rhsa-2025:19932
Vulnerability from csaf_redhat
Published
2025-11-10 01:05
Modified
2025-11-10 01:48
Summary
Red Hat Security Advisory: kernel-rt security update
Notes
Topic
An update for kernel-rt is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
* kernel: x86/vmscape: Add conditional IBPB mitigation (CVE-2025-40300)
* kernel: mm: fix zswap writeback race condition (CVE-2023-53178)
* kernel: fs: fix UAF/GPF bug in nilfs_mdt_destroy (CVE-2022-50367)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for kernel-rt is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es):\n\n* kernel: x86/vmscape: Add conditional IBPB mitigation (CVE-2025-40300)\n\n* kernel: mm: fix zswap writeback race condition (CVE-2023-53178)\n\n* kernel: fs: fix UAF/GPF bug in nilfs_mdt_destroy (CVE-2022-50367)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:19932",
"url": "https://access.redhat.com/errata/RHSA-2025:19932"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2394627",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2394627"
},
{
"category": "external",
"summary": "2395358",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395358"
},
{
"category": "external",
"summary": "2396114",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2396114"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_19932.json"
}
],
"title": "Red Hat Security Advisory: kernel-rt security update",
"tracking": {
"current_release_date": "2025-11-10T01:48:13+00:00",
"generator": {
"date": "2025-11-10T01:48:13+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2025:19932",
"initial_release_date": "2025-11-10T01:05:11+00:00",
"revision_history": [
{
"date": "2025-11-10T01:05:11+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-11-10T01:05:11+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-10T01:48:13+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux NFV (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.10.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::nfv"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux RT (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.10.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::realtime"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-0:4.18.0-553.83.1.rt7.424.el8_10.src",
"product": {
"name": "kernel-rt-0:4.18.0-553.83.1.rt7.424.el8_10.src",
"product_id": "kernel-rt-0:4.18.0-553.83.1.rt7.424.el8_10.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@4.18.0-553.83.1.rt7.424.el8_10?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"product": {
"name": "kernel-rt-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"product_id": "kernel-rt-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@4.18.0-553.83.1.rt7.424.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-core-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"product": {
"name": "kernel-rt-core-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"product_id": "kernel-rt-core-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-core@4.18.0-553.83.1.rt7.424.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"product": {
"name": "kernel-rt-debug-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"product_id": "kernel-rt-debug-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug@4.18.0-553.83.1.rt7.424.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-core-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"product": {
"name": "kernel-rt-debug-core-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"product_id": "kernel-rt-debug-core-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-core@4.18.0-553.83.1.rt7.424.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-devel-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"product": {
"name": "kernel-rt-debug-devel-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"product_id": "kernel-rt-debug-devel-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-devel@4.18.0-553.83.1.rt7.424.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-kvm-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"product": {
"name": "kernel-rt-debug-kvm-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"product_id": "kernel-rt-debug-kvm-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-kvm@4.18.0-553.83.1.rt7.424.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-modules-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"product": {
"name": "kernel-rt-debug-modules-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"product_id": "kernel-rt-debug-modules-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-modules@4.18.0-553.83.1.rt7.424.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-modules-extra-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"product": {
"name": "kernel-rt-debug-modules-extra-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"product_id": "kernel-rt-debug-modules-extra-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-modules-extra@4.18.0-553.83.1.rt7.424.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"product": {
"name": "kernel-rt-devel-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"product_id": "kernel-rt-devel-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-devel@4.18.0-553.83.1.rt7.424.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-kvm-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"product": {
"name": "kernel-rt-kvm-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"product_id": "kernel-rt-kvm-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-kvm@4.18.0-553.83.1.rt7.424.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-modules-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"product": {
"name": "kernel-rt-modules-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"product_id": "kernel-rt-modules-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-modules@4.18.0-553.83.1.rt7.424.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-modules-extra-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"product": {
"name": "kernel-rt-modules-extra-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"product_id": "kernel-rt-modules-extra-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-modules-extra@4.18.0-553.83.1.rt7.424.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-debuginfo-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"product": {
"name": "kernel-rt-debug-debuginfo-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"product_id": "kernel-rt-debug-debuginfo-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@4.18.0-553.83.1.rt7.424.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"product": {
"name": "kernel-rt-debuginfo-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"product_id": "kernel-rt-debuginfo-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo@4.18.0-553.83.1.rt7.424.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"product": {
"name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"product_id": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common-x86_64@4.18.0-553.83.1.rt7.424.el8_10?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:4.18.0-553.83.1.rt7.424.el8_10.src as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.83.1.rt7.424.el8_10.src"
},
"product_reference": "kernel-rt-0:4.18.0-553.83.1.rt7.424.el8_10.src",
"relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64"
},
"product_reference": "kernel-rt-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-core-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64"
},
"product_reference": "kernel-rt-core-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64"
},
"product_reference": "kernel-rt-debug-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-core-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64"
},
"product_reference": "kernel-rt-debug-core-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-debuginfo-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64"
},
"product_reference": "kernel-rt-debug-debuginfo-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-devel-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64"
},
"product_reference": "kernel-rt-debug-devel-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-kvm-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64"
},
"product_reference": "kernel-rt-debug-kvm-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64"
},
"product_reference": "kernel-rt-debug-modules-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-extra-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64"
},
"product_reference": "kernel-rt-debug-modules-extra-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64"
},
"product_reference": "kernel-rt-debuginfo-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64"
},
"product_reference": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64"
},
"product_reference": "kernel-rt-devel-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-kvm-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64"
},
"product_reference": "kernel-rt-kvm-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64"
},
"product_reference": "kernel-rt-modules-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-extra-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
"product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64"
},
"product_reference": "kernel-rt-modules-extra-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:4.18.0-553.83.1.rt7.424.el8_10.src as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.83.1.rt7.424.el8_10.src"
},
"product_reference": "kernel-rt-0:4.18.0-553.83.1.rt7.424.el8_10.src",
"relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64"
},
"product_reference": "kernel-rt-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-core-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64"
},
"product_reference": "kernel-rt-core-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64"
},
"product_reference": "kernel-rt-debug-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-core-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64"
},
"product_reference": "kernel-rt-debug-core-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-debuginfo-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64"
},
"product_reference": "kernel-rt-debug-debuginfo-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-devel-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64"
},
"product_reference": "kernel-rt-debug-devel-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-kvm-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64"
},
"product_reference": "kernel-rt-debug-kvm-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64"
},
"product_reference": "kernel-rt-debug-modules-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-extra-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64"
},
"product_reference": "kernel-rt-debug-modules-extra-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64"
},
"product_reference": "kernel-rt-debuginfo-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64"
},
"product_reference": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64"
},
"product_reference": "kernel-rt-devel-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-kvm-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64"
},
"product_reference": "kernel-rt-kvm-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64"
},
"product_reference": "kernel-rt-modules-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-extra-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
"product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64"
},
"product_reference": "kernel-rt-modules-extra-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-50367",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2025-09-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2396114"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs: fix UAF/GPF bug in nilfs_mdt_destroy\n\nIn alloc_inode, inode_init_always() could return -ENOMEM if\nsecurity_inode_alloc() fails, which causes inode-\u003ei_private\nuninitialized. Then nilfs_is_metadata_file_inode() returns\ntrue and nilfs_free_inode() wrongly calls nilfs_mdt_destroy(),\nwhich frees the uninitialized inode-\u003ei_private\nand leads to crashes(e.g., UAF/GPF).\n\nFix this by moving security_inode_alloc just prior to\nthis_cpu_inc(nr_inodes)",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: fs: fix UAF/GPF bug in nilfs_mdt_destroy",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This patch fixes a use-after-free/GPF bug in the NILFS2 metadata handling. When security_inode_alloc() failed, an uninitialized inode-\u003ei_private pointer could later be freed by nilfs_mdt_destroy(), leading to memory corruption or crashes.\nYou can reproduce this issue on systems using NILFS, because the crash path involves nilfs_mdt_destroy() freeing inode-\u003ei_private when security_inode_alloc() fails. On other filesystems the same cleanup path does not run, so accidental freeing of that uninitialized field is far less likely.\nConsequently, systems not using NILFS are at much lower risk unless they have other code that similarly frees inode-\u003ei_private.\nFor the all versions of the Red Hat Enterprise Linux the config param CONFIG_NILFS2_FS disabled, so with the known scenario of attack it is not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.83.1.rt7.424.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.83.1.rt7.424.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-50367"
},
{
"category": "external",
"summary": "RHBZ#2396114",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2396114"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-50367",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50367"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-50367",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-50367"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025091716-CVE-2022-50367-651c@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025091716-CVE-2022-50367-651c@gregkh/T"
}
],
"release_date": "2025-09-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-10T01:05:11+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.83.1.rt7.424.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.83.1.rt7.424.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:19932"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.83.1.rt7.424.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.83.1.rt7.424.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.83.1.rt7.424.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.83.1.rt7.424.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: fs: fix UAF/GPF bug in nilfs_mdt_destroy"
},
{
"cve": "CVE-2023-53178",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"discovery_date": "2025-09-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2395358"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: fix zswap writeback race condition\n\nThe zswap writeback mechanism can cause a race condition resulting in\nmemory corruption, where a swapped out page gets swapped in with data that\nwas written to a different page.\n\nThe race unfolds like this:\n1. a page with data A and swap offset X is stored in zswap\n2. page A is removed off the LRU by zpool driver for writeback in\n zswap-shrink work, data for A is mapped by zpool driver\n3. user space program faults and invalidates page entry A, offset X is\n considered free\n4. kswapd stores page B at offset X in zswap (zswap could also be\n full, if so, page B would then be IOed to X, then skip step 5.)\n5. entry A is replaced by B in tree-\u003erbroot, this doesn\u0027t affect the\n local reference held by zswap-shrink work\n6. zswap-shrink work writes back A at X, and frees zswap entry A\n7. swapin of slot X brings A in memory instead of B\n\nThe fix:\nOnce the swap page cache has been allocated (case ZSWAP_SWAPCACHE_NEW),\nzswap-shrink work just checks that the local zswap_entry reference is\nstill the same as the one in the tree. If it\u0027s not the same it means that\nit\u0027s either been invalidated or replaced, in both cases the writeback is\naborted because the local entry contains stale data.\n\nReproducer:\nI originally found this by running `stress` overnight to validate my work\non the zswap writeback mechanism, it manifested after hours on my test\nmachine. The key to make it happen is having zswap writebacks, so\nwhatever setup pumps /sys/kernel/debug/zswap/written_back_pages should do\nthe trick.\n\nIn order to reproduce this faster on a vm, I setup a system with ~100M of\navailable memory and a 500M swap file, then running `stress --vm 1\n--vm-bytes 300000000 --vm-stride 4000` makes it happen in matter of tens\nof minutes. One can speed things up even more by swinging\n/sys/module/zswap/parameters/max_pool_percent up and down between, say, 20\nand 1; this makes it reproduce in tens of seconds. It\u0027s crucial to set\n`--vm-stride` to something other than 4096 otherwise `stress` won\u0027t\nrealize that memory has been corrupted because all pages would have the\nsame data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: mm: fix zswap writeback race condition",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is a race condition in the zswap writeback path that can lead to memory corruption when a swap slot is reused while a writeback is still in progress.\nA local unprivileged user can potentially trigger this issue by applying heavy memory pressure and causing frequent zswap evictions.\nWhile exploitation for data leakage or privilege escalation is unlikely, the flaw can result in data integrity issues or system instability under specific conditions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.83.1.rt7.424.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.83.1.rt7.424.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-53178"
},
{
"category": "external",
"summary": "RHBZ#2395358",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395358"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-53178",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53178"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-53178",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53178"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025091555-CVE-2023-53178-9d27@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025091555-CVE-2023-53178-9d27@gregkh/T"
}
],
"release_date": "2025-09-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-10T01:05:11+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.83.1.rt7.424.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.83.1.rt7.424.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:19932"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.83.1.rt7.424.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.83.1.rt7.424.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: mm: fix zswap writeback race condition"
},
{
"cve": "CVE-2025-40300",
"cwe": {
"id": "CWE-402",
"name": "Transmission of Private Resources into a New Sphere (\u0027Resource Leak\u0027)"
},
"discovery_date": "2025-09-11T17:02:50.023441+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2394627"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/vmscape: Add conditional IBPB mitigation\n\nVMSCAPE is a vulnerability that exploits insufficient branch predictor\nisolation between a guest and a userspace hypervisor (like QEMU). Existing\nmitigations already protect kernel/KVM from a malicious guest. Userspace\ncan additionally be protected by flushing the branch predictors after a\nVMexit.\n\nSince it is the userspace that consumes the poisoned branch predictors,\nconditionally issue an IBPB after a VMexit and before returning to\nuserspace. Workloads that frequently switch between hypervisor and\nuserspace will incur the most overhead from the new IBPB.\n\nThis new IBPB is not integrated with the existing IBPB sites. For\ninstance, a task can use the existing speculation control prctl() to\nget an IBPB at context switch time. With this implementation, the\nIBPB is doubled up: one at context switch and another before running\nuserspace.\n\nThe intent is to integrate and optimize these cases post-embargo.\n\n[ dhansen: elaborate on suboptimal IBPB solution ]",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: x86/vmscape: Add conditional IBPB mitigation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.83.1.rt7.424.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.83.1.rt7.424.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-40300"
},
{
"category": "external",
"summary": "RHBZ#2394627",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2394627"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-40300",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40300"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-40300",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-40300"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/15006289e5c38b2a830e1fba221977a27598176c",
"url": "https://git.kernel.org/stable/c/15006289e5c38b2a830e1fba221977a27598176c"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/2f4f2f8f860cb4c3336a7435ebe8dcfded0c9c6e",
"url": "https://git.kernel.org/stable/c/2f4f2f8f860cb4c3336a7435ebe8dcfded0c9c6e"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/34e5667041050711a947e260fc9ebebe08bddee5",
"url": "https://git.kernel.org/stable/c/34e5667041050711a947e260fc9ebebe08bddee5"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/459274c77b37ac63b78c928b4b4e748d1f9d05c8",
"url": "https://git.kernel.org/stable/c/459274c77b37ac63b78c928b4b4e748d1f9d05c8"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/510603f504796c3535f67f55fb0b124a303b44c8",
"url": "https://git.kernel.org/stable/c/510603f504796c3535f67f55fb0b124a303b44c8"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/893387c18612bb452336a5881da0d015a7e8f4a2",
"url": "https://git.kernel.org/stable/c/893387c18612bb452336a5881da0d015a7e8f4a2"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/9c23a90648e831d611152ac08dbcd1283d405e7f",
"url": "https://git.kernel.org/stable/c/9c23a90648e831d611152ac08dbcd1283d405e7f"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/ac60717f9a8d21c58617d0b34274babf24135835",
"url": "https://git.kernel.org/stable/c/ac60717f9a8d21c58617d0b34274babf24135835"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/c08192b5d6730a914dee6175bc71092ee6a65f14",
"url": "https://git.kernel.org/stable/c/c08192b5d6730a914dee6175bc71092ee6a65f14"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/d5490dfa35427a2967e00a4c7a1b95fdbc8ede34",
"url": "https://git.kernel.org/stable/c/d5490dfa35427a2967e00a4c7a1b95fdbc8ede34"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/d7ddc93392e4a7ffcccc86edf6ef3e64c778db52",
"url": "https://git.kernel.org/stable/c/d7ddc93392e4a7ffcccc86edf6ef3e64c778db52"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/f866eef8d1c65504d30923c3f14082ad294d0e6d",
"url": "https://git.kernel.org/stable/c/f866eef8d1c65504d30923c3f14082ad294d0e6d"
}
],
"release_date": "2025-09-11T16:49:24.809000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-10T01:05:11+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.83.1.rt7.424.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.83.1.rt7.424.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:19932"
},
{
"category": "workaround",
"details": "To mitigate this issue IBPB each time the kernel returns to QEMU.",
"product_ids": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.83.1.rt7.424.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.83.1.rt7.424.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.83.1.rt7.424.el8_10.src",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.83.1.rt7.424.el8_10.src",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64",
"RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.83.1.rt7.424.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: x86/vmscape: Add conditional IBPB mitigation"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…