csaf_redhat - rhsa-2025:16373

rhsa-2025:16373

Vulnerability from csaf_redhat

Published

2025-09-22 11:07

Modified

2025-10-01 20:49

Summary

Red Hat Security Advisory: kernel-rt security update

Notes

Topic

An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Details

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es): * kernel: vsock: Fix transport_* TOCTOU (CVE-2025-38461) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update for kernel-rt is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es):\n\n* kernel: vsock: Fix transport_* TOCTOU (CVE-2025-38461)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2025:16373",
        "url": "https://access.redhat.com/errata/RHSA-2025:16373"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#moderate",
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "category": "external",
        "summary": "2383513",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2383513"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_16373.json"
      }
    ],
    "title": "Red Hat Security Advisory: kernel-rt security update",
    "tracking": {
      "current_release_date": "2025-10-01T20:49:42+00:00",
      "generator": {
        "date": "2025-10-01T20:49:42+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.6.8"
        }
      },
      "id": "RHSA-2025:16373",
      "initial_release_date": "2025-09-22T11:07:39+00:00",
      "revision_history": [
        {
          "date": "2025-09-22T11:07:39+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2025-09-22T11:07:39+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-10-01T20:49:42+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux NFV (v. 8)",
                "product": {
                  "name": "Red Hat Enterprise Linux NFV (v. 8)",
                  "product_id": "NFV-8.10.0.Z.MAIN.EUS",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:enterprise_linux:8::nfv"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux RT (v. 8)",
                "product": {
                  "name": "Red Hat Enterprise Linux RT (v. 8)",
                  "product_id": "RT-8.10.0.Z.MAIN.EUS",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:enterprise_linux:8::realtime"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-rt-0:4.18.0-553.76.1.rt7.417.el8_10.src",
                "product": {
                  "name": "kernel-rt-0:4.18.0-553.76.1.rt7.417.el8_10.src",
                  "product_id": "kernel-rt-0:4.18.0-553.76.1.rt7.417.el8_10.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt@4.18.0-553.76.1.rt7.417.el8_10?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-rt-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
                "product": {
                  "name": "kernel-rt-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
                  "product_id": "kernel-rt-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt@4.18.0-553.76.1.rt7.417.el8_10?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-core-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
                "product": {
                  "name": "kernel-rt-core-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
                  "product_id": "kernel-rt-core-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-core@4.18.0-553.76.1.rt7.417.el8_10?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debug-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
                "product": {
                  "name": "kernel-rt-debug-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
                  "product_id": "kernel-rt-debug-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debug@4.18.0-553.76.1.rt7.417.el8_10?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debug-core-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
                "product": {
                  "name": "kernel-rt-debug-core-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
                  "product_id": "kernel-rt-debug-core-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debug-core@4.18.0-553.76.1.rt7.417.el8_10?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debug-devel-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
                "product": {
                  "name": "kernel-rt-debug-devel-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
                  "product_id": "kernel-rt-debug-devel-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debug-devel@4.18.0-553.76.1.rt7.417.el8_10?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debug-kvm-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
                "product": {
                  "name": "kernel-rt-debug-kvm-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
                  "product_id": "kernel-rt-debug-kvm-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debug-kvm@4.18.0-553.76.1.rt7.417.el8_10?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debug-modules-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
                "product": {
                  "name": "kernel-rt-debug-modules-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
                  "product_id": "kernel-rt-debug-modules-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debug-modules@4.18.0-553.76.1.rt7.417.el8_10?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debug-modules-extra-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
                "product": {
                  "name": "kernel-rt-debug-modules-extra-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
                  "product_id": "kernel-rt-debug-modules-extra-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debug-modules-extra@4.18.0-553.76.1.rt7.417.el8_10?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-devel-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
                "product": {
                  "name": "kernel-rt-devel-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
                  "product_id": "kernel-rt-devel-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-devel@4.18.0-553.76.1.rt7.417.el8_10?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-kvm-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
                "product": {
                  "name": "kernel-rt-kvm-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
                  "product_id": "kernel-rt-kvm-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-kvm@4.18.0-553.76.1.rt7.417.el8_10?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-modules-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
                "product": {
                  "name": "kernel-rt-modules-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
                  "product_id": "kernel-rt-modules-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-modules@4.18.0-553.76.1.rt7.417.el8_10?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-modules-extra-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
                "product": {
                  "name": "kernel-rt-modules-extra-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
                  "product_id": "kernel-rt-modules-extra-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-modules-extra@4.18.0-553.76.1.rt7.417.el8_10?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debug-debuginfo-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
                "product": {
                  "name": "kernel-rt-debug-debuginfo-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
                  "product_id": "kernel-rt-debug-debuginfo-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@4.18.0-553.76.1.rt7.417.el8_10?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debuginfo-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
                "product": {
                  "name": "kernel-rt-debuginfo-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
                  "product_id": "kernel-rt-debuginfo-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debuginfo@4.18.0-553.76.1.rt7.417.el8_10?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
                "product": {
                  "name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
                  "product_id": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common-x86_64@4.18.0-553.76.1.rt7.417.el8_10?arch=x86_64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-0:4.18.0-553.76.1.rt7.417.el8_10.src as a component of Red Hat Enterprise Linux NFV (v. 8)",
          "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.76.1.rt7.417.el8_10.src"
        },
        "product_reference": "kernel-rt-0:4.18.0-553.76.1.rt7.417.el8_10.src",
        "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
          "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
        "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-core-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
          "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-core-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
        "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
          "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-debug-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
        "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-core-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
          "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-debug-core-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
        "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-debuginfo-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
          "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-debug-debuginfo-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
        "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-devel-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
          "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-debug-devel-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
        "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-kvm-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
          "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-debug-kvm-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
        "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-modules-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
          "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-debug-modules-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
        "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-modules-extra-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
          "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-debug-modules-extra-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
        "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debuginfo-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
          "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-debuginfo-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
        "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
          "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
        "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-devel-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
          "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-devel-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
        "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-kvm-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
          "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-kvm-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
        "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-modules-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
          "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-modules-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
        "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-modules-extra-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
          "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-modules-extra-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
        "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-0:4.18.0-553.76.1.rt7.417.el8_10.src as a component of Red Hat Enterprise Linux RT (v. 8)",
          "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.76.1.rt7.417.el8_10.src"
        },
        "product_reference": "kernel-rt-0:4.18.0-553.76.1.rt7.417.el8_10.src",
        "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
          "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
        "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-core-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
          "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-core-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
        "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
          "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-debug-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
        "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-core-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
          "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-debug-core-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
        "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-debuginfo-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
          "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-debug-debuginfo-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
        "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-devel-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
          "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-debug-devel-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
        "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-kvm-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
          "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-debug-kvm-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
        "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-modules-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
          "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-debug-modules-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
        "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-modules-extra-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
          "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-debug-modules-extra-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
        "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debuginfo-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
          "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-debuginfo-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
        "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
          "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
        "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-devel-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
          "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-devel-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
        "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-kvm-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
          "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-kvm-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
        "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-modules-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
          "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-modules-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
        "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-modules-extra-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
          "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-modules-extra-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
        "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-38461",
      "cwe": {
        "id": "CWE-664",
        "name": "Improper Control of a Resource Through its Lifetime"
      },
      "discovery_date": "2025-07-25T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2383513"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock: Fix transport_* TOCTOU\n\nTransport assignment may race with module unload. Protect new_transport\nfrom becoming a stale pointer.\n\nThis also takes care of an insecure call in vsock_use_local_transport();\nadd a lockdep assert.\n\nBUG: unable to handle page fault for address: fffffbfff8056000\nOops: Oops: 0000 [#1] SMP KASAN\nRIP: 0010:vsock_assign_transport+0x366/0x600\nCall Trace:\n vsock_connect+0x59c/0xc40\n __sys_connect+0xe8/0x100\n __x64_sys_connect+0x6e/0xc0\n do_syscall_64+0x92/0x1c0\n entry_SYSCALL_64_after_hwframe+0x4b/0x53",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: vsock: Fix transport_* TOCTOU",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This patch addresses a race condition in the vsock core that could lead to a use-after-free or NULL pointer dereference when assigning transports during socket initialization.\nThe vulnerability stems from a lack of synchronization between transport selection and potential module unloading, leading to stale pointers being dereferenced.\nA mutex now protects access to the transport selection logic, and reference counting ensures the module is retained during use.\nThe issue has low impact on confidentiality, but may cause a system crash, resulting in high availability impact.\nSince the problem is reachable by unprivileged users via socket operations, Privileges Required = Low (for the CVSS).\nWhile the issue is most clearly triggered during manual module unload, similar conditions can also arise from automatic module unloading, hotplug scripts, or asynchronous transport (de)registration in multi-threaded environments.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.76.1.rt7.417.el8_10.src",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.76.1.rt7.417.el8_10.src",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-38461"
        },
        {
          "category": "external",
          "summary": "RHBZ#2383513",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2383513"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-38461",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-38461"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-38461",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-38461"
        },
        {
          "category": "external",
          "summary": "https://lore.kernel.org/linux-cve-announce/2025072507-CVE-2025-38461-33b1@gregkh/T",
          "url": "https://lore.kernel.org/linux-cve-announce/2025072507-CVE-2025-38461-33b1@gregkh/T"
        }
      ],
      "release_date": "2025-07-25T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-09-22T11:07:39+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
          "product_ids": [
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.76.1.rt7.417.el8_10.src",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.76.1.rt7.417.el8_10.src",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:16373"
        },
        {
          "category": "workaround",
          "details": "To mitigate this issue, prevent module vsock from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.",
          "product_ids": [
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.76.1.rt7.417.el8_10.src",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.76.1.rt7.417.el8_10.src",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.76.1.rt7.417.el8_10.src",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.76.1.rt7.417.el8_10.src",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.76.1.rt7.417.el8_10.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "kernel: vsock: Fix transport_* TOCTOU"
    }
  ]
}

CVE-2025-38461 (GCVE-0-2025-38461)

Vulnerability from cvelistv5

Published

2025-07-25 15:27

Modified

2025-07-28 04:23

Severity ?

Summary

In the Linux kernel, the following vulnerability has been resolved: vsock: Fix transport_* TOCTOU Transport assignment may race with module unload. Protect new_transport from becoming a stale pointer. This also takes care of an insecure call in vsock_use_local_transport(); add a lockdep assert. BUG: unable to handle page fault for address: fffffbfff8056000 Oops: Oops: 0000 [#1] SMP KASAN RIP: 0010:vsock_assign_transport+0x366/0x600 Call Trace: vsock_connect+0x59c/0xc40 __sys_connect+0xe8/0x100 __x64_sys_connect+0x6e/0xc0 do_syscall_64+0x92/0x1c0 entry_SYSCALL_64_after_hwframe+0x4b/0x53

References

▼	URL	Tags
	https://git.kernel.org/stable/c/8667e8d0eb46bc54fdae30ba2f4786407d3d88eb
	https://git.kernel.org/stable/c/36a439049b34cca0b3661276049b84a1f76cc21a
	https://git.kernel.org/stable/c/9ce53e744f18e73059d3124070e960f3aa9902bf
	https://git.kernel.org/stable/c/9d24bb6780282b0255b9929abe5e8f98007e2c6e
	https://git.kernel.org/stable/c/ae2c712ba39c7007de63cb0c75b51ce1caaf1da5
	https://git.kernel.org/stable/c/7b73bddf54777fb62d4d8c7729d0affe6df04477
	https://git.kernel.org/stable/c/687aa0c5581b8d4aa87fd92973e4ee576b550cdf

Impacted products

Vendor

Product

Version

▼

Linux

Version: c0cfa2d8a788fcf45df5bf4070ab2474c88d543a
Version: c0cfa2d8a788fcf45df5bf4070ab2474c88d543a
Version: c0cfa2d8a788fcf45df5bf4070ab2474c88d543a
Version: c0cfa2d8a788fcf45df5bf4070ab2474c88d543a
Version: c0cfa2d8a788fcf45df5bf4070ab2474c88d543a
Version: c0cfa2d8a788fcf45df5bf4070ab2474c88d543a
Version: c0cfa2d8a788fcf45df5bf4070ab2474c88d543a

Linux

Version: 5.5

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/vmw_vsock/af_vsock.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "8667e8d0eb46bc54fdae30ba2f4786407d3d88eb",
              "status": "affected",
              "version": "c0cfa2d8a788fcf45df5bf4070ab2474c88d543a",
              "versionType": "git"
            },
            {
              "lessThan": "36a439049b34cca0b3661276049b84a1f76cc21a",
              "status": "affected",
              "version": "c0cfa2d8a788fcf45df5bf4070ab2474c88d543a",
              "versionType": "git"
            },
            {
              "lessThan": "9ce53e744f18e73059d3124070e960f3aa9902bf",
              "status": "affected",
              "version": "c0cfa2d8a788fcf45df5bf4070ab2474c88d543a",
              "versionType": "git"
            },
            {
              "lessThan": "9d24bb6780282b0255b9929abe5e8f98007e2c6e",
              "status": "affected",
              "version": "c0cfa2d8a788fcf45df5bf4070ab2474c88d543a",
              "versionType": "git"
            },
            {
              "lessThan": "ae2c712ba39c7007de63cb0c75b51ce1caaf1da5",
              "status": "affected",
              "version": "c0cfa2d8a788fcf45df5bf4070ab2474c88d543a",
              "versionType": "git"
            },
            {
              "lessThan": "7b73bddf54777fb62d4d8c7729d0affe6df04477",
              "status": "affected",
              "version": "c0cfa2d8a788fcf45df5bf4070ab2474c88d543a",
              "versionType": "git"
            },
            {
              "lessThan": "687aa0c5581b8d4aa87fd92973e4ee576b550cdf",
              "status": "affected",
              "version": "c0cfa2d8a788fcf45df5bf4070ab2474c88d543a",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/vmw_vsock/af_vsock.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.5"
            },
            {
              "lessThan": "5.5",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.240",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.189",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.146",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.99",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.12.*",
              "status": "unaffected",
              "version": "6.12.39",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.15.*",
              "status": "unaffected",
              "version": "6.15.7",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.16",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.240",
                  "versionStartIncluding": "5.5",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.189",
                  "versionStartIncluding": "5.5",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.146",
                  "versionStartIncluding": "5.5",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6.99",
                  "versionStartIncluding": "5.5",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.12.39",
                  "versionStartIncluding": "5.5",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.15.7",
                  "versionStartIncluding": "5.5",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.16",
                  "versionStartIncluding": "5.5",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock: Fix transport_* TOCTOU\n\nTransport assignment may race with module unload. Protect new_transport\nfrom becoming a stale pointer.\n\nThis also takes care of an insecure call in vsock_use_local_transport();\nadd a lockdep assert.\n\nBUG: unable to handle page fault for address: fffffbfff8056000\nOops: Oops: 0000 [#1] SMP KASAN\nRIP: 0010:vsock_assign_transport+0x366/0x600\nCall Trace:\n vsock_connect+0x59c/0xc40\n __sys_connect+0xe8/0x100\n __x64_sys_connect+0x6e/0xc0\n do_syscall_64+0x92/0x1c0\n entry_SYSCALL_64_after_hwframe+0x4b/0x53"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-28T04:23:07.628Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/8667e8d0eb46bc54fdae30ba2f4786407d3d88eb"
        },
        {
          "url": "https://git.kernel.org/stable/c/36a439049b34cca0b3661276049b84a1f76cc21a"
        },
        {
          "url": "https://git.kernel.org/stable/c/9ce53e744f18e73059d3124070e960f3aa9902bf"
        },
        {
          "url": "https://git.kernel.org/stable/c/9d24bb6780282b0255b9929abe5e8f98007e2c6e"
        },
        {
          "url": "https://git.kernel.org/stable/c/ae2c712ba39c7007de63cb0c75b51ce1caaf1da5"
        },
        {
          "url": "https://git.kernel.org/stable/c/7b73bddf54777fb62d4d8c7729d0affe6df04477"
        },
        {
          "url": "https://git.kernel.org/stable/c/687aa0c5581b8d4aa87fd92973e4ee576b550cdf"
        }
      ],
      "title": "vsock: Fix transport_* TOCTOU",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2025-38461",
    "datePublished": "2025-07-25T15:27:39.322Z",
    "dateReserved": "2025-04-16T04:51:24.020Z",
    "dateUpdated": "2025-07-28T04:23:07.628Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted