html" } ], "release_date": "2025-05-01T13:15:00Z", "remediations": [ { "category": "vendor_fix", "date": "2026-03-06T16:38:19.622404Z", "details": "Details on how to apply the fix are available at: https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097", "product_ids": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ], "url": "https://cve.tuxcare.com/els/releases/CLSA-2026:1772815097" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-buildinfo-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-cloud-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-doc-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.all", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-headers-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-image-unsigned-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-libc-dev-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-modules-extra-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-source-5.4.0-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-generic-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-5.4.0-225-tuxcare.els7-lowlatency-0:5.4.0-225.245.amd64", "Ubuntu-20:linux-tools-common-0:5.4.0-225.245.all", "Ubuntu-20:linux-tools-host-0:5.4.0-225.245.all" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] } ] }