CLSA-2026:1780052998

[CLSA-2026:1780052998] kernel: Fix of 102 CVEs

Type:

security

Severity:

Important

Release date:

2026-05-29 13:40:49 UTC

Description:

- smb: client: reject userspace cifs.spnego descriptions
- usb: ulpi: fix memory leak on ulpi_register() error paths
- usb: ulpi: fix double free in ulpi_register_interface() error path {CVE-2026-31759}
- mptcp: consolidate suboption status {CVE-2025-21707}
- blktrace: fix __this_cpu_read/write in preemptible context {CVE-2026-23374}
- espintcp: remove encap socket caching to avoid reference leak {CVE-2025-38097}
- net: usb: asix: validate PHY address before use {CVE-2025-71094}
- driver: iio: add missing checks on iio_info's callback access {CVE-2024-46715}
- net: can: j1939: j1939_xtp_rx_rts_session_active(): deactivate session upon receiving the second rts {CVE-2026-22997}
- crypto: af_alg - Set merge to zero early in af_alg_sendmsg {CVE-2025-39931}
- bonding: fix use-after-free due to enslave fail after slave array update {CVE-2026-23171}
- Input: gpio-keys - fix a sleep while atomic with PREEMPT_RT {CVE-2025-38335}
- spi: spi-fsl-lpspi: fix teardown order issue (UAF) {CVE-2026-31485}
- mm/smaps: fix race between smaps_hugetlb_range and migration {CVE-2025-39754}
- vxlan: Fix NPD in {arp,neigh}_reduce() when using nexthop objects {CVE-2025-39850}
- mm/userfaultfd: fix hugetlb fault mutex hash calculation {CVE-2026-31575}
- RDMA/irdma: Initialize free_qp completion before using it {CVE-2026-31492}
- calipso: Don't call calipso functions for AF_INET sk. {CVE-2025-38147}
- mm/ksm: fix flag-dropping behavior in ksm_madvise {CVE-2025-40040}
- espintcp: fix skb leaks {CVE-2025-38057}
- net: cdc_ncm: Deal with too low values of dwNtbOutMaxSize {CVE-2023-53667}
- memcg: fix soft lockup in the OOM process {CVE-2024-57977}
- futex: Clear stale exiting pointer in futex_lock_pi() retry path {CVE-2026-31555}
- trace_events_hist: add check for return value of 'create_hist_field' {CVE-2023-53005}
- dm-verity: disable recursive forward error correction {CVE-2025-71161}
- Bluetooth: L2CAP: Fix accepting multiple L2CAP_ECRED_CONN_REQ {CVE-2026-23395}
- vfs: Don't evict inode under the inode lru traversing context {CVE-2024-45003}
- ipvs: fix uninit-value for saddr in do_output_route4 {CVE-2025-37961}
- sctp: add mutual exclusion in proc_sctp_do_udp_port() {CVE-2025-22062}
- net: phy: leds: fix memory leak {CVE-2025-37989}
- x86/cpu/hygon: Add missing resctrl_cpu_detect() in bsp_init helper {CVE-2025-39681}
- tls: Use __sk_dst_get() and dst_dev_rcu() in get_netdev_for_sock(). {CVE-2025-40149}
- netfilter: ctnetlink: remove refcounting in expectation dumpers {CVE-2025-39764}
- sctp: sysctl: auth_enable: avoid using current->nsproxy {CVE-2025-21638}
- kobject: Add sanity check for kset->kobj.ktype in kset_register() {CVE-2023-53480}
- io_uring: check if iowq is killed before queuing {CVE-2024-56709}
- netfilter: x_tables: fix percpu counter block leak on error path when creating new netns {CVE-2023-53200}
- ubi: ubi_wl_put_peb: Fix infinite loop when wear-leveling work failed {CVE-2023-53481}
- udf: Do not update file length for failed writes to inline files {CVE-2023-53295}
- bpf: Forget ranges when refining tnum after JSET {CVE-2025-39748}
- perf/core: Exit early on perf_mmap() fail {CVE-2025-38565}
- misc: vmw_balloon: fix memory leak with using debugfs_lookup() {CVE-2023-53279}
- can: bcm: bcm_tx_setup(): fix KMSAN uninit-value in vfs_write {CVE-2023-53344}
- tracing: Fix race issue between cpu buffer write and swap {CVE-2023-53368}
- KVM: x86: Acquire SRCU in KVM_GET_MP_STATE to protect guest memory accesses {CVE-2025-23141}
- io_uring/tctx: work around xa_store() allocation error issue {CVE-2024-56584}
- objtool: Fix memory leak in create_static_call_sections() {CVE-2023-53423}
- net: bcmgenet: Add a check for oversized packets {CVE-2023-53535}
- ext4: remove a BUG_ON in ext4_mb_release_group_pa() {CVE-2023-53450}
- PM: EM: fix memory leak with using debugfs_lookup() {CVE-2023-53411}
- ALSA: usb-audio: Use correct version for UAC3 header validation {CVE-2026-23318}
- watchdog: Fix kmemleak in watchdog_cdev_register {CVE-2023-53234}
- nfsd: fix heap overflow in NFSv4.0 LOCK replay cache {CVE-2026-31402}
- libceph: reset sparse-read state in osd_fault() {CVE-2026-23136}
- ppp: fix race conditions in ppp_fill_forward_path {CVE-2025-39673}
- platform/x86: dell-wmi-sysman: Fix WMI data block retrieval in sysfs callbacks {CVE-2025-38412}
- perf: Revert to requiring CAP_SYS_ADMIN for uprobes {CVE-2025-38466}
- can: isotp: fix potential CAN frame reception race in isotp_rcv() {CVE-2022-48830}
- net_sched: cls_flow: validate TCA_FLOW_RSHIFT attribute {CVE-2025-21653}
- HID: ignore non-functional sensor in HP 5MP Camera {CVE-2025-21992}
- smb: client: Avoid race in open_cached_dir with lease breaks {CVE-2025-37954}
- net/mlx5e: Avoid WARN_ON when configuring MQPRIO with HTB offload enabled {CVE-2025-38039}
- smb: Log an error when close_all_cached_dirs fails {CVE-2025-38321}
- rxrpc: Fix bug due to prealloc collision {CVE-2025-38544}
- ASoC: SOF: Intel: hda: Use devm_kstrdup() to avoid memleak. {CVE-2025-38438}
- net: stmmac: Fix accessing freed irq affinity_hint {CVE-2025-23155}
- perf/core: Fix WARN_ON(!ctx) in __free_event() for partial init {CVE-2025-37878}
- bpf: Fix deadlock between rcu_tasks_trace and event_mutex. {CVE-2025-37884}
- tracing: Free error logs of tracing instances {CVE-2023-53375}
- loop: Avoid updating block size under exclusive owner {CVE-2025-38709}
- netfilter: ctnetlink: use netlink policy range checks {CVE-2026-31495}
- ceph: fix deadlock or deadcode of misusing dget() {CVE-2023-52583}
- net/sched: Only allow act_ct to bind to clsact/ingress qdiscs and shared blocks {CVE-2026-23270}
- ip6_gre: make ip6gre_header() robust {CVE-2025-71098}
- hwmon: (w83791d) Convert macros to functions to avoid TOCTOU {CVE-2025-71111}
- crypto: seqiv - Do not use req->iv after crypto_aead_encrypt {CVE-2025-71131}
- rocker: fix memory leak in rocker_world_port_post_fini() {CVE-2026-23164}
- bonding: provide a net pointer to __skb_flow_dissect() {CVE-2026-23119}
- l2tp: avoid one data-race in l2tp_tunnel_del_work() {CVE-2026-23120}
- can: usb_8dev: usb_8dev_read_bulk_callback(): fix URB memory leak {CVE-2026-23108}
- leds: led-class: Only Add LED to leds_list when it is fully ready {CVE-2026-23101}
- regmap: Fix race condition in hwspinlock irqsave routine {CVE-2026-23071}
- cifs: Fix memory and information leak in smb3_reconfigure() {CVE-2025-71151}
- ipv4: ip_gre: make ipgre_header() robust {CVE-2026-23011}
- NFSv4/pNFS: Fix a race to wake on NFS_LAYOUT_DRAIN {CVE-2025-38393}
- nvme-pci: fix freeing of the HMB descriptor table {CVE-2024-56756}
- spi: imx: Don't skip cleanup in remove's error path {CVE-2023-53225}
- ring-buffer: Fix a race between readers and resize checks {CVE-2024-38601}
- i3c: Use i3cdev->desc->info instead of calling i3c_device_get_info() to avoid deadlock {CVE-2024-43098}
- can: mcp251x: fix deadlock if an interrupt occurs during mcp251x_open {CVE-2024-46791}
- ftrace: Fix regression with module command in stack_trace_filter {CVE-2024-56569}
- leds: class: Protect brightness_show() with led_cdev->led_access mutex {CVE-2024-56587}
- bpf, sockmap: Several fixes to bpf_msg_pop_data {CVE-2024-56720}
- sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy {CVE-2025-21640}
- sctp: sysctl: rto_min/max: avoid using current->nsproxy {CVE-2025-21639}
- ACPI: APEI: send SIGBUS to current task if synchronous memory error not recovered {CVE-2025-39763}
- cxgb4: fix memory leak in cxgb4_init_ethtool_filters() error path {CVE-2025-37788}
- net: clear the dst when changing skb protocol {CVE-2025-38192}
- bpf: Fix kmemleak warning for percpu hashmap {CVE-2025-37807}
- drm/amdkfd: debugfs hang_hws skip GPU with MES {CVE-2025-37853}
- RDMA/mlx5: Fix a race for an ODP MR which leads to CQE with error {CVE-2025-21732}
- PCI: vmd: Make vmd_dev::cfg_lock a raw_spinlock_t type {CVE-2025-23161}
- PCI: Fix reference leak in pci_register_host_bridge() {CVE-2025-37836}
- ALSA: caiaq: fix stack out-of-bounds read in init_card {CVE-2026-31778}

Updated packages:

kernel-5.14.0-570.62.1.el9_6.tuxcare.5.els2.x86_64.rpm
sha:43e9ea65f874bc50aa592452a1faf245afcecaf631b2a9e9eced4befed58ca9f
kernel-abi-stablelists-5.14.0-570.62.1.el9_6.tuxcare.5.els2.noarch.rpm
sha:f4d0ed952ffddc5299d0aae3ea4d265890d211d2df3cadfc3e769c98013ac6ec
kernel-core-5.14.0-570.62.1.el9_6.tuxcare.5.els2.x86_64.rpm
sha:fd0bcf10970c8d565b8fa60853793a250c2d45981a4edd461a6322c9e5c5a96c
kernel-cross-headers-5.14.0-570.62.1.el9_6.tuxcare.5.els2.x86_64.rpm
sha:5e96d58380c1ff77bd492c930a8575b7727b8e1a98c8f54ea68050016a34ec3d
kernel-debug-5.14.0-570.62.1.el9_6.tuxcare.5.els2.x86_64.rpm
sha:85543d215ea981eceb07c809ff1922d9137d55afc66449c3fe42f1d178bad745
kernel-debug-core-5.14.0-570.62.1.el9_6.tuxcare.5.els2.x86_64.rpm
sha:4f46d8f97f8487e15c6647cae706b01bcd21528f52efc0ace39f62eccf7f93a9
kernel-debug-devel-5.14.0-570.62.1.el9_6.tuxcare.5.els2.x86_64.rpm
sha:9fc731b532b8eab101523040d10fd6b72116eb575131aeba2c78996f994ded5b
kernel-debug-devel-matched-5.14.0-570.62.1.el9_6.tuxcare.5.els2.x86_64.rpm
sha:0f083e50e2be60b34c05059057ceb1a33123ff0df67d9b79e3ad0f024d4a2043
kernel-debug-modules-5.14.0-570.62.1.el9_6.tuxcare.5.els2.x86_64.rpm
sha:61c0ab9cdd5fe3363cda845b37b78fbb67a412f5c81c280df52a643c3b419f64
kernel-debug-modules-core-5.14.0-570.62.1.el9_6.tuxcare.5.els2.x86_64.rpm
sha:4bbdb84e4229fa5dcee31f50fbd6c7b8d4de14057c56a7aaf6c2aefed8680b0b
kernel-debug-modules-extra-5.14.0-570.62.1.el9_6.tuxcare.5.els2.x86_64.rpm
sha:4f28937e9b9b232eaeb5994ab11bbc94901cd5df181fcf652dc3d915024603fe
kernel-debug-modules-internal-5.14.0-570.62.1.el9_6.tuxcare.5.els2.x86_64.rpm
sha:f8e665bf84be62e3e611d21e7aa7c74f32ff56f95562f5125bd74098ed687170
kernel-debug-modules-partner-5.14.0-570.62.1.el9_6.tuxcare.5.els2.x86_64.rpm
sha:1ee276de40e185613f4eebb796ee231db713a7b32553999e94ba78d0d54beffc
kernel-debug-uki-virt-5.14.0-570.62.1.el9_6.tuxcare.5.els2.x86_64.rpm
sha:8d30b8f7f87e082e29d50aaf06bd60a5c9a011e4962494a0b43cc6bd6a0b289a
kernel-debug-uki-virt-addons-5.14.0-570.62.1.el9_6.tuxcare.5.els2.x86_64.rpm
sha:c61367921349580b177bc4268603f4a4c46cd424c6e2b5a79433d8b78e38d3cf
kernel-devel-5.14.0-570.62.1.el9_6.tuxcare.5.els2.x86_64.rpm
sha:1351ce1c9ca7802d0166690f823d13846d6c31b609476f0ba1252cf493902fec
kernel-devel-matched-5.14.0-570.62.1.el9_6.tuxcare.5.els2.x86_64.rpm
sha:c94ce63af8cf3160b6583e8f1035c1aae601d9ab6e62ae951f73efe63ab060d8
kernel-doc-5.14.0-570.62.1.el9_6.tuxcare.5.els2.noarch.rpm
sha:63b22de79b9539fbc399c5f205765ac31ec64de6cb05e6bd3431203215eb012b
kernel-headers-5.14.0-570.62.1.el9_6.tuxcare.5.els2.x86_64.rpm
sha:f36ab371abfaa4df8612bdf5d3c90d98137fd2983fee80aa895035a38e253377
kernel-ipaclones-internal-5.14.0-570.62.1.el9_6.tuxcare.5.els2.x86_64.rpm
sha:b129d95bcf937282b1e668bdbc95aa243a1a4ee50f27b873ce196f96f68bce69
kernel-modules-5.14.0-570.62.1.el9_6.tuxcare.5.els2.x86_64.rpm
sha:220f7b43aaca4d8e473eedae040e65f706ac06a55415064d052a75260743dd80
kernel-modules-core-5.14.0-570.62.1.el9_6.tuxcare.5.els2.x86_64.rpm
sha:2349515a8e33e4537e625e362e73c1d6350cda3aa87e464e53388d61324fcafc
kernel-modules-extra-5.14.0-570.62.1.el9_6.tuxcare.5.els2.x86_64.rpm
sha:9c03282ee88b6525b09c39601ed122f19d50c801bc49eb6f3a87faf9c624e19b
kernel-modules-internal-5.14.0-570.62.1.el9_6.tuxcare.5.els2.x86_64.rpm
sha:51d5700e05886bc415e30b550acb7373a3406d0f3a224eafc23b68dc63737306
kernel-modules-partner-5.14.0-570.62.1.el9_6.tuxcare.5.els2.x86_64.rpm
sha:55aaa2a097b0cb0bf5ebb1d632ce8e414def9ec9abaf12147008ccc13a0aea8d
kernel-rt-5.14.0-570.62.1.el9_6.tuxcare.5.els2.x86_64.rpm
sha:0fa2eaae3c13e74b33ffe8d0fb74c6bbc0aad1687a4386f590152d0f0cd6953d
kernel-rt-core-5.14.0-570.62.1.el9_6.tuxcare.5.els2.x86_64.rpm
sha:c2cbab2cda089ab2610f35abf6742cf8027edaf0d56b531a94241bf992e3d957
kernel-rt-debug-5.14.0-570.62.1.el9_6.tuxcare.5.els2.x86_64.rpm
sha:9bb97a6761773bebb94cc63d8a0037d9f03e0e7c1361c496bc9f4f82f0789916
kernel-rt-debug-core-5.14.0-570.62.1.el9_6.tuxcare.5.els2.x86_64.rpm
sha:8705e1cc3466c7d9e9491c5c1892be0ed04be35dd7afa80e19229ac020ee7ffe
kernel-rt-debug-devel-5.14.0-570.62.1.el9_6.tuxcare.5.els2.x86_64.rpm
sha:71799939bfad57d00d4f871fb9767a51f54bccb335b68b421cf75bc46a9e54da
kernel-rt-debug-devel-matched-5.14.0-570.62.1.el9_6.tuxcare.5.els2.x86_64.rpm
sha:f7dff94c7743b04c26db1a9b11dd9e7f70f038023efc22211703e4ae00bae1b8
kernel-rt-debug-kvm-5.14.0-570.62.1.el9_6.tuxcare.5.els2.x86_64.rpm
sha:2aac4c550f10637a76aa466a21898467998dad4cc73460fcbbbd3523a7473131
kernel-rt-debug-modules-5.14.0-570.62.1.el9_6.tuxcare.5.els2.x86_64.rpm
sha:ff28961cf18ac1465acf5251d8f9bd10d696bc67e76c17a4fe1e966b04014f3a
kernel-rt-debug-modules-core-5.14.0-570.62.1.el9_6.tuxcare.5.els2.x86_64.rpm
sha:5fb74ef836f37a106212d3d9ff581997b3b3d270db0f997a565aa69e615da2d5
kernel-rt-debug-modules-extra-5.14.0-570.62.1.el9_6.tuxcare.5.els2.x86_64.rpm
sha:3a46fa19b53d238031d1c789208b1bf6567d8e19e4e0bd53a5a9e860acb318fb
kernel-rt-debug-modules-internal-5.14.0-570.62.1.el9_6.tuxcare.5.els2.x86_64.rpm
sha:57735abf7be973234de74786fb450709cec03c66fdf37b53f1f2b5ef7aec27ca
kernel-rt-debug-modules-partner-5.14.0-570.62.1.el9_6.tuxcare.5.els2.x86_64.rpm
sha:db19c5723567f960b95aa90945be1b9ea5905a31969f14fa7c580b7acf61805c
kernel-rt-devel-5.14.0-570.62.1.el9_6.tuxcare.5.els2.x86_64.rpm
sha:2a5aad737653a7aca0b2c2e2f91ea929473e915ea00f8eb6cadf85b53a6951ab
kernel-rt-devel-matched-5.14.0-570.62.1.el9_6.tuxcare.5.els2.x86_64.rpm
sha:3b77a5d904c6af6c79fa5d9779741a1c8300539de0a49253cd22dbdc5de80a28
kernel-rt-kvm-5.14.0-570.62.1.el9_6.tuxcare.5.els2.x86_64.rpm
sha:e878ba3f42cf0ef2615a1420e28c0196e970acf907a2dc0521dbe68d6b1881db
kernel-rt-modules-5.14.0-570.62.1.el9_6.tuxcare.5.els2.x86_64.rpm
sha:b6e1c03127485d2627db4c574b06a2caf4bb96fe0c3a244d39afe1bca7299891
kernel-rt-modules-core-5.14.0-570.62.1.el9_6.tuxcare.5.els2.x86_64.rpm
sha:22393e57bfad05e23a59c95dede63ab9b0a74cc38bcca6ebe4632ce8fb72a831
kernel-rt-modules-extra-5.14.0-570.62.1.el9_6.tuxcare.5.els2.x86_64.rpm
sha:e0bd06f0f735c66aee80e0cd6bedf172811108a50ad42103ed41becaf6b29086
kernel-rt-modules-internal-5.14.0-570.62.1.el9_6.tuxcare.5.els2.x86_64.rpm
sha:85bbefdf94987e1cef4965d68c30ca8204dbb51ec0eebb17d4feb1cb5e25a645
kernel-rt-modules-partner-5.14.0-570.62.1.el9_6.tuxcare.5.els2.x86_64.rpm
sha:74ab691261a528ac46671fc1398719b95398314389fdae939744a12a01954116
kernel-selftests-internal-5.14.0-570.62.1.el9_6.tuxcare.5.els2.x86_64.rpm
sha:3b7f3556964f3734d1167619f07c581bc2d92cd83ca8a48612e3d05c00c1021d
kernel-tools-5.14.0-570.62.1.el9_6.tuxcare.5.els2.x86_64.rpm
sha:d3fc823a112c23bdc76695964b9e6ffebd014b8aa6b0c47f3e3e060700bb17e7
kernel-tools-libs-5.14.0-570.62.1.el9_6.tuxcare.5.els2.x86_64.rpm
sha:83761b46a52fec157fdc02409504b8f34a665cb10923e8900e9497881b64d538
kernel-tools-libs-devel-5.14.0-570.62.1.el9_6.tuxcare.5.els2.x86_64.rpm
sha:551a97053ea83f8e46da7a714f27817e3fe62069b973db23470150350e523ffd
kernel-uki-virt-5.14.0-570.62.1.el9_6.tuxcare.5.els2.x86_64.rpm
sha:768be48737ff4e8a6e65a8d468413aec41893e686a1d872d9a25b3056c5df71b
kernel-uki-virt-addons-5.14.0-570.62.1.el9_6.tuxcare.5.els2.x86_64.rpm
sha:b61a9cda6090819703ecd77be540b6fd3242bc7a6baa149203c19bd745ea98f6
libperf-5.14.0-570.62.1.el9_6.tuxcare.5.els2.x86_64.rpm
sha:561b1a3062a60b31fd037d982715ca59d5e1ce5ce30193bfa773fbb32e1373bb
libperf-devel-5.14.0-570.62.1.el9_6.tuxcare.5.els2.x86_64.rpm
sha:dbbfa2c0403c44130ba8e6db146705df18c090f569caa0e7937d9c5090b7bea7
perf-5.14.0-570.62.1.el9_6.tuxcare.5.els2.x86_64.rpm
sha:83ebec509a672b2821cc6d2f88740f0eed007c2a3f016173f06ce216ad81dcd6
python3-perf-5.14.0-570.62.1.el9_6.tuxcare.5.els2.x86_64.rpm
sha:c8e7bc6b1efd417ca434f3ff4d2c6573c89b149e1bbc9a3ae897642bbcf9cde2
rtla-5.14.0-570.62.1.el9_6.tuxcare.5.els2.x86_64.rpm
sha:5bc8c5f3a705ceec4b9f9ebeda7e4e65ad272308e68ec18d30350c7069f752f3
rv-5.14.0-570.62.1.el9_6.tuxcare.5.els2.x86_64.rpm
sha:044c6a63765dcb01357a59e4a5e939177e9e82c1c6960641262b0652aa4ac8e8

Notes:

This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.