RHSA-2025:15035
Vulnerability from csaf_redhat - Published: 2025-09-02 06:56 - Updated: 2026-03-18 02:57Summary
Red Hat Security Advisory: kernel security update
Severity
Important
Notes
Topic: An update for kernel is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
* kernel: padata: fix UAF in padata_reorder (CVE-2025-21727)
* kernel: can: peak_usb: fix use after free bugs (CVE-2021-47670)
* kernel: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc (CVE-2025-37890)
* kernel: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice (CVE-2025-38001)
* kernel: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() (CVE-2025-38000)
* kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079)
* kernel: ftrace: Fix NULL pointer dereference in is_ftrace_trampoline when ftrace is dead (CVE-2022-49977)
* kernel: sch_hfsc: make hfsc_qlen_notify() idempotent (CVE-2025-38177)
* kernel: Bluetooth: hci_core: Fix use-after-free in vhci_flush() (CVE-2025-38250)
* kernel: net/sched: Always pass notifications when child class becomes empty (CVE-2025-38350)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
In the Linux kernel, the following vulnerability has been resolved: can: peak_usb: fix use after free bugs After calling peak_usb_netif_rx_ni(skb), dereferencing skb is unsafe. Especially, the can_frame cf which aliases skb memory is accessed after the peak_usb_netif_rx_ni(). Reordering the lines solves the issue.
7.0 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2025:15035
In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix NULL pointer dereference in is_ftrace_trampoline when ftrace is dead ftrace_startup does not remove ops from ftrace_ops_list when ftrace_startup_enable fails: register_ftrace_function ftrace_startup __register_ftrace_function ... add_ftrace_ops(&ftrace_ops_list, ops) ... ... ftrace_startup_enable // if ftrace failed to modify, ftrace_disabled is set to 1 ... return 0 // ops is in the ftrace_ops_list. When ftrace_disabled = 1, unregister_ftrace_function simply returns without doing anything: unregister_ftrace_function ftrace_shutdown if (unlikely(ftrace_disabled)) return -ENODEV; // return here, __unregister_ftrace_function is not executed, // as a result, ops is still in the ftrace_ops_list __unregister_ftrace_function ... If ops is dynamically allocated, it will be free later, in this case, is_ftrace_trampoline accesses NULL pointer: is_ftrace_trampoline ftrace_ops_trampoline do_for_each_ftrace_op(op, ftrace_ops_list) // OOPS! op may be NULL! Syzkaller reports as follows: [ 1203.506103] BUG: kernel NULL pointer dereference, address: 000000000000010b [ 1203.508039] #PF: supervisor read access in kernel mode [ 1203.508798] #PF: error_code(0x0000) - not-present page [ 1203.509558] PGD 800000011660b067 P4D 800000011660b067 PUD 130fb8067 PMD 0 [ 1203.510560] Oops: 0000 [#1] SMP KASAN PTI [ 1203.511189] CPU: 6 PID: 29532 Comm: syz-executor.2 Tainted: G B W 5.10.0 #8 [ 1203.512324] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 [ 1203.513895] RIP: 0010:is_ftrace_trampoline+0x26/0xb0 [ 1203.514644] Code: ff eb d3 90 41 55 41 54 49 89 fc 55 53 e8 f2 00 fd ff 48 8b 1d 3b 35 5d 03 e8 e6 00 fd ff 48 8d bb 90 00 00 00 e8 2a 81 26 00 <48> 8b ab 90 00 00 00 48 85 ed 74 1d e8 c9 00 fd ff 48 8d bb 98 00 [ 1203.518838] RSP: 0018:ffffc900012cf960 EFLAGS: 00010246 [ 1203.520092] RAX: 0000000000000000 RBX: 000000000000007b RCX: ffffffff8a331866 [ 1203.521469] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 000000000000010b [ 1203.522583] RBP: 0000000000000000 R08: 0000000000000000 R09: ffffffff8df18b07 [ 1203.523550] R10: fffffbfff1be3160 R11: 0000000000000001 R12: 0000000000478399 [ 1203.524596] R13: 0000000000000000 R14: ffff888145088000 R15: 0000000000000008 [ 1203.525634] FS: 00007f429f5f4700(0000) GS:ffff8881daf00000(0000) knlGS:0000000000000000 [ 1203.526801] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1203.527626] CR2: 000000000000010b CR3: 0000000170e1e001 CR4: 00000000003706e0 [ 1203.528611] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1203.529605] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Therefore, when ftrace_startup_enable fails, we need to rollback registration process and remove ops from ftrace_ops_list.
7.0 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2025:15035
A use-after-free vulnerability was found in the Linux kernel's padata subsystem, in the `padata_reorder()` function. Caused by improper synchronization controls, this vulnerability can occur when a reference-counted data structure (`pd`) is decremented in one thread, freeing it, while another thread still holds a pointer to it and attempts to access it via `padata_find_next()`. This vulnerability can lead to system instability, denial of service, and potential privilege escalation.
7.0 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2025:15035
A use-after-free vulnerability has been identified in the Linux kernel's HFSC (Hierarchical Fair Service Curve) queuing discipline when it is configured with NETEM (Network Emulation) as a child. This flaw can lead to a kernel panic or crash due to incorrect assumptions about the queue state. Exploitation of this vulnerability requires local access with CAP_NET_ADMIN privileges and control over the qdisc (queueing discipline) setup. A local attacker could leverage this flaw to achieve denial of service or escalate privileges. Given that it affects kernel memory structures, successful exploitation could result in memory corruption, data leaks, or arbitrary write capabilities, leading to a full kernel crash.
7.0 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2025:15035
Workaround
To mitigate this issue, prevent module sch_hfsc from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.
A flaw was found in the HFSC queueing discipline implementation in the Linux kernel. When a packet is enqueued and the child qdisc's peek() function is called before properly updating the HFSC queue's length and backlog counters, a race condition can occur. In some cases, the peek operation may trigger an immediate dequeue and drop, leading to inconsistent queue accounting. This may leave an empty HFSC class in the active list, eventually causing use-after-free (UAF) conditions. Due to the nature of this memory corruption (use-after-free or list corruption) in kernel scheduler code, a successful exploit could lead to privilege escalation, data leakage, or denial of service. Therefore, the CIA impact is assessed as HHH to reflect a worst-case.
7.0 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2025:15035
Workaround
To mitigate this issue, prevent module sch_hfsc from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.
A use-after-free (UAF) vulnerability, which also presents a potential infinite loop condition, has been resolved in the Linux kernel. This flaw affects the HFSC (Hierarchical Fair Service Curve) queuing discipline when it is used in conjunction with NETEM (Network Emulation). A malicious user could exploit this by repeatedly inserting a class into the eltree due to insufficient validation in prior logic, effectively bypassing the protection provided by the HFSC_RSC flag. Successful exploitation could lead to memory corruption, an infinite loop, or a system crash, severely impacting network availability and system stability.
7.0 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2025:15035
Workaround
To mitigate this issue, prevent module sch_hfsc from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.
In the Linux kernel, the following vulnerability has been resolved: crypto: algif_hash - fix double free in hash_accept If accept(2) is called on socket type algif_hash with MSG_MORE flag set and crypto_ahash_import fails, sk2 is freed. However, it is also freed in af_alg_release, leading to slab-use-after-free error.
7.0 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2025:15035
In the Linux kernel, the following vulnerability has been resolved: sch_hfsc: make hfsc_qlen_notify() idempotent hfsc_qlen_notify() is not idempotent either and not friendly to its callers, like fq_codel_dequeue(). Let's make it idempotent to ease qdisc_tree_reduce_backlog() callers' life: 1. update_vf() decreases cl->cl_nactive, so we can check whether it is non-zero before calling it. 2. eltree_remove() always removes RB node cl->el_node, but we can use RB_EMPTY_NODE() + RB_CLEAR_NODE() to make it safe.
7.0 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2025:15035
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_core: Fix use-after-free in vhci_flush() syzbot reported use-after-free in vhci_flush() without repro. [0] From the splat, a thread close()d a vhci file descriptor while its device was being used by iotcl() on another thread. Once the last fd refcnt is released, vhci_release() calls hci_unregister_dev(), hci_free_dev(), and kfree() for struct vhci_data, which is set to hci_dev->dev->driver_data. The problem is that there is no synchronisation after unlinking hdev from hci_dev_list in hci_unregister_dev(). There might be another thread still accessing the hdev which was fetched before the unlink operation. We can use SRCU for such synchronisation. Let's run hci_dev_reset() under SRCU and wait for its completion in hci_unregister_dev(). Another option would be to restore hci_dev->destruct(), which was removed in commit 587ae086f6e4 ("Bluetooth: Remove unused hci-destruct cb"). However, this would not be a good solution, as we should not run hci_unregister_dev() while there are in-flight ioctl() requests, which could lead to another data-race KCSAN splat. Note that other drivers seem to have the same problem, for exmaple, virtbt_remove(). [0]: BUG: KASAN: slab-use-after-free in skb_queue_empty_lockless include/linux/skbuff.h:1891 [inline] BUG: KASAN: slab-use-after-free in skb_queue_purge_reason+0x99/0x360 net/core/skbuff.c:3937 Read of size 8 at addr ffff88807cb8d858 by task syz.1.219/6718 CPU: 1 UID: 0 PID: 6718 Comm: syz.1.219 Not tainted 6.16.0-rc1-syzkaller-00196-g08207f42d3ff #0 PREEMPT(full) Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 Call Trace: <TASK> dump_stack_lvl+0x189/0x250 lib/dump_stack.c:120 print_address_description mm/kasan/report.c:408 [inline] print_report+0xd2/0x2b0 mm/kasan/report.c:521 kasan_report+0x118/0x150 mm/kasan/report.c:634 skb_queue_empty_lockless include/linux/skbuff.h:1891 [inline] skb_queue_purge_reason+0x99/0x360 net/core/skbuff.c:3937 skb_queue_purge include/linux/skbuff.h:3368 [inline] vhci_flush+0x44/0x50 drivers/bluetooth/hci_vhci.c:69 hci_dev_do_reset net/bluetooth/hci_core.c:552 [inline] hci_dev_reset+0x420/0x5c0 net/bluetooth/hci_core.c:592 sock_do_ioctl+0xd9/0x300 net/socket.c:1190 sock_ioctl+0x576/0x790 net/socket.c:1311 vfs_ioctl fs/ioctl.c:51 [inline] __do_sys_ioctl fs/ioctl.c:907 [inline] __se_sys_ioctl+0xf9/0x170 fs/ioctl.c:893 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline] do_syscall_64+0xfa/0x3b0 arch/x86/entry/syscall_64.c:94 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7fcf5b98e929 Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007fcf5c7b9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 00007fcf5bbb6160 RCX: 00007fcf5b98e929 RDX: 0000000000000000 RSI: 00000000400448cb RDI: 0000000000000009 RBP: 00007fcf5ba10b39 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 0000000000000000 R14: 00007fcf5bbb6160 R15: 00007ffd6353d528 </TASK> Allocated by task 6535: kasan_save_stack mm/kasan/common.c:47 [inline] kasan_save_track+0x3e/0x80 mm/kasan/common.c:68 poison_kmalloc_redzone mm/kasan/common.c:377 [inline] __kasan_kmalloc+0x93/0xb0 mm/kasan/common.c:394 kasan_kmalloc include/linux/kasan.h:260 [inline] __kmalloc_cache_noprof+0x230/0x3d0 mm/slub.c:4359 kmalloc_noprof include/linux/slab.h:905 [inline] kzalloc_noprof include/linux/slab.h:1039 [inline] vhci_open+0x57/0x360 drivers/bluetooth/hci_vhci.c:635 misc_open+0x2bc/0x330 drivers/char/misc.c:161 chrdev_open+0x4c9/0x5e0 fs/char_dev.c:414 do_dentry_open+0xdf0/0x1970 fs/open.c:964 vfs_open+0x3b/0x340 fs/open.c:1094 do_open fs/namei.c:3887 [inline] path_openat+0x2ee5/0x3830 fs/name ---truncated---
7.3 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2025:15035
Workaround
To mitigate these vulnerabilities on the operating system level, disable the Bluetooth functionality via blocklisting kernel modules in the Linux kernel. The kernel modules can be prevented from being loaded by using system-wide modprobe rules. Instructions on how to disable Bluetooth modules are available on the customer portal at https://access.redhat.com/solutions/2682931.
Alternatively, bluetooth can be disabled within the hardware or at the BIOS level, which will also provide effective mitigation as the kernel will not detect Bluetooth hardware on the system.
A use-after-free (UAF) vulnerability was found in the Linux kernel's net/sched subsystem, specifically in the Credit-Based Shaper (CBS) qdisc implementation (sch_cbs). The vulnerability occurs because the CBS qdisc's reset function (qdisc_reset_queue()) only resets its internal queue but fails to reset its child qdisc recursively. As a result, a mismatch in queue length (qlen) occurs between CBS and its children during interface resets, eventually allowing attackers to trigger UAF on a parent HFSC scheduler.
7.0 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2025:15035
Workaround
To mitigate this issue, prevent the sch_cbs module from being loaded. Please see https://access.redhat.com/solutions/41278 for how information on how to blacklist a kernel module to prevent it from loading automatically.
In the Linux kernel, the following vulnerability has been resolved: net/sched: ets: use old 'nbands' while purging unused classes Shuang reported sch_ets test-case [1] crashing in ets_class_qlen_notify() after recent changes from Lion [2]. The problem is: in ets_qdisc_change() we purge unused DWRR queues; the value of 'q->nbands' is the new one, and the cleanup should be done with the old one. The problem is here since my first attempts to fix ets_qdisc_change(), but it surfaced again after the recent qdisc len accounting fixes. Fix it purging idle DWRR queues before assigning a new value of 'q->nbands', so that all purge operations find a consistent configuration: - old 'q->nbands' because it's needed by ets_class_find() - old 'q->nstrict' because it's needed by ets_class_is_strict() BUG: kernel NULL pointer dereference, address: 0000000000000000 #PF: supervisor read access in kernel mode #PF: error_code(0x0000) - not-present page PGD 0 P4D 0 Oops: Oops: 0000 [#1] SMP NOPTI CPU: 62 UID: 0 PID: 39457 Comm: tc Kdump: loaded Not tainted 6.12.0-116.el10.x86_64 #1 PREEMPT(voluntary) Hardware name: Dell Inc. PowerEdge R640/06DKY5, BIOS 2.12.2 07/09/2021 RIP: 0010:__list_del_entry_valid_or_report+0x4/0x80 Code: ff 4c 39 c7 0f 84 39 19 8e ff b8 01 00 00 00 c3 cc cc cc cc 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa <48> 8b 17 48 8b 4f 08 48 85 d2 0f 84 56 19 8e ff 48 85 c9 0f 84 ab RSP: 0018:ffffba186009f400 EFLAGS: 00010202 RAX: 00000000000000d6 RBX: 0000000000000000 RCX: 0000000000000004 RDX: ffff9f0fa29b69c0 RSI: 0000000000000000 RDI: 0000000000000000 RBP: ffffffffc12c2400 R08: 0000000000000008 R09: 0000000000000004 R10: ffffffffffffffff R11: 0000000000000004 R12: 0000000000000000 R13: ffff9f0f8cfe0000 R14: 0000000000100005 R15: 0000000000000000 FS: 00007f2154f37480(0000) GS:ffff9f269c1c0000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000000 CR3: 00000001530be001 CR4: 00000000007726f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 PKRU: 55555554 Call Trace: <TASK> ets_class_qlen_notify+0x65/0x90 [sch_ets] qdisc_tree_reduce_backlog+0x74/0x110 ets_qdisc_change+0x630/0xa40 [sch_ets] __tc_modify_qdisc.constprop.0+0x216/0x7f0 tc_modify_qdisc+0x7c/0x120 rtnetlink_rcv_msg+0x145/0x3f0 netlink_rcv_skb+0x53/0x100 netlink_unicast+0x245/0x390 netlink_sendmsg+0x21b/0x470 ____sys_sendmsg+0x39d/0x3d0 ___sys_sendmsg+0x9a/0xe0 __sys_sendmsg+0x7a/0xd0 do_syscall_64+0x7d/0x160 entry_SYSCALL_64_after_hwframe+0x76/0x7e RIP: 0033:0x7f2155114084 Code: 89 02 b8 ff ff ff ff eb bb 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 f3 0f 1e fa 80 3d 25 f0 0c 00 00 74 13 b8 2e 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 54 c3 0f 1f 00 48 83 ec 28 89 54 24 1c 48 89 RSP: 002b:00007fff1fd7a988 EFLAGS: 00000202 ORIG_RAX: 000000000000002e RAX: ffffffffffffffda RBX: 0000560ec063e5e0 RCX: 00007f2155114084 RDX: 0000000000000000 RSI: 00007fff1fd7a9f0 RDI: 0000000000000003 RBP: 00007fff1fd7aa60 R08: 0000000000000010 R09: 000000000000003f R10: 0000560ee9b3a010 R11: 0000000000000202 R12: 00007fff1fd7aae0 R13: 000000006891ccde R14: 0000560ec063e5e0 R15: 00007fff1fd7aad0 </TASK> [1] https://lore.kernel.org/netdev/e08c7f4a6882f260011909a868311c6e9b54f3e4.1639153474.git.dcaratti@redhat.com/ [2] https://lore.kernel.org/netdev/d912cbd7-193b-4269-9857-525bee8bbb6a@gmail.com/
5.2 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2025:15035
References
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for kernel is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* kernel: padata: fix UAF in padata_reorder (CVE-2025-21727)\n\n* kernel: can: peak_usb: fix use after free bugs (CVE-2021-47670)\n\n* kernel: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc (CVE-2025-37890)\n\n* kernel: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice (CVE-2025-38001)\n\n* kernel: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() (CVE-2025-38000)\n\n* kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079)\n\n* kernel: ftrace: Fix NULL pointer dereference in is_ftrace_trampoline when ftrace is dead (CVE-2022-49977)\n\n* kernel: sch_hfsc: make hfsc_qlen_notify() idempotent (CVE-2025-38177)\n\n* kernel: Bluetooth: hci_core: Fix use-after-free in vhci_flush() (CVE-2025-38250)\n\n* kernel: net/sched: Always pass notifications when child class becomes empty (CVE-2025-38350)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:15035",
"url": "https://access.redhat.com/errata/RHSA-2025:15035"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2348516",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348516"
},
{
"category": "external",
"summary": "2360786",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2360786"
},
{
"category": "external",
"summary": "2366848",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2366848"
},
{
"category": "external",
"summary": "2370776",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370776"
},
{
"category": "external",
"summary": "2370786",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370786"
},
{
"category": "external",
"summary": "2373383",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2373383"
},
{
"category": "external",
"summary": "2373574",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2373574"
},
{
"category": "external",
"summary": "2376354",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2376354"
},
{
"category": "external",
"summary": "2378982",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2378982"
},
{
"category": "external",
"summary": "2382054",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2382054"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_15035.json"
}
],
"title": "Red Hat Security Advisory: kernel security update",
"tracking": {
"current_release_date": "2026-03-18T02:57:19+00:00",
"generator": {
"date": "2026-03-18T02:57:19+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.3"
}
},
"id": "RHSA-2025:15035",
"initial_release_date": "2025-09-02T06:56:50+00:00",
"revision_history": [
{
"date": "2025-09-02T06:56:50+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-09-02T06:56:50+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-03-18T02:57:19+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.AUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_aus:8.4::baseos"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS.EXTENSION",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_eus_long_life:8.4::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"product": {
"name": "bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"product_id": "bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bpftool@4.18.0-305.170.1.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"product": {
"name": "kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"product_id": "kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel@4.18.0-305.170.1.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"product": {
"name": "kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"product_id": "kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-core@4.18.0-305.170.1.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"product": {
"name": "kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"product_id": "kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug@4.18.0-305.170.1.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"product": {
"name": "kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"product_id": "kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-core@4.18.0-305.170.1.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"product": {
"name": "kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"product_id": "kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-devel@4.18.0-305.170.1.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"product": {
"name": "kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"product_id": "kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules@4.18.0-305.170.1.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"product": {
"name": "kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"product_id": "kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules-extra@4.18.0-305.170.1.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"product": {
"name": "kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"product_id": "kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-devel@4.18.0-305.170.1.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"product": {
"name": "kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"product_id": "kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules@4.18.0-305.170.1.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"product": {
"name": "kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"product_id": "kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules-extra@4.18.0-305.170.1.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"product": {
"name": "kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"product_id": "kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools@4.18.0-305.170.1.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"product": {
"name": "kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"product_id": "kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-libs@4.18.0-305.170.1.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "perf-0:4.18.0-305.170.1.el8_4.x86_64",
"product": {
"name": "perf-0:4.18.0-305.170.1.el8_4.x86_64",
"product_id": "perf-0:4.18.0-305.170.1.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/perf@4.18.0-305.170.1.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"product": {
"name": "python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"product_id": "python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-perf@4.18.0-305.170.1.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"product": {
"name": "bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"product_id": "bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bpftool-debuginfo@4.18.0-305.170.1.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"product": {
"name": "kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"product_id": "kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-debuginfo@4.18.0-305.170.1.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"product": {
"name": "kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"product_id": "kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo@4.18.0-305.170.1.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"product": {
"name": "kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"product_id": "kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo-common-x86_64@4.18.0-305.170.1.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"product": {
"name": "kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"product_id": "kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-debuginfo@4.18.0-305.170.1.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"product": {
"name": "perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"product_id": "perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/perf-debuginfo@4.18.0-305.170.1.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"product": {
"name": "python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"product_id": "python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-perf-debuginfo@4.18.0-305.170.1.el8_4?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-0:4.18.0-305.170.1.el8_4.src",
"product": {
"name": "kernel-0:4.18.0-305.170.1.el8_4.src",
"product_id": "kernel-0:4.18.0-305.170.1.el8_4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel@4.18.0-305.170.1.el8_4?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"product": {
"name": "kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"product_id": "kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-abi-stablelists@4.18.0-305.170.1.el8_4?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"product": {
"name": "kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"product_id": "kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-doc@4.18.0-305.170.1.el8_4?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "bpftool-0:4.18.0-305.170.1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.AUS:bpftool-0:4.18.0-305.170.1.el8_4.x86_64"
},
"product_reference": "bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.AUS:bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64"
},
"product_reference": "bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:4.18.0-305.170.1.el8_4.src as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.AUS:kernel-0:4.18.0-305.170.1.el8_4.src"
},
"product_reference": "kernel-0:4.18.0-305.170.1.el8_4.src",
"relates_to_product_reference": "BaseOS-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:4.18.0-305.170.1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.AUS:kernel-0:4.18.0-305.170.1.el8_4.x86_64"
},
"product_reference": "kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.AUS:kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch"
},
"product_reference": "kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"relates_to_product_reference": "BaseOS-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-core-0:4.18.0-305.170.1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.AUS:kernel-core-0:4.18.0-305.170.1.el8_4.x86_64"
},
"product_reference": "kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.AUS:kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64"
},
"product_reference": "kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.AUS:kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64"
},
"product_reference": "kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64"
},
"product_reference": "kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.AUS:kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64"
},
"product_reference": "kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.AUS:kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64"
},
"product_reference": "kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64"
},
"product_reference": "kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.AUS:kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64"
},
"product_reference": "kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64"
},
"product_reference": "kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.AUS:kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64"
},
"product_reference": "kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-doc-0:4.18.0-305.170.1.el8_4.noarch as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.AUS:kernel-doc-0:4.18.0-305.170.1.el8_4.noarch"
},
"product_reference": "kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"relates_to_product_reference": "BaseOS-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.AUS:kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64"
},
"product_reference": "kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.AUS:kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64"
},
"product_reference": "kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.AUS:kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64"
},
"product_reference": "kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64"
},
"product_reference": "kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.AUS:kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64"
},
"product_reference": "kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-0:4.18.0-305.170.1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.AUS:perf-0:4.18.0-305.170.1.el8_4.x86_64"
},
"product_reference": "perf-0:4.18.0-305.170.1.el8_4.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.AUS:perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64"
},
"product_reference": "perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-perf-0:4.18.0-305.170.1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.AUS:python3-perf-0:4.18.0-305.170.1.el8_4.x86_64"
},
"product_reference": "python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64"
},
"product_reference": "python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bpftool-0:4.18.0-305.170.1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS.EXTENSION:bpftool-0:4.18.0-305.170.1.el8_4.x86_64"
},
"product_reference": "bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS.EXTENSION:bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64"
},
"product_reference": "bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:4.18.0-305.170.1.el8_4.src as a component of Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-0:4.18.0-305.170.1.el8_4.src"
},
"product_reference": "kernel-0:4.18.0-305.170.1.el8_4.src",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:4.18.0-305.170.1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-0:4.18.0-305.170.1.el8_4.x86_64"
},
"product_reference": "kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch as a component of Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch"
},
"product_reference": "kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-core-0:4.18.0-305.170.1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-core-0:4.18.0-305.170.1.el8_4.x86_64"
},
"product_reference": "kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64"
},
"product_reference": "kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64"
},
"product_reference": "kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64"
},
"product_reference": "kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64"
},
"product_reference": "kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64"
},
"product_reference": "kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64"
},
"product_reference": "kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64"
},
"product_reference": "kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64"
},
"product_reference": "kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64"
},
"product_reference": "kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-doc-0:4.18.0-305.170.1.el8_4.noarch as a component of Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-doc-0:4.18.0-305.170.1.el8_4.noarch"
},
"product_reference": "kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64"
},
"product_reference": "kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64"
},
"product_reference": "kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64"
},
"product_reference": "kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64"
},
"product_reference": "kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64"
},
"product_reference": "kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-0:4.18.0-305.170.1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS.EXTENSION:perf-0:4.18.0-305.170.1.el8_4.x86_64"
},
"product_reference": "perf-0:4.18.0-305.170.1.el8_4.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS.EXTENSION:perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64"
},
"product_reference": "perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-perf-0:4.18.0-305.170.1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS.EXTENSION:python3-perf-0:4.18.0-305.170.1.el8_4.x86_64"
},
"product_reference": "python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS.EXTENSION:python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64"
},
"product_reference": "python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS.EXTENSION"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-47670",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2025-04-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2360786"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: peak_usb: fix use after free bugs\n\nAfter calling peak_usb_netif_rx_ni(skb), dereferencing skb is unsafe.\nEspecially, the can_frame cf which aliases skb memory is accessed\nafter the peak_usb_netif_rx_ni().\n\nReordering the lines solves the issue.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: can: peak_usb: fix use after free bugs",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "An unprivileged user with device access could potentially trigger a use-after-free vulnerability. However, this would require them to interact with the CAN device in a highly specific and difficult-to-automate manner to create the necessary conditions within the kernel driver.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.4.0.Z.AUS:bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-0:4.18.0-305.170.1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.AUS:kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.AUS:kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-0:4.18.0-305.170.1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-47670"
},
{
"category": "external",
"summary": "RHBZ#2360786",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2360786"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-47670",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47670"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-47670",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47670"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025041734-CVE-2021-47670-2b77@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025041734-CVE-2021-47670-2b77@gregkh/T"
}
],
"release_date": "2025-04-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-09-02T06:56:50+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"BaseOS-8.4.0.Z.AUS:bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-0:4.18.0-305.170.1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.AUS:kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.AUS:kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-0:4.18.0-305.170.1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64"
],
"restart_required": {
"category": "machine"
},
"url": "https://access.redhat.com/errata/RHSA-2025:15035"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.4.0.Z.AUS:bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-0:4.18.0-305.170.1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.AUS:kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.AUS:kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-0:4.18.0-305.170.1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: can: peak_usb: fix use after free bugs"
},
{
"cve": "CVE-2022-49977",
"cwe": {
"id": "CWE-763",
"name": "Release of Invalid Pointer or Reference"
},
"discovery_date": "2025-06-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2373574"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nftrace: Fix NULL pointer dereference in is_ftrace_trampoline when ftrace is dead\n\nftrace_startup does not remove ops from ftrace_ops_list when\nftrace_startup_enable fails:\n\nregister_ftrace_function\n ftrace_startup\n __register_ftrace_function\n ...\n add_ftrace_ops(\u0026ftrace_ops_list, ops)\n ...\n ...\n ftrace_startup_enable // if ftrace failed to modify, ftrace_disabled is set to 1\n ...\n return 0 // ops is in the ftrace_ops_list.\n\nWhen ftrace_disabled = 1, unregister_ftrace_function simply returns without doing anything:\nunregister_ftrace_function\n ftrace_shutdown\n if (unlikely(ftrace_disabled))\n return -ENODEV; // return here, __unregister_ftrace_function is not executed,\n // as a result, ops is still in the ftrace_ops_list\n __unregister_ftrace_function\n ...\n\nIf ops is dynamically allocated, it will be free later, in this case,\nis_ftrace_trampoline accesses NULL pointer:\n\nis_ftrace_trampoline\n ftrace_ops_trampoline\n do_for_each_ftrace_op(op, ftrace_ops_list) // OOPS! op may be NULL!\n\nSyzkaller reports as follows:\n[ 1203.506103] BUG: kernel NULL pointer dereference, address: 000000000000010b\n[ 1203.508039] #PF: supervisor read access in kernel mode\n[ 1203.508798] #PF: error_code(0x0000) - not-present page\n[ 1203.509558] PGD 800000011660b067 P4D 800000011660b067 PUD 130fb8067 PMD 0\n[ 1203.510560] Oops: 0000 [#1] SMP KASAN PTI\n[ 1203.511189] CPU: 6 PID: 29532 Comm: syz-executor.2 Tainted: G B W 5.10.0 #8\n[ 1203.512324] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014\n[ 1203.513895] RIP: 0010:is_ftrace_trampoline+0x26/0xb0\n[ 1203.514644] Code: ff eb d3 90 41 55 41 54 49 89 fc 55 53 e8 f2 00 fd ff 48 8b 1d 3b 35 5d 03 e8 e6 00 fd ff 48 8d bb 90 00 00 00 e8 2a 81 26 00 \u003c48\u003e 8b ab 90 00 00 00 48 85 ed 74 1d e8 c9 00 fd ff 48 8d bb 98 00\n[ 1203.518838] RSP: 0018:ffffc900012cf960 EFLAGS: 00010246\n[ 1203.520092] RAX: 0000000000000000 RBX: 000000000000007b RCX: ffffffff8a331866\n[ 1203.521469] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 000000000000010b\n[ 1203.522583] RBP: 0000000000000000 R08: 0000000000000000 R09: ffffffff8df18b07\n[ 1203.523550] R10: fffffbfff1be3160 R11: 0000000000000001 R12: 0000000000478399\n[ 1203.524596] R13: 0000000000000000 R14: ffff888145088000 R15: 0000000000000008\n[ 1203.525634] FS: 00007f429f5f4700(0000) GS:ffff8881daf00000(0000) knlGS:0000000000000000\n[ 1203.526801] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 1203.527626] CR2: 000000000000010b CR3: 0000000170e1e001 CR4: 00000000003706e0\n[ 1203.528611] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 1203.529605] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n\nTherefore, when ftrace_startup_enable fails, we need to rollback registration\nprocess and remove ops from ftrace_ops_list.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: ftrace: Fix NULL pointer dereference in is_ftrace_trampoline when ftrace is dead",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.4.0.Z.AUS:bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-0:4.18.0-305.170.1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.AUS:kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.AUS:kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-0:4.18.0-305.170.1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-49977"
},
{
"category": "external",
"summary": "RHBZ#2373574",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2373574"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-49977",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49977"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-49977",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-49977"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025061819-CVE-2022-49977-3826@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025061819-CVE-2022-49977-3826@gregkh/T"
}
],
"release_date": "2025-06-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-09-02T06:56:50+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"BaseOS-8.4.0.Z.AUS:bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-0:4.18.0-305.170.1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.AUS:kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.AUS:kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-0:4.18.0-305.170.1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64"
],
"restart_required": {
"category": "machine"
},
"url": "https://access.redhat.com/errata/RHSA-2025:15035"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.4.0.Z.AUS:bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-0:4.18.0-305.170.1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.AUS:kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.AUS:kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-0:4.18.0-305.170.1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: ftrace: Fix NULL pointer dereference in is_ftrace_trampoline when ftrace is dead"
},
{
"cve": "CVE-2025-21727",
"cwe": {
"id": "CWE-820",
"name": "Missing Synchronization"
},
"discovery_date": "2025-02-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2348516"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free vulnerability was found in the Linux kernel\u0027s padata subsystem, in the `padata_reorder()` function. Caused by improper synchronization controls, this vulnerability can occur when a reference-counted data structure (`pd`) is decremented in one thread, freeing it, while another thread still holds a pointer to it and attempts to access it via `padata_find_next()`. This vulnerability can lead to system instability, denial of service, and potential privilege escalation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: padata: fix UAF in padata_reorder",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.4.0.Z.AUS:bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-0:4.18.0-305.170.1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.AUS:kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.AUS:kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-0:4.18.0-305.170.1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-21727"
},
{
"category": "external",
"summary": "RHBZ#2348516",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348516"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-21727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21727"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-21727",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-21727"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025022648-CVE-2025-21727-b034@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025022648-CVE-2025-21727-b034@gregkh/T"
}
],
"release_date": "2025-02-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-09-02T06:56:50+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"BaseOS-8.4.0.Z.AUS:bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-0:4.18.0-305.170.1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.AUS:kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.AUS:kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-0:4.18.0-305.170.1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64"
],
"restart_required": {
"category": "machine"
},
"url": "https://access.redhat.com/errata/RHSA-2025:15035"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.4.0.Z.AUS:bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-0:4.18.0-305.170.1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.AUS:kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.AUS:kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-0:4.18.0-305.170.1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: padata: fix UAF in padata_reorder"
},
{
"cve": "CVE-2025-37890",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2025-05-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2366848"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free vulnerability has been identified in the Linux kernel\u0027s HFSC (Hierarchical Fair Service Curve) queuing discipline when it is configured with NETEM (Network Emulation) as a child. This flaw can lead to a kernel panic or crash due to incorrect assumptions about the queue state.\n\nExploitation of this vulnerability requires local access with CAP_NET_ADMIN privileges and control over the qdisc (queueing discipline) setup. A local attacker could leverage this flaw to achieve denial of service or escalate privileges. Given that it affects kernel memory structures, successful exploitation could result in memory corruption, data leaks, or arbitrary write capabilities, leading to a full kernel crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "On Red Hat Enterprise Linux 8 and later releases, regular (non-root) users can exploit this issue by abusing unprivileged user namespaces. Red Hat Enterprise Linux 6 and 7 are not affected by this CVE because they did not include the upstream commit that introduced the CVE (37d9cf1).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.4.0.Z.AUS:bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-0:4.18.0-305.170.1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.AUS:kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.AUS:kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-0:4.18.0-305.170.1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-37890"
},
{
"category": "external",
"summary": "RHBZ#2366848",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2366848"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-37890",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37890"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-37890",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-37890"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025051617-CVE-2025-37890-437b@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025051617-CVE-2025-37890-437b@gregkh/T"
}
],
"release_date": "2025-05-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-09-02T06:56:50+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"BaseOS-8.4.0.Z.AUS:bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-0:4.18.0-305.170.1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.AUS:kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.AUS:kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-0:4.18.0-305.170.1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64"
],
"restart_required": {
"category": "machine"
},
"url": "https://access.redhat.com/errata/RHSA-2025:15035"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent module sch_hfsc from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"BaseOS-8.4.0.Z.AUS:bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-0:4.18.0-305.170.1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.AUS:kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.AUS:kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-0:4.18.0-305.170.1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.4.0.Z.AUS:bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-0:4.18.0-305.170.1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.AUS:kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.AUS:kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-0:4.18.0-305.170.1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc"
},
{
"cve": "CVE-2025-38000",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2025-06-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2370786"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the HFSC queueing discipline implementation in the Linux kernel. When a packet is enqueued and the child qdisc\u0027s peek() function is called before properly updating the HFSC queue\u0027s length and backlog counters, a race condition can occur. In some cases, the peek operation may trigger an immediate dequeue and drop, leading to inconsistent queue accounting. This may leave an empty HFSC class in the active list, eventually causing use-after-free (UAF) conditions. Due to the nature of this memory corruption (use-after-free or list corruption) in kernel scheduler code, a successful exploit could lead to privilege escalation, data leakage, or denial of service. Therefore, the CIA impact is assessed as HHH to reflect a worst-case.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "On Red Hat Enterprise Linux 8 and later releases, regular (non-root) users can exploit this issue by abusing unprivileged user namespaces. On Red Hat Enterprise Linux 7, unprivileged user namespaces are disabled by default. Red Hat Enterprise Linux 6 did not include support for them at all, meaning that root privileges are necessary to trigger this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.4.0.Z.AUS:bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-0:4.18.0-305.170.1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.AUS:kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.AUS:kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-0:4.18.0-305.170.1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-38000"
},
{
"category": "external",
"summary": "RHBZ#2370786",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370786"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-38000",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38000"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-38000",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-38000"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025060639-CVE-2025-38000-f5a4@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025060639-CVE-2025-38000-f5a4@gregkh/T"
}
],
"release_date": "2025-06-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-09-02T06:56:50+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"BaseOS-8.4.0.Z.AUS:bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-0:4.18.0-305.170.1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.AUS:kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.AUS:kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-0:4.18.0-305.170.1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64"
],
"restart_required": {
"category": "machine"
},
"url": "https://access.redhat.com/errata/RHSA-2025:15035"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent module sch_hfsc from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"BaseOS-8.4.0.Z.AUS:bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-0:4.18.0-305.170.1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.AUS:kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.AUS:kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-0:4.18.0-305.170.1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.4.0.Z.AUS:bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-0:4.18.0-305.170.1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.AUS:kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.AUS:kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-0:4.18.0-305.170.1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue()"
},
{
"cve": "CVE-2025-38001",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2025-06-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2370776"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free (UAF) vulnerability, which also presents a potential infinite loop condition, has been resolved in the Linux kernel. This flaw affects the HFSC (Hierarchical Fair Service Curve) queuing discipline when it is used in conjunction with NETEM (Network Emulation).\n\nA malicious user could exploit this by repeatedly inserting a class into the eltree due to insufficient validation in prior logic, effectively bypassing the protection provided by the HFSC_RSC flag. Successful exploitation could lead to memory corruption, an infinite loop, or a system crash, severely impacting network availability and system stability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "On Red Hat Enterprise Linux 8 and later releases, regular (non-root) users can exploit this issue by abusing unprivileged user namespaces. Red Hat Enterprise Linux 6 and 7 are not affected by this CVE because they did not include the upstream commit that introduced the CVE (37d9cf1).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.4.0.Z.AUS:bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-0:4.18.0-305.170.1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.AUS:kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.AUS:kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-0:4.18.0-305.170.1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-38001"
},
{
"category": "external",
"summary": "RHBZ#2370776",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370776"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-38001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38001"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-38001",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-38001"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025060650-CVE-2025-38001-f921@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025060650-CVE-2025-38001-f921@gregkh/T"
}
],
"release_date": "2025-06-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-09-02T06:56:50+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"BaseOS-8.4.0.Z.AUS:bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-0:4.18.0-305.170.1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.AUS:kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.AUS:kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-0:4.18.0-305.170.1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64"
],
"restart_required": {
"category": "machine"
},
"url": "https://access.redhat.com/errata/RHSA-2025:15035"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent module sch_hfsc from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"BaseOS-8.4.0.Z.AUS:bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-0:4.18.0-305.170.1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.AUS:kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.AUS:kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-0:4.18.0-305.170.1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.4.0.Z.AUS:bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-0:4.18.0-305.170.1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.AUS:kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.AUS:kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-0:4.18.0-305.170.1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice"
},
{
"cve": "CVE-2025-38079",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"discovery_date": "2025-06-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2373383"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: algif_hash - fix double free in hash_accept\n\nIf accept(2) is called on socket type algif_hash with\nMSG_MORE flag set and crypto_ahash_import fails,\nsk2 is freed. However, it is also freed in af_alg_release,\nleading to slab-use-after-free error.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: crypto: algif_hash - fix double free in hash_accept",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.4.0.Z.AUS:bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-0:4.18.0-305.170.1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.AUS:kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.AUS:kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-0:4.18.0-305.170.1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-38079"
},
{
"category": "external",
"summary": "RHBZ#2373383",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2373383"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-38079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38079"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-38079",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-38079"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025061841-CVE-2025-38079-7fa5@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025061841-CVE-2025-38079-7fa5@gregkh/T"
}
],
"release_date": "2025-06-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-09-02T06:56:50+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"BaseOS-8.4.0.Z.AUS:bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-0:4.18.0-305.170.1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.AUS:kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.AUS:kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-0:4.18.0-305.170.1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64"
],
"restart_required": {
"category": "machine"
},
"url": "https://access.redhat.com/errata/RHSA-2025:15035"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.4.0.Z.AUS:bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-0:4.18.0-305.170.1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.AUS:kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.AUS:kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-0:4.18.0-305.170.1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: crypto: algif_hash - fix double free in hash_accept"
},
{
"cve": "CVE-2025-38177",
"cwe": {
"id": "CWE-459",
"name": "Incomplete Cleanup"
},
"discovery_date": "2025-07-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2376354"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsch_hfsc: make hfsc_qlen_notify() idempotent\n\nhfsc_qlen_notify() is not idempotent either and not friendly\nto its callers, like fq_codel_dequeue(). Let\u0027s make it idempotent\nto ease qdisc_tree_reduce_backlog() callers\u0027 life:\n\n1. update_vf() decreases cl-\u003ecl_nactive, so we can check whether it is\nnon-zero before calling it.\n\n2. eltree_remove() always removes RB node cl-\u003eel_node, but we can use\n RB_EMPTY_NODE() + RB_CLEAR_NODE() to make it safe.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: sch_hfsc: make hfsc_qlen_notify() idempotent",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.4.0.Z.AUS:bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-0:4.18.0-305.170.1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.AUS:kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.AUS:kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-0:4.18.0-305.170.1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-38177"
},
{
"category": "external",
"summary": "RHBZ#2376354",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2376354"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-38177",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38177"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-38177",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-38177"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025070411-CVE-2025-38177-bd6c@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025070411-CVE-2025-38177-bd6c@gregkh/T"
}
],
"release_date": "2025-07-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-09-02T06:56:50+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"BaseOS-8.4.0.Z.AUS:bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-0:4.18.0-305.170.1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.AUS:kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.AUS:kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-0:4.18.0-305.170.1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64"
],
"restart_required": {
"category": "machine"
},
"url": "https://access.redhat.com/errata/RHSA-2025:15035"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.4.0.Z.AUS:bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-0:4.18.0-305.170.1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.AUS:kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.AUS:kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-0:4.18.0-305.170.1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: sch_hfsc: make hfsc_qlen_notify() idempotent"
},
{
"cve": "CVE-2025-38250",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"discovery_date": "2025-07-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2378982"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: hci_core: Fix use-after-free in vhci_flush()\n\nsyzbot reported use-after-free in vhci_flush() without repro. [0]\n\nFrom the splat, a thread close()d a vhci file descriptor while\nits device was being used by iotcl() on another thread.\n\nOnce the last fd refcnt is released, vhci_release() calls\nhci_unregister_dev(), hci_free_dev(), and kfree() for struct\nvhci_data, which is set to hci_dev-\u003edev-\u003edriver_data.\n\nThe problem is that there is no synchronisation after unlinking\nhdev from hci_dev_list in hci_unregister_dev(). There might be\nanother thread still accessing the hdev which was fetched before\nthe unlink operation.\n\nWe can use SRCU for such synchronisation.\n\nLet\u0027s run hci_dev_reset() under SRCU and wait for its completion\nin hci_unregister_dev().\n\nAnother option would be to restore hci_dev-\u003edestruct(), which was\nremoved in commit 587ae086f6e4 (\"Bluetooth: Remove unused\nhci-destruct cb\"). However, this would not be a good solution, as\nwe should not run hci_unregister_dev() while there are in-flight\nioctl() requests, which could lead to another data-race KCSAN splat.\n\nNote that other drivers seem to have the same problem, for exmaple,\nvirtbt_remove().\n\n[0]:\nBUG: KASAN: slab-use-after-free in skb_queue_empty_lockless include/linux/skbuff.h:1891 [inline]\nBUG: KASAN: slab-use-after-free in skb_queue_purge_reason+0x99/0x360 net/core/skbuff.c:3937\nRead of size 8 at addr ffff88807cb8d858 by task syz.1.219/6718\n\nCPU: 1 UID: 0 PID: 6718 Comm: syz.1.219 Not tainted 6.16.0-rc1-syzkaller-00196-g08207f42d3ff #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x189/0x250 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:408 [inline]\n print_report+0xd2/0x2b0 mm/kasan/report.c:521\n kasan_report+0x118/0x150 mm/kasan/report.c:634\n skb_queue_empty_lockless include/linux/skbuff.h:1891 [inline]\n skb_queue_purge_reason+0x99/0x360 net/core/skbuff.c:3937\n skb_queue_purge include/linux/skbuff.h:3368 [inline]\n vhci_flush+0x44/0x50 drivers/bluetooth/hci_vhci.c:69\n hci_dev_do_reset net/bluetooth/hci_core.c:552 [inline]\n hci_dev_reset+0x420/0x5c0 net/bluetooth/hci_core.c:592\n sock_do_ioctl+0xd9/0x300 net/socket.c:1190\n sock_ioctl+0x576/0x790 net/socket.c:1311\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:907 [inline]\n __se_sys_ioctl+0xf9/0x170 fs/ioctl.c:893\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xfa/0x3b0 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7fcf5b98e929\nCode: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fcf5c7b9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 00007fcf5bbb6160 RCX: 00007fcf5b98e929\nRDX: 0000000000000000 RSI: 00000000400448cb RDI: 0000000000000009\nRBP: 00007fcf5ba10b39 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 0000000000000000 R14: 00007fcf5bbb6160 R15: 00007ffd6353d528\n \u003c/TASK\u003e\n\nAllocated by task 6535:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3e/0x80 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0x93/0xb0 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __kmalloc_cache_noprof+0x230/0x3d0 mm/slub.c:4359\n kmalloc_noprof include/linux/slab.h:905 [inline]\n kzalloc_noprof include/linux/slab.h:1039 [inline]\n vhci_open+0x57/0x360 drivers/bluetooth/hci_vhci.c:635\n misc_open+0x2bc/0x330 drivers/char/misc.c:161\n chrdev_open+0x4c9/0x5e0 fs/char_dev.c:414\n do_dentry_open+0xdf0/0x1970 fs/open.c:964\n vfs_open+0x3b/0x340 fs/open.c:1094\n do_open fs/namei.c:3887 [inline]\n path_openat+0x2ee5/0x3830 fs/name\n---truncated---",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Bluetooth: hci_core: Fix use-after-free in vhci_flush()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerability is caused by a race condition between ioctl() and close() on a virtual HCI (vhci) device, where vhci_release() may free memory still accessed by vhci_flush() via hci_dev_reset(). This leads to a potential use-after-free and kernel crash, as reported by syzbot. The CVSS vector includes PR:L because the attack requires access to an open file descriptor (typically from /dev/vhci) but not elevated privileges. For the CVSS, the AV:L is selected since the attack is initiated locally. The impact on Availability is High and potentially Confidentiality and Integrity could be High too.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.4.0.Z.AUS:bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-0:4.18.0-305.170.1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.AUS:kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.AUS:kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-0:4.18.0-305.170.1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-38250"
},
{
"category": "external",
"summary": "RHBZ#2378982",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2378982"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-38250",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38250"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-38250",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-38250"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025070934-CVE-2025-38250-3145@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025070934-CVE-2025-38250-3145@gregkh/T"
}
],
"release_date": "2025-07-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-09-02T06:56:50+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"BaseOS-8.4.0.Z.AUS:bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-0:4.18.0-305.170.1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.AUS:kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.AUS:kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-0:4.18.0-305.170.1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64"
],
"restart_required": {
"category": "machine"
},
"url": "https://access.redhat.com/errata/RHSA-2025:15035"
},
{
"category": "workaround",
"details": "To mitigate these vulnerabilities on the operating system level, disable the Bluetooth functionality via blocklisting kernel modules in the Linux kernel. The kernel modules can be prevented from being loaded by using system-wide modprobe rules. Instructions on how to disable Bluetooth modules are available on the customer portal at https://access.redhat.com/solutions/2682931.\n\nAlternatively, bluetooth can be disabled within the hardware or at the BIOS level, which will also provide effective mitigation as the kernel will not detect Bluetooth hardware on the system.",
"product_ids": [
"BaseOS-8.4.0.Z.AUS:bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-0:4.18.0-305.170.1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.AUS:kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.AUS:kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-0:4.18.0-305.170.1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.4.0.Z.AUS:bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-0:4.18.0-305.170.1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.AUS:kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.AUS:kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-0:4.18.0-305.170.1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Bluetooth: hci_core: Fix use-after-free in vhci_flush()"
},
{
"cve": "CVE-2025-38350",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2025-07-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2382054"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free (UAF) vulnerability was found in the Linux kernel\u0027s net/sched subsystem, specifically in the Credit-Based Shaper (CBS) qdisc implementation (sch_cbs). The vulnerability occurs because the CBS qdisc\u0027s reset function (qdisc_reset_queue()) only resets its internal queue but fails to reset its child qdisc recursively. As a result, a mismatch in queue length (qlen) occurs between CBS and its children during interface resets, eventually allowing attackers to trigger UAF on a parent HFSC scheduler.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: net/sched: Always pass notifications when child class becomes empty",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "On Red Hat Enterprise Linux 8 and later releases, regular (non-root) users can exploit this issue by abusing unprivileged user namespaces. On Red Hat Enterprise Linux 7, unprivileged user namespaces are disabled by default. Red Hat Enterprise Linux 6 did not include support for them at all, meaning that root privileges are necessary to trigger this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.4.0.Z.AUS:bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-0:4.18.0-305.170.1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.AUS:kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.AUS:kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-0:4.18.0-305.170.1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-38350"
},
{
"category": "external",
"summary": "RHBZ#2382054",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2382054"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-38350",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38350"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-38350",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-38350"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025071933-CVE-2025-38350-262a@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025071933-CVE-2025-38350-262a@gregkh/T"
}
],
"release_date": "2025-07-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-09-02T06:56:50+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"BaseOS-8.4.0.Z.AUS:bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-0:4.18.0-305.170.1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.AUS:kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.AUS:kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-0:4.18.0-305.170.1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64"
],
"restart_required": {
"category": "machine"
},
"url": "https://access.redhat.com/errata/RHSA-2025:15035"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent the sch_cbs module from being loaded. Please see https://access.redhat.com/solutions/41278 for how information on how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"BaseOS-8.4.0.Z.AUS:bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-0:4.18.0-305.170.1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.AUS:kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.AUS:kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-0:4.18.0-305.170.1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.4.0.Z.AUS:bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-0:4.18.0-305.170.1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.AUS:kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.AUS:kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-0:4.18.0-305.170.1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: net/sched: Always pass notifications when child class becomes empty"
},
{
"cve": "CVE-2025-38684",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2025-09-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2393190"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: ets: use old \u0027nbands\u0027 while purging unused classes\n\nShuang reported sch_ets test-case [1] crashing in ets_class_qlen_notify()\nafter recent changes from Lion [2]. The problem is: in ets_qdisc_change()\nwe purge unused DWRR queues; the value of \u0027q-\u003enbands\u0027 is the new one, and\nthe cleanup should be done with the old one. The problem is here since my\nfirst attempts to fix ets_qdisc_change(), but it surfaced again after the\nrecent qdisc len accounting fixes. Fix it purging idle DWRR queues before\nassigning a new value of \u0027q-\u003enbands\u0027, so that all purge operations find a\nconsistent configuration:\n\n - old \u0027q-\u003enbands\u0027 because it\u0027s needed by ets_class_find()\n - old \u0027q-\u003enstrict\u0027 because it\u0027s needed by ets_class_is_strict()\n\n BUG: kernel NULL pointer dereference, address: 0000000000000000\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 0 P4D 0\n Oops: Oops: 0000 [#1] SMP NOPTI\n CPU: 62 UID: 0 PID: 39457 Comm: tc Kdump: loaded Not tainted 6.12.0-116.el10.x86_64 #1 PREEMPT(voluntary)\n Hardware name: Dell Inc. PowerEdge R640/06DKY5, BIOS 2.12.2 07/09/2021\n RIP: 0010:__list_del_entry_valid_or_report+0x4/0x80\n Code: ff 4c 39 c7 0f 84 39 19 8e ff b8 01 00 00 00 c3 cc cc cc cc 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa \u003c48\u003e 8b 17 48 8b 4f 08 48 85 d2 0f 84 56 19 8e ff 48 85 c9 0f 84 ab\n RSP: 0018:ffffba186009f400 EFLAGS: 00010202\n RAX: 00000000000000d6 RBX: 0000000000000000 RCX: 0000000000000004\n RDX: ffff9f0fa29b69c0 RSI: 0000000000000000 RDI: 0000000000000000\n RBP: ffffffffc12c2400 R08: 0000000000000008 R09: 0000000000000004\n R10: ffffffffffffffff R11: 0000000000000004 R12: 0000000000000000\n R13: ffff9f0f8cfe0000 R14: 0000000000100005 R15: 0000000000000000\n FS: 00007f2154f37480(0000) GS:ffff9f269c1c0000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000000000000 CR3: 00000001530be001 CR4: 00000000007726f0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n PKRU: 55555554\n Call Trace:\n \u003cTASK\u003e\n ets_class_qlen_notify+0x65/0x90 [sch_ets]\n qdisc_tree_reduce_backlog+0x74/0x110\n ets_qdisc_change+0x630/0xa40 [sch_ets]\n __tc_modify_qdisc.constprop.0+0x216/0x7f0\n tc_modify_qdisc+0x7c/0x120\n rtnetlink_rcv_msg+0x145/0x3f0\n netlink_rcv_skb+0x53/0x100\n netlink_unicast+0x245/0x390\n netlink_sendmsg+0x21b/0x470\n ____sys_sendmsg+0x39d/0x3d0\n ___sys_sendmsg+0x9a/0xe0\n __sys_sendmsg+0x7a/0xd0\n do_syscall_64+0x7d/0x160\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n RIP: 0033:0x7f2155114084\n Code: 89 02 b8 ff ff ff ff eb bb 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 f3 0f 1e fa 80 3d 25 f0 0c 00 00 74 13 b8 2e 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 54 c3 0f 1f 00 48 83 ec 28 89 54 24 1c 48 89\n RSP: 002b:00007fff1fd7a988 EFLAGS: 00000202 ORIG_RAX: 000000000000002e\n RAX: ffffffffffffffda RBX: 0000560ec063e5e0 RCX: 00007f2155114084\n RDX: 0000000000000000 RSI: 00007fff1fd7a9f0 RDI: 0000000000000003\n RBP: 00007fff1fd7aa60 R08: 0000000000000010 R09: 000000000000003f\n R10: 0000560ee9b3a010 R11: 0000000000000202 R12: 00007fff1fd7aae0\n R13: 000000006891ccde R14: 0000560ec063e5e0 R15: 00007fff1fd7aad0\n \u003c/TASK\u003e\n\n [1] https://lore.kernel.org/netdev/e08c7f4a6882f260011909a868311c6e9b54f3e4.1639153474.git.dcaratti@redhat.com/\n [2] https://lore.kernel.org/netdev/d912cbd7-193b-4269-9857-525bee8bbb6a@gmail.com/",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: net/sched: ets: use old \u0027nbands\u0027 while purging unused classes",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.4.0.Z.AUS:bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-0:4.18.0-305.170.1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.AUS:kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.AUS:kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-0:4.18.0-305.170.1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-38684"
},
{
"category": "external",
"summary": "RHBZ#2393190",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2393190"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-38684",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38684"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-38684",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-38684"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025090447-CVE-2025-38684-db4c@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025090447-CVE-2025-38684-db4c@gregkh/T"
}
],
"release_date": "2025-09-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-09-02T06:56:50+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"BaseOS-8.4.0.Z.AUS:bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-0:4.18.0-305.170.1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.AUS:kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.AUS:kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-0:4.18.0-305.170.1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64"
],
"restart_required": {
"category": "machine"
},
"url": "https://access.redhat.com/errata/RHSA-2025:15035"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.4.0.Z.AUS:bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-0:4.18.0-305.170.1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.AUS:kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.AUS:kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:bpftool-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:bpftool-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-0:4.18.0-305.170.1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-abi-stablelists-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-core-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debug-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-debuginfo-common-x86_64-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-devel-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-doc-0:4.18.0-305.170.1.el8_4.noarch",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-modules-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-modules-extra-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:kernel-tools-libs-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-perf-0:4.18.0-305.170.1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-perf-debuginfo-0:4.18.0-305.170.1.el8_4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: net/sched: ets: use old \u0027nbands\u0027 while purging unused classes"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…