Summary

Security update provided in Brocade ASCG3.4.0b Base OS (OVA Deployment) for Rocky Linux Kernel

• CVE-2022-50673 - Linux Kernel 'ext4' Vulnerable to Use-After-Free via Improper Error Handling in 'ext4_orphan_cleanup'
• CVE-2022-50865 - Linux Kernel Vulnerable to Signed Integer Overflow via Backlog Limit Calculation in 'tcp_add_backlog()' Function
• CVE-2023-53552 - Linux Kernel Intel 'drm/i915' Vulnerable to Use-After-Free via Improper Request Handling in 'intel_guc_submission.c'
• CVE-2023-53673 - Linux Kernel Bluetooth Vulnerable to Use-After-Free via Disconnection Handling in 'hci_event.c'
• CVE-2023-53762 - Linux Kernel Bluetooth Vulnerable to Use-After-Free (UAF) via Concurrent Event Processing in 'hci_sync.c'
• CVE-2024-26766 - Linux Kernel IB/hfi1 Vulnerable to Buffer Overflow via sendmsg System Call in SDMA Component
• CVE-2025-38022 - Linux Kernel Linux RDMA Core Vulnerable to Use-After-Free via 'kobject_uevent' in 'ib_register_device'
• CVE-2025-38024 - Linux Kernel Vulnerable to Use-After-Free via Improper Resource Cleanup in 'rxe_queue_cleanup'
• CVE-2025-38051 - Linux Kernel 'SMB Client' Vulnerable to Use-After-Free via Race Condition in 'cifs_fill_dirent' Function
• CVE-2025-38403 - Linux Kernel 'vsock/vmci' Vulnerable to Uninitialized Data Exposure via Improper Initialization in 'vmci_transport_packet_init' Function
• CVE-2025-38415 - Linux Kernel Vulnerable to Denial-of-Service (DoS) via Improper Return Value Handling in 'squashfs_fill_super' Function
• CVE-2025-38459 - Linux Kernel Vulnerable to Denial-of-Service (DoS) via Recursive Call in 'clip_push()' Function
• CVE-2025-39760 - Linux Kernel USB Core Vulnerable to Out-of-Bounds (OOB) Read via Descriptor Parsing in 'usb_parse_ss_endpoint_companion' Function
• CVE-2025-39933 - Linux Kernel Samba SMB Client Vulnerable to Memory Corruption via Improper Data Length Verification in 'recv_done' Function
• CVE-2025-40096 - Linux Kernel Linux Kernel Vulnerable to Double Free via 'drm_sched_job_add_resv_dependencies' in 'drm/scheduler'
• CVE-2025-40135 - Linux Kernel Vulnerable to Use-After-Free (UAF) via Improper 'RCU' Handling in 'ip6_xmit' Function
• CVE-2025-40154 - Linux Kernel ASoC Intel 'bytcr_rt5640' Vulnerable to Out-of-Bounds Access via Invalid Quirk Input Mapping in 'bytcr_rt5640.c'
• CVE-2025-40158 - Linux Kernel Vulnerable to Use-After-Free (UAF) via Improper RCU Usage in 'ip6_output()' and 'ip6_finish_output2()'
• CVE-2025-40168 - Linux Kernel Vulnerable to Use-After-Free (UAF) via Improper Handling of 'dst_entry' in 'smc_clc_prfx_match'
• CVE-2025-40170 - Linux Kernel Vulnerable to Denial-of-Service (DoS) via Improper RCU Usage in 'sk_setup_caps' and Related Functions
• CVE-2025-40240 - Linux Kernel SCTP Vulnerable to Denial-of-Service (DoS) via NULL Dereference in 'sctp_inq_pop' Function
• CVE-2025-40248 - Linux Kernel Vulnerable to Memory Corruption via Use-After-Free and Null Pointer Dereference due to Signal/Timeout Handling in 'vsock_connect' Functio
• CVE-2025-40258 - Linux Kernel Vulnerable to Use-After-Free via Race Condition in 'mptcp_schedule_work()' Function
• CVE-2025-40269 - Linux Kernel ALSA USB-Audio Vulnerable to Buffer Overflow via PCM Transfer Buffer in 'snd_usb_endpoint_set_params' Function
• CVE-2025-40271 - Linux Kernel Vulnerable to Use-After-Free (UAF) via 'proc_readdir_de()' in 'fs/proc/generic.c'
• CVE-2025-40277 - Linux Kernel VMware Graphics Driver Vulnerable to Out-of-Bounds Access via Malformed Command Header in 'vmwgfx_execbuf.c'
• CVE-2025-40304 - Linux Kernel 'fbdev' Vulnerable to Denial-of-Service (DoS) via Out-of-Bounds Writes in 'bit_putcs' Function
• CVE-2026-22998 - Linux Kernel Vulnerable to Memory Corruption via Invalid 'H2C_DATA PDU' Handling in 'nvmet_tcp_build_pdu_iovec'
• CVE-2026-23097 - Linux Kernel Vulnerable to Deadlock via Incorrect Lock Ordering in 'migrate_hugetlbs' Function
• CVE-2025-40322 - Linux Kernel 'fbdev' Vulnerable to Global Out-of-Bounds Read via Improper Glyph Index Handling in 'bit_putcs_aligned()' and 'bit_putcs_unaligned()' Fu
• CVE-2025-68285 - Linux Kernel Ceph Vulnerable to Memory Corruption via Use-After-Free in 'have_mon_and_osd_map' Function
• CVE-2025-68301 - Linux Kernel Atlantic Driver Vulnerable to Out-of-Bounds Write Leading to Kernel Panic via Fragment Overflow in 'aq_ring_rx_clean'
• CVE-2025-68349 - Linux Kernel NFSv4/pNFS Vulnerable to Memory Corruption via NULL Layout Reference in 'pnfs_mark_layout_stateid_invalid'

Products Affected

• Brocade ASCG base OS (OVA Deployment) before ASCG 3.4.0b

Products Confirmed Not Affected

• Brocade ASCG Standard version is not affected - VEX:Vulnerable_code_not_in_execute_path

Solution

• Security update is provided in Brocade ASCG base OS (OVA Deployment) 3.4.0b

Revision History

Disclaimer

THIS DOCUMENT IS PROVIDED ON AN AS-IS BASIS SOLELY FOR INFORMATIONAL PURPOSES AND DOES NOT IMPLY ANY KIND OF GUARANTY OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. YOUR USE OF THE INFORMATION CONTAINED HEREIN IS AT YOUR OWN RISK. ALL INFORMATION PROVIDED HEREIN IS BASED ON BROCADE'S CURRENT KNOWLEDGE AND UNDERSTANDING OF THE VULNERABILITY AND IMPACT TO BROCADE HARDWARE AND SOFTWARE PRODUCTS. BROCADE RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.