csaf_redhat - rhsa-2025:17398

rhsa-2025:17398

Vulnerability from csaf_redhat

Published

2025-10-06 15:43

Modified

2025-10-08 15:48

Summary

Red Hat Security Advisory: kernel-rt security update

Notes

Topic

An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Details

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es): * kernel: smb: client: fix use-after-free in cifs_oplock_break (CVE-2025-38527) * kernel: NFS: Fix filehandle bounds checking in nfs_fh_to_dentry() (CVE-2025-39730) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update for kernel-rt is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es):\n\n* kernel: smb: client: fix use-after-free in cifs_oplock_break (CVE-2025-38527)\n\n* kernel: NFS: Fix filehandle bounds checking in nfs_fh_to_dentry() (CVE-2025-39730)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2025:17398",
        "url": "https://access.redhat.com/errata/RHSA-2025:17398"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#moderate",
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "category": "external",
        "summary": "2388928",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2388928"
      },
      {
        "category": "external",
        "summary": "2393731",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2393731"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_17398.json"
      }
    ],
    "title": "Red Hat Security Advisory: kernel-rt security update",
    "tracking": {
      "current_release_date": "2025-10-08T15:48:32+00:00",
      "generator": {
        "date": "2025-10-08T15:48:32+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.6.9"
        }
      },
      "id": "RHSA-2025:17398",
      "initial_release_date": "2025-10-06T15:43:29+00:00",
      "revision_history": [
        {
          "date": "2025-10-06T15:43:29+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2025-10-06T15:43:29+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-10-08T15:48:32+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux NFV (v. 8)",
                "product": {
                  "name": "Red Hat Enterprise Linux NFV (v. 8)",
                  "product_id": "NFV-8.10.0.Z.MAIN.EUS",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:enterprise_linux:8::nfv"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux RT (v. 8)",
                "product": {
                  "name": "Red Hat Enterprise Linux RT (v. 8)",
                  "product_id": "RT-8.10.0.Z.MAIN.EUS",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:enterprise_linux:8::realtime"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-rt-0:4.18.0-553.78.1.rt7.419.el8_10.src",
                "product": {
                  "name": "kernel-rt-0:4.18.0-553.78.1.rt7.419.el8_10.src",
                  "product_id": "kernel-rt-0:4.18.0-553.78.1.rt7.419.el8_10.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt@4.18.0-553.78.1.rt7.419.el8_10?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-rt-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
                "product": {
                  "name": "kernel-rt-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
                  "product_id": "kernel-rt-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt@4.18.0-553.78.1.rt7.419.el8_10?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-core-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
                "product": {
                  "name": "kernel-rt-core-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
                  "product_id": "kernel-rt-core-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-core@4.18.0-553.78.1.rt7.419.el8_10?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debug-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
                "product": {
                  "name": "kernel-rt-debug-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
                  "product_id": "kernel-rt-debug-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debug@4.18.0-553.78.1.rt7.419.el8_10?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debug-core-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
                "product": {
                  "name": "kernel-rt-debug-core-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
                  "product_id": "kernel-rt-debug-core-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debug-core@4.18.0-553.78.1.rt7.419.el8_10?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debug-devel-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
                "product": {
                  "name": "kernel-rt-debug-devel-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
                  "product_id": "kernel-rt-debug-devel-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debug-devel@4.18.0-553.78.1.rt7.419.el8_10?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debug-kvm-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
                "product": {
                  "name": "kernel-rt-debug-kvm-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
                  "product_id": "kernel-rt-debug-kvm-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debug-kvm@4.18.0-553.78.1.rt7.419.el8_10?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debug-modules-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
                "product": {
                  "name": "kernel-rt-debug-modules-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
                  "product_id": "kernel-rt-debug-modules-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debug-modules@4.18.0-553.78.1.rt7.419.el8_10?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debug-modules-extra-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
                "product": {
                  "name": "kernel-rt-debug-modules-extra-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
                  "product_id": "kernel-rt-debug-modules-extra-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debug-modules-extra@4.18.0-553.78.1.rt7.419.el8_10?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-devel-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
                "product": {
                  "name": "kernel-rt-devel-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
                  "product_id": "kernel-rt-devel-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-devel@4.18.0-553.78.1.rt7.419.el8_10?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-kvm-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
                "product": {
                  "name": "kernel-rt-kvm-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
                  "product_id": "kernel-rt-kvm-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-kvm@4.18.0-553.78.1.rt7.419.el8_10?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-modules-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
                "product": {
                  "name": "kernel-rt-modules-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
                  "product_id": "kernel-rt-modules-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-modules@4.18.0-553.78.1.rt7.419.el8_10?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-modules-extra-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
                "product": {
                  "name": "kernel-rt-modules-extra-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
                  "product_id": "kernel-rt-modules-extra-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-modules-extra@4.18.0-553.78.1.rt7.419.el8_10?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debug-debuginfo-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
                "product": {
                  "name": "kernel-rt-debug-debuginfo-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
                  "product_id": "kernel-rt-debug-debuginfo-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@4.18.0-553.78.1.rt7.419.el8_10?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debuginfo-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
                "product": {
                  "name": "kernel-rt-debuginfo-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
                  "product_id": "kernel-rt-debuginfo-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debuginfo@4.18.0-553.78.1.rt7.419.el8_10?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
                "product": {
                  "name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
                  "product_id": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common-x86_64@4.18.0-553.78.1.rt7.419.el8_10?arch=x86_64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-0:4.18.0-553.78.1.rt7.419.el8_10.src as a component of Red Hat Enterprise Linux NFV (v. 8)",
          "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.78.1.rt7.419.el8_10.src"
        },
        "product_reference": "kernel-rt-0:4.18.0-553.78.1.rt7.419.el8_10.src",
        "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
          "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
        "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-core-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
          "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-core-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
        "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
          "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-debug-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
        "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-core-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
          "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-debug-core-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
        "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-debuginfo-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
          "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-debug-debuginfo-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
        "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-devel-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
          "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-debug-devel-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
        "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-kvm-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
          "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-debug-kvm-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
        "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-modules-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
          "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-debug-modules-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
        "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-modules-extra-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
          "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-debug-modules-extra-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
        "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debuginfo-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
          "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-debuginfo-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
        "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
          "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
        "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-devel-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
          "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-devel-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
        "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-kvm-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
          "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-kvm-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
        "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-modules-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
          "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-modules-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
        "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-modules-extra-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
          "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-modules-extra-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
        "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-0:4.18.0-553.78.1.rt7.419.el8_10.src as a component of Red Hat Enterprise Linux RT (v. 8)",
          "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.78.1.rt7.419.el8_10.src"
        },
        "product_reference": "kernel-rt-0:4.18.0-553.78.1.rt7.419.el8_10.src",
        "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
          "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
        "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-core-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
          "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-core-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
        "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
          "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-debug-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
        "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-core-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
          "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-debug-core-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
        "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-debuginfo-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
          "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-debug-debuginfo-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
        "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-devel-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
          "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-debug-devel-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
        "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-kvm-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
          "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-debug-kvm-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
        "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-modules-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
          "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-debug-modules-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
        "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-modules-extra-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
          "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-debug-modules-extra-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
        "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debuginfo-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
          "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-debuginfo-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
        "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
          "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
        "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-devel-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
          "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-devel-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
        "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-kvm-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
          "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-kvm-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
        "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-modules-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
          "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-modules-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
        "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-modules-extra-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
          "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-modules-extra-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
        "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-38527",
      "cwe": {
        "id": "CWE-825",
        "name": "Expired Pointer Dereference"
      },
      "discovery_date": "2025-08-16T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2388928"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix use-after-free in cifs_oplock_break\n\nA race condition can occur in cifs_oplock_break() leading to a\nuse-after-free of the cinode structure when unmounting:\n\n  cifs_oplock_break()\n    _cifsFileInfo_put(cfile)\n      cifsFileInfo_put_final()\n        cifs_sb_deactive()\n          [last ref, start releasing sb]\n            kill_sb()\n              kill_anon_super()\n                generic_shutdown_super()\n                  evict_inodes()\n                    dispose_list()\n                      evict()\n                        destroy_inode()\n                          call_rcu(\u0026inode-\u003ei_rcu, i_callback)\n    spin_lock(\u0026cinode-\u003eopen_file_lock)  \u003c- OK\n                            [later] i_callback()\n                              cifs_free_inode()\n                                kmem_cache_free(cinode)\n    spin_unlock(\u0026cinode-\u003eopen_file_lock)  \u003c- UAF\n    cifs_done_oplock_break(cinode)       \u003c- UAF\n\nThe issue occurs when umount has already released its reference to the\nsuperblock. When _cifsFileInfo_put() calls cifs_sb_deactive(), this\nreleases the last reference, triggering the immediate cleanup of all\ninodes under RCU. However, cifs_oplock_break() continues to access the\ncinode after this point, resulting in use-after-free.\n\nFix this by holding an extra reference to the superblock during the\nentire oplock break operation. This ensures that the superblock and\nits inodes remain valid until the oplock break completes.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: smb: client: fix use-after-free in cifs_oplock_break",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.78.1.rt7.419.el8_10.src",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.78.1.rt7.419.el8_10.src",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-38527"
        },
        {
          "category": "external",
          "summary": "RHBZ#2388928",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2388928"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-38527",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-38527"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-38527",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-38527"
        },
        {
          "category": "external",
          "summary": "https://lore.kernel.org/linux-cve-announce/2025081654-CVE-2025-38527-c389@gregkh/T",
          "url": "https://lore.kernel.org/linux-cve-announce/2025081654-CVE-2025-38527-c389@gregkh/T"
        }
      ],
      "release_date": "2025-08-16T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-10-06T15:43:29+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
          "product_ids": [
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.78.1.rt7.419.el8_10.src",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.78.1.rt7.419.el8_10.src",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:17398"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.78.1.rt7.419.el8_10.src",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.78.1.rt7.419.el8_10.src",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "kernel: smb: client: fix use-after-free in cifs_oplock_break"
    },
    {
      "cve": "CVE-2025-39730",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "discovery_date": "2025-09-07T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2393731"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw out of boundary read in the Linux kernel NFS functionality was found in the way connected user sends malicious data to the server. A remote user could use this flaw to crash the system.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: NFS: Fix filehandle bounds checking in nfs_fh_to_dentry()",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "A flaw was found in the NFS server implementation where nfs_fh_to_dentry() failed to properly validate the minimal filehandle length before accessing the embedded structure. An attacker with access to an exported NFS share could send a crafted filehandle, leading to out-of-bounds memory access and a potential kernel crash. This issue results in a remote denial of service against the NFS server.\nThis flaw is limited to a missing bounds check in nfs_fh_to_dentry(), which causes an out-of-bounds read and a kernel crash.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.78.1.rt7.419.el8_10.src",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.78.1.rt7.419.el8_10.src",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-39730"
        },
        {
          "category": "external",
          "summary": "RHBZ#2393731",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2393731"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-39730",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-39730"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-39730",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-39730"
        },
        {
          "category": "external",
          "summary": "https://lore.kernel.org/linux-cve-announce/2025090730-CVE-2025-39730-72c9@gregkh/T",
          "url": "https://lore.kernel.org/linux-cve-announce/2025090730-CVE-2025-39730-72c9@gregkh/T"
        }
      ],
      "release_date": "2025-09-07T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-10-06T15:43:29+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
          "product_ids": [
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.78.1.rt7.419.el8_10.src",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.78.1.rt7.419.el8_10.src",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:17398"
        },
        {
          "category": "workaround",
          "details": "To mitigate this issue, prevent module nfs from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.",
          "product_ids": [
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.78.1.rt7.419.el8_10.src",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.78.1.rt7.419.el8_10.src",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.78.1.rt7.419.el8_10.src",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.78.1.rt7.419.el8_10.src",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.78.1.rt7.419.el8_10.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "kernel: NFS: Fix filehandle bounds checking in nfs_fh_to_dentry()"
    }
  ]
}

CVE-2025-38527 (GCVE-0-2025-38527)

Vulnerability from cvelistv5

Published

2025-08-16 11:12

Modified

2025-08-28 14:43

Severity ?

Summary

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free in cifs_oplock_break A race condition can occur in cifs_oplock_break() leading to a use-after-free of the cinode structure when unmounting: cifs_oplock_break() _cifsFileInfo_put(cfile) cifsFileInfo_put_final() cifs_sb_deactive() [last ref, start releasing sb] kill_sb() kill_anon_super() generic_shutdown_super() evict_inodes() dispose_list() evict() destroy_inode() call_rcu(&inode->i_rcu, i_callback) spin_lock(&cinode->open_file_lock) <- OK [later] i_callback() cifs_free_inode() kmem_cache_free(cinode) spin_unlock(&cinode->open_file_lock) <- UAF cifs_done_oplock_break(cinode) <- UAF The issue occurs when umount has already released its reference to the superblock. When _cifsFileInfo_put() calls cifs_sb_deactive(), this releases the last reference, triggering the immediate cleanup of all inodes under RCU. However, cifs_oplock_break() continues to access the cinode after this point, resulting in use-after-free. Fix this by holding an extra reference to the superblock during the entire oplock break operation. This ensures that the superblock and its inodes remain valid until the oplock break completes.

References

▼	URL	Tags
	https://git.kernel.org/stable/c/4256a483fe58af66a46cbf3dc48ff26e580d3308
	https://git.kernel.org/stable/c/0a4eec84d4d2c4085d4ed8630fd74e4b39033c1b
	https://git.kernel.org/stable/c/2baaf5bbab2ac474c4f92c10fcb3310f824db995
	https://git.kernel.org/stable/c/09bce2138a30ef10d8821c8c3f73a4ab7a5726bc
	https://git.kernel.org/stable/c/da11bd4b697b393a207f19a2ed7d382a811a3ddc
	https://git.kernel.org/stable/c/705c79101ccf9edea5a00d761491a03ced314210

Impacted products

Vendor

Product

Version

▼

Linux

Version: b98749cac4a695f084a5ff076f4510b23e353ecd
Version: b98749cac4a695f084a5ff076f4510b23e353ecd
Version: b98749cac4a695f084a5ff076f4510b23e353ecd
Version: b98749cac4a695f084a5ff076f4510b23e353ecd
Version: b98749cac4a695f084a5ff076f4510b23e353ecd
Version: b98749cac4a695f084a5ff076f4510b23e353ecd
Version: 2429fcf06d3cb962693868ab0a927c9038f12a2d
Version: 1ee4f2d7cdcd4508cc3cbe3b2622d7177b89da12
Version: 53fc31a4853e30d6e8f142b824f724da27ff3e40
Version: 8092ecc306d81186a64cda42411121f4d35aaff4
Version: ebac4d0adf68f8962bd82fcf483936edd6ec095b

Linux

Version: 5.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/smb/client/file.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "4256a483fe58af66a46cbf3dc48ff26e580d3308",
              "status": "affected",
              "version": "b98749cac4a695f084a5ff076f4510b23e353ecd",
              "versionType": "git"
            },
            {
              "lessThan": "0a4eec84d4d2c4085d4ed8630fd74e4b39033c1b",
              "status": "affected",
              "version": "b98749cac4a695f084a5ff076f4510b23e353ecd",
              "versionType": "git"
            },
            {
              "lessThan": "2baaf5bbab2ac474c4f92c10fcb3310f824db995",
              "status": "affected",
              "version": "b98749cac4a695f084a5ff076f4510b23e353ecd",
              "versionType": "git"
            },
            {
              "lessThan": "09bce2138a30ef10d8821c8c3f73a4ab7a5726bc",
              "status": "affected",
              "version": "b98749cac4a695f084a5ff076f4510b23e353ecd",
              "versionType": "git"
            },
            {
              "lessThan": "da11bd4b697b393a207f19a2ed7d382a811a3ddc",
              "status": "affected",
              "version": "b98749cac4a695f084a5ff076f4510b23e353ecd",
              "versionType": "git"
            },
            {
              "lessThan": "705c79101ccf9edea5a00d761491a03ced314210",
              "status": "affected",
              "version": "b98749cac4a695f084a5ff076f4510b23e353ecd",
              "versionType": "git"
            },
            {
              "status": "affected",
              "version": "2429fcf06d3cb962693868ab0a927c9038f12a2d",
              "versionType": "git"
            },
            {
              "status": "affected",
              "version": "1ee4f2d7cdcd4508cc3cbe3b2622d7177b89da12",
              "versionType": "git"
            },
            {
              "status": "affected",
              "version": "53fc31a4853e30d6e8f142b824f724da27ff3e40",
              "versionType": "git"
            },
            {
              "status": "affected",
              "version": "8092ecc306d81186a64cda42411121f4d35aaff4",
              "versionType": "git"
            },
            {
              "status": "affected",
              "version": "ebac4d0adf68f8962bd82fcf483936edd6ec095b",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "fs/smb/client/file.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.1"
            },
            {
              "lessThan": "5.1",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.190",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.147",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.100",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.12.*",
              "status": "unaffected",
              "version": "6.12.40",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.15.*",
              "status": "unaffected",
              "version": "6.15.8",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.16",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.190",
                  "versionStartIncluding": "5.1",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.147",
                  "versionStartIncluding": "5.1",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6.100",
                  "versionStartIncluding": "5.1",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.12.40",
                  "versionStartIncluding": "5.1",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.15.8",
                  "versionStartIncluding": "5.1",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.16",
                  "versionStartIncluding": "5.1",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionStartIncluding": "3.16.72",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionStartIncluding": "4.9.171",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionStartIncluding": "4.14.114",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionStartIncluding": "4.19.37",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionStartIncluding": "5.0.10",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix use-after-free in cifs_oplock_break\n\nA race condition can occur in cifs_oplock_break() leading to a\nuse-after-free of the cinode structure when unmounting:\n\n  cifs_oplock_break()\n    _cifsFileInfo_put(cfile)\n      cifsFileInfo_put_final()\n        cifs_sb_deactive()\n          [last ref, start releasing sb]\n            kill_sb()\n              kill_anon_super()\n                generic_shutdown_super()\n                  evict_inodes()\n                    dispose_list()\n                      evict()\n                        destroy_inode()\n                          call_rcu(\u0026inode-\u003ei_rcu, i_callback)\n    spin_lock(\u0026cinode-\u003eopen_file_lock)  \u003c- OK\n                            [later] i_callback()\n                              cifs_free_inode()\n                                kmem_cache_free(cinode)\n    spin_unlock(\u0026cinode-\u003eopen_file_lock)  \u003c- UAF\n    cifs_done_oplock_break(cinode)       \u003c- UAF\n\nThe issue occurs when umount has already released its reference to the\nsuperblock. When _cifsFileInfo_put() calls cifs_sb_deactive(), this\nreleases the last reference, triggering the immediate cleanup of all\ninodes under RCU. However, cifs_oplock_break() continues to access the\ncinode after this point, resulting in use-after-free.\n\nFix this by holding an extra reference to the superblock during the\nentire oplock break operation. This ensures that the superblock and\nits inodes remain valid until the oplock break completes."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-28T14:43:33.671Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/4256a483fe58af66a46cbf3dc48ff26e580d3308"
        },
        {
          "url": "https://git.kernel.org/stable/c/0a4eec84d4d2c4085d4ed8630fd74e4b39033c1b"
        },
        {
          "url": "https://git.kernel.org/stable/c/2baaf5bbab2ac474c4f92c10fcb3310f824db995"
        },
        {
          "url": "https://git.kernel.org/stable/c/09bce2138a30ef10d8821c8c3f73a4ab7a5726bc"
        },
        {
          "url": "https://git.kernel.org/stable/c/da11bd4b697b393a207f19a2ed7d382a811a3ddc"
        },
        {
          "url": "https://git.kernel.org/stable/c/705c79101ccf9edea5a00d761491a03ced314210"
        }
      ],
      "title": "smb: client: fix use-after-free in cifs_oplock_break",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2025-38527",
    "datePublished": "2025-08-16T11:12:20.843Z",
    "dateReserved": "2025-04-16T04:51:24.023Z",
    "dateUpdated": "2025-08-28T14:43:33.671Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-39730 (GCVE-0-2025-39730)

Vulnerability from cvelistv5

Published

2025-09-07 15:16

Modified

2025-09-29 05:58

Severity ?

Summary

In the Linux kernel, the following vulnerability has been resolved: NFS: Fix filehandle bounds checking in nfs_fh_to_dentry() The function needs to check the minimal filehandle length before it can access the embedded filehandle.

References

▼	URL	Tags
	https://git.kernel.org/stable/c/7f8eca87fef7519e9c41f3258f25ebc2752247ee
	https://git.kernel.org/stable/c/cb09afa0948d96b1e385d609ed044bb1aa043536
	https://git.kernel.org/stable/c/3570ef5c31314c13274c935a20b91768ab5bf412
	https://git.kernel.org/stable/c/763810bb883cb4de412a72f338d80947d97df67b
	https://git.kernel.org/stable/c/12ad3def2e5e0b120e3d0cb6ce8b7b796819ad40
	https://git.kernel.org/stable/c/2ad40b7992aa26bc631afc1a995b0e3ddc30de3f
	https://git.kernel.org/stable/c/b7f7866932466332a2528fda099000b035303485
	https://git.kernel.org/stable/c/7dd36f7477d1e03a1fcf8d13531ca326c4fb599f
	https://git.kernel.org/stable/c/ef93a685e01a281b5e2a25ce4e3428cf9371a205

Impacted products

Vendor

Product

Version

▼

Linux

Version: 20fa19027286983ab2734b5910c4a687436e0c31
Version: 20fa19027286983ab2734b5910c4a687436e0c31
Version: 20fa19027286983ab2734b5910c4a687436e0c31
Version: 20fa19027286983ab2734b5910c4a687436e0c31
Version: 20fa19027286983ab2734b5910c4a687436e0c31
Version: 20fa19027286983ab2734b5910c4a687436e0c31
Version: 20fa19027286983ab2734b5910c4a687436e0c31
Version: 20fa19027286983ab2734b5910c4a687436e0c31
Version: 20fa19027286983ab2734b5910c4a687436e0c31

Linux

Version: 4.13

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/nfs/export.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "7f8eca87fef7519e9c41f3258f25ebc2752247ee",
              "status": "affected",
              "version": "20fa19027286983ab2734b5910c4a687436e0c31",
              "versionType": "git"
            },
            {
              "lessThan": "cb09afa0948d96b1e385d609ed044bb1aa043536",
              "status": "affected",
              "version": "20fa19027286983ab2734b5910c4a687436e0c31",
              "versionType": "git"
            },
            {
              "lessThan": "3570ef5c31314c13274c935a20b91768ab5bf412",
              "status": "affected",
              "version": "20fa19027286983ab2734b5910c4a687436e0c31",
              "versionType": "git"
            },
            {
              "lessThan": "763810bb883cb4de412a72f338d80947d97df67b",
              "status": "affected",
              "version": "20fa19027286983ab2734b5910c4a687436e0c31",
              "versionType": "git"
            },
            {
              "lessThan": "12ad3def2e5e0b120e3d0cb6ce8b7b796819ad40",
              "status": "affected",
              "version": "20fa19027286983ab2734b5910c4a687436e0c31",
              "versionType": "git"
            },
            {
              "lessThan": "2ad40b7992aa26bc631afc1a995b0e3ddc30de3f",
              "status": "affected",
              "version": "20fa19027286983ab2734b5910c4a687436e0c31",
              "versionType": "git"
            },
            {
              "lessThan": "b7f7866932466332a2528fda099000b035303485",
              "status": "affected",
              "version": "20fa19027286983ab2734b5910c4a687436e0c31",
              "versionType": "git"
            },
            {
              "lessThan": "7dd36f7477d1e03a1fcf8d13531ca326c4fb599f",
              "status": "affected",
              "version": "20fa19027286983ab2734b5910c4a687436e0c31",
              "versionType": "git"
            },
            {
              "lessThan": "ef93a685e01a281b5e2a25ce4e3428cf9371a205",
              "status": "affected",
              "version": "20fa19027286983ab2734b5910c4a687436e0c31",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "fs/nfs/export.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.13"
            },
            {
              "lessThan": "4.13",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.297",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.241",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.190",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.148",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.102",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.12.*",
              "status": "unaffected",
              "version": "6.12.42",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.15.*",
              "status": "unaffected",
              "version": "6.15.10",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.16.*",
              "status": "unaffected",
              "version": "6.16.1",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.17",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.4.297",
                  "versionStartIncluding": "4.13",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.241",
                  "versionStartIncluding": "4.13",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.190",
                  "versionStartIncluding": "4.13",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.148",
                  "versionStartIncluding": "4.13",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6.102",
                  "versionStartIncluding": "4.13",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.12.42",
                  "versionStartIncluding": "4.13",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.15.10",
                  "versionStartIncluding": "4.13",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.16.1",
                  "versionStartIncluding": "4.13",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.17",
                  "versionStartIncluding": "4.13",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFS: Fix filehandle bounds checking in nfs_fh_to_dentry()\n\nThe function needs to check the minimal filehandle length before it can\naccess the embedded filehandle."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-09-29T05:58:15.665Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/7f8eca87fef7519e9c41f3258f25ebc2752247ee"
        },
        {
          "url": "https://git.kernel.org/stable/c/cb09afa0948d96b1e385d609ed044bb1aa043536"
        },
        {
          "url": "https://git.kernel.org/stable/c/3570ef5c31314c13274c935a20b91768ab5bf412"
        },
        {
          "url": "https://git.kernel.org/stable/c/763810bb883cb4de412a72f338d80947d97df67b"
        },
        {
          "url": "https://git.kernel.org/stable/c/12ad3def2e5e0b120e3d0cb6ce8b7b796819ad40"
        },
        {
          "url": "https://git.kernel.org/stable/c/2ad40b7992aa26bc631afc1a995b0e3ddc30de3f"
        },
        {
          "url": "https://git.kernel.org/stable/c/b7f7866932466332a2528fda099000b035303485"
        },
        {
          "url": "https://git.kernel.org/stable/c/7dd36f7477d1e03a1fcf8d13531ca326c4fb599f"
        },
        {
          "url": "https://git.kernel.org/stable/c/ef93a685e01a281b5e2a25ce4e3428cf9371a205"
        }
      ],
      "title": "NFS: Fix filehandle bounds checking in nfs_fh_to_dentry()",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2025-39730",
    "datePublished": "2025-09-07T15:16:19.377Z",
    "dateReserved": "2025-04-16T07:20:57.118Z",
    "dateUpdated": "2025-09-29T05:58:15.665Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

rhsa-2025:17398

Vulnerability from csaf_redhat

CVE-2025-38527 (GCVE-0-2025-38527)

Vulnerability from cvelistv5

CVE-2025-39730 (GCVE-0-2025-39730)

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature