CLSA-2026:1781344094

[CLSA-2026:1781344094] kernel: Fix of 93 CVEs

Type:

security

Severity:

Important

Release date:

2026-06-13 09:53:26 UTC

Description:

- irqchip: Fix refcount leak in platform_irqchip_probe {CVE-2023-53610}
- IB/hfi1: Fix a memleak in init_credit_return {CVE-2024-26839}
- RDMA/irdma: Fix kernel stack leak in irdma_create_user_ah() {CVE-2026-23335}
- wifi: brcmfmac: validate bsscfg indices in IF events {CVE-2026-43110}
- wifi: rtlwifi: 8192cu: fix tid out of range in rtl92cu_tx_fill_desc() {CVE-2025-71100}
- RDMA/core: always drop device refcount in ib_del_sub_device_and_put() {CVE-2025-71157}
- drm/amdgpu: Fix potential NULL pointer dereference in atomctrl_get_smc_sclk_range_table {CVE-2024-58052}
- ionic: Fix netdev notifier unregister on failure {CVE-2024-56715}
- uio_hv_generic: Fix kernel NULL pointer dereference in hv_uio_rescind {CVE-2024-46739}
- netfilter: xt_tcpmss: check remaining length before reading optlen {CVE-2026-43190}
- usb: typec: altmodes/displayport: do not index invalid pin_assignments {CVE-2025-38391}
- crypto: lib/mpi - Fix unexpected pointer access in mpi_ec_init {CVE-2023-52616}
- eventpoll: defer struct eventpoll free to RCU grace period {CVE-2026-43074}
- wifi: brcmsmac: Fix dma_free_coherent() size {CVE-2026-31661}
- SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf {CVE-2025-71120}
- netfilter: nf_conntrack_expect: skip expectations in other netns via proc {CVE-2026-31496}
- platform/x86: dell-wmi-sysman: Don't hex dump plaintext password data {CVE-2026-23370}
- crypto: bcm - add error check in the ahash_hmac_init function {CVE-2024-56681}
- nvme-pci: ensure we're polling a polled queue {CVE-2026-31523}
- mmc: vub300: fix NULL-deref on disconnect {CVE-2026-31651}
- kernel/irq/irqdomain.c: fix memory leak with using debugfs_lookup() {CVE-2023-52936}
- ipmi: ipmb: Add check devm_kasprintf() returned value {CVE-2024-58051}
- net: usb: pegasus: fix memory leak in update_eth_regs_async() {CVE-2026-23021}
- ASoC: amd: fix memory leak in acp3x pdm dma ops {CVE-2026-23190}
- udp: Deal with race between UDP socket address change and rehash {CVE-2024-57974}
- team: avoid NETDEV_CHANGEMTU event when unregistering slave {CVE-2026-43234}
- tcp: secure_seq: add back ports to TS offset {CVE-2026-23247}
- udp: Fix wildcard bind conflict check when using hash2 {CVE-2026-31503}
- netfilter: nft_set_pipapo: prevent overflow in lookup table allocation {CVE-2025-38162}
- rxrpc: Fix recv-recv race of completed call {CVE-2025-38524}
- netfilter: nf_tables: reject duplicate device on updates {CVE-2025-38678}
- nf_tables: nft_dynset: fix possible stateful expression memleak in error path {CVE-2026-23399}
- crypto: af_alg - limit RX SG extraction by receive buffer budget {CVE-2026-31677}
- xfrm: account XFRMA_IF_ID in aevent size calculation {CVE-2026-43107}
- KVM: x86: Load DR6 with guest value only before entering .vcpu_run() loop {CVE-2025-21839}
- perf: Fix sample vs do_exit() {CVE-2025-38424}
- netfilter: nf_tables: avoid chain re-validation if possible {CVE-2025-71160}
- ksm: use range-walk function to jump over holes in scan_get_next_rmap_item {CVE-2025-68211}
- net: vlan: fix VLAN 0 refcount imbalance of toggling filtering during runtime {CVE-2025-38470}
- net: add proper RCU protection to /proc/net/ptype {CVE-2026-23255}
- ALSA: ctxfi: Check the error for index mapping {CVE-2026-31777}
- rseq: Fix segfault on registration when rseq_cs is non-zero {CVE-2025-38067}
- RDMA/core: Don't expose hw_counters outside of init net namespace {CVE-2025-22089}
- net/mlx5e: Don't store mlx5e_priv in mlx5e_dev devlink priv {CVE-2026-22996}
- Input: synaptics - fix crash when enabling pass-through port {CVE-2025-21746}
- wireguard: device: use exit_rtnl callback instead of manual rtnl_lock in pre_exit {CVE-2026-31579}
- ptp: remove ptp->n_vclocks check logic in ptp_vclock_in_use() {CVE-2025-38305}
- driver core: fix potential NULL pointer dereference in dev_uevent() {CVE-2025-37800}
- dm: fix NULL pointer dereference in __dm_suspend() {CVE-2025-40134}
- net: let net.core.dev_weight always be non-zero {CVE-2025-21806}
- exec: don't WARN for racy path_noexec check {CVE-2024-50010}
- tracing: Fix potential deadlock in cpu hotplug with osnoise {CVE-2026-31480}
- wifi: mac80211: Discard Beacon frames to non-broadcast address {CVE-2025-71127}
- xfs: factor out xfs_attr3_node_entry_remove
- ACPI: battery: Fix possible crash when unregistering a battery hook {CVE-2024-49955}
- serial: core: fix infinite loop in handle_tx() for PORT_UNKNOWN {CVE-2026-23472}
- drm/amdgpu: Limit BO list entry count to prevent resource exhaustion {CVE-2026-23468}
- i2c: designware: use casting of u64 in clock multiplication to avoid overflow {CVE-2022-49749}
- afs: Fix lock recursion {CVE-2024-53090}
- HID: wacom: fix when get product name maybe null pointer {CVE-2024-56629}
- vsock/virtio: cap TX credit to local buffer size {CVE-2026-23086}
- vsock/virtio: fix potential underflow in virtio_transport_get_credit() {CVE-2026-23069}
- bpf: Reject narrower access to pointer ctx fields {CVE-2025-38591}
- sched/task_stack: fix object_is_on_stack() for KASAN tagged pointers {CVE-2024-53128}
- atm: clip: Fix NULL pointer dereference in vcc_sendmsg() {CVE-2025-38458}
- tracing: Fix null pointer dereference in tracing_err_log_open() {CVE-2023-53167}
- bpf: Do not include stack ptr register in precision backtracking bookkeeping {CVE-2025-38279}
- ipv6: fix NULL pointer deref in ip6_rt_get_dev_rcu() {CVE-2026-23304}
- net: annotate data-races around sk->sk_{data_ready,write_space} {CVE-2026-23302}
- net: ipv6: fix panic when IPv4 route references loopback IPv6 nexthop {CVE-2026-23300}
- net: vxlan: fix nd_tbl NULL dereference when IPv6 is disabled {CVE-2026-23293}
- net: usb: pegasus: validate USB endpoints {CVE-2026-23290}
- rxrpc: Fix missing locking causing hanging calls {CVE-2024-50294}
- cpufreq: governor: fix double free in cpufreq_dbs_governor_init() error path {CVE-2026-43328}
- mm/page_alloc: clear page->private in free_pages_prepare() {CVE-2026-43303}
- can: ems_usb: ems_usb_read_bulk_callback(): check the proper length of a message {CVE-2026-23307}
- drm/amd/display: Increase block_sequence array size {CVE-2025-38080}
- smb: client: Don't log plaintext credentials in cifs_set_cifscreds {CVE-2026-23303}
- ext4: fix iloc.bh leak in ext4_fc_replay_inode() error paths {CVE-2026-43066}
- atm: lec: fix null-ptr-deref in lec_arp_clear_vccs {CVE-2026-23286}
- smb: client: validate the whole DACL before rewriting it in cifsacl {CVE-2026-31709}
- KVM: arm64: vgic-its: Drop the translation cache reference only for the erased entry {CVE-2026-46316}
- block: Remove queue freezing from several sysfs store callbacks {CVE-2025-71117}
- mptcp: fallback earlier on simult connection {CVE-2025-71088}
- mm/damon/reclaim: avoid divide-by-zero in damon_reclaim_apply_parameters() {CVE-2025-39916}
- neighbour: use RCU protection in __neigh_notify() {CVE-2025-21763}
- kernel: be more careful about dup_mmap() failures and uprobe registering {CVE-2025-21709}
- bridge: mcast: Fix use-after-free during router port configuration {CVE-2025-38248}
- mptcp: fix slab-use-after-free in __inet_lookup_established {CVE-2026-31669}
- xfrm: hold dev ref until after transport_finish NF_HOOK {CVE-2026-31663}
- xfrm: hold device only for the asynchronous decryption {CVE-2026-31663}
- xfrm_user: fix info leak in build_mapping() {CVE-2026-43089}
- netfilter: nfnetlink_log: initialize nfgenmsg in NLMSG_DONE terminator {CVE-2026-43085}
- l2tp: Drop large packets with UDP encap {CVE-2026-43080}
- perf/x86/intel/uncore: Skip discovery table for offline dies {CVE-2026-43079}
- KVM: SEV: Drop WARN on large size for KVM_MEMORY_ENCRYPT_REG_REGION {CVE-2026-31590}

CVEs fixed:

CVE-2022-49749
CVE-2023-52616
CVE-2023-52936
CVE-2023-53167
CVE-2023-53610
CVE-2024-26839
CVE-2024-46739
CVE-2024-49955
CVE-2024-50010
CVE-2024-50294
CVE-2024-53090
CVE-2024-53128
CVE-2024-56629
CVE-2024-56681
CVE-2024-56715
CVE-2024-57974
CVE-2024-58051
CVE-2024-58052
CVE-2025-21709
CVE-2025-21746
CVE-2025-21763
CVE-2025-21806
CVE-2025-21839
CVE-2025-22089
CVE-2025-37800
CVE-2025-38067
CVE-2025-38080
CVE-2025-38162
CVE-2025-38248
CVE-2025-38279
CVE-2025-38305
CVE-2025-38391
CVE-2025-38424
CVE-2025-38458
CVE-2025-38470
CVE-2025-38524
CVE-2025-38591
CVE-2025-38678
CVE-2025-39916
CVE-2025-40134
CVE-2025-68211
CVE-2025-71088
CVE-2025-71100
CVE-2025-71117
CVE-2025-71120
CVE-2025-71127
CVE-2025-71157
CVE-2025-71160
CVE-2026-22996
CVE-2026-23021
CVE-2026-23069
CVE-2026-23086
CVE-2026-23190
CVE-2026-23247
CVE-2026-23255
CVE-2026-23286
CVE-2026-23290
CVE-2026-23293
CVE-2026-23300
CVE-2026-23302
CVE-2026-23303
CVE-2026-23304
CVE-2026-23307
CVE-2026-23335
CVE-2026-23370
CVE-2026-23399
CVE-2026-23468
CVE-2026-23472
CVE-2026-31480
CVE-2026-31496
CVE-2026-31503
CVE-2026-31523
CVE-2026-31579
CVE-2026-31590
CVE-2026-31651
CVE-2026-31661
CVE-2026-31663
CVE-2026-31669
CVE-2026-31677
CVE-2026-31709
CVE-2026-31777
CVE-2026-43066
CVE-2026-43074
CVE-2026-43079
CVE-2026-43080
CVE-2026-43085
CVE-2026-43089
CVE-2026-43107
CVE-2026-43110
CVE-2026-43190
CVE-2026-43234
CVE-2026-43303
CVE-2026-43328

Updated packages:

kernel-5.14.0-570.62.1.el9_6.tuxcare.5.els4.x86_64.rpm
sha:5eb3dab416be8e69d53468c6751ec115cc38055c1fb91f80eed8107cfa8b7682
kernel-abi-stablelists-5.14.0-570.62.1.el9_6.tuxcare.5.els4.noarch.rpm
sha:25a11455b492eceb2c1d59a4018c407aefb7106b2b023adf4533661fa39d2a54
kernel-core-5.14.0-570.62.1.el9_6.tuxcare.5.els4.x86_64.rpm
sha:894c0d2e4144c7b90a3758c6b6a64a8e5dc7d6419552741f7f0e101fa702640d
kernel-cross-headers-5.14.0-570.62.1.el9_6.tuxcare.5.els4.x86_64.rpm
sha:9ccc313fea6dc29c2ee2a13d37301a58c877a0584e5caae5e089860f2da05596
kernel-debug-5.14.0-570.62.1.el9_6.tuxcare.5.els4.x86_64.rpm
sha:2ca41514e70eb949e49aededb8364588e258534990ddefae3719e265f0532ce8
kernel-debug-core-5.14.0-570.62.1.el9_6.tuxcare.5.els4.x86_64.rpm
sha:ca69a587469d25ce1cc3b0939495473918015a1880c1e268b7634368c493f194
kernel-debug-devel-5.14.0-570.62.1.el9_6.tuxcare.5.els4.x86_64.rpm
sha:597de6366f7ca91e54e8f8396035e3dc28b550509ea640e88f4ad96799cf3c57
kernel-debug-devel-matched-5.14.0-570.62.1.el9_6.tuxcare.5.els4.x86_64.rpm
sha:6795067c2b1abfa9b6f25826bfc33fe0f4ec9d36319d0eec98c8da5eb36d4130
kernel-debug-modules-5.14.0-570.62.1.el9_6.tuxcare.5.els4.x86_64.rpm
sha:ea708aff8ac1b90dbf74a6267f70aa86a01ab10d8146fdb0213d4401db8cc149
kernel-debug-modules-core-5.14.0-570.62.1.el9_6.tuxcare.5.els4.x86_64.rpm
sha:c04d6216a34a5af92b8f309bb1f4b72b7309ac7d0203a1fbd4884d191ed11746
kernel-debug-modules-extra-5.14.0-570.62.1.el9_6.tuxcare.5.els4.x86_64.rpm
sha:8dd1eb5897682e7ba848371062f7213c2a732385b527b42edddd0cb6ce18079e
kernel-debug-modules-internal-5.14.0-570.62.1.el9_6.tuxcare.5.els4.x86_64.rpm
sha:fb7a5a0d76d1a668efcd4102b3e14dfccebe2b30ebdfdb1b59e35f8f6c7770db
kernel-debug-modules-partner-5.14.0-570.62.1.el9_6.tuxcare.5.els4.x86_64.rpm
sha:bcafd8bf48c01dbf14856f7290c9ec4c5b348a434856228a3ec56f5453a91f5e
kernel-debug-uki-virt-5.14.0-570.62.1.el9_6.tuxcare.5.els4.x86_64.rpm
sha:e8c280d3678ede96754c76564bd9b284f121a93bbfc32df78486a82d720e21d1
kernel-debug-uki-virt-addons-5.14.0-570.62.1.el9_6.tuxcare.5.els4.x86_64.rpm
sha:e3f6ec51e2122366b80cdd6f254d73bb9feca0475b99d981a92b7175348da9ff
kernel-devel-5.14.0-570.62.1.el9_6.tuxcare.5.els4.x86_64.rpm
sha:b13f5e1101176b5765a83082ad9b9ec535f5d7ad64eb3bb6752e17c52c82caac
kernel-devel-matched-5.14.0-570.62.1.el9_6.tuxcare.5.els4.x86_64.rpm
sha:b6753123e76abff58ec8d58f7abc9797d30c700ad43ac04707db600655a4ced0
kernel-doc-5.14.0-570.62.1.el9_6.tuxcare.5.els4.noarch.rpm
sha:c188501e1f0b57f785244b33f9b6ea9f8e81cec5ca55d605080b17932805fe89
kernel-headers-5.14.0-570.62.1.el9_6.tuxcare.5.els4.x86_64.rpm
sha:342a3effaf1cd820a6ae95394c2bdcc74e890b06c6eb5a4b8828f478e2138a61
kernel-ipaclones-internal-5.14.0-570.62.1.el9_6.tuxcare.5.els4.x86_64.rpm
sha:d677df7381602cd3ad9055b49367a593e685260e1c7fdc9fda27399873bbccae
kernel-modules-5.14.0-570.62.1.el9_6.tuxcare.5.els4.x86_64.rpm
sha:37e131d15fc7e21ab25d65a5ed789a66b728d0b9ab4a4cab6cbbbd5dd9002098
kernel-modules-core-5.14.0-570.62.1.el9_6.tuxcare.5.els4.x86_64.rpm
sha:43061391136cbe2a1ebeeb6dbbfe10759e9a3fc70835553585b338e9f227c95d
kernel-modules-extra-5.14.0-570.62.1.el9_6.tuxcare.5.els4.x86_64.rpm
sha:5be975665a7061b2cb240a38bb55fd80fc4836679acccaad57493cde65628bd2
kernel-modules-internal-5.14.0-570.62.1.el9_6.tuxcare.5.els4.x86_64.rpm
sha:12d9051cc594948e3243f99fe6e072d2104caae8eb95a8fe42f9136ccc645935
kernel-modules-partner-5.14.0-570.62.1.el9_6.tuxcare.5.els4.x86_64.rpm
sha:15c5e197636cf71d99ff0731d7498fc71191bc4006002474ab96055c5a6b0069
kernel-rt-5.14.0-570.62.1.el9_6.tuxcare.5.els4.x86_64.rpm
sha:3f3c1a2446fd4aee792accf0a3053a1675e3ccefa7e1f93fd70f3b7703954272
kernel-rt-core-5.14.0-570.62.1.el9_6.tuxcare.5.els4.x86_64.rpm
sha:fb0ae7be3bce374c1b857b792023b552b945b89854b227544ffc798256fbe848
kernel-rt-debug-5.14.0-570.62.1.el9_6.tuxcare.5.els4.x86_64.rpm
sha:75dcc614c16243a9cd33583e72b0dca1179305a40b8c0c384dc6020dd619a1eb
kernel-rt-debug-core-5.14.0-570.62.1.el9_6.tuxcare.5.els4.x86_64.rpm
sha:5a4b26be8d4e176c55088a6757a207f4c11c8982675534fe225a59fdac58db82
kernel-rt-debug-devel-5.14.0-570.62.1.el9_6.tuxcare.5.els4.x86_64.rpm
sha:049a3867f48db22166c0b06df23b5db0a8049f70b4e137c469eedcb7db8ad280
kernel-rt-debug-devel-matched-5.14.0-570.62.1.el9_6.tuxcare.5.els4.x86_64.rpm
sha:17d14c9c35db83dccacc8ea88c7128440669787e2f919b63573494d2a1396484
kernel-rt-debug-kvm-5.14.0-570.62.1.el9_6.tuxcare.5.els4.x86_64.rpm
sha:1447f933e5b1107247b30af2185dfe3e08e862bbcd9e59590017673b5476c7ee
kernel-rt-debug-modules-5.14.0-570.62.1.el9_6.tuxcare.5.els4.x86_64.rpm
sha:e1ddbb2e7113de924535bcae3d95e73461bdc94f395e4e7afed58762e4cbb353
kernel-rt-debug-modules-core-5.14.0-570.62.1.el9_6.tuxcare.5.els4.x86_64.rpm
sha:55c88fbcd521b3c5db5c0310796619688158a322473fbb190dd42e44158198dd
kernel-rt-debug-modules-extra-5.14.0-570.62.1.el9_6.tuxcare.5.els4.x86_64.rpm
sha:15297ebea2a4ff1d8779540c34e8fa489210efd5840ad2d9d1d9bdeb4cb2dc9f
kernel-rt-debug-modules-internal-5.14.0-570.62.1.el9_6.tuxcare.5.els4.x86_64.rpm
sha:b4d238ef8dfe8dbcd346139663b7257f7541218e4e8841fc66b9eafd3dd16d1d
kernel-rt-debug-modules-partner-5.14.0-570.62.1.el9_6.tuxcare.5.els4.x86_64.rpm
sha:982b4893fdc4496b1b46dae25f45b91cb57bf45234d22e7faa1f12641433425b
kernel-rt-devel-5.14.0-570.62.1.el9_6.tuxcare.5.els4.x86_64.rpm
sha:422f9f25ea2532975ff864698b5e42c862ec2615eaf07c64a1b815b31673e052
kernel-rt-devel-matched-5.14.0-570.62.1.el9_6.tuxcare.5.els4.x86_64.rpm
sha:589c5e0c949795ce6505e682fe2a1627039ea00a269b00e2bd319ed0bd453818
kernel-rt-kvm-5.14.0-570.62.1.el9_6.tuxcare.5.els4.x86_64.rpm
sha:287911933a73d354cec6a214c39bf4c34a3e32c65cebdad9228125aae6b43c1d
kernel-rt-modules-5.14.0-570.62.1.el9_6.tuxcare.5.els4.x86_64.rpm
sha:e3b818b46b348974e23c48fa0e0190be795261cb8c72810e75ce0c7a39ed02f4
kernel-rt-modules-core-5.14.0-570.62.1.el9_6.tuxcare.5.els4.x86_64.rpm
sha:a5941141b01b54a93977ffef8e5f6e00c0505862903dcb04c8cd0b8c5f972b2a
kernel-rt-modules-extra-5.14.0-570.62.1.el9_6.tuxcare.5.els4.x86_64.rpm
sha:e6ecc48b2ecb601c628f0841c0c553681e115176ab65fb587d723342cacca007
kernel-rt-modules-internal-5.14.0-570.62.1.el9_6.tuxcare.5.els4.x86_64.rpm
sha:30b9ab2aa7284c7762bee346c61be4e5e33fcf2d849b68f8663c494cea4ac2b9
kernel-rt-modules-partner-5.14.0-570.62.1.el9_6.tuxcare.5.els4.x86_64.rpm
sha:d52aab0ca3b1c9591255cf9517638fe72bb98c0966f27a8cd462ad8138308437
kernel-selftests-internal-5.14.0-570.62.1.el9_6.tuxcare.5.els4.x86_64.rpm
sha:810c7a1e945e7c80ac9b290b3ad06100aa15e5d43139322d4fe40b56b87411cd
kernel-tools-5.14.0-570.62.1.el9_6.tuxcare.5.els4.x86_64.rpm
sha:65d25d342778715c82d3e19d60aa9e9ca9d221624a0075e15d608217af46b7b2
kernel-tools-libs-5.14.0-570.62.1.el9_6.tuxcare.5.els4.x86_64.rpm
sha:4612b320f0ddf5fe5736b454bab116e5d21bffbfd0b3e626e74858b97743bc46
kernel-tools-libs-devel-5.14.0-570.62.1.el9_6.tuxcare.5.els4.x86_64.rpm
sha:17195eef39e0f22da046bafd194a9cc295eb126716e63365e4399053dcf7fe51
kernel-uki-virt-5.14.0-570.62.1.el9_6.tuxcare.5.els4.x86_64.rpm
sha:a89f84892fb629f32322f2b623fc7a0b419b20f4b0e085d3b7091b3d285d5056
kernel-uki-virt-addons-5.14.0-570.62.1.el9_6.tuxcare.5.els4.x86_64.rpm
sha:a668a15d473c08bf3b88490fda49684f5b90965ddaf2eeac0bea6c07bfe5e5b2
libperf-5.14.0-570.62.1.el9_6.tuxcare.5.els4.x86_64.rpm
sha:44a5a1df00a71317605439078bfd8654a63de13acabb3c09500d2930e0f27250
libperf-devel-5.14.0-570.62.1.el9_6.tuxcare.5.els4.x86_64.rpm
sha:c43815676027ba52226f17969a3e40ab64548c7c5799be9caf98c37553c393b3
perf-5.14.0-570.62.1.el9_6.tuxcare.5.els4.x86_64.rpm
sha:f57309cd57825af05fc2818e8e81e0544f01c3abe2a1647c4ba1e0c29e843b6e
python3-perf-5.14.0-570.62.1.el9_6.tuxcare.5.els4.x86_64.rpm
sha:0395e0e92cd575f1f5c10353eb425b1077fee43580889b9c3da96976c29c545b
rtla-5.14.0-570.62.1.el9_6.tuxcare.5.els4.x86_64.rpm
sha:0d8a6e77b0049d080d3627453bb2042ad39b86c1dd5d3d343de1e0b4925e986e
rv-5.14.0-570.62.1.el9_6.tuxcare.5.els4.x86_64.rpm
sha:e9111b4e8fded161778d2efcfe4e0109c0e5e536b4602cdb781a3a1155286751

Notes:

This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.