Release Info

Advisory: CLSA-2025:1749562017

OS: CentOS 8.5 ELS

Public date: 2025-06-10 13:26:59

Project: kernel

Version: 4.18.0-348.7.1.el8_5.tuxcare.els28

Errata link: https://errata.tuxcare.com/els_os/centos8.5els/CLSA-2025-1749562017.html

Changelog

- vsock: Keep the binding until socket destruction {CVE-2025-21756} - mt76: fix use-after-free by removing a non-RCU wcid pointer {CVE-2022-49328} - bpf, test_run: Fix alignment problem in bpf_prog_test_run_skb() {CVE-2022-49840} - ASoC: core: Fix use-after-free in snd_soc_exit() {CVE-2022-49842} - net: sched: Fix use after free in red_enqueue() {CVE-2022-49921} - udf: Fix a slab-out-of-bounds write bug in udf_find_entry() {CVE-2022-49846} - ftrace: Fix use-after-free for dynamic ftrace_ops {CVE-2022-49892} - dm ioctl: prevent potential spectre v1 gadget {CVE-2022-49122} - scsi: libfc: Fix use after free in fc_exch_abts_resp() {CVE-2022-49114} - mac80211: fix potential double free on mesh join {CVE-2022-49290} - wifi: mac80211: fix use-after-free in chanctx code {CVE-2022-49416} - ext4: fix OOB read when checking dotdot dir {CVE-2025-37785} - ALSA: hda/via: Avoid potential array out-of-bound in add_secret_dac_path() {CVE-2023-52988} - tracing: Fix potential double free in create_var_ref() {CVE-2022-49410} - wifi: brcmfmac: Check the count value of channel spec to prevent out-of-bounds reads {CVE-2022-49740} - mm/khugepaged: invoke MMU notifiers in shmem/file collapse paths {CVE-2022-48991} - cifs: potential buffer overflow in handling symlinks {CVE-2022-49058} - media: pvrusb2: fix array-index-out-of-bounds in pvr2_i2c_core_init {CVE-2022-49478} - HID: elan: Fix potential double free in elan_input_configured {CVE-2022-49508} - bpf: Check rcu_read_lock_trace_held() before calling bpf map helpers {CVE-2023-52621} - drm/amd/pm: fix double free in si_parse_power_table() {CVE-2022-49530} - drm/amdgpu: avoid buffer overflow attach in smu_sys_set_pp_table() {CVE-2025-21780} - crypto: scomp - fix req->dst buffer overflow {CVE-2023-52612} - sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket {CVE-2024-53168} - net: make sock_inuse_add() available {CVE-2024-53168}

Update

Update command: dnf update kernel*

Packages list

bpftool-4.18.0-348.7.1.el8_5.tuxcare.els28.x86_64.rpm kernel-4.18.0-348.7.1.el8_5.tuxcare.els28.x86_64.rpm kernel-core-4.18.0-348.7.1.el8_5.tuxcare.els28.x86_64.rpm kernel-cross-headers-4.18.0-348.7.1.el8_5.tuxcare.els28.x86_64.rpm kernel-debug-4.18.0-348.7.1.el8_5.tuxcare.els28.x86_64.rpm kernel-debug-core-4.18.0-348.7.1.el8_5.tuxcare.els28.x86_64.rpm kernel-debug-devel-4.18.0-348.7.1.el8_5.tuxcare.els28.x86_64.rpm kernel-debug-modules-4.18.0-348.7.1.el8_5.tuxcare.els28.x86_64.rpm kernel-debug-modules-extra-4.18.0-348.7.1.el8_5.tuxcare.els28.x86_64.rpm kernel-debug-modules-internal-4.18.0-348.7.1.el8_5.tuxcare.els28.x86_64.rpm kernel-devel-4.18.0-348.7.1.el8_5.tuxcare.els28.x86_64.rpm kernel-headers-4.18.0-348.7.1.el8_5.tuxcare.els28.x86_64.rpm kernel-ipaclones-internal-4.18.0-348.7.1.el8_5.tuxcare.els28.x86_64.rpm kernel-modules-4.18.0-348.7.1.el8_5.tuxcare.els28.x86_64.rpm kernel-modules-extra-4.18.0-348.7.1.el8_5.tuxcare.els28.x86_64.rpm kernel-modules-internal-4.18.0-348.7.1.el8_5.tuxcare.els28.x86_64.rpm kernel-selftests-internal-4.18.0-348.7.1.el8_5.tuxcare.els28.x86_64.rpm kernel-tools-4.18.0-348.7.1.el8_5.tuxcare.els28.x86_64.rpm kernel-tools-libs-4.18.0-348.7.1.el8_5.tuxcare.els28.x86_64.rpm kernel-tools-libs-devel-4.18.0-348.7.1.el8_5.tuxcare.els28.x86_64.rpm perf-4.18.0-348.7.1.el8_5.tuxcare.els28.x86_64.rpm python3-perf-4.18.0-348.7.1.el8_5.tuxcare.els28.x86_64.rpm

CVEs

CVE-2022-49740
CVE-2023-52621
CVE-2022-49122
CVE-2022-49410
CVE-2022-48991
CVE-2022-49846
CVE-2022-49921
CVE-2022-49840
CVE-2022-49328
CVE-2022-49530
CVE-2022-49508
CVE-2022-49478
CVE-2022-49842
CVE-2022-49058
CVE-2025-21780
CVE-2023-52612
CVE-2023-52988
CVE-2024-53168
CVE-2025-37785
CVE-2022-49290
CVE-2022-49416
CVE-2022-49114
CVE-2022-49892
CVE-2025-21756