CLSA-2025-1766617167 kernel: Fix of 27 CVEs

xfrm: Duplicate SPI Handling CVE-2025-39965 - xfrm: state: use atomicincnotzero to increment refcount - padata: Fix pd UAF once and for all CVE-2025-38584 - padata: Remove broken queue flushing CVE-2023-52854 - padata: ensure padatadoserial runs on the correct CPU - Bluetooth: L2CAP: Fix...

DEBIAN-CVE-2025-39685

In the Linux kernel, the following vulnerability has been resolved: comedi: pcl726: Prevent invalid irq number The reproducer passed in an irq number0x80008000 that was too large, which triggered the oob. Added an interrupt number check to prevent users from passing in an irq number that was too...

CVE-2024-42105 nilfs2: fix inode number range checks

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix inode number range checks Patch series "nilfs2: fix potential issues related to reserved inodes". This series fixes one use-after-free issue reported by syzbot, caused by nilfs2's internal inode being exposed in the...

CVE-2018-18445

In the Linux kernel 4.14.x, 4.15.x, 4.16.x, 4.17.x, and 4.18.x before 4.18.13, faulty computation of numeric bounds in the BPF verifier permits out-of-bounds memory accesses because adjustscalarminmaxvals in kernel/bpf/verifier.c mishandles 32-bit right shifts...

BSA-2017-335

Security Advisory ID : BSA-2017-335 Component : zlib Revision : 2.0: Interim The C standard says that bit shifts of negative integers is undefined. This casts to unsigned values to assure a known result. Affected Products Product| Current Assessment ---|--- Brocade Virtual Web Application Firewal...

CVE-2000-1254

crypto/rsa/rsagen.c in OpenSSL before 0.9.6 mishandles C bitwise-shift operations that exceed the size of an expression, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging improper RSA key generation on 64-bit HP-UX platforms...