[CLSA-2026:1780562693] kernel: Fix of 111 CVEs
Type:
security
Severity:
Important
Release date:
2026-06-08 18:09:34 UTC
Description:
- fbcon: Fix OOB access in font allocation {CVE-2025-39967} - fbcon: fix integer overflow in fbcon_do_set_font {CVE-2025-39967} - macvlan: observe an RCU grace period in macvlan_common_newlink() error path {CVE-2026-23273} - macvlan: fix error recovery in macvlan_common_newlink() {CVE-2026-23209} - net_sched: sch_sfq: move the limit validation {CVE-2025-37752} - bpf: Fix oob access in cgroup local storage {CVE-2025-38502} - ftrace: Fix possible use-after-free issue in ftrace_location() {CVE-2024-38588} - driver core: enforce device_lock for driver_match_device() {CVE-2026-31688} - scsi: storvsc: Fix scheduling while atomic on PREEMPT_RT {CVE-2026-43475} - unshare: fix unshare_fs() handling {CVE-2026-43472} - netfilter: nfnetlink_queue: fix entry leak in bridge verdict error path {CVE-2026-43451} - nvme-pci: Fix race bug in nvme_poll_irqdisable() {CVE-2026-43448} - e1000/e1000e: Fix leak in DMA error cleanup {CVE-2026-43445} - cgroup: fix race between task migration and iteration {CVE-2026-43439} - ALSA: usb-audio: Check endpoint numbers at parsing Scarlett2 mixer interfaces {CVE-2026-43436} - usb: image: mdc800: kill download URB on timeout {CVE-2026-43425} - tipc: fix divide-by-zero in tipc_sk_filter_connect() {CVE-2026-43411} - nouveau/dpcd: return EBUSY for aux xfer if the device is asleep {CVE-2026-43381} - ext4: avoid allocate block from corrupted group in ext4_mb_find_by_goal() {CVE-2026-43068} - netfilter: x_tables: restrict xt_check_match/xt_check_target extensions for NFPROTO_ARP {CVE-2026-31424} - net/sched: sch_hfsc: fix divide-by-zero in rtsc_min() {CVE-2026-31423} - net/sched: cls_flow: fix NULL pointer dereference on shared blocks {CVE-2026-31422} - net/sched: cls_fw: fix NULL pointer dereference on shared blocks {CVE-2026-31421} - netfilter: ipset: drop logically empty buckets in mtype_del {CVE-2026-31418} - netfilter: nfnetlink_log: account for netlink header size {CVE-2026-31416} - sunrpc: fix cache_request leak in cache_release {CVE-2026-31400} - PM: runtime: Fix a race condition related to device removal {CVE-2026-23452} - net: usb: kaweth: validate USB endpoints {CVE-2026-23312} - nvdimm/bus: Fix potential use after free in asynchronous initialization {CVE-2026-31399} - net: usb: cdc_ncm: add ndpoffset to NDP16 nframes bounds check {CVE-2026-23448} - nvme-pci: Fix slab-out-of-bounds in nvme_dbbuf_set {CVE-2026-43449} - netfilter: nft_set_pipapo: fix stack out-of-bounds read in pipapo_drop() {CVE-2026-43453} - netfilter: nfnetlink_cthelper: fix OOB read in nfnl_cthelper_dump_table() {CVE-2026-43450} - RDMA/umem: Fix double dma_buf_unpin in failure path {CVE-2026-43128} - usbip: validate number_of_packets in usbip_pack_ret_submit() {CVE-2026-31607} - net: mana: fix use-after-free in mana_hwc_destroy_channel() by reordering teardown {CVE-2026-23454} - netfilter: flowtable: account for Ethernet header in nf_flow_pppoe_proto() {CVE-2025-38441} - nvmet: fix memory leak of bio integrity {CVE-2025-38405} - nfs: Clean up /proc/net/rpc/nfs when nfs_fs_proc_net_init() fails. {CVE-2025-38400} - dmaengine: idxd: fix memory leak in error handling path of idxd_alloc {CVE-2025-38015} - bonding: check xdp prog when set bond mode {CVE-2025-22105} - usb: class: cdc-wdm: fix reordering issue in read code path {CVE-2026-43427} - netfilter: nfnetlink_log: fix uninitialized padding leak in NFULA_PAYLOAD {CVE-2026-31428} - netfilter: nf_conntrack_sip: fix use of uninitialized rtp_addr in process_sdp {CVE-2026-31427} - ipv6: avoid overflows in ip6_datagram_send_ctl() {CVE-2026-31415} - net: atm: fix crash due to unvalidated vcc pointer in sigd_send() {CVE-2026-31411} - RDMA/umad: Reject negative data_len in ib_umad_write {CVE-2026-23243} - perf/x86/intel/uncore: Fix die ID init and look up bugs {CVE-2026-43344} - x86/apic: Disable x2apic on resume if the kernel expects so {CVE-2026-43363} - dm: remove fake timeout to avoid leak request {CVE-2026-43314} - drm: Account property blob allocations to memcg {CVE-2026-43287} - HID: magicmouse: Do not crash on missing msc->input {CVE-2026-43140} - drm/amdgpu: fix sync handling in amdgpu_dma_buf_move_notify {CVE-2026-43318} - KVM: nSVM: Remove a user-triggerable WARN on nested_svm_load_cr3() succeeding {CVE-2026-43315} - ACPI: processor: Fix NULL-pointer dereference in acpi_processor_errata_piix4() {CVE-2026-43313} - wifi: rtw88: 8822b: Avoid WARNING in rtw8822b_config_trx_mode() {CVE-2025-71297} - xfrm: always flush state and policy upon NETDEV_UNREGISTER event {CVE-2026-43167} - md/bitmap: fix GPF in write_page caused by resize race {CVE-2026-43163} - HID: logitech-hidpp: Check maxfield in hidpp_get_report_length() {CVE-2026-43136} - net: usb: pegasus: enable basic endpoint checking {CVE-2026-43156} - HID: hid-pl: handle probe errors {CVE-2026-43152} - fbcon: check return value of con2fb_acquire_newinfo() {CVE-2026-43123} - Bluetooth: hci_sync: annotate data-races around hdev->req_status {CVE-2026-43119} - HID: prodikeys: Check presence of pm->input_ep82 {CVE-2026-43251} - net: Drop the lock in skb_may_tx_timestamp() {CVE-2026-43216} - drm/ioc32: stop speculation on the drm_compat_ioctl path {CVE-2026-31781} - vxlan: validate ND option lengths in vxlan_na_create {CVE-2026-31738} - drm/amdgpu: prevent immediate PASID reuse case {CVE-2026-31462} - EFI/CPER: don't go past the ARM processor CPER record buffer {CVE-2026-43266} - gfs2: fiemap page fault fix {CVE-2026-43262} - dm-verity: correctly handle dm_bufio_client_create() failure {CVE-2026-43132} - pstore: ram_core: fix incorrect success return when vmap() fails {CVE-2026-43124} - crypto: af-alg - fix NULL pointer dereference in scatterwalk {CVE-2026-43043} - fix bitmap corruption on close_range() with CLOSE_RANGE_UNSHARE {CVE-2024-45025} - s390: Disable ARCH_WANT_OPTIMIZE_HUGETLB_VMEMMAP {CVE-2025-68179} - sr9700: sanity check for packet length {CVE-2022-26966} - dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() {CVE-2026-23004} - integrity: Fix memory leakage in keyring allocation error path {CVE-2022-50395} - kprobes: don't call disarm_kprobe() for disabled kprobes {CVE-2022-50008} - esp: fix skb leak with espintcp and async crypto {CVE-2026-31518} - net: sched: act_csum: validate nested VLAN headers {CVE-2026-31684} - netfilter: xt_multiport: validate range encoding in checkentry {CVE-2026-31681} - net: use skb_header_pointer() for TCPv4 GSO frag_off check {CVE-2026-43036} - net: sched: cls_api: fix tc_chain_fill_node to initialize tcm_info to zero to prevent an info-leak {CVE-2026-43035} - net: can: j1939: enhanced error handling for tightly received RTS messages in xtp_rx_rts_session_new {CVE-2023-52887} - media: uvcvideo: Fix crash during unbind if gpio unit is in use {CVE-2024-58079} - net: can: j1939: Initialize unused data in j1939_send_one() {CVE-2024-42076} - net: fec: remove .ndo_poll_controller to avoid deadlocks {CVE-2024-38553} - net: rfkill: prevent unlimited numbers of rfkill events from being created {CVE-2026-31670} - bridge: br_nd_send: validate ND option lengths {CVE-2026-31752} - APEI/GHES: ensure that won't go past CPER allocated record {CVE-2026-43277} - ceph: supply snapshot context in ceph_zero_partial_object() {CVE-2026-43273} - netfilter: ctnetlink: zero expect NAT fields when CTA_EXPECT_NAT absent {CVE-2026-43026} - usb: typec: ucsi: Handle incorrect num_connectors capability {CVE-2025-71108} - KVM: x86/mmu: Drop/zap existing present SPTE even when creating an MMIO SPTE {CVE-2026-23401} - can: raw: fix ro->uniq use-after-free in raw_rcv() {CVE-2026-31532} - tracing/hist: Fix out-of-bound write on 'action_data.var_ref_idx' {CVE-2022-50553} - ALSA: usb-audio: Use the right limit for PCM OOB check - ALSA: usb-audio: Prevent excessive number of frames {CVE-2026-23208} - atm: lec: fix use-after-free in sock_def_readable() {CVE-2026-43050} - wifi: mac80211: check tdls flag in ieee80211_tdls_oper {CVE-2026-43052} - Bluetooth: MGMT: validate LTK enc_size on load {CVE-2026-43020} - net: ipv6: ndisc: fix ndisc_ra_useropt to initialize nduseropt_padX fields to zero to prevent an info-leak {CVE-2026-43040} - netfilter: nf_conntrack_helper: pass helper to expect cleanup {CVE-2026-43027} - mm/kasan: fix double free for kasan pXds {CVE-2026-31686} - ext4: convert inline data to extents when truncate exceeds inline size {CVE-2026-31452} - rxrpc: Fix missing validation of ticket length in non-XDR key preparsing {CVE-2026-31696} - xfs: stop reclaim before pushing AIL during unmount {CVE-2026-31455} - ALSA: 6fire: fix use-after-free on disconnect {CVE-2026-31581} - scsi: qla2xxx: Fix bsg_done() causing double free {CVE-2025-71238} - iommufd: Fix race during abort for file descriptors {CVE-2025-39966} - HID: logitech-hidpp: Prevent use-after-free on force feedback initialisation failure {CVE-2026-43049}
CVEs fixed:
Updated packages:
  • kernel-5.14.0-570.62.1.el9_6.tuxcare.5.els3.x86_64.rpm
    sha:0fb44287acd4a19723fab4bfef42b6a4c54b4bb5448e8673e6c1f1e83dfe6b5e
  • kernel-abi-stablelists-5.14.0-570.62.1.el9_6.tuxcare.5.els3.noarch.rpm
    sha:6da9ad8f8882fab9a51d2b8fb4d89bad6d1326ee245eade82348ef488ee8aaba
  • kernel-core-5.14.0-570.62.1.el9_6.tuxcare.5.els3.x86_64.rpm
    sha:ccefe5f9333b80c2993deac37b33f03f5daee2faa7344a58844067ab1ea8d065
  • kernel-cross-headers-5.14.0-570.62.1.el9_6.tuxcare.5.els3.x86_64.rpm
    sha:c62996dda54adf31719dd7495ce1ae13a089d3669f9f721a3f608836509cece9
  • kernel-debug-5.14.0-570.62.1.el9_6.tuxcare.5.els3.x86_64.rpm
    sha:70f621fb590f56751efb52e94585e5d260929667007f67c7daa0a891e298bb9d
  • kernel-debug-core-5.14.0-570.62.1.el9_6.tuxcare.5.els3.x86_64.rpm
    sha:15e3d981b47c46c5a30dbab1f241114940f268c6ae751bafada5c51a22f93ae8
  • kernel-debug-devel-5.14.0-570.62.1.el9_6.tuxcare.5.els3.x86_64.rpm
    sha:fcd5298cc676a0e5fa5f92d43974d755fedd409aa1db60dd9e929d698808c48e
  • kernel-debug-devel-matched-5.14.0-570.62.1.el9_6.tuxcare.5.els3.x86_64.rpm
    sha:c9948405e390e5a6204aaad7ec7e9cc19650a1a3a479786e4c112aa3752488f1
  • kernel-debug-modules-5.14.0-570.62.1.el9_6.tuxcare.5.els3.x86_64.rpm
    sha:a3bd0574770d9425b0ab9e42549324608e31f2f71609f334e8c73d17f93904fd
  • kernel-debug-modules-core-5.14.0-570.62.1.el9_6.tuxcare.5.els3.x86_64.rpm
    sha:4ad9f87ef5a4ef0a42420d5b5b628f25098df3249ddc668034acdd86b3e7ff50
  • kernel-debug-modules-extra-5.14.0-570.62.1.el9_6.tuxcare.5.els3.x86_64.rpm
    sha:a9066d9a227c5bdfd43e3e3e9240a1064ffc40d7f98621646490a9a6d87fb9ea
  • kernel-debug-modules-internal-5.14.0-570.62.1.el9_6.tuxcare.5.els3.x86_64.rpm
    sha:fd7592e261b9937199dd8108c7be5ec932e5c38536b0edc6d188347f026f6dd7
  • kernel-debug-modules-partner-5.14.0-570.62.1.el9_6.tuxcare.5.els3.x86_64.rpm
    sha:ad72a48cb39be7c0c01eb797c1c177107d016cb47ad0ea697505c9e8478c72c6
  • kernel-debug-uki-virt-5.14.0-570.62.1.el9_6.tuxcare.5.els3.x86_64.rpm
    sha:351f27f5b9d9dc06d4b904ab2ef2fe208f66536cdd0580d0567eccfd3b5d34be
  • kernel-debug-uki-virt-addons-5.14.0-570.62.1.el9_6.tuxcare.5.els3.x86_64.rpm
    sha:269c1fbdbd55aac17acdf4bcc238e683504edf7b5864b03b61c7ac4f698862e7
  • kernel-devel-5.14.0-570.62.1.el9_6.tuxcare.5.els3.x86_64.rpm
    sha:80aa688de6dd1f6950fae4d47d63f68f860f1b2995c7c72c42bbfae62da158a0
  • kernel-devel-matched-5.14.0-570.62.1.el9_6.tuxcare.5.els3.x86_64.rpm
    sha:6d507bab6e68ded41a3293b8aa639cd3db348d07eb4616dabcce07694e06f532
  • kernel-doc-5.14.0-570.62.1.el9_6.tuxcare.5.els3.noarch.rpm
    sha:1f90ba17bed3bf1104e14e6fffc5052f02beb266118902d0da414a38d5a65502
  • kernel-headers-5.14.0-570.62.1.el9_6.tuxcare.5.els3.x86_64.rpm
    sha:54889a949a7f667750896a798932d11619ca1119579cb8a8f00adab7485f454e
  • kernel-ipaclones-internal-5.14.0-570.62.1.el9_6.tuxcare.5.els3.x86_64.rpm
    sha:ab75898fc0cd5af4b80352920db9d7f4340ac2f8c5fb4d74eaef254290f16f4c
  • kernel-modules-5.14.0-570.62.1.el9_6.tuxcare.5.els3.x86_64.rpm
    sha:847bcfca29606143909dbfb3c8f2a69000d32e1bb5f52db567fa7d7ee245a233
  • kernel-modules-core-5.14.0-570.62.1.el9_6.tuxcare.5.els3.x86_64.rpm
    sha:d9dfa1f28fbb6520693c9359a15da78459289d680b9de5d2b6d0e3860890396a
  • kernel-modules-extra-5.14.0-570.62.1.el9_6.tuxcare.5.els3.x86_64.rpm
    sha:2792d38933f8569fc04bd30ae40a0c5c888e4e91fbb9042a1590e36a9ba3e76c
  • kernel-modules-internal-5.14.0-570.62.1.el9_6.tuxcare.5.els3.x86_64.rpm
    sha:6b38dacfda671774b5a498a4a0a0e0c5e6afa1a3004187809fc5914a4b1c27c4
  • kernel-modules-partner-5.14.0-570.62.1.el9_6.tuxcare.5.els3.x86_64.rpm
    sha:1d3843e6958d117289af98f6a5b44a7f0adc581f94d2ecea82e314513cf0afec
  • kernel-rt-5.14.0-570.62.1.el9_6.tuxcare.5.els3.x86_64.rpm
    sha:248a28e07fbaf1928c23f67eb2d8d049d323848b59266518c108d15b8e7ae2dd
  • kernel-rt-core-5.14.0-570.62.1.el9_6.tuxcare.5.els3.x86_64.rpm
    sha:ea6604607336fc48714876410bedcf1f04e2922cb8f13f64c0b5a19c81984397
  • kernel-rt-debug-5.14.0-570.62.1.el9_6.tuxcare.5.els3.x86_64.rpm
    sha:2f440c5de60fc2f35458c047f718726c013565bfdf8d4b5478e3975c136a59e4
  • kernel-rt-debug-core-5.14.0-570.62.1.el9_6.tuxcare.5.els3.x86_64.rpm
    sha:48869b81bc166ce1895af99c2a4ba8ce80f784a217d7f45d6a288bd28749817d
  • kernel-rt-debug-devel-5.14.0-570.62.1.el9_6.tuxcare.5.els3.x86_64.rpm
    sha:668353d2ffd0d53867e43c8fc2a34b6f5d45b6808161da15fc5a52a8e905de4d
  • kernel-rt-debug-devel-matched-5.14.0-570.62.1.el9_6.tuxcare.5.els3.x86_64.rpm
    sha:d575185d383389410a288615a854821372bd8c57c944eaf29faa47bc08d48b54
  • kernel-rt-debug-kvm-5.14.0-570.62.1.el9_6.tuxcare.5.els3.x86_64.rpm
    sha:5f1cba4ad620144e8538d2cf0309b9c1033d6ac666e52e564d476ac74f855a51
  • kernel-rt-debug-modules-5.14.0-570.62.1.el9_6.tuxcare.5.els3.x86_64.rpm
    sha:fbfda4653b793edebca0c08eb535b727f53fb93d597a6a8682c872567c899201
  • kernel-rt-debug-modules-core-5.14.0-570.62.1.el9_6.tuxcare.5.els3.x86_64.rpm
    sha:a6ec1db8930f50668c4b1877ea6a4ea2da7ee96c342b49e5a1ab22d5667cc99c
  • kernel-rt-debug-modules-extra-5.14.0-570.62.1.el9_6.tuxcare.5.els3.x86_64.rpm
    sha:bcdf8dd7e513ed931a4ea722c7989dcffce85649dab8c4724b610f77671286b7
  • kernel-rt-debug-modules-internal-5.14.0-570.62.1.el9_6.tuxcare.5.els3.x86_64.rpm
    sha:91016d17363795848013eabac91c424986c93df38e8dcc27f355c77739b5dce4
  • kernel-rt-debug-modules-partner-5.14.0-570.62.1.el9_6.tuxcare.5.els3.x86_64.rpm
    sha:bd65e4d872b27bea26440b958078ec2622eccfad2b8036cfe2410c7edaab8f96
  • kernel-rt-devel-5.14.0-570.62.1.el9_6.tuxcare.5.els3.x86_64.rpm
    sha:66a3cb6f279eaa13c1c77b2ce081882ea926d87045610fe68fe1d8055cad51da
  • kernel-rt-devel-matched-5.14.0-570.62.1.el9_6.tuxcare.5.els3.x86_64.rpm
    sha:68acbf088770e95b8f85db9f5a4dfffa069e0a042a77744f3fb2bed23cb60710
  • kernel-rt-kvm-5.14.0-570.62.1.el9_6.tuxcare.5.els3.x86_64.rpm
    sha:67ce0d5a8f706272ce764327ac6ab9c6b09b9bdd9970590def041b755b0eefc2
  • kernel-rt-modules-5.14.0-570.62.1.el9_6.tuxcare.5.els3.x86_64.rpm
    sha:47d0dba29f06e6ee438792e83c5a7f9a5c8e7304c53f490d41a5072f9612c68c
  • kernel-rt-modules-core-5.14.0-570.62.1.el9_6.tuxcare.5.els3.x86_64.rpm
    sha:956be1621179604db06a1a6a5ce9c72e29ae8407bdee9ceb92f7da46fb69bb3d
  • kernel-rt-modules-extra-5.14.0-570.62.1.el9_6.tuxcare.5.els3.x86_64.rpm
    sha:30a8b16ba9909bb65d7d87d0112e749d8d55b39deb168b00d8655d8af9fd3c11
  • kernel-rt-modules-internal-5.14.0-570.62.1.el9_6.tuxcare.5.els3.x86_64.rpm
    sha:4e49df181a99b073ae963ff8f9ec858d1718cfbe9aa9ea8eca55fdf75bfbd545
  • kernel-rt-modules-partner-5.14.0-570.62.1.el9_6.tuxcare.5.els3.x86_64.rpm
    sha:cb3c184b168cdfce4479e0b9f160a1237ee4b2223a79ba2cefbe123e557b37f5
  • kernel-selftests-internal-5.14.0-570.62.1.el9_6.tuxcare.5.els3.x86_64.rpm
    sha:6261283299687ee6f015a135e666faddcf94cb2489b8e216571b624898262435
  • kernel-tools-5.14.0-570.62.1.el9_6.tuxcare.5.els3.x86_64.rpm
    sha:cd2590f29e48895e17456892def80ba98ffc6bf35bf783a24e5fc8ad7b5ba9b8
  • kernel-tools-libs-5.14.0-570.62.1.el9_6.tuxcare.5.els3.x86_64.rpm
    sha:6fb2d87f5c12719640266ce42414cff6fe1bcd6c89d7f1aabfed586b5d1567b9
  • kernel-tools-libs-devel-5.14.0-570.62.1.el9_6.tuxcare.5.els3.x86_64.rpm
    sha:013a03772306d400c0dd939a90b6da092d3f49df803020f445d6989f57e534c8
  • kernel-uki-virt-5.14.0-570.62.1.el9_6.tuxcare.5.els3.x86_64.rpm
    sha:6e17ec668dcefae143a770b68c554d796c99af38483e29e24f9328dee9a40d75
  • kernel-uki-virt-addons-5.14.0-570.62.1.el9_6.tuxcare.5.els3.x86_64.rpm
    sha:0e129181b6a7e8c9edc86f6585cfa5f38681c2956eb7e8f0e31a2d2a17f7d55d
  • libperf-5.14.0-570.62.1.el9_6.tuxcare.5.els3.x86_64.rpm
    sha:3030767824e63745fc8814e28ee92c89c4c27ffc5b2b2f6093918cf1be2da6ba
  • libperf-devel-5.14.0-570.62.1.el9_6.tuxcare.5.els3.x86_64.rpm
    sha:f823b43b42b275d99b0d42ec855d0e13f1070471318a4e0d1beecf0f8ad1710b
  • perf-5.14.0-570.62.1.el9_6.tuxcare.5.els3.x86_64.rpm
    sha:cbc9830565aa605d02ecd2385583f0d2e209d80dffd028fa9f4a7fd3445c8377
  • python3-perf-5.14.0-570.62.1.el9_6.tuxcare.5.els3.x86_64.rpm
    sha:653df21ea01f8a17f8028798e7a08c78c3d80dec5b0495931fbf87b13b7951b4
  • rtla-5.14.0-570.62.1.el9_6.tuxcare.5.els3.x86_64.rpm
    sha:d150b074bb0a27e497ec1b4bc752b9820f620646fa3a965ed1e5812228e00c27
  • rv-5.14.0-570.62.1.el9_6.tuxcare.5.els3.x86_64.rpm
    sha:8965d6350471077049ce18fdb047038e46330e76db666f02268bed5f3dabe132
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.