Release Info

Advisory: CLSA-2025:1765463110

OS: AlmaLinux 9.2 ESU

Public date: 2025-12-11 14:25:12.551

Project: kernel

Version: 7.0.0-284.1101.el9_2.tuxcare.7.els25

Errata link: https://errata.tuxcare.com/els_os/almalinux9.2esu/CLSA-2025-1765463110.html

Changelog

- Bluetooth: MGMT: Protect mgmt_pending list with its own lock {CVE-2025-38117} - padata: Fix pd UAF once and for all {CVE-2025-38584} - wifi: cfg80211: Fix use after free for wext {CVE-2023-53153} - padata: Fix list iterator in padata_do_serial() - padata: do not leak refcount in reorder_work {CVE-2025-38031} - padata: avoid UAF for reorder_work {CVE-2025-21726} - padata: add pd get/put refcnt helper - net/smc: fix UAF on smcsk after smc_listen_out() {CVE-2025-38734} - scsi: mpi3mr: Bad drive in topology results kernel crash {CVE-2023-53037} - scsi: mpi3mr: Driver unload crashes host when enhanced logging is enabled - wifi: brcmfmac: Fix potential stack-out-of-bounds in brcmf_c_preinit_dcmds() {CVE-2022-50258} - igb: Fix igb_down hung on surprise removal {CVE-2023-53148} - drm/i915/sseu: fix max_subslices array-index-out-of-bounds access {CVE-2023-53112} - i40e: fix idx validation in config queues msg {CVE-2025-39971} - dm-bufio: don't schedule in atomic context {CVE-2025-37928} - fs: prevent out-of-bounds array speculation when closing a file descriptor {CVE-2023-53117} - vhost-scsi: Fix handling of multiple calls to vhost_scsi_set_endpoint {CVE-2025-22083} - iommu/amd: Fix potential buffer overflow in parse_ivrs_acpihid {CVE-2025-37927} - tracing: Fix oob write in trace_seq_to_buffer() {CVE-2025-37923} - KVM: x86: Reset IRTE to host control if *new* route isn't postable {CVE-2025-37885} - KVM: arm64: Tear down vGIC on failed vCPU creation {CVE-2025-37849} - KVM: Reject attempts to consume or refresh inactive gfn_to_pfn_cache {CVE-2022-49882} - jbd2: remove wrong sb->s_sequence check {CVE-2025-37839} - power: supply: gpio-charger: Fix set charge current limits {CVE-2024-57792} - ASoC: dapm: Fix UAF for snd_soc_pcm_runtime object {CVE-2024-46798} - ipv6: prevent possible UAF in ip6_xmit() {CVE-2024-44985} - ipv6: fix possible UAF in ip6_finish_output2() {CVE-2024-44986} - netfilter: flowtable: validate vlan header {CVE-2024-44983} - usb: typec: fix potential out of bounds in ucsi_ccg_update_set_new_cam_cmd() {CVE-2024-50268} - usb: vhci-hcd: Do not drop references before new references are gained {CVE-2024-43883} - drm/amd/display: Fix slab-use-after-free on hdcp_work {CVE-2025-21968} - drm/amd/display: Check num_valid_sets before accessing reader_wm_sets[] {CVE-2024-46815} - drm/amd/display: Check index msg_id before read or write {CVE-2024-42121} - drm/amd/display: Check pipe offset before setting vblank {CVE-2024-42120} - drm/amdkfd: don't allow mapping the MMIO HDP page with large pages {CVE-2024-41011} - drm/amdkfd: Fix an illegal memory access {CVE-2023-53090} - drm/shmem-helper: Remove another errant put in error path {CVE-2023-53084} - drm/amd/display: fix shift-out-of-bounds in CalculateVMAndRowBytes {CVE-2023-53077} - drm/i915: mark requests for GuC virtual engines to avoid use-after-free {CVE-2023-53552} - ptp: fix integer overflow in max_vclocks_store {CVE-2024-40994} - nvmet: avoid potential UAF in nvmet_req_complete() {CVE-2023-53116} - loop: Fix use-after-free issues {CVE-2023-53111} - ftrace: Fix invalid address access in lookup_rec() when index is 0 {CVE-2023-53075} - mptcp: use the workqueue to destroy unaccepted sockets {CVE-2023-53072} - perf/core: Fix perf_output_begin parameter is incorrectly invoked in perf_event_bpf_output {CVE-2023-53065} - erspan: do not use skb_mac_header() in ndo_start_xmit() {CVE-2023-53053} - HID: intel-ish-hid: ipc: Fix potential use-after-free in work function {CVE-2023-53039} - netlink: prevent potential spectre v1 gadgets {CVE-2023-53000} - coresight: Clear the connection field properly {CVE-2022-50214} - Bluetooth: btsdio: fix use after free bug in btsdio_remove due to race condition {CVE-2023-53145} - Bluetooth: hci_event: Fix UAF in hci_acl_create_conn_sync {CVE-2025-39982} - x86/tdx: Fix "in-kernel MMIO" check {CVE-2024-47727} - arm64: sme: Use STR P to clear FFR context field in streaming SVE mode {CVE-2023-53713} - wifi: mt76: mt7921: fix error code of return in mt7921_acpi_read {CVE-2023-53710}

Update

Update command: dnf update kernel*

Packages list

bpftool-7.0.0-284.1101.el9_2.tuxcare.7.els25.x86_64.rpm kernel-5.14.0-284.1101.el9_2.tuxcare.7.els25.x86_64.rpm kernel-abi-stablelists-5.14.0-284.1101.el9_2.tuxcare.7.els25.noarch.rpm kernel-core-5.14.0-284.1101.el9_2.tuxcare.7.els25.x86_64.rpm kernel-cross-headers-5.14.0-284.1101.el9_2.tuxcare.7.els25.x86_64.rpm kernel-debug-5.14.0-284.1101.el9_2.tuxcare.7.els25.x86_64.rpm kernel-debug-core-5.14.0-284.1101.el9_2.tuxcare.7.els25.x86_64.rpm kernel-debug-devel-5.14.0-284.1101.el9_2.tuxcare.7.els25.x86_64.rpm kernel-debug-devel-matched-5.14.0-284.1101.el9_2.tuxcare.7.els25.x86_64.rpm kernel-debug-modules-5.14.0-284.1101.el9_2.tuxcare.7.els25.x86_64.rpm kernel-debug-modules-core-5.14.0-284.1101.el9_2.tuxcare.7.els25.x86_64.rpm kernel-debug-modules-extra-5.14.0-284.1101.el9_2.tuxcare.7.els25.x86_64.rpm kernel-debug-modules-internal-5.14.0-284.1101.el9_2.tuxcare.7.els25.x86_64.rpm kernel-debug-modules-partner-5.14.0-284.1101.el9_2.tuxcare.7.els25.x86_64.rpm kernel-debug-uki-virt-5.14.0-284.1101.el9_2.tuxcare.7.els25.x86_64.rpm kernel-devel-5.14.0-284.1101.el9_2.tuxcare.7.els25.x86_64.rpm kernel-devel-matched-5.14.0-284.1101.el9_2.tuxcare.7.els25.x86_64.rpm kernel-doc-5.14.0-284.1101.el9_2.tuxcare.7.els25.noarch.rpm kernel-headers-5.14.0-284.1101.el9_2.tuxcare.7.els25.x86_64.rpm kernel-ipaclones-internal-5.14.0-284.1101.el9_2.tuxcare.7.els25.x86_64.rpm kernel-modules-5.14.0-284.1101.el9_2.tuxcare.7.els25.x86_64.rpm kernel-modules-core-5.14.0-284.1101.el9_2.tuxcare.7.els25.x86_64.rpm kernel-modules-extra-5.14.0-284.1101.el9_2.tuxcare.7.els25.x86_64.rpm kernel-modules-internal-5.14.0-284.1101.el9_2.tuxcare.7.els25.x86_64.rpm kernel-modules-partner-5.14.0-284.1101.el9_2.tuxcare.7.els25.x86_64.rpm kernel-selftests-internal-5.14.0-284.1101.el9_2.tuxcare.7.els25.x86_64.rpm kernel-tools-5.14.0-284.1101.el9_2.tuxcare.7.els25.x86_64.rpm kernel-tools-libs-5.14.0-284.1101.el9_2.tuxcare.7.els25.x86_64.rpm kernel-tools-libs-devel-5.14.0-284.1101.el9_2.tuxcare.7.els25.x86_64.rpm kernel-uki-virt-5.14.0-284.1101.el9_2.tuxcare.7.els25.x86_64.rpm libbpf-1.0.0-2.el9_2.tuxcare.7.els25.i686.rpm libbpf-1.0.0-2.el9_2.tuxcare.7.els25.x86_64.rpm libbpf-devel-1.0.0-2.el9_2.tuxcare.7.els25.i686.rpm libbpf-devel-1.0.0-2.el9_2.tuxcare.7.els25.x86_64.rpm libbpf-static-1.0.0-2.el9_2.tuxcare.7.els25.i686.rpm libbpf-static-1.0.0-2.el9_2.tuxcare.7.els25.x86_64.rpm perf-5.14.0-284.1101.el9_2.tuxcare.7.els25.x86_64.rpm python3-perf-5.14.0-284.1101.el9_2.tuxcare.7.els25.x86_64.rpm rtla-5.14.0-284.1101.el9_2.tuxcare.7.els25.x86_64.rpm

CVEs

CVE-2022-50258
CVE-2025-39982
CVE-2025-38117
CVE-2023-53037
CVE-2025-39971
CVE-2024-44985
CVE-2023-53153
CVE-2024-46815
CVE-2024-44986
CVE-2025-37849
CVE-2023-53111
CVE-2024-46798
CVE-2024-40994
CVE-2024-50268
CVE-2023-53145
CVE-2023-53075
CVE-2024-44983
CVE-2024-42120
CVE-2023-53552
CVE-2023-53000
CVE-2024-47727
CVE-2023-53148
CVE-2023-53090
CVE-2025-38584
CVE-2023-53117
CVE-2024-41011
CVE-2025-38031
CVE-2022-50214
CVE-2023-53072
CVE-2023-53053
CVE-2025-37928
CVE-2025-37885
CVE-2025-37927
CVE-2025-37923
CVE-2025-37839
CVE-2023-53713
CVE-2023-53710
CVE-2025-21726
CVE-2023-53116
CVE-2023-53039
CVE-2023-53084
CVE-2023-53077
CVE-2023-53065
CVE-2022-49882
CVE-2023-53112