Release Info

Advisory: CLSA-2026:1768663754

OS: AlmaLinux 9.2 ESU

Public date: 2026-01-17 15:29:16.64082

Project: kernel

Version: 7.0.0-284.1101.el9_2.tuxcare.7.els27

Errata link: https://errata.tuxcare.com/els_os/almalinux9.2esu/CLSA-2026-1768663754.html

Changelog

- ALSA: usb-audio: Fix out-of-bounds read in snd_usb_get_audioformat_uac3() {CVE-2025-38249} - drm/i915/gt: Fix timeline left held on VMA alloc error {CVE-2025-38389} - md/raid1: Fix stack memory use after return in raid1_reshape {CVE-2025-38445} - atm: clip: Fix infinite recursive call of clip_push(). {CVE-2025-38459} - bpf: Avoid __bpf_prog_ret0_warn when jit fails {CVE-2025-38280} - ipv6: Fix infinite recursion in fib6_dump_done(). {CVE-2024-35886} - netfilter: nf_tables: do not compare internal table flags on updates {CVE-2024-27065} - init/main.c: Fix potential static_command_line memory overflow {CVE-2024-26988} - wireguard: netlink: check for dangling peer via is_dead instead of empty list {CVE-2024-26951} - platform/x86: dell-wmi-sysman: Avoid buffer overflow in current_password_store() {CVE-2025-38077} - exfat: fix double free in delayed_free {CVE-2025-38206} - net: openvswitch: Fix the dead loop of MPLS parse {CVE-2025-38146} - wifi: iwlwifi: dvm: Fix memcpy: detected field-spanning write {CVE-2023-54286} - vsock: Do not allow binding to VMADDR_PORT_ANY {CVE-2025-38618} - fbcon: Make sure modelist not set on unregistered console {CVE-2025-38198} - crypto: lzo - Fix compression buffer overrun {CVE-2025-38068} - software node: Correct a OOB check in {CVE-2025-38342} - nbd: fix uaf in nbd_genl_connect() error path {CVE-2025-38443} - USB: usbtmc: Fix direction for 0-length ioctl control messages {CVE-2023-53761} - cifs: fix potential use-after-free bugs in TCP_Server_Info::hostname {CVE-2023-53751} - cifs: Fix warning and UAF when destroy the MR list {CVE-2023-53427} - PCI/ASPM: Fix link state exit during switch upstream function removal {CVE-2024-58093} - PCI/ASPM: Disable ASPM on MFD function removal to avoid use-after-free {CVE-2023-53446} - sctp: fix a potential overflow in sctp_ifwdtsn_skip {CVE-2023-53372} - md/raid10: fix wrong setting of max_corr_read_errors {CVE-2023-53313} - md/raid10: fix overflow of md/safe_mode_delay - md/raid10: check slab-out-of-bounds in md_bitmap_get_counter {CVE-2023-53357} - lwt: Fix return values of BPF xmit ops {CVE-2023-53338} - net: fec: Better handle pm_runtime_get() failing in .remove() {CVE-2023-53308} - rbd: avoid use-after-free in do_rbd_add() when rbd_dev_create() fails {CVE-2023-53307} - ice: set tx_tstamps when creating new Tx rings via ethtool {CVE-2022-50710} - RDMA/mlx5: Return the firmware result upon destroying QP/RQ {CVE-2023-53286} - RDMA/mlx5: Handle DCT QP logic separately from low level QP interface - net/mlx5e: Use correct encap attribute during invalidation {CVE-2023-54074} - net/mlx5: Nullify qp->dbg pointer post destruction - scsi: lpfc: Fix use-after-free KFENCE violation during sysfs firmware write {CVE-2023-53282} - net: ena: fix shift-out-of-bounds in exponential backoff {CVE-2023-53272} - ubi: ensure that VID header offset + VID header size <= alloc, size {CVE-2023-53265} - sched/fair: Don't balance task to its current running CPU {CVE-2023-53215} - netfilter: allow exp not to be removed in nf_ct_find_expectation {CVE-2023-52927} - wifi: ath9k: Fix use-after-free in ath9k_hif_usb_disconnect() {CVE-2022-50881}

Update

Update command: dnf update kernel*

Packages list

bpftool-7.0.0-284.1101.el9_2.tuxcare.7.els27.x86_64.rpm kernel-5.14.0-284.1101.el9_2.tuxcare.7.els27.x86_64.rpm kernel-abi-stablelists-5.14.0-284.1101.el9_2.tuxcare.7.els27.noarch.rpm kernel-core-5.14.0-284.1101.el9_2.tuxcare.7.els27.x86_64.rpm kernel-cross-headers-5.14.0-284.1101.el9_2.tuxcare.7.els27.x86_64.rpm kernel-debug-5.14.0-284.1101.el9_2.tuxcare.7.els27.x86_64.rpm kernel-debug-core-5.14.0-284.1101.el9_2.tuxcare.7.els27.x86_64.rpm kernel-debug-devel-5.14.0-284.1101.el9_2.tuxcare.7.els27.x86_64.rpm kernel-debug-devel-matched-5.14.0-284.1101.el9_2.tuxcare.7.els27.x86_64.rpm kernel-debug-modules-5.14.0-284.1101.el9_2.tuxcare.7.els27.x86_64.rpm kernel-debug-modules-core-5.14.0-284.1101.el9_2.tuxcare.7.els27.x86_64.rpm kernel-debug-modules-extra-5.14.0-284.1101.el9_2.tuxcare.7.els27.x86_64.rpm kernel-debug-modules-internal-5.14.0-284.1101.el9_2.tuxcare.7.els27.x86_64.rpm kernel-debug-modules-partner-5.14.0-284.1101.el9_2.tuxcare.7.els27.x86_64.rpm kernel-debug-uki-virt-5.14.0-284.1101.el9_2.tuxcare.7.els27.x86_64.rpm kernel-devel-5.14.0-284.1101.el9_2.tuxcare.7.els27.x86_64.rpm kernel-devel-matched-5.14.0-284.1101.el9_2.tuxcare.7.els27.x86_64.rpm kernel-doc-5.14.0-284.1101.el9_2.tuxcare.7.els27.noarch.rpm kernel-headers-5.14.0-284.1101.el9_2.tuxcare.7.els27.x86_64.rpm kernel-ipaclones-internal-5.14.0-284.1101.el9_2.tuxcare.7.els27.x86_64.rpm kernel-modules-5.14.0-284.1101.el9_2.tuxcare.7.els27.x86_64.rpm kernel-modules-core-5.14.0-284.1101.el9_2.tuxcare.7.els27.x86_64.rpm kernel-modules-extra-5.14.0-284.1101.el9_2.tuxcare.7.els27.x86_64.rpm kernel-modules-internal-5.14.0-284.1101.el9_2.tuxcare.7.els27.x86_64.rpm kernel-modules-partner-5.14.0-284.1101.el9_2.tuxcare.7.els27.x86_64.rpm kernel-selftests-internal-5.14.0-284.1101.el9_2.tuxcare.7.els27.x86_64.rpm kernel-tools-5.14.0-284.1101.el9_2.tuxcare.7.els27.x86_64.rpm kernel-tools-libs-5.14.0-284.1101.el9_2.tuxcare.7.els27.x86_64.rpm kernel-tools-libs-devel-5.14.0-284.1101.el9_2.tuxcare.7.els27.x86_64.rpm kernel-uki-virt-5.14.0-284.1101.el9_2.tuxcare.7.els27.x86_64.rpm libbpf-1.0.0-2.el9_2.tuxcare.7.els27.i686.rpm libbpf-1.0.0-2.el9_2.tuxcare.7.els27.x86_64.rpm libbpf-devel-1.0.0-2.el9_2.tuxcare.7.els27.i686.rpm libbpf-devel-1.0.0-2.el9_2.tuxcare.7.els27.x86_64.rpm libbpf-static-1.0.0-2.el9_2.tuxcare.7.els27.i686.rpm libbpf-static-1.0.0-2.el9_2.tuxcare.7.els27.x86_64.rpm perf-5.14.0-284.1101.el9_2.tuxcare.7.els27.x86_64.rpm python3-perf-5.14.0-284.1101.el9_2.tuxcare.7.els27.x86_64.rpm rtla-5.14.0-284.1101.el9_2.tuxcare.7.els27.x86_64.rpm

CVEs

CVE-2023-53215
CVE-2024-26988
CVE-2024-35886
CVE-2024-26951
CVE-2024-35886
CVE-2022-50710
CVE-2023-53751
CVE-2025-38459
CVE-2023-53357
CVE-2023-53307
CVE-2025-38249
CVE-2023-53761
CVE-2025-38443
CVE-2023-53427
CVE-2023-53272
CVE-2023-54074
CVE-2025-38077
CVE-2022-50881
CVE-2025-38206
CVE-2023-53282
CVE-2023-53372
CVE-2025-38342
CVE-2025-38068
CVE-2023-53338
CVE-2025-38198
CVE-2025-38146
CVE-2023-53286
CVE-2024-27065
CVE-2025-38389
CVE-2024-26951
CVE-2023-54286
CVE-2024-58093
CVE-2025-38618
CVE-2023-53308
CVE-2023-53313
CVE-2023-53446
CVE-2025-38280
CVE-2025-38445
CVE-2023-52927
CVE-2023-53265
CVE-2024-27065
CVE-2024-26988