Release date:
2026-05-01 09:25:18 UTC
Description:
- crypto: algif_aead - Fix minimum RX size check for decryption
- crypto: af_alg - Fix page reassignment overflow in af_alg_pull_tsgl
- crypto: authencesn - Fix src offset when decrypting in-place
- crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption
- crypto: authenc - use memcpy_sglist() instead of null skcipher
- crypto: algif_aead - snapshot IV for async AEAD requests
- crypto: algif_aead - Revert to operating out-of-place
- crypto: algif_aead - use memcpy_sglist() instead of null skcipher
- crypto: scatterwalk - Backport memcpy_sglist()
- crypto: authencesn - reject too-short AAD (assoclen<8) to match ESP/ESN spec
- nvme-tcp: fix NULL pointer dereferences in nvmet_tcp_build_pdu_iovec {CVE-2026-22998}
- xfrm: add NULL check in xfrm_update_ae_params {CVE-2023-3772}
- sctp: check send stream number after wait_for_sndbuf {CVE-2023-53296}
- ACPI: processor: idle: Check acpi_fetch_acpi_dev() return value {CVE-2022-50327}
- ext4: fix uninititialized value in 'ext4_evict_inode' {CVE-2022-50546}
- tls: Use __sk_dst_get() and dst_dev_rcu() in get_netdev_for_sock(). {CVE-2025-40149}
- bpf, cpumap: Make sure kthread is running before map update returns {CVE-2023-53577}
- net: add dst_dev_rcu() helper for safe dst->dev access {CVE-2025-40135}
- net/sched: cls_u32: use skb_header_pointer_careful() {CVE-2026-23204}
- net: add skb_header_pointer_careful() helper
- net/sched: sch_hfsc: upgrade 'rt' to 'sc' when it becomes a inner curve {CVE-2023-4623}
- ip_vti: fix potential slab-use-after-free in decode_session6 {CVE-2023-53559}
- e1000e: fix heap overflow in e1000_set_eeprom {CVE-2025-39898}
- ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control {CVE-2025-39751}
- md/raid10: fix null-ptr-deref of mreplace in raid10_sync_request {CVE-2023-53380}
- HID: uclogic: Correct devm device reference for hidinput input_dev name {CVE-2023-54207}
- ASoC: da7219: Fix an error handling path in da7219_register_dai_clks() {CVE-2022-50698}
- selinux: enable use of both GFP_KERNEL and GFP_ATOMIC in convert_context() {CVE-2022-50699}
- scsi: qla2xxx: Check valid rport returned by fc_bsg_to_rport() {CVE-2023-54014}
- ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() {CVE-2025-71085}
- ALSA: usb-audio: Fix use-after-free in snd_usb_mixer_free() {CVE-2026-23089}
- scsi: target: iscsi: Fix use-after-free in iscsit_dec_session_usage_count() {CVE-2026-23193}
- drm/i915/gvt: fix gvt debugfs destroy {CVE-2023-54098}
- nfsd: provide locking for v4_end_grace {CVE-2026-22980}
- dm flakey: don't corrupt the zero page {CVE-2023-54317}
- drm/amdkfd: Fix double release compute pasid {CVE-2022-50303}
- RDMA/srpt: Fix a use-after-free {CVE-2022-50129}
- RDMA/srpt: Introduce a reference count in struct srpt_device
- RDMA/srpt: Duplicate port name members
- KVM: x86: Reset IRTE to host control if *new* route isn't postable {CVE-2025-37885}
- ipvlan: add ipvlan_route_v6_outbound() helper {CVE-2023-52796}
- mmc: core: use scnprintf() instead of sprintf() in sysfs show functions {CVE-2022-49267}
- rcu: Fix rcu_read_unlock() deadloop due to IRQ work {CVE-2025-39744}
- net/mlx5: Add a timeout to acquire the command queue semaphore {CVE-2024-38556}
- virtio-net: ensure the received length does not exceed allocated size {CVE-2025-38375}
- cacheinfo: Fix shared_cpu_map to handle shared caches at different levels {CVE-2023-53254}
- RDMA/mlx5: Return the firmware result upon destroying QP/RQ {CVE-2023-53286}
- RDMA/rxe: Fix mr->map double free {CVE-2022-50543}
- wifi: ath9k: Fix use-after-free in ath9k_hif_usb_disconnect() {CVE-2022-50881}
- tcp: fix a signed-integer-overflow bug in tcp_add_backlog() {CVE-2022-50865}
- NFSD: Protect against send buffer overflow in NFSv2 READ {CVE-2022-43945}
- perf/aux: Fix AUX buffer serialization {CVE-2024-46713}
- usb: xhci: Fix isochronous Ring Underrun/Overrun event handling {CVE-2025-37882}
- usb: xhci: Complete 'error mid TD' transfers when handling Missed Service
- usb: xhci: remove 'handling_skipped_tds' from handle_tx_event()
- xhci: simplify event ring dequeue tracking for transfer events
- smb3: fix for slab out of bounds on mount to ksmbd {CVE-2025-38728}
- perf/core: Prevent VMA split of buffer mappings {CVE-2025-38563}
- i40e: add validation for ring_len param {CVE-2025-39973}
- i40e: increase max descriptors for XL710
- RDMA/rxe: Fix incomplete state save in rxe_requester {CVE-2023-53539}
- HID: usbhid: Eliminate recurrent out-of-bounds bug in usbhid_parse() {CVE-2025-38103}
- HID: hyperv: Correctly access fields declared as __le16 {CVE-2025-38103}
- ASoC: topology: Fix references to freed memory {CVE-2024-41069}
- drivers: base: Free devm resources when unregistering a device {CVE-2023-53596}
- ext4: fix use-after-free in ext4_orphan_cleanup {CVE-2022-50673}
- net: bridge: xmit: make sure we have at least eth header len bytes {CVE-2024-38538}
- perf/core: Exit early on perf_mmap() fail {CVE-2025-38565}
- fs/proc: fix uaf in proc_readdir_de() {CVE-2025-40271}
- virtio_net: fix xdp_rxq_info bug after suspend/resume {CVE-2022-49687}
- net/sched: sch_qfq: Avoid triggering might_sleep in atomic context in qfq_delete_class
Updated packages:
-
bpftool-4.18.0-305.25.1.el8_4.tuxcare.els36.x86_64.rpm
sha:f1fd645a0fbe9a9c4f1dce7165e5c798dede65500984a596f15a447a5c1b06df
-
kernel-4.18.0-305.25.1.el8_4.tuxcare.els36.x86_64.rpm
sha:7904b97b0551551266c1646551b274b51854420efd9d2439f74d22be378c3e8e
-
kernel-core-4.18.0-305.25.1.el8_4.tuxcare.els36.x86_64.rpm
sha:1b52c68d62787aae668f4828e6e2a36d456dbecfc92a7924a75c553c7f9f28ad
-
kernel-cross-headers-4.18.0-305.25.1.el8_4.tuxcare.els36.x86_64.rpm
sha:b4dd93f551ad85114f769d154699facaa51c8d05be7b2dc28913f1dd581e49bb
-
kernel-debug-4.18.0-305.25.1.el8_4.tuxcare.els36.x86_64.rpm
sha:6e98c08cd920733b1b8c8854fc03d812e6172c53714dfc222af7c8bd6b4f3226
-
kernel-debug-core-4.18.0-305.25.1.el8_4.tuxcare.els36.x86_64.rpm
sha:58d7b329095a6cc64c70c8f8ac81b5b39d7bc2e3f82785595956c067ee46ef58
-
kernel-debug-devel-4.18.0-305.25.1.el8_4.tuxcare.els36.x86_64.rpm
sha:9cd47fbdb5bc83a0f3760a80eefb171c0f7bf3639c7c2769932f32c00172b5a5
-
kernel-debug-modules-4.18.0-305.25.1.el8_4.tuxcare.els36.x86_64.rpm
sha:30e250b831ac9a47cbbd502dc9597f93d2168b12e74bfc707b9ede5e25094ffb
-
kernel-debug-modules-extra-4.18.0-305.25.1.el8_4.tuxcare.els36.x86_64.rpm
sha:c2dcbd5e6c62261746b7bc804ce1ba15c557a7d2f0520103026522bade288723
-
kernel-debug-modules-internal-4.18.0-305.25.1.el8_4.tuxcare.els36.x86_64.rpm
sha:6367fe2495c52fcbc916e7f7b5e1b9b7736644fbd370725579ef535820f0b3e2
-
kernel-devel-4.18.0-305.25.1.el8_4.tuxcare.els36.x86_64.rpm
sha:5653a10e7c2d2730e922146a98a3e582f7d3a57f62013b403a242c18b19d939f
-
kernel-headers-4.18.0-305.25.1.el8_4.tuxcare.els36.x86_64.rpm
sha:1b5ec421cee9f13ea495df4f4bf51e1eb7e1ff9b6730306ef736e666120b31f1
-
kernel-ipaclones-internal-4.18.0-305.25.1.el8_4.tuxcare.els36.x86_64.rpm
sha:18892846e99057d787243a2ca53f2d8703a74c52a9365a733fd3e7856734a744
-
kernel-modules-4.18.0-305.25.1.el8_4.tuxcare.els36.x86_64.rpm
sha:0e06ef2a23fb6e7028c4592c0ae377f2098f6fdb3a3ea5b86d8c6a4dff39fb76
-
kernel-modules-extra-4.18.0-305.25.1.el8_4.tuxcare.els36.x86_64.rpm
sha:03a10eaaecf8c874c27599a02ca1a8a418bd47a1bf5a6dfea4a743bc0555a311
-
kernel-modules-internal-4.18.0-305.25.1.el8_4.tuxcare.els36.x86_64.rpm
sha:aab6d2009905d734ffe77a355ed0df6087322da5abac8fba5803e7ead1ecc4d5
-
kernel-selftests-internal-4.18.0-305.25.1.el8_4.tuxcare.els36.x86_64.rpm
sha:de5d8f2c087feff65b71158ce9400e67aa444da8a35189121ab11689475ad4ce
-
kernel-tools-4.18.0-305.25.1.el8_4.tuxcare.els36.x86_64.rpm
sha:f08bdd5ec15a8be75c0fbe51c93304fa00e50edb72b4f5ce89d19c4bc33ca8ed
-
kernel-tools-libs-4.18.0-305.25.1.el8_4.tuxcare.els36.x86_64.rpm
sha:680d0525885acdf0e001ed93f9a5ee45263a945eded6302d81b7c29533b64d98
-
kernel-tools-libs-devel-4.18.0-305.25.1.el8_4.tuxcare.els36.x86_64.rpm
sha:c0ad5c9829c6eb80f2015a3ac2fb8ad5114f62f4565d816cd210f4c313b0e730
-
perf-4.18.0-305.25.1.el8_4.tuxcare.els36.x86_64.rpm
sha:da0ae7e5ab28cfc8a499f6e331afc691067d3c81a124bc9ee16189409a8ffbce
-
python3-perf-4.18.0-305.25.1.el8_4.tuxcare.els36.x86_64.rpm
sha:b3e30ce65568591b03d09166f646b2d690dc018c1723b5846f679768be6c825a
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
