Kernel OVA security updates in ASCG 3.3.0a
36221
15 October 2025
15 October 2025
CLOSED
MEDIUM
Varies
CVE-2025-21756, CVE-2022-49011, CVE-2024-53141, CVE-2025-32462
|
Brocade Security Advisory ID |
BSA-2025-3034 |
|
Component |
kernel |
|
|
|
Summary
- CVE-2025-21756
- vsock: Keep the binding until socket destruction
CVE-2022-49011
hwmon: (coretemp) fix pci device refcount leak in nv1a_ram_new()
- CVE-2024-53141
- netfilter: ipset: add missing range check in bitmap_ip_uadt
CVE-2025-32462
Sudo before 1.9.17p1, when used with a sudoers file that specifies a host that is neither the current host nor ALL, allows listed users to execute commands on unintended machines
Products Affected
- Brocade ASCG base OS (OVA deployment) versions before 3.3.0a
Products Not Affected
- Brocade Fabric OS
[VEX Justification: Code_not_present] - Brocade SANnav
[VEX Justification: Code_not_present] - Brocade ASCG Standard Deployment (non-OVA)
Solution
- Security update provided in Brocade ASCG base OS (OVA deployment) 3.3.0a
Revision History
|
Version |
Change |
Date |
|
1.0 |
Initial Publication |
October 14, 2025 |
Disclaimer
THIS DOCUMENT IS PROVIDED ON AN AS-IS BASIS SOLELY FOR INFORMATIONAL PURPOSES AND DOES NOT IMPLY ANY KIND OF GUARANTY OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. YOUR USE OF THE INFORMATION CONTAINED HEREIN IS AT YOUR OWN RISK. ALL INFORMATION PROVIDED HEREIN IS BASED ON BROCADE'S CURRENT KNOWLEDGE AND UNDERSTANDING OF THE VULNERABILITY AND IMPACT TO BROCADE HARDWARE AND SOFTWARE PRODUCTS. BROCADE RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.