alsa-2025:20518
Vulnerability from osv_almalinux
Published
2025-11-11 00:00
Modified
2025-11-19 09:15
Summary
Moderate: kernel security update
Details
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
- kernel: can: isotp: fix potential CAN frame reception race in isotp_rcv() (CVE-2022-48830)
- kernel: soc: qcom: cmd-db: Map shared memory as WC, not WB (CVE-2024-46689)
- kernel: Squashfs: sanity check symbolic link size (CVE-2024-46744)
- kernel: vfs: fix race between evice_inodes() and find_inode()&iput() (CVE-2024-47679)
- kernel: x86/tdx: Fix "in-kernel MMIO" check (CVE-2024-47727)
- kernel: rxrpc: Fix a race between socket set up and I/O thread creation (CVE-2024-49864)
- kernel: io_uring: check if we need to reschedule during overflow flush (CVE-2024-50060)
- kernel: can: m_can: pci: add missing m_can_class_free_dev() in probe/remove methods (CVE-2022-49024)
- kernel: posix-clock: Fix missing timespec64 check in pc_clock_settime() (CVE-2024-50195)
- kernel: rxrpc: Fix missing locking causing hanging calls (CVE-2024-50294)
- kernel: io_uring/rw: fix missing NOWAIT check for O_DIRECT start write (CVE-2024-53052)
- kernel: afs: Fix lock recursion (CVE-2024-53090)
- kernel: virtio/vsock: Fix accept_queue memory leak (CVE-2024-53119)
- kernel: KVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN (CVE-2024-53135)
- kernel: xen: Xen hypercall page unsafe against speculative attacks (Xen Security Advisory 466) (CVE-2024-53241)
- kernel: RDMA/rxe: Fix the qp flush warnings in req (CVE-2024-53229)
- kernel: block: fix uaf for flush rq while iterating tags (CVE-2024-53170)
- kernel: nfsd: release svc_expkey/svc_export with rcu_work (CVE-2024-53216)
- kernel: net: af_can: do not leave a dangling sk pointer in can_create() (CVE-2024-56603)
- kernel: blk-cgroup: Fix UAF in blkcg_unpin_online() (CVE-2024-56672)
- kernel: acpi: nfit: vmalloc-out-of-bounds Read in acpi_nfit_ctl (CVE-2024-56662)
- kernel: bpf: Fix UAF via mismatching bpf_prog/attachment RCU flavors (CVE-2024-56675)
- kernel: can: j1939: j1939_session_new(): fix skb reference counting (CVE-2024-56645)
- kernel: crypto: pcrypt - Call crypto layer directly when padata_do_parallel() return -EBUSY (CVE-2024-56690)
- kernel: io_uring: check if iowq is killed before queuing (CVE-2024-56709)
- kernel: rtc: check if __rtc_read_time was successful in rtc_timer_do_work() (CVE-2024-56739)
- kernel: bpf: put bpf_link's program when link is safe to be deallocated (CVE-2024-56786)
- kernel: igb: Fix potential invalid memory access in igb_init_module() (CVE-2024-52332)
- kernel: ipvs: fix UB due to uninitialized stack access in ip_vs_protocol_init() (CVE-2024-53680)
- kernel: netfilter: conntrack: clamp maximum hashtable size to INT_MAX (CVE-2025-21648)
- kernel: sched: sch_cake: add bounds checks to host bulk flow fairness counts (CVE-2025-21647)
- kernel: block, bfq: fix waker_bfqq UAF after bfq_split_bfqq() (CVE-2025-21631)
- kernel: zram: fix potential UAF of zram table (CVE-2025-21671)
- kernel: afs: Fix merge preference rule failure condition (CVE-2025-21672)
- kernel: mm: zswap: properly synchronize freeing resources during CPU hotunplug (CVE-2025-21693)
- kernel: cachestat: fix page cache statistics permission checking (CVE-2025-21691)
- kernel: mm: clear uffd-wp PTE/PMD state on mremap() (CVE-2025-21696)
- kernel: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (CVE-2025-21702)
- kernel: usbnet: fix memory leak in error case (CVE-2022-49657)
- kernel: powerpc/xics: fix refcount leak in icp_opal_init() (CVE-2022-49432)
- kernel: net: tun: unlink NAPI from device on destruction (CVE-2022-49672)
- kernel: powerpc/papr_scm: don't requests stats with '0' sized stats buffer (CVE-2022-49353)
- kernel: powerpc/xive: Fix refcount leak in xive_spapr_init (CVE-2022-49437)
- kernel: ima: Fix potential memory leak in ima_init_crypto() (CVE-2022-49627)
- kernel: linux/dim: Fix divide by 0 in RDMA DIM (CVE-2022-49670)
- kernel: can: isotp: sanitize CAN ID checks in isotp_bind() (CVE-2022-49269)
- kernel: ima: Fix a potential integer overflow in ima_appraise_measurement (CVE-2022-49643)
- kernel: powerpc/xive/spapr: correct bitmap allocation size (CVE-2022-49623)
- kernel: efi: Do not import certificates from UEFI Secure Boot for T2 Macs (CVE-2022-49357)
- kernel: list: fix a data-race around ep->rdllist (CVE-2022-49443)
- kernel: tracing/histograms: Fix memory leak problem (CVE-2022-49648)
- kernel: Input: synaptics - fix crash when enabling pass-through port (CVE-2025-21746)
- kernel: NFSD: fix hang in nfsd4_shutdown_callback (CVE-2025-21795)
- kernel: bpf: Send signals asynchronously if !preemptible (CVE-2025-21728)
- kernel: NFS: Fix potential buffer overflowin nfs_sysfs_link_rpc_client() (CVE-2024-54456)
- kernel: Bluetooth: btrtl: check for NULL in btrtl_setup_realtek() (CVE-2024-57987)
- kernel: wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy() (CVE-2024-58014)
- kernel: Bluetooth: btbcm: Fix NULL deref in btbcm_get_board_name() (CVE-2024-57988)
- kernel: RDMA/mlx5: Fix implicit ODP use after free (CVE-2025-21714)
- kernel: drm/xe/tracing: Fix a potential TP_printk UAF (CVE-2024-49570)
- kernel: HID: hid-thrustmaster: Fix warning in thrustmaster_probe by adding endpoint check (CVE-2024-57993)
- kernel: wifi: rtw89: fix race between cancel_hw_scan and hw_scan completion (CVE-2025-21729)
- kernel: wifi: mt76: mt7925: fix NULL deref check in mt7925_change_vif_links (CVE-2024-57989)
- kernel: wifi: ath12k: Fix for out-of bound access error (CVE-2024-58015)
- kernel: OPP: add index check to assert to avoid buffer overflow in _read_freq() (CVE-2024-57998)
- kernel: wifi: ath12k: fix read pointer after free in ath12k_mac_assign_vif_to_vdev() (CVE-2024-57995)
- kernel: nfsd: clear acl_access/acl_default after releasing them (CVE-2025-21796)
- kernel: scsi: ufs: core: Fix use-after free in init error and remove paths (CVE-2025-21739)
- kernel: workqueue: Put the pwq after detaching the rescuer from the pool (CVE-2025-21786)
- kernel: ata: libata-sff: Ensure that we cannot write outside the allocated buffer (CVE-2025-21738)
- kernel: HID: core: Fix assumption that Resolution Multipliers must be in Logical Collections (CVE-2024-57986)
- kernel: padata: avoid UAF for reorder_work (CVE-2025-21726)
- kernel: vrf: use RCU protection in l3mdev_l3_out() (CVE-2025-21791)
- kernel: team: better TEAM_OPTION_TYPE_STRING validation (CVE-2025-21787)
- kernel: usb: xhci: Fix NULL pointer dereference on certain command aborts (CVE-2024-57981)
- kernel: vxlan: check vxlan_vnigroup_init() return value (CVE-2025-21790)
- kernel: wifi: mt76: mt7925: fix off by one in mt7925_load_clc() (CVE-2024-57990)
- kernel: ipv6: use RCU protection in ip6_default_advmss() (CVE-2025-21765)
- kernel: ASoC: SOF: Intel: hda-dai: Ensure DAI widget is valid during params (CVE-2024-58012)
- kernel: blk-cgroup: Fix class @block_class's subsystem refcount leakage (CVE-2025-21745)
- kernel: net: let net.core.dev_weight always be non-zero (CVE-2025-21806)
- kernel: wifi: rtlwifi: remove unused check_buddy_priv (CVE-2024-58072)
- kernel: OPP: fix dev_pm_opp_find_bw_*() when bandwidth table not initialized (CVE-2024-58068)
- kernel: wifi: iwlwifi: mvm: avoid NULL pointer dereference (CVE-2024-58062)
- kernel: idpf: convert workqueues to unbound (CVE-2024-58057)
- kernel: wifi: mac80211: don't flush non-uploaded STAs (CVE-2025-21828)
- kernel: KVM: Explicitly verify target vCPU is online in kvm_get_vcpu() (CVE-2024-58083)
- kernel: netfilter: nf_tables: reject mismatching sum of field_len with set key length (CVE-2025-21826)
- kernel: ASoC: soc-pcm: don't use soc_pcm_ret() on .prepare callback (CVE-2024-58077)
- kernel: crypto: tegra - do not transfer req when tegra init fails (CVE-2024-58075)
- kernel: RDMA/rxe: Fix the warning "__rxe_cleanup+0x12c/0x170 [rdma_rxe]" (CVE-2025-21829)
- kernel: KVM: x86: Load DR6 with guest value only before entering .vcpu_run() loop (CVE-2025-21839)
- kernel: io_uring/uring_cmd: unconditionally copy SQEs at prep time (CVE-2025-21837)
- kernel: information leak via transient execution vulnerability in some AMD processors (CVE-2024-36350)
- kernel: transient execution vulnerability in some AMD processors (CVE-2024-36357)
- kernel: bpf: Fix softlockup in arena_map_free on 64k page kernel (CVE-2025-21851)
- kernel: ibmvnic: Don't reference skb after sending to VIOS (CVE-2025-21855)
- kernel: smb: client: Add check for next_buffer in receive_encrypted_standard() (CVE-2025-21844)
- kernel: bpf: avoid holding freeze_mutex during mmap operation (CVE-2025-21853)
- kernel: ASoC: SOF: stream-ipc: Check for cstream nullity in sof_ipc_msg_data() (CVE-2025-21847)
- kernel: tcp: drop secpath at the same time as we currently drop dst (CVE-2025-21864)
- kernel: bpf: Fix deadlock when freeing cgroup storage (CVE-2024-58088)
- kernel: acct: perform last write from workqueue (CVE-2025-21846)
- kernel: mm/migrate_device: don't add folio to be freed to LRU in migrate_device_finalize() (CVE-2025-21861)
- kernel: io_uring: prevent opcode speculation (CVE-2025-21863)
- kernel: nfp: bpf: Add check for nfp_app_ctrl_msg_alloc() (CVE-2025-21848)
- kernel: netfilter: nft_tunnel: fix geneve_opt type confusion addition (CVE-2025-22056)
- kernel: can: j1939: j1939_send_one(): fix missing CAN header initialization (CVE-2022-49845)
- kernel: usb: typec: ucsi: displayport: Fix NULL pointer access (CVE-2025-37994)
- kernel: wifi: ath12k: fix uaf in ath12k_core_init() (CVE-2025-38116)
- kernel: fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass (CVE-2025-38396)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the AlmaLinuxRelease Notes linked from the References section.
References
{
"affected": [
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-611.5.1.el9_7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-64k"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-611.5.1.el9_7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-64k-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-611.5.1.el9_7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-64k-debug"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-611.5.1.el9_7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-64k-debug-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-611.5.1.el9_7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-64k-debug-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-611.5.1.el9_7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-64k-debug-devel-matched"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-611.5.1.el9_7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-64k-debug-modules"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-611.5.1.el9_7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-64k-debug-modules-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-611.5.1.el9_7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-64k-debug-modules-extra"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-611.5.1.el9_7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-64k-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-611.5.1.el9_7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-64k-devel-matched"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-611.5.1.el9_7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-64k-modules"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-611.5.1.el9_7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-64k-modules-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-611.5.1.el9_7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-64k-modules-extra"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-611.5.1.el9_7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-abi-stablelists"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-611.5.1.el9_7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-611.5.1.el9_7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-cross-headers"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-611.5.1.el9_7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-debug"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-611.5.1.el9_7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-debug-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-611.5.1.el9_7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-debug-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-611.5.1.el9_7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-debug-devel-matched"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-611.5.1.el9_7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-debug-modules"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-611.5.1.el9_7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-debug-modules-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-611.5.1.el9_7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-debug-modules-extra"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-611.5.1.el9_7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-debug-uki-virt"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-611.5.1.el9_7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-611.5.1.el9_7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-devel-matched"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-611.5.1.el9_7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-doc"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-611.5.1.el9_7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-headers"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-611.5.1.el9_7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-modules"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-611.5.1.el9_7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-modules-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-611.5.1.el9_7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-modules-extra"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-611.5.1.el9_7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-rt"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-611.5.1.el9_7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-rt-64k"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-611.5.1.el9_7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-rt-64k-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-611.5.1.el9_7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-rt-64k-debug"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-611.5.1.el9_7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-rt-64k-debug-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-611.5.1.el9_7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-rt-64k-debug-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-611.5.1.el9_7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-rt-64k-debug-modules"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-611.5.1.el9_7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-rt-64k-debug-modules-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-611.5.1.el9_7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-rt-64k-debug-modules-extra"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-611.5.1.el9_7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-rt-64k-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-611.5.1.el9_7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-rt-64k-modules"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-611.5.1.el9_7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-rt-64k-modules-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-611.5.1.el9_7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-rt-64k-modules-extra"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-611.5.1.el9_7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-rt-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-611.5.1.el9_7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-rt-debug"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-611.5.1.el9_7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-rt-debug-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-611.5.1.el9_7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-rt-debug-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-611.5.1.el9_7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-rt-debug-modules"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-611.5.1.el9_7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-rt-debug-modules-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-611.5.1.el9_7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-rt-debug-modules-extra"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-611.5.1.el9_7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-rt-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-611.5.1.el9_7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-rt-modules"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-611.5.1.el9_7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-rt-modules-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-611.5.1.el9_7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-rt-modules-extra"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-611.5.1.el9_7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-tools"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-611.5.1.el9_7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-tools-libs"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-611.5.1.el9_7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-tools-libs-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-611.5.1.el9_7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-uki-virt"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-611.5.1.el9_7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-uki-virt-addons"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-611.5.1.el9_7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-zfcpdump"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-611.5.1.el9_7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-zfcpdump-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-611.5.1.el9_7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-zfcpdump-devel"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-611.5.1.el9_7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-zfcpdump-devel-matched"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-611.5.1.el9_7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-zfcpdump-modules"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-611.5.1.el9_7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-zfcpdump-modules-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-611.5.1.el9_7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "kernel-zfcpdump-modules-extra"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-611.5.1.el9_7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "libperf"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-611.5.1.el9_7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "perf"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-611.5.1.el9_7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "python3-perf"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-611.5.1.el9_7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "rtla"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-611.5.1.el9_7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "rv"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "5.14.0-611.5.1.el9_7"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"details": "The kernel packages contain the Linux kernel, the core of any Linux operating system. \n\nSecurity Fix(es): \n\n * kernel: can: isotp: fix potential CAN frame reception race in isotp_rcv() (CVE-2022-48830)\n * kernel: soc: qcom: cmd-db: Map shared memory as WC, not WB (CVE-2024-46689)\n * kernel: Squashfs: sanity check symbolic link size (CVE-2024-46744)\n * kernel: vfs: fix race between evice_inodes() and find_inode()\u0026#38;iput() (CVE-2024-47679)\n * kernel: x86/tdx: Fix \"in-kernel MMIO\" check (CVE-2024-47727)\n * kernel: rxrpc: Fix a race between socket set up and I/O thread creation (CVE-2024-49864)\n * kernel: io_uring: check if we need to reschedule during overflow flush (CVE-2024-50060)\n * kernel: can: m_can: pci: add missing m_can_class_free_dev() in probe/remove methods (CVE-2022-49024)\n * kernel: posix-clock: Fix missing timespec64 check in pc_clock_settime() (CVE-2024-50195)\n * kernel: rxrpc: Fix missing locking causing hanging calls (CVE-2024-50294)\n * kernel: io_uring/rw: fix missing NOWAIT check for O_DIRECT start write (CVE-2024-53052)\n * kernel: afs: Fix lock recursion (CVE-2024-53090)\n * kernel: virtio/vsock: Fix accept_queue memory leak (CVE-2024-53119)\n * kernel: KVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN (CVE-2024-53135)\n * kernel: xen: Xen hypercall page unsafe against speculative attacks (Xen Security Advisory 466) (CVE-2024-53241)\n * kernel: RDMA/rxe: Fix the qp flush warnings in req (CVE-2024-53229)\n * kernel: block: fix uaf for flush rq while iterating tags (CVE-2024-53170)\n * kernel: nfsd: release svc_expkey/svc_export with rcu_work (CVE-2024-53216)\n * kernel: net: af_can: do not leave a dangling sk pointer in can_create() (CVE-2024-56603)\n * kernel: blk-cgroup: Fix UAF in blkcg_unpin_online() (CVE-2024-56672)\n * kernel: acpi: nfit: vmalloc-out-of-bounds Read in acpi_nfit_ctl (CVE-2024-56662)\n * kernel: bpf: Fix UAF via mismatching bpf_prog/attachment RCU flavors (CVE-2024-56675)\n * kernel: can: j1939: j1939_session_new(): fix skb reference counting (CVE-2024-56645)\n * kernel: crypto: pcrypt - Call crypto layer directly when padata_do_parallel() return -EBUSY (CVE-2024-56690)\n * kernel: io_uring: check if iowq is killed before queuing (CVE-2024-56709)\n * kernel: rtc: check if __rtc_read_time was successful in rtc_timer_do_work() (CVE-2024-56739)\n * kernel: bpf: put bpf_link\u0027s program when link is safe to be deallocated (CVE-2024-56786)\n * kernel: igb: Fix potential invalid memory access in igb_init_module() (CVE-2024-52332)\n * kernel: ipvs: fix UB due to uninitialized stack access in ip_vs_protocol_init() (CVE-2024-53680)\n * kernel: netfilter: conntrack: clamp maximum hashtable size to INT_MAX (CVE-2025-21648)\n * kernel: sched: sch_cake: add bounds checks to host bulk flow fairness counts (CVE-2025-21647)\n * kernel: block, bfq: fix waker_bfqq UAF after bfq_split_bfqq() (CVE-2025-21631)\n * kernel: zram: fix potential UAF of zram table (CVE-2025-21671)\n * kernel: afs: Fix merge preference rule failure condition (CVE-2025-21672)\n * kernel: mm: zswap: properly synchronize freeing resources during CPU hotunplug (CVE-2025-21693)\n * kernel: cachestat: fix page cache statistics permission checking (CVE-2025-21691)\n * kernel: mm: clear uffd-wp PTE/PMD state on mremap() (CVE-2025-21696)\n * kernel: pfifo_tail_enqueue: Drop new packet when sch-\u003elimit == 0 (CVE-2025-21702)\n * kernel: usbnet: fix memory leak in error case (CVE-2022-49657)\n * kernel: powerpc/xics: fix refcount leak in icp_opal_init() (CVE-2022-49432)\n * kernel: net: tun: unlink NAPI from device on destruction (CVE-2022-49672)\n * kernel: powerpc/papr_scm: don\u0027t requests stats with \u00270\u0027 sized stats buffer (CVE-2022-49353)\n * kernel: powerpc/xive: Fix refcount leak in xive_spapr_init (CVE-2022-49437)\n * kernel: ima: Fix potential memory leak in ima_init_crypto() (CVE-2022-49627)\n * kernel: linux/dim: Fix divide by 0 in RDMA DIM (CVE-2022-49670)\n * kernel: can: isotp: sanitize CAN ID checks in isotp_bind() (CVE-2022-49269)\n * kernel: ima: Fix a potential integer overflow in ima_appraise_measurement (CVE-2022-49643)\n * kernel: powerpc/xive/spapr: correct bitmap allocation size (CVE-2022-49623)\n * kernel: efi: Do not import certificates from UEFI Secure Boot for T2 Macs (CVE-2022-49357)\n * kernel: list: fix a data-race around ep-\u003erdllist (CVE-2022-49443)\n * kernel: tracing/histograms: Fix memory leak problem (CVE-2022-49648)\n * kernel: Input: synaptics - fix crash when enabling pass-through port (CVE-2025-21746)\n * kernel: NFSD: fix hang in nfsd4_shutdown_callback (CVE-2025-21795)\n * kernel: bpf: Send signals asynchronously if !preemptible (CVE-2025-21728)\n * kernel: NFS: Fix potential buffer overflowin nfs_sysfs_link_rpc_client() (CVE-2024-54456)\n * kernel: Bluetooth: btrtl: check for NULL in btrtl_setup_realtek() (CVE-2024-57987)\n * kernel: wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy() (CVE-2024-58014)\n * kernel: Bluetooth: btbcm: Fix NULL deref in btbcm_get_board_name() (CVE-2024-57988)\n * kernel: RDMA/mlx5: Fix implicit ODP use after free (CVE-2025-21714)\n * kernel: drm/xe/tracing: Fix a potential TP_printk UAF (CVE-2024-49570)\n * kernel: HID: hid-thrustmaster: Fix warning in thrustmaster_probe by adding endpoint check (CVE-2024-57993)\n * kernel: wifi: rtw89: fix race between cancel_hw_scan and hw_scan completion (CVE-2025-21729)\n * kernel: wifi: mt76: mt7925: fix NULL deref check in mt7925_change_vif_links (CVE-2024-57989)\n * kernel: wifi: ath12k: Fix for out-of bound access error (CVE-2024-58015)\n * kernel: OPP: add index check to assert to avoid buffer overflow in _read_freq() (CVE-2024-57998)\n * kernel: wifi: ath12k: fix read pointer after free in ath12k_mac_assign_vif_to_vdev() (CVE-2024-57995)\n * kernel: nfsd: clear acl_access/acl_default after releasing them (CVE-2025-21796)\n * kernel: scsi: ufs: core: Fix use-after free in init error and remove paths (CVE-2025-21739)\n * kernel: workqueue: Put the pwq after detaching the rescuer from the pool (CVE-2025-21786)\n * kernel: ata: libata-sff: Ensure that we cannot write outside the allocated buffer (CVE-2025-21738)\n * kernel: HID: core: Fix assumption that Resolution Multipliers must be in Logical Collections (CVE-2024-57986)\n * kernel: padata: avoid UAF for reorder_work (CVE-2025-21726)\n * kernel: vrf: use RCU protection in l3mdev_l3_out() (CVE-2025-21791)\n * kernel: team: better TEAM_OPTION_TYPE_STRING validation (CVE-2025-21787)\n * kernel: usb: xhci: Fix NULL pointer dereference on certain command aborts (CVE-2024-57981)\n * kernel: vxlan: check vxlan_vnigroup_init() return value (CVE-2025-21790)\n * kernel: wifi: mt76: mt7925: fix off by one in mt7925_load_clc() (CVE-2024-57990)\n * kernel: ipv6: use RCU protection in ip6_default_advmss() (CVE-2025-21765)\n * kernel: ASoC: SOF: Intel: hda-dai: Ensure DAI widget is valid during params (CVE-2024-58012)\n * kernel: blk-cgroup: Fix class @block_class\u0027s subsystem refcount leakage (CVE-2025-21745)\n * kernel: net: let net.core.dev_weight always be non-zero (CVE-2025-21806)\n * kernel: wifi: rtlwifi: remove unused check_buddy_priv (CVE-2024-58072)\n * kernel: OPP: fix dev_pm_opp_find_bw_*() when bandwidth table not initialized (CVE-2024-58068)\n * kernel: wifi: iwlwifi: mvm: avoid NULL pointer dereference (CVE-2024-58062)\n * kernel: idpf: convert workqueues to unbound (CVE-2024-58057)\n * kernel: wifi: mac80211: don\u0027t flush non-uploaded STAs (CVE-2025-21828)\n * kernel: KVM: Explicitly verify target vCPU is online in kvm_get_vcpu() (CVE-2024-58083)\n * kernel: netfilter: nf_tables: reject mismatching sum of field_len with set key length (CVE-2025-21826)\n * kernel: ASoC: soc-pcm: don\u0027t use soc_pcm_ret() on .prepare callback (CVE-2024-58077)\n * kernel: crypto: tegra - do not transfer req when tegra init fails (CVE-2024-58075)\n * kernel: RDMA/rxe: Fix the warning \"__rxe_cleanup+0x12c/0x170 [rdma_rxe]\" (CVE-2025-21829)\n * kernel: KVM: x86: Load DR6 with guest value only before entering .vcpu_run() loop (CVE-2025-21839)\n * kernel: io_uring/uring_cmd: unconditionally copy SQEs at prep time (CVE-2025-21837)\n * kernel: information leak via transient execution vulnerability in some AMD processors (CVE-2024-36350)\n * kernel: transient execution vulnerability in some AMD processors (CVE-2024-36357)\n * kernel: bpf: Fix softlockup in arena_map_free on 64k page kernel (CVE-2025-21851)\n * kernel: ibmvnic: Don\u0027t reference skb after sending to VIOS (CVE-2025-21855)\n * kernel: smb: client: Add check for next_buffer in receive_encrypted_standard() (CVE-2025-21844)\n * kernel: bpf: avoid holding freeze_mutex during mmap operation (CVE-2025-21853)\n * kernel: ASoC: SOF: stream-ipc: Check for cstream nullity in sof_ipc_msg_data() (CVE-2025-21847)\n * kernel: tcp: drop secpath at the same time as we currently drop dst (CVE-2025-21864)\n * kernel: bpf: Fix deadlock when freeing cgroup storage (CVE-2024-58088)\n * kernel: acct: perform last write from workqueue (CVE-2025-21846)\n * kernel: mm/migrate_device: don\u0027t add folio to be freed to LRU in migrate_device_finalize() (CVE-2025-21861)\n * kernel: io_uring: prevent opcode speculation (CVE-2025-21863)\n * kernel: nfp: bpf: Add check for nfp_app_ctrl_msg_alloc() (CVE-2025-21848)\n * kernel: netfilter: nft_tunnel: fix geneve_opt type confusion addition (CVE-2025-22056)\n * kernel: can: j1939: j1939_send_one(): fix missing CAN header initialization (CVE-2022-49845)\n * kernel: usb: typec: ucsi: displayport: Fix NULL pointer access (CVE-2025-37994)\n * kernel: wifi: ath12k: fix uaf in ath12k_core_init() (CVE-2025-38116)\n * kernel: fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass (CVE-2025-38396)\n\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. \n\nAdditional Changes: \n\nFor detailed information on changes in this release, see the AlmaLinuxRelease Notes linked from the References section.\n",
"id": "ALSA-2025:20518",
"modified": "2025-11-19T09:15:54Z",
"published": "2025-11-11T00:00:00Z",
"references": [
{
"type": "ADVISORY",
"url": "https://access.redhat.com/errata/RHSA-2025:20518"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2298169"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2312077"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2313092"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2320172"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2320259"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2320455"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2320616"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2320722"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2324549"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2327203"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2327374"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2327887"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2329918"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2330341"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2331326"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2334357"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2334396"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2334415"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2334439"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2334537"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2334547"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2334548"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2334560"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2334676"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2334795"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2334829"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2336541"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2337121"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2337124"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2338814"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2338828"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2338832"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2343172"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2343175"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2344684"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2344687"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2345240"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2346272"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2347707"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2347753"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2347759"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2347781"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2347807"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2347859"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2347919"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2347968"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2348022"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2348071"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2348238"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2348240"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2348279"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2348515"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2348523"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2348528"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2348541"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2348543"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2348547"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2348550"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2348554"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2348556"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2348566"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2348573"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2348574"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2348577"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2348578"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2348581"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2348584"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2348585"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2348587"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2348595"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2348597"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2348600"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2348601"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2348615"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2348620"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2348625"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2348634"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2348645"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2348650"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2348654"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2348901"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2350363"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2350367"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2350374"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2350375"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2350386"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2350388"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2350392"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2350396"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2350397"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2350400"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2350585"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2350589"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2350725"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2350726"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2351606"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2351608"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2351612"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2351613"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2351616"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2351618"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2351620"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2351624"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2351625"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2351629"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2351633"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2360215"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2363380"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2369184"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2376076"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2383441"
},
{
"type": "ADVISORY",
"url": "https://errata.almalinux.org/9/ALSA-2025-20518.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2022-48830.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2022-49024.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2022-49269.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2022-49353.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2022-49357.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2022-49432.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2022-49437.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2022-49443.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2022-49623.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2022-49627.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2022-49643.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2022-49648.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2022-49657.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2022-49670.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2022-49672.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2022-49845.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2024-36350.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2024-36357.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2024-46689.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2024-46744.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2024-47679.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2024-47727.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2024-49570.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2024-49864.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2024-50060.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2024-50195.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2024-50294.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2024-52332.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2024-53052.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2024-53090.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2024-53119.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2024-53135.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2024-53170.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2024-53216.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2024-53229.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2024-53241.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2024-53680.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2024-54456.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2024-56603.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2024-56645.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2024-56662.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2024-56672.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2024-56675.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2024-56690.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2024-56709.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2024-56739.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2024-56786.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2024-57981.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2024-57986.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2024-57987.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2024-57988.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2024-57989.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2024-57990.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2024-57993.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2024-57995.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2024-57998.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2024-58012.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2024-58014.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2024-58015.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2024-58057.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2024-58062.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2024-58068.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2024-58072.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2024-58075.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2024-58077.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2024-58083.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2024-58088.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2025-21631.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2025-21647.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2025-21648.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2025-21671.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2025-21672.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2025-21691.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2025-21693.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2025-21696.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2025-21702.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2025-21714.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2025-21726.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2025-21728.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2025-21729.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2025-21738.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2025-21739.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2025-21745.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2025-21746.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2025-21765.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2025-21786.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2025-21787.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2025-21790.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2025-21791.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2025-21795.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2025-21796.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2025-21806.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2025-21826.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2025-21828.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2025-21829.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2025-21837.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2025-21839.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2025-21844.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2025-21846.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2025-21847.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2025-21848.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2025-21851.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2025-21853.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2025-21855.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2025-21861.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2025-21863.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2025-21864.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2025-22056.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2025-22097.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2025-37994.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2025-38116.html"
},
{
"type": "REPORT",
"url": "https://www.redhat.com/security/data/cve/CVE-2025-38396.html"
}
],
"related": [
"CVE-2022-48830",
"CVE-2024-46689",
"CVE-2024-46744",
"CVE-2024-47679",
"CVE-2024-47727",
"CVE-2024-49864",
"CVE-2024-50060",
"CVE-2022-49024",
"CVE-2024-50195",
"CVE-2024-50294",
"CVE-2024-53052",
"CVE-2024-53090",
"CVE-2024-53119",
"CVE-2024-53135",
"CVE-2024-53241",
"CVE-2024-53229",
"CVE-2024-53170",
"CVE-2024-53216",
"CVE-2024-56603",
"CVE-2024-56672",
"CVE-2024-56662",
"CVE-2024-56675",
"CVE-2024-56645",
"CVE-2024-56690",
"CVE-2024-56709",
"CVE-2024-56739",
"CVE-2024-56786",
"CVE-2024-52332",
"CVE-2024-53680",
"CVE-2025-21648",
"CVE-2025-21647",
"CVE-2025-21631",
"CVE-2025-21671",
"CVE-2025-21672",
"CVE-2025-21693",
"CVE-2025-21691",
"CVE-2025-21696",
"CVE-2025-21702",
"CVE-2022-49657",
"CVE-2022-49432",
"CVE-2022-49672",
"CVE-2022-49353",
"CVE-2022-49437",
"CVE-2022-49627",
"CVE-2022-49670",
"CVE-2022-49269",
"CVE-2022-49643",
"CVE-2022-49623",
"CVE-2022-49357",
"CVE-2022-49443",
"CVE-2022-49648",
"CVE-2025-21746",
"CVE-2025-21795",
"CVE-2025-21728",
"CVE-2024-54456",
"CVE-2024-57987",
"CVE-2024-58014",
"CVE-2024-57988",
"CVE-2025-21714",
"CVE-2024-49570",
"CVE-2024-57993",
"CVE-2025-21729",
"CVE-2024-57989",
"CVE-2024-58015",
"CVE-2024-57998",
"CVE-2024-57995",
"CVE-2025-21796",
"CVE-2025-21739",
"CVE-2025-21786",
"CVE-2025-21738",
"CVE-2024-57986",
"CVE-2025-21726",
"CVE-2025-21791",
"CVE-2025-21787",
"CVE-2024-57981",
"CVE-2025-21790",
"CVE-2024-57990",
"CVE-2025-21765",
"CVE-2024-58012",
"CVE-2025-21745",
"CVE-2025-21806",
"CVE-2024-58072",
"CVE-2024-58068",
"CVE-2024-58062",
"CVE-2024-58057",
"CVE-2025-21828",
"CVE-2024-58083",
"CVE-2025-21826",
"CVE-2024-58077",
"CVE-2024-58075",
"CVE-2025-21829",
"CVE-2025-21839",
"CVE-2025-21837",
"CVE-2024-36350",
"CVE-2024-36357",
"CVE-2025-21851",
"CVE-2025-21855",
"CVE-2025-21844",
"CVE-2025-21853",
"CVE-2025-21847",
"CVE-2025-21864",
"CVE-2024-58088",
"CVE-2025-21846",
"CVE-2025-21861",
"CVE-2025-21863",
"CVE-2025-21848",
"CVE-2025-22056",
"CVE-2022-49845",
"CVE-2025-37994",
"CVE-2025-38116",
"CVE-2025-38396"
],
"summary": "Moderate: kernel security update"
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…