[CLSA-2026:1779375889] kernel: Fix of 95 CVEs
Type:
security
Severity:
Important
Release date:
2026-05-22 09:05:30 UTC
Description:
- perf/x86/intel/uncore: Fix die ID init and look up bugs {CVE-2026-43344} - x86/apic: Disable x2apic on resume if the kernel expects so {CVE-2026-43363} - drm/amdgpu: Fix use-after-free race in VM acquire {CVE-2026-43370} - dm: remove fake timeout to avoid leak request {CVE-2026-43314} - md/bitmap: fix GPF in write_page caused by resize race {CVE-2026-43163} - drm: Account property blob allocations to memcg {CVE-2026-43287} - drm/amdkfd: Fix out-of-bounds write in kfd_event_page_set() {CVE-2026-43206} - Bluetooth: btintel: serialize btintel_hw_error() with hci_req_sync_lock {CVE-2026-31500} - net/sched: Fix backlog accounting in qdisc_dequeue_internal {CVE-2025-39677} - l2tp: avoid one data-race in l2tp_tunnel_del_work() {CVE-2026-23120} - net: fec: Fix possible NPD in fec_enet_phy_reset_after_clk_enable() {CVE-2025-39876} - espintcp: fix skb leaks {CVE-2025-38057} - cpufreq: scpi: Fix null-ptr-deref in scpi_cpufreq_get_rate() {CVE-2025-37829} - tipc: fix NULL pointer dereference in tipc_mon_reinit_self() {CVE-2025-37824} - KVM: x86: Acquire SRCU in KVM_GET_MP_STATE to protect guest memory accesses {CVE-2025-23141} - virtiofs: add filesystem context source name check {CVE-2025-37773} - netlabel: Fix NULL pointer exception caused by CALIPSO on IPv4 sockets {CVE-2025-22063} - ppp: Fix KMSAN uninit-value warning with bpf {CVE-2025-21922} - wifi: cfg80211: regulatory: improve invalid hints checking {CVE-2025-21910} - wifi: ath11k: fix RCU stall while reaping monitor destination ring {CVE-2024-58097} - net/sctp: Prevent autoclose integer overflow in sctp_association_init() {CVE-2024-57938} - ubi: fastmap: Fix duplicate slab cache names while attaching {CVE-2024-53172} - drm/modes: Avoid divide by zero harder in drm_mode_vrefresh() {CVE-2024-56369} - firmware: arm_scpi: Check the DVFS OPP count returned by the firmware {CVE-2024-53157} - vsock: Fix sk_error_queue memory leak {CVE-2024-53118} - mm: fix NULL pointer dereference in alloc_pages_bulk_noprof {CVE-2024-53113} - exec: don't WARN for racy path_noexec check {CVE-2024-50010} - drm/amd/display: Initialize get_bytes_per_element's default to 1 {CVE-2024-49892} - ppp: do not assume bh is held in ppp_channel_bridge_input() {CVE-2024-49946} - drm/amd/display: Skip Recompute DSC Params if no Stream on Link {CVE-2024-47683} - x86/sgx: Fix deadlock in SGX NUMA node search {CVE-2024-49856} - pktgen: use cpus_read_lock() in pg_net_init() {CVE-2024-46681} - nfsd: call cache_put if xdr_reserve_space returns NULL {CVE-2024-47737} - uio_hv_generic: Fix kernel NULL pointer dereference in hv_uio_rescind {CVE-2024-46739} - drm/amd/display: Skip inactive planes within ModeSupportAndSystemConfiguration {CVE-2024-46812} - net/mlx5: Fix bridge mode operations when there are no VFs {CVE-2024-46857} - Input: MT - limit max slots {CVE-2024-45008} - net/mlx5e: SHAMPO, Fix incorrect page release {CVE-2024-46717} - netfilter: ctnetlink: use helper function to calculate expect ID {CVE-2024-44944} - lib: objagg: Fix general protection fault {CVE-2024-43846} - drm/qxl: Add check for drm_cvt_mode {CVE-2024-43829} - mlxsw: spectrum_buffers: Fix memory corruptions on Spectrum-4 systems {CVE-2024-42073} - drm/nouveau: fix null pointer dereference in nouveau_connector_get_modes {CVE-2024-42101} - RDMA/mlx5: Add check for srq max_sge attribute {CVE-2024-40990} - tracing: Build event generation tests only as modules {CVE-2024-41004} - KEYS: trusted: Fix memory leak in tpm2_key_encode() {CVE-2024-36967} - epoll: be better about file lifetimes {CVE-2024-38580} - drm/radeon: fix UBSAN warning in kv_dpm.c {CVE-2024-40988} - RDMA/srpt: Add a check for valid 'mad_agent' pointer {CVE-2023-54274} - x86/hyperv: Disable IBT when hypercall page lacks ENDBR instruction {CVE-2023-54172} - ext4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() {CVE-2024-26772} - iommu/vt-d: Don't issue ATS Invalidation request when device is disconnected {CVE-2024-26891} - dm: don't attempt to queue IO under RCU protection {CVE-2023-53860} - md: fix soft lockup in status_resync {CVE-2023-53620} - spi: qup: Don't skip cleanup in remove's error path {CVE-2023-53567} - md/raid10: prevent soft lockup while flush writes {CVE-2023-53151} - bpf, sockmap: Fix an infinite loop error when len is 0 in tcp_bpf_recvmsg_parser() {CVE-2023-53133} - spi: imx: Don't skip cleanup in remove's error path {CVE-2023-53225} - xsk: Add missing overflow check in xdp_umem_reg {CVE-2023-53080} - wifi: mt76: do not run mt76u_status_worker if the device is not running {CVE-2022-50735} - bpf: Skip task with pid=1 in send_signal_common() {CVE-2023-52992} - scsi: hisi_sas: Set debugfs_dir pointer to NULL after removing debugfs {CVE-2023-52808} - net: openvswitch: fix possible memory leak in ovs_meter_cmd_set() {CVE-2023-52702} - RDMA/irdma: Fix potential NULL-ptr-dereference {CVE-2023-52744} - i2c: designware: Fix handling of real but unexpected device interrupts {CVE-2022-50370} - usb: host: xhci: Fix potential memory leak in xhci_alloc_stream_info() {CVE-2022-50544} - tpm: acpi: Call acpi_put_table() to fix memory leak {CVE-2022-50562} - netdevsim: fix memory leak in nsim_drv_probe() when nsim_dev_resources_register() failed {CVE-2022-50500} - ntb_netdev: Use dev_kfree_skb_any() in interrupt context {CVE-2022-50476} - blk-mq: fix possible memleak when register 'hctx' failed {CVE-2022-50434} - ipvs: fix WARNING in __ip_vs_cleanup_batch() {CVE-2022-49918} - ACPI: APEI: Fix integer overflow in ghes_estatus_pool_init() {CVE-2022-49885} - xen/privcmd: fix error exit of privcmd_ioctl_dm_op() {CVE-2022-49989} - bpftool: Fix NULL pointer dereference when pin {PROG, MAP, LINK} without FILE {CVE-2022-49875} - can: j1939: j1939_send_one(): fix missing CAN header initialization {CVE-2022-49845} - ovl: Use "buf" flexible array for memcpy() destination {CVE-2022-49743} - scsi: scsi_transport_sas: Fix error handling in sas_phy_add() {CVE-2022-49839} - net: bcmgenet: Use stronger register read/writes to assure ordering {CVE-2022-49194} - ima: Fix a potential integer overflow in ima_appraise_measurement {CVE-2022-49643} - net: amd-xgbe: Fix skb data length underflow {CVE-2022-48743} - drm/i915/gt: fix refcount underflow in intel_engine_park_heartbeat {CVE-2026-31656} - octeontx2-pf: fix "UBSAN: shift-out-of-bounds error" {CVE-2025-71137} - ALSA: scarlett2: Fix buffer overflow in config retrieval {CVE-2026-23078} - mailbox: Prevent out-of-bounds access in fw_mbox_index_xlate() {CVE-2026-43281} - net: ipv6: ndisc: fix ndisc_ra_useropt to initialize nduseropt_padX fields to zero to prevent an info-leak {CVE-2026-43040} - netfilter: nf_conntrack_helper: pass helper to expect cleanup {CVE-2026-43027} - Bluetooth: MGMT: validate LTK enc_size on load {CVE-2026-43020} - rxrpc: Fix missing validation of ticket length in non-XDR key preparsing {CVE-2026-31696} - xfs: stop reclaim before pushing AIL during unmount {CVE-2026-31455} - bpf, test_run: Fix alignment problem in bpf_prog_test_run_skb() {CVE-2022-49840} - drivers: base: Free devm resources when unregistering a device {CVE-2023-53596} - ALSA: caiaq: fix stack out-of-bounds read in init_card {CVE-2026-31778} - ata: libata-transport: fix double ata_host_put() in ata_tport_add() {CVE-2022-49826} - tracing: Fix wild-memory-access in register_synth_event() {CVE-2022-49799} - kprobes: Skip clearing aggrprobe's post_handler in kprobe-on-ftrace case {CVE-2022-49779}
Updated packages:
  • bpftool-7.0.0-284.1101.el9_2.tuxcare.11.els1.x86_64.rpm
    sha:9fa2de214c79ca5f690af10802f3647778d65a8768f80eb024ff73708f96aef8
  • kernel-5.14.0-284.1101.el9_2.tuxcare.11.els1.x86_64.rpm
    sha:682dc8d0a11a7e25e1d22ec7a5f676f498341f3500cb04c100ee11a70b30d3a5
  • kernel-abi-stablelists-5.14.0-284.1101.el9_2.tuxcare.11.els1.noarch.rpm
    sha:a8b5573550a649c39b25c2b44105c7abf457424dab61b732ff7bda2060b7dc13
  • kernel-core-5.14.0-284.1101.el9_2.tuxcare.11.els1.x86_64.rpm
    sha:dc7c264ac3d94ebfee357f30759b469d9a566c719ff06a02bde7976d6415a645
  • kernel-cross-headers-5.14.0-284.1101.el9_2.tuxcare.11.els1.x86_64.rpm
    sha:a17f08c182017c45d5397741c15a5ce3068033eb38baf1efb06b725e97e81fca
  • kernel-debug-5.14.0-284.1101.el9_2.tuxcare.11.els1.x86_64.rpm
    sha:e1629e0c6ab4d2d08858fac4f7a4623dc79f22bbd668cc582fd7382fdd195742
  • kernel-debug-core-5.14.0-284.1101.el9_2.tuxcare.11.els1.x86_64.rpm
    sha:345ddd89cf9d48507658681a943ee115a482b06956da93aed82f69e10618012e
  • kernel-debug-devel-5.14.0-284.1101.el9_2.tuxcare.11.els1.x86_64.rpm
    sha:341b7fd6767b1d55b6bc96dce15151434236ad10409b6d70145edd9a797b6b65
  • kernel-debug-devel-matched-5.14.0-284.1101.el9_2.tuxcare.11.els1.x86_64.rpm
    sha:d5020fe9764c0946160ceb37026d2dfb718e21f5fb4772fa83025189271273a6
  • kernel-debug-modules-5.14.0-284.1101.el9_2.tuxcare.11.els1.x86_64.rpm
    sha:4d0baa582c97c542dbbbd45c0faa611660ef6dff05f695875bc0db748c8eaa0a
  • kernel-debug-modules-core-5.14.0-284.1101.el9_2.tuxcare.11.els1.x86_64.rpm
    sha:8ad90a3b027ebca58f9251dd235bf42925b3e95f6a3d03815ac57fc3ee1f4ebf
  • kernel-debug-modules-extra-5.14.0-284.1101.el9_2.tuxcare.11.els1.x86_64.rpm
    sha:6fe44f0f1ffc7bb23ccd566c1f18a125954754a575ca1c0a7062fc2c75ae255d
  • kernel-debug-modules-internal-5.14.0-284.1101.el9_2.tuxcare.11.els1.x86_64.rpm
    sha:1cef4d6ff4db41bc9279359f815f07d1a79254229a9b60efdc1ad8ece83d5556
  • kernel-debug-modules-partner-5.14.0-284.1101.el9_2.tuxcare.11.els1.x86_64.rpm
    sha:764f8088c7aefb3d9602d3225658f4b25944cd92df41bd6cc0a490a739892e71
  • kernel-debug-uki-virt-5.14.0-284.1101.el9_2.tuxcare.11.els1.x86_64.rpm
    sha:b78dc4a70145a0c58ebb5939328e797d64ecff23d14cf9ebcc9537f130703d20
  • kernel-devel-5.14.0-284.1101.el9_2.tuxcare.11.els1.x86_64.rpm
    sha:c01f7b19171a58b313f53efcfc3eb92a012c237cad78ad372e996fed3da8e5a6
  • kernel-devel-matched-5.14.0-284.1101.el9_2.tuxcare.11.els1.x86_64.rpm
    sha:45812ee9285cb4c84f836906659910de02831bd211aa95963cd8741f4f14356a
  • kernel-doc-5.14.0-284.1101.el9_2.tuxcare.11.els1.noarch.rpm
    sha:f50f520d2d695469235a917c24ca54dc4eafe96171bdbbc5da1cf70c76ebe972
  • kernel-headers-5.14.0-284.1101.el9_2.tuxcare.11.els1.x86_64.rpm
    sha:31daec081d509e68267368196c7445863b62b5d4d4c3250a69c9ead87aa3a79a
  • kernel-ipaclones-internal-5.14.0-284.1101.el9_2.tuxcare.11.els1.x86_64.rpm
    sha:cc95106e4129c4e250ff9ab534a520c9889c9e4fe467d234a297abb6a73d89fc
  • kernel-modules-5.14.0-284.1101.el9_2.tuxcare.11.els1.x86_64.rpm
    sha:91aad579f2006e0724ac295cdc3042b20d01f65e005e63f28bef5b0f04cfd944
  • kernel-modules-core-5.14.0-284.1101.el9_2.tuxcare.11.els1.x86_64.rpm
    sha:125a419f7a898b55247edaac43005113788b28e32d7f8c32407818a089b1b1c7
  • kernel-modules-extra-5.14.0-284.1101.el9_2.tuxcare.11.els1.x86_64.rpm
    sha:134ade61a57ebdb3b937b910f59633a55741544db87152f92d76856066593915
  • kernel-modules-internal-5.14.0-284.1101.el9_2.tuxcare.11.els1.x86_64.rpm
    sha:84ef287fff18c6b7bbb183bb16d8b8d26b1ece1403e55aa1df3549041fbffe34
  • kernel-modules-partner-5.14.0-284.1101.el9_2.tuxcare.11.els1.x86_64.rpm
    sha:7a0eef72069f8aeb515a3f0ee607b9bb580b5cad916afbad7d5dbf1f61288780
  • kernel-selftests-internal-5.14.0-284.1101.el9_2.tuxcare.11.els1.x86_64.rpm
    sha:4cc6c3dc92d79c17f73f35e2238cac55cb505966393482a3237a5f3a7387ca53
  • kernel-tools-5.14.0-284.1101.el9_2.tuxcare.11.els1.x86_64.rpm
    sha:52e8ba302721771df19271caa58386d7c6e406f7e80c641a6077e3e4efbf9fff
  • kernel-tools-libs-5.14.0-284.1101.el9_2.tuxcare.11.els1.x86_64.rpm
    sha:3ac2bbbb8d0c496bae2e483cabfd446eb0fc1e39a5cf5a0fd0b92a0eb886d6a3
  • kernel-tools-libs-devel-5.14.0-284.1101.el9_2.tuxcare.11.els1.x86_64.rpm
    sha:5aa0b70ecb98a5450fceb2d86a6865e02afb79c60c10a6cfb57b608f366da28c
  • kernel-uki-virt-5.14.0-284.1101.el9_2.tuxcare.11.els1.x86_64.rpm
    sha:7df16b8f6a579e8e4e3a700e65dad025db2954fd32db140a1d8a22621a8940f1
  • libbpf-1.0.0-2.el9_2.tuxcare.11.els1.i686.rpm
    sha:4503c63d5686f471d82c45ba44ceb040c26d9a1209b8d63529f8e299c5ba2e6a
  • libbpf-1.0.0-2.el9_2.tuxcare.11.els1.x86_64.rpm
    sha:f2a52a903ec1434e983cdf4cbe5903a1c84507c4e01865968227b6ec2daf3db3
  • libbpf-devel-1.0.0-2.el9_2.tuxcare.11.els1.i686.rpm
    sha:b7ccb4b9406dac4cf3e2d0d6d65a0c13200f782b6a65a6bb9f0719b895835bcc
  • libbpf-devel-1.0.0-2.el9_2.tuxcare.11.els1.x86_64.rpm
    sha:f2faf6cc43f7a6222f7c7f7e273a88ec1a44d32fa9eb914908e28e03022cbde3
  • libbpf-static-1.0.0-2.el9_2.tuxcare.11.els1.i686.rpm
    sha:8bf9335a94870023679a58d1c79ef7017da20ad332619a2f8c3d8e03d7c0d91d
  • libbpf-static-1.0.0-2.el9_2.tuxcare.11.els1.x86_64.rpm
    sha:4efc4b27320e03083b6746df3b7e41a36b4adfe03468c30769685523ee7eda69
  • perf-5.14.0-284.1101.el9_2.tuxcare.11.els1.x86_64.rpm
    sha:c4fca8d6d8680f00aaf7362ac7644fe4c5b998fb0568bbe054c8ba1c6e8abdf6
  • python3-perf-5.14.0-284.1101.el9_2.tuxcare.11.els1.x86_64.rpm
    sha:7d2abc38bc60b6352b8b92ab43a0f545e9044fc5fa6b76663e4295f8a9ca0497
  • rtla-5.14.0-284.1101.el9_2.tuxcare.11.els1.x86_64.rpm
    sha:53ebe46127e2cf9e0fd4006506f1e451c90c955b31d972a143809e203d42d5bb
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.