rhsa-2025:21128
Vulnerability from csaf_redhat
Published
2025-11-12 13:52
Modified
2025-11-24 09:00
Summary
Red Hat Security Advisory: kernel-rt security update
Notes
Topic
An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
* kernel: eventpoll: Fix semi-unbounded recursion (CVE-2025-38614)
* kernel: NFS: Fix a race when updating an existing write (CVE-2025-39697)
* kernel: wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies() (CVE-2023-53213)
* kernel: wifi: ath9k: don't allow to overwrite ENDPOINT0 attributes (CVE-2023-53185)
* kernel: mt76: mt7921: fix kernel panic by accessing unallocated eeprom.data (CVE-2023-53232)
* kernel: mm: fix zswap writeback race condition (CVE-2023-53178)
* kernel: wifi: mwifiex: Fix OOB and integer underflow when rx packets (CVE-2023-53226)
* kernel: Bluetooth: L2CAP: Fix use-after-free (CVE-2023-53305)
* kernel: pstore/ram: Check start of empty przs during init (CVE-2023-53331)
* kernel: fs: fix UAF/GPF bug in nilfs_mdt_destroy (CVE-2022-50367)
* kernel: net: sched: sfb: fix null pointer access issue when sfb_init() fails (CVE-2022-50356)
* kernel: crypto: seqiv - Handle EBUSY correctly (CVE-2023-53373)
* kernel: mm: kmem: fix a NULL pointer dereference in obj_stock_flush_required() (CVE-2023-53401)
* kernel: Bluetooth: Fix potential use-after-free when clear keys (CVE-2023-53386)
* kernel: iomap: iomap: fix memory corruption when recording errors during writeback (CVE-2022-50406)
* kernel: crypto: xts - Handle EBUSY correctly (CVE-2023-53494)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es):\n\n* kernel: eventpoll: Fix semi-unbounded recursion (CVE-2025-38614)\n\n* kernel: NFS: Fix a race when updating an existing write (CVE-2025-39697)\n\n* kernel: wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies() (CVE-2023-53213)\n\n* kernel: wifi: ath9k: don\u0027t allow to overwrite ENDPOINT0 attributes (CVE-2023-53185)\n\n* kernel: mt76: mt7921: fix kernel panic by accessing unallocated eeprom.data (CVE-2023-53232)\n\n* kernel: mm: fix zswap writeback race condition (CVE-2023-53178)\n\n* kernel: wifi: mwifiex: Fix OOB and integer underflow when rx packets (CVE-2023-53226)\n\n* kernel: Bluetooth: L2CAP: Fix use-after-free (CVE-2023-53305)\n\n* kernel: pstore/ram: Check start of empty przs during init (CVE-2023-53331)\n\n* kernel: fs: fix UAF/GPF bug in nilfs_mdt_destroy (CVE-2022-50367)\n\n* kernel: net: sched: sfb: fix null pointer access issue when sfb_init() fails (CVE-2022-50356)\n\n* kernel: crypto: seqiv - Handle EBUSY correctly (CVE-2023-53373)\n\n* kernel: mm: kmem: fix a NULL pointer dereference in obj_stock_flush_required() (CVE-2023-53401)\n\n* kernel: Bluetooth: Fix potential use-after-free when clear keys (CVE-2023-53386)\n\n* kernel: iomap: iomap: fix memory corruption when recording errors during writeback (CVE-2022-50406)\n\n* kernel: crypto: xts - Handle EBUSY correctly (CVE-2023-53494)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:21128",
"url": "https://access.redhat.com/errata/RHSA-2025:21128"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2389491",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2389491"
},
{
"category": "external",
"summary": "2393481",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2393481"
},
{
"category": "external",
"summary": "2395267",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395267"
},
{
"category": "external",
"summary": "2395297",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395297"
},
{
"category": "external",
"summary": "2395322",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395322"
},
{
"category": "external",
"summary": "2395358",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395358"
},
{
"category": "external",
"summary": "2395420",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395420"
},
{
"category": "external",
"summary": "2395858",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395858"
},
{
"category": "external",
"summary": "2395880",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395880"
},
{
"category": "external",
"summary": "2396114",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2396114"
},
{
"category": "external",
"summary": "2396152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2396152"
},
{
"category": "external",
"summary": "2396379",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2396379"
},
{
"category": "external",
"summary": "2396417",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2396417"
},
{
"category": "external",
"summary": "2396419",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2396419"
},
{
"category": "external",
"summary": "2396538",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2396538"
},
{
"category": "external",
"summary": "2400777",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2400777"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_21128.json"
}
],
"title": "Red Hat Security Advisory: kernel-rt security update",
"tracking": {
"current_release_date": "2025-11-24T09:00:58+00:00",
"generator": {
"date": "2025-11-24T09:00:58+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2025:21128",
"initial_release_date": "2025-11-12T13:52:24+00:00",
"revision_history": [
{
"date": "2025-11-12T13:52:24+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-11-12T13:52:24+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-24T09:00:58+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"product": {
"name": "Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"product_id": "RT-9.2.0.Z.E4S",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_e4s:9.2::realtime"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"product": {
"name": "Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"product_id": "NFV-9.2.0.Z.E4S",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_e4s:9.2::nfv"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"product": {
"name": "kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"product_id": "kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@5.14.0-284.146.1.rt14.431.el9_2?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"product": {
"name": "kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"product_id": "kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@5.14.0-284.146.1.rt14.431.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"product": {
"name": "kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"product_id": "kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-core@5.14.0-284.146.1.rt14.431.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"product": {
"name": "kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"product_id": "kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug@5.14.0-284.146.1.rt14.431.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"product": {
"name": "kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"product_id": "kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-core@5.14.0-284.146.1.rt14.431.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"product": {
"name": "kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"product_id": "kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-devel@5.14.0-284.146.1.rt14.431.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"product": {
"name": "kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"product_id": "kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-modules@5.14.0-284.146.1.rt14.431.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"product": {
"name": "kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"product_id": "kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-modules-core@5.14.0-284.146.1.rt14.431.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"product": {
"name": "kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"product_id": "kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-modules-extra@5.14.0-284.146.1.rt14.431.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"product": {
"name": "kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"product_id": "kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-devel@5.14.0-284.146.1.rt14.431.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"product": {
"name": "kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"product_id": "kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-modules@5.14.0-284.146.1.rt14.431.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"product": {
"name": "kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"product_id": "kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-modules-core@5.14.0-284.146.1.rt14.431.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"product": {
"name": "kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"product_id": "kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-modules-extra@5.14.0-284.146.1.rt14.431.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"product": {
"name": "kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"product_id": "kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@5.14.0-284.146.1.rt14.431.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"product": {
"name": "kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"product_id": "kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo@5.14.0-284.146.1.rt14.431.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"product": {
"name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"product_id": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common-x86_64@5.14.0-284.146.1.rt14.431.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"product": {
"name": "kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"product_id": "kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-kvm@5.14.0-284.146.1.rt14.431.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"product": {
"name": "kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"product_id": "kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-kvm@5.14.0-284.146.1.rt14.431.el9_2?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"product_id": "NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src"
},
"product_reference": "kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"relates_to_product_reference": "NFV-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"product_id": "NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
},
"product_reference": "kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"product_id": "NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
},
"product_reference": "kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"product_id": "NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"product_id": "NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"product_id": "NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"product_id": "NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"product_id": "NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"product_id": "NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"product_id": "NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"product_id": "NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"product_id": "NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
},
"product_reference": "kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"product_id": "NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
},
"product_reference": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"product_id": "NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
},
"product_reference": "kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"product_id": "NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
},
"product_reference": "kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"product_id": "NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
},
"product_reference": "kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"product_id": "NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
},
"product_reference": "kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"product_id": "NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
},
"product_reference": "kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"product_id": "RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src"
},
"product_reference": "kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"relates_to_product_reference": "RT-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"product_id": "RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
},
"product_reference": "kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"product_id": "RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
},
"product_reference": "kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"product_id": "RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"product_id": "RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"product_id": "RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"product_id": "RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"product_id": "RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"product_id": "RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"product_id": "RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"product_id": "RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"product_id": "RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
},
"product_reference": "kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"product_id": "RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
},
"product_reference": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"product_id": "RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
},
"product_reference": "kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"product_id": "RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
},
"product_reference": "kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"product_id": "RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
},
"product_reference": "kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"product_id": "RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
},
"product_reference": "kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"product_id": "RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
},
"product_reference": "kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.E4S"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-50356",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2025-09-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2396152"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: sched: sfb: fix null pointer access issue when sfb_init() fails\n\nWhen the default qdisc is sfb, if the qdisc of dev_queue fails to be\ninited during mqprio_init(), sfb_reset() is invoked to clear resources.\nIn this case, the q-\u003eqdisc is NULL, and it will cause gpf issue.\n\nThe process is as follows:\nqdisc_create_dflt()\n\tsfb_init()\n\t\ttcf_block_get() ---\u003efailed, q-\u003eqdisc is NULL\n\t...\n\tqdisc_put()\n\t\t...\n\t\tsfb_reset()\n\t\t\tqdisc_reset(q-\u003eqdisc) ---\u003eq-\u003eqdisc is NULL\n\t\t\t\tops = qdisc-\u003eops\n\nThe following is the Call Trace information:\ngeneral protection fault, probably for non-canonical address\n0xdffffc0000000003: 0000 [#1] PREEMPT SMP KASAN\nKASAN: null-ptr-deref in range [0x0000000000000018-0x000000000000001f]\nRIP: 0010:qdisc_reset+0x2b/0x6f0\nCall Trace:\n\u003cTASK\u003e\nsfb_reset+0x37/0xd0\nqdisc_reset+0xed/0x6f0\nqdisc_destroy+0x82/0x4c0\nqdisc_put+0x9e/0xb0\nqdisc_create_dflt+0x2c3/0x4a0\nmqprio_init+0xa71/0x1760\nqdisc_create+0x3eb/0x1000\ntc_modify_qdisc+0x408/0x1720\nrtnetlink_rcv_msg+0x38e/0xac0\nnetlink_rcv_skb+0x12d/0x3a0\nnetlink_unicast+0x4a2/0x740\nnetlink_sendmsg+0x826/0xcc0\nsock_sendmsg+0xc5/0x100\n____sys_sendmsg+0x583/0x690\n___sys_sendmsg+0xe8/0x160\n__sys_sendmsg+0xbf/0x160\ndo_syscall_64+0x35/0x80\nentry_SYSCALL_64_after_hwframe+0x46/0xb0\nRIP: 0033:0x7f2164122d04\n\u003c/TASK\u003e",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: net: sched: sfb: fix null pointer access issue when sfb_init() fails",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-50356"
},
{
"category": "external",
"summary": "RHBZ#2396152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2396152"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-50356",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50356"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-50356",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-50356"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025091714-CVE-2022-50356-fe76@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025091714-CVE-2022-50356-fe76@gregkh/T"
}
],
"release_date": "2025-09-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-12T13:52:24+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:21128"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: net: sched: sfb: fix null pointer access issue when sfb_init() fails"
},
{
"cve": "CVE-2022-50367",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2025-09-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2396114"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs: fix UAF/GPF bug in nilfs_mdt_destroy\n\nIn alloc_inode, inode_init_always() could return -ENOMEM if\nsecurity_inode_alloc() fails, which causes inode-\u003ei_private\nuninitialized. Then nilfs_is_metadata_file_inode() returns\ntrue and nilfs_free_inode() wrongly calls nilfs_mdt_destroy(),\nwhich frees the uninitialized inode-\u003ei_private\nand leads to crashes(e.g., UAF/GPF).\n\nFix this by moving security_inode_alloc just prior to\nthis_cpu_inc(nr_inodes)",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: fs: fix UAF/GPF bug in nilfs_mdt_destroy",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This patch fixes a use-after-free/GPF bug in the NILFS2 metadata handling. When security_inode_alloc() failed, an uninitialized inode-\u003ei_private pointer could later be freed by nilfs_mdt_destroy(), leading to memory corruption or crashes.\nYou can reproduce this issue on systems using NILFS, because the crash path involves nilfs_mdt_destroy() freeing inode-\u003ei_private when security_inode_alloc() fails. On other filesystems the same cleanup path does not run, so accidental freeing of that uninitialized field is far less likely.\nConsequently, systems not using NILFS are at much lower risk unless they have other code that similarly frees inode-\u003ei_private.\nFor the all versions of the Red Hat Enterprise Linux the config param CONFIG_NILFS2_FS disabled, so with the known scenario of attack it is not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-50367"
},
{
"category": "external",
"summary": "RHBZ#2396114",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2396114"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-50367",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50367"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-50367",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-50367"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025091716-CVE-2022-50367-651c@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025091716-CVE-2022-50367-651c@gregkh/T"
}
],
"release_date": "2025-09-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-12T13:52:24+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:21128"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: fs: fix UAF/GPF bug in nilfs_mdt_destroy"
},
{
"cve": "CVE-2022-50406",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"discovery_date": "2025-09-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2396538"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niomap: iomap: fix memory corruption when recording errors during writeback\n\nEvery now and then I see this crash on arm64:\n\nUnable to handle kernel NULL pointer dereference at virtual address 00000000000000f8\nBuffer I/O error on dev dm-0, logical block 8733687, async page read\nMem abort info:\n ESR = 0x0000000096000006\n EC = 0x25: DABT (current EL), IL = 32 bits\n SET = 0, FnV = 0\n EA = 0, S1PTW = 0\n FSC = 0x06: level 2 translation fault\nData abort info:\n ISV = 0, ISS = 0x00000006\n CM = 0, WnR = 0\nuser pgtable: 64k pages, 42-bit VAs, pgdp=0000000139750000\n[00000000000000f8] pgd=0000000000000000, p4d=0000000000000000, pud=0000000000000000, pmd=0000000000000000\nInternal error: Oops: 96000006 [#1] PREEMPT SMP\nBuffer I/O error on dev dm-0, logical block 8733688, async page read\nDumping ftrace buffer:\nBuffer I/O error on dev dm-0, logical block 8733689, async page read\n (ftrace buffer empty)\nXFS (dm-0): log I/O error -5\nModules linked in: dm_thin_pool dm_persistent_data\nXFS (dm-0): Metadata I/O Error (0x1) detected at xfs_trans_read_buf_map+0x1ec/0x590 [xfs] (fs/xfs/xfs_trans_buf.c:296).\n dm_bio_prison\nXFS (dm-0): Please unmount the filesystem and rectify the problem(s)\nXFS (dm-0): xfs_imap_lookup: xfs_ialloc_read_agi() returned error -5, agno 0\n dm_bufio dm_log_writes xfs nft_chain_nat xt_REDIRECT nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 ip6t_REJECT\npotentially unexpected fatal signal 6.\n nf_reject_ipv6\npotentially unexpected fatal signal 6.\n ipt_REJECT nf_reject_ipv4\nCPU: 1 PID: 122166 Comm: fsstress Tainted: G W 6.0.0-rc5-djwa #rc5 3004c9f1de887ebae86015f2677638ce51ee7\n rpcsec_gss_krb5 auth_rpcgss xt_tcpudp ip_set_hash_ip ip_set_hash_net xt_set nft_compat ip_set_hash_mac ip_set nf_tables\nHardware name: QEMU KVM Virtual Machine, BIOS 1.5.1 06/16/2021\npstate: 60001000 (nZCv daif -PAN -UAO -TCO -DIT +SSBS BTYPE=--)\n ip_tables\npc : 000003fd6d7df200\n x_tables\nlr : 000003fd6d7df1ec\n overlay nfsv4\nCPU: 0 PID: 54031 Comm: u4:3 Tainted: G W 6.0.0-rc5-djwa #rc5 3004c9f1de887ebae86015f2677638ce51ee7405\nHardware name: QEMU KVM Virtual Machine, BIOS 1.5.1 06/16/2021\nWorkqueue: writeback wb_workfn\nsp : 000003ffd9522fd0\n (flush-253:0)\npstate: 60401005 (nZCv daif +PAN -UAO -TCO -DIT +SSBS BTYPE=--)\npc : errseq_set+0x1c/0x100\nx29: 000003ffd9522fd0 x28: 0000000000000023 x27: 000002acefeb6780\nx26: 0000000000000005 x25: 0000000000000001 x24: 0000000000000000\nx23: 00000000ffffffff x22: 0000000000000005\nlr : __filemap_set_wb_err+0x24/0xe0\n x21: 0000000000000006\nsp : fffffe000f80f760\nx29: fffffe000f80f760 x28: 0000000000000003 x27: fffffe000f80f9f8\nx26: 0000000002523000 x25: 00000000fffffffb x24: fffffe000f80f868\nx23: fffffe000f80fbb0 x22: fffffc0180c26a78 x21: 0000000002530000\nx20: 0000000000000000 x19: 0000000000000000 x18: 0000000000000000\n\nx17: 0000000000000000 x16: 0000000000000000 x15: 0000000000000000\nx14: 0000000000000001 x13: 0000000000470af3 x12: fffffc0058f70000\nx11: 0000000000000040 x10: 0000000000001b20 x9 : fffffe000836b288\nx8 : fffffc00eb9fd480 x7 : 0000000000f83659 x6 : 0000000000000000\nx5 : 0000000000000869 x4 : 0000000000000005 x3 : 00000000000000f8\nx20: 000003fd6d740020 x19: 000000000001dd36 x18: 0000000000000001\nx17: 000003fd6d78704c x16: 0000000000000001 x15: 000002acfac87668\nx2 : 0000000000000ffa x1 : 00000000fffffffb x0 : 00000000000000f8\nCall trace:\n errseq_set+0x1c/0x100\n __filemap_set_wb_err+0x24/0xe0\n iomap_do_writepage+0x5e4/0xd5c\n write_cache_pages+0x208/0x674\n iomap_writepages+0x34/0x60\n xfs_vm_writepages+0x8c/0xcc [xfs 7a861f39c43631f15d3a5884246ba5035d4ca78b]\nx14: 0000000000000000 x13: 2064656e72757465 x12: 0000000000002180\nx11: 000003fd6d8a82d0 x10: 0000000000000000 x9 : 000003fd6d8ae288\nx8 : 0000000000000083 x7 : 00000000ffffffff x6 : 00000000ffffffee\nx5 : 00000000fbad2887 x4 : 000003fd6d9abb58 x3 : 000003fd6d740020\nx2 : 0000000000000006 x1 : 000000000001dd36 x0 : 0000000000000000\nCPU: \n---truncated---",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: iomap: iomap: fix memory corruption when recording errors during writeback",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-50406"
},
{
"category": "external",
"summary": "RHBZ#2396538",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2396538"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-50406",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50406"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-50406",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-50406"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/3d5f3ba1ac28059bdf7000cae2403e4e984308d2",
"url": "https://git.kernel.org/stable/c/3d5f3ba1ac28059bdf7000cae2403e4e984308d2"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/7308591d9c7787aec58f6a01a7823f14e90db7a2",
"url": "https://git.kernel.org/stable/c/7308591d9c7787aec58f6a01a7823f14e90db7a2"
},
{
"category": "external",
"summary": "https://git.kernel.org/stable/c/82c66c46f73b88be74c869e2cbfef45281adf3c6",
"url": "https://git.kernel.org/stable/c/82c66c46f73b88be74c869e2cbfef45281adf3c6"
}
],
"release_date": "2025-09-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-12T13:52:24+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:21128"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: iomap: iomap: fix memory corruption when recording errors during writeback"
},
{
"cve": "CVE-2023-53178",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"discovery_date": "2025-09-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2395358"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: fix zswap writeback race condition\n\nThe zswap writeback mechanism can cause a race condition resulting in\nmemory corruption, where a swapped out page gets swapped in with data that\nwas written to a different page.\n\nThe race unfolds like this:\n1. a page with data A and swap offset X is stored in zswap\n2. page A is removed off the LRU by zpool driver for writeback in\n zswap-shrink work, data for A is mapped by zpool driver\n3. user space program faults and invalidates page entry A, offset X is\n considered free\n4. kswapd stores page B at offset X in zswap (zswap could also be\n full, if so, page B would then be IOed to X, then skip step 5.)\n5. entry A is replaced by B in tree-\u003erbroot, this doesn\u0027t affect the\n local reference held by zswap-shrink work\n6. zswap-shrink work writes back A at X, and frees zswap entry A\n7. swapin of slot X brings A in memory instead of B\n\nThe fix:\nOnce the swap page cache has been allocated (case ZSWAP_SWAPCACHE_NEW),\nzswap-shrink work just checks that the local zswap_entry reference is\nstill the same as the one in the tree. If it\u0027s not the same it means that\nit\u0027s either been invalidated or replaced, in both cases the writeback is\naborted because the local entry contains stale data.\n\nReproducer:\nI originally found this by running `stress` overnight to validate my work\non the zswap writeback mechanism, it manifested after hours on my test\nmachine. The key to make it happen is having zswap writebacks, so\nwhatever setup pumps /sys/kernel/debug/zswap/written_back_pages should do\nthe trick.\n\nIn order to reproduce this faster on a vm, I setup a system with ~100M of\navailable memory and a 500M swap file, then running `stress --vm 1\n--vm-bytes 300000000 --vm-stride 4000` makes it happen in matter of tens\nof minutes. One can speed things up even more by swinging\n/sys/module/zswap/parameters/max_pool_percent up and down between, say, 20\nand 1; this makes it reproduce in tens of seconds. It\u0027s crucial to set\n`--vm-stride` to something other than 4096 otherwise `stress` won\u0027t\nrealize that memory has been corrupted because all pages would have the\nsame data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: mm: fix zswap writeback race condition",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is a race condition in the zswap writeback path that can lead to memory corruption when a swap slot is reused while a writeback is still in progress.\nA local unprivileged user can potentially trigger this issue by applying heavy memory pressure and causing frequent zswap evictions.\nWhile exploitation for data leakage or privilege escalation is unlikely, the flaw can result in data integrity issues or system instability under specific conditions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-53178"
},
{
"category": "external",
"summary": "RHBZ#2395358",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395358"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-53178",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53178"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-53178",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53178"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025091555-CVE-2023-53178-9d27@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025091555-CVE-2023-53178-9d27@gregkh/T"
}
],
"release_date": "2025-09-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-12T13:52:24+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:21128"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: mm: fix zswap writeback race condition"
},
{
"cve": "CVE-2023-53185",
"cwe": {
"id": "CWE-1285",
"name": "Improper Validation of Specified Index, Position, or Offset in Input"
},
"discovery_date": "2025-09-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2395297"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath9k: don\u0027t allow to overwrite ENDPOINT0 attributes\n\nA bad USB device is able to construct a service connection response\nmessage with target endpoint being ENDPOINT0 which is reserved for\nHTC_CTRL_RSVD_SVC and should not be modified to be used for any other\nservices.\n\nReject such service connection responses.\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: wifi: ath9k: don\u0027t allow to overwrite ENDPOINT0 attributes",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-53185"
},
{
"category": "external",
"summary": "RHBZ#2395297",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395297"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-53185",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53185"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-53185",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53185"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025091557-CVE-2023-53185-2f8d@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025091557-CVE-2023-53185-2f8d@gregkh/T"
}
],
"release_date": "2025-09-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-12T13:52:24+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:21128"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: wifi: ath9k: don\u0027t allow to overwrite ENDPOINT0 attributes"
},
{
"cve": "CVE-2023-53213",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2025-09-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2395267"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies()\n\nFix a slab-out-of-bounds read that occurs in kmemdup() called from\nbrcmf_get_assoc_ies().\nThe bug could occur when assoc_info-\u003ereq_len, data from a URB provided\nby a USB device, is bigger than the size of buffer which is defined as\nWL_EXTRA_BUF_MAX.\n\nAdd the size check for req_len/resp_len of assoc_info.\n\nFound by a modified version of syzkaller.\n\n[ 46.592467][ T7] ==================================================================\n[ 46.594687][ T7] BUG: KASAN: slab-out-of-bounds in kmemdup+0x3e/0x50\n[ 46.596572][ T7] Read of size 3014656 at addr ffff888019442000 by task kworker/0:1/7\n[ 46.598575][ T7]\n[ 46.599157][ T7] CPU: 0 PID: 7 Comm: kworker/0:1 Tainted: G O 5.14.0+ #145\n[ 46.601333][ T7] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.12.1-0-ga5cab58e9a3f-prebuilt.qemu.org 04/01/2014\n[ 46.604360][ T7] Workqueue: events brcmf_fweh_event_worker\n[ 46.605943][ T7] Call Trace:\n[ 46.606584][ T7] dump_stack_lvl+0x8e/0xd1\n[ 46.607446][ T7] print_address_description.constprop.0.cold+0x93/0x334\n[ 46.608610][ T7] ? kmemdup+0x3e/0x50\n[ 46.609341][ T7] kasan_report.cold+0x79/0xd5\n[ 46.610151][ T7] ? kmemdup+0x3e/0x50\n[ 46.610796][ T7] kasan_check_range+0x14e/0x1b0\n[ 46.611691][ T7] memcpy+0x20/0x60\n[ 46.612323][ T7] kmemdup+0x3e/0x50\n[ 46.612987][ T7] brcmf_get_assoc_ies+0x967/0xf60\n[ 46.613904][ T7] ? brcmf_notify_vif_event+0x3d0/0x3d0\n[ 46.614831][ T7] ? lock_chain_count+0x20/0x20\n[ 46.615683][ T7] ? mark_lock.part.0+0xfc/0x2770\n[ 46.616552][ T7] ? lock_chain_count+0x20/0x20\n[ 46.617409][ T7] ? mark_lock.part.0+0xfc/0x2770\n[ 46.618244][ T7] ? lock_chain_count+0x20/0x20\n[ 46.619024][ T7] brcmf_bss_connect_done.constprop.0+0x241/0x2e0\n[ 46.620019][ T7] ? brcmf_parse_configure_security.isra.0+0x2a0/0x2a0\n[ 46.620818][ T7] ? __lock_acquire+0x181f/0x5790\n[ 46.621462][ T7] brcmf_notify_connect_status+0x448/0x1950\n[ 46.622134][ T7] ? rcu_read_lock_bh_held+0xb0/0xb0\n[ 46.622736][ T7] ? brcmf_cfg80211_join_ibss+0x7b0/0x7b0\n[ 46.623390][ T7] ? find_held_lock+0x2d/0x110\n[ 46.623962][ T7] ? brcmf_fweh_event_worker+0x19f/0xc60\n[ 46.624603][ T7] ? mark_held_locks+0x9f/0xe0\n[ 46.625145][ T7] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0\n[ 46.625871][ T7] ? brcmf_cfg80211_join_ibss+0x7b0/0x7b0\n[ 46.626545][ T7] brcmf_fweh_call_event_handler.isra.0+0x90/0x100\n[ 46.627338][ T7] brcmf_fweh_event_worker+0x557/0xc60\n[ 46.627962][ T7] ? brcmf_fweh_call_event_handler.isra.0+0x100/0x100\n[ 46.628736][ T7] ? rcu_read_lock_sched_held+0xa1/0xd0\n[ 46.629396][ T7] ? rcu_read_lock_bh_held+0xb0/0xb0\n[ 46.629970][ T7] ? lockdep_hardirqs_on_prepare+0x273/0x3e0\n[ 46.630649][ T7] process_one_work+0x92b/0x1460\n[ 46.631205][ T7] ? pwq_dec_nr_in_flight+0x330/0x330\n[ 46.631821][ T7] ? rwlock_bug.part.0+0x90/0x90\n[ 46.632347][ T7] worker_thread+0x95/0xe00\n[ 46.632832][ T7] ? __kthread_parkme+0x115/0x1e0\n[ 46.633393][ T7] ? process_one_work+0x1460/0x1460\n[ 46.633957][ T7] kthread+0x3a1/0x480\n[ 46.634369][ T7] ? set_kthread_struct+0x120/0x120\n[ 46.634933][ T7] ret_from_fork+0x1f/0x30\n[ 46.635431][ T7]\n[ 46.635687][ T7] Allocated by task 7:\n[ 46.636151][ T7] kasan_save_stack+0x1b/0x40\n[ 46.636628][ T7] __kasan_kmalloc+0x7c/0x90\n[ 46.637108][ T7] kmem_cache_alloc_trace+0x19e/0x330\n[ 46.637696][ T7] brcmf_cfg80211_attach+0x4a0/0x4040\n[ 46.638275][ T7] brcmf_attach+0x389/0xd40\n[ 46.638739][ T7] brcmf_usb_probe+0x12de/0x1690\n[ 46.639279][ T7] usb_probe_interface+0x2aa/0x760\n[ 46.639820][ T7] really_probe+0x205/0xb70\n[ 46.640342][ T7] __driver_probe_device+0\n---truncated---",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-53213"
},
{
"category": "external",
"summary": "RHBZ#2395267",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395267"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-53213",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53213"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-53213",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53213"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025091511-CVE-2023-53213-dfc5@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025091511-CVE-2023-53213-dfc5@gregkh/T"
}
],
"release_date": "2025-09-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-12T13:52:24+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:21128"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies()"
},
{
"cve": "CVE-2023-53226",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2025-09-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2395420"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mwifiex: Fix OOB and integer underflow when rx packets\n\nMake sure mwifiex_process_mgmt_packet,\nmwifiex_process_sta_rx_packet and mwifiex_process_uap_rx_packet,\nmwifiex_uap_queue_bridged_pkt and mwifiex_process_rx_packet\nnot out-of-bounds access the skb-\u003edata buffer.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: wifi: mwifiex: Fix OOB and integer underflow when rx packets",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "A vulnerability in the Marvell mwifiex driver (mwifiex, Marvell Wi-Fi) allows malformed over-the-air frames to trigger out-of-bounds reads and an integer underflow in the RX path, which can crash the kernel or drop packets. Remote code execution is highly unlikely \u2014 the flaw manifests as OOB reads / length miscalculations (leading to OOPS/panic or DoS), not as a controllable arbitrary-write or instruction pointer corruption, so an attacker cannot reliably gain code execution from this bug.\nThis issue only affects systems running the mwifiex driver; if the system does not use Marvell\u2019s mwifiex module there is no exposure.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-53226"
},
{
"category": "external",
"summary": "RHBZ#2395420",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395420"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-53226",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53226"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-53226",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53226"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025091513-CVE-2023-53226-a44a@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025091513-CVE-2023-53226-a44a@gregkh/T"
}
],
"release_date": "2025-09-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-12T13:52:24+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:21128"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent module mwifiex from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: wifi: mwifiex: Fix OOB and integer underflow when rx packets"
},
{
"cve": "CVE-2023-53232",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2025-09-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2395322"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmt76: mt7921: fix kernel panic by accessing unallocated eeprom.data\n\nThe MT7921 driver no longer uses eeprom.data, but the relevant code has not\nbeen removed completely since\ncommit 16d98b548365 (\"mt76: mt7921: rely on mcu_get_nic_capability\").\nThis could result in potential invalid memory access.\n\nTo fix the kernel panic issue in mt7921, it is necessary to avoid accessing\nunallocated eeprom.data which can lead to invalid memory access.\n\nFurthermore, it is possible to entirely eliminate the\nmt7921_mcu_parse_eeprom function and solely depend on\nmt7921_mcu_parse_response to divide the RxD header.\n\n[2.702735] BUG: kernel NULL pointer dereference, address: 0000000000000550\n[2.702740] #PF: supervisor write access in kernel mode\n[2.702741] #PF: error_code(0x0002) - not-present page\n[2.702743] PGD 0 P4D 0\n[2.702747] Oops: 0002 [#1] PREEMPT SMP NOPTI\n[2.702755] RIP: 0010:mt7921_mcu_parse_response+0x147/0x170 [mt7921_common]\n[2.702758] RSP: 0018:ffffae7c00fef828 EFLAGS: 00010286\n[2.702760] RAX: ffffa367f57be024 RBX: ffffa367cc7bf500 RCX: 0000000000000000\n[2.702762] RDX: 0000000000000550 RSI: 0000000000000000 RDI: ffffa367cc7bf500\n[2.702763] RBP: ffffae7c00fef840 R08: ffffa367cb167000 R09: 0000000000000005\n[2.702764] R10: 0000000000000000 R11: ffffffffc04702e4 R12: ffffa367e8329f40\n[2.702766] R13: 0000000000000000 R14: 0000000000000001 R15: ffffa367e8329f40\n[2.702768] FS: 000079ee6cf20c40(0000) GS:ffffa36b2f940000(0000) knlGS:0000000000000000\n[2.702769] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[2.702775] CR2: 0000000000000550 CR3: 00000001233c6004 CR4: 0000000000770ee0\n[2.702776] PKRU: 55555554\n[2.702777] Call Trace:\n[2.702782] mt76_mcu_skb_send_and_get_msg+0xc3/0x11e [mt76 \u003cHASH:1bc4 5\u003e]\n[2.702785] mt7921_run_firmware+0x241/0x853 [mt7921_common \u003cHASH:6a2f 6\u003e]\n[2.702789] mt7921e_mcu_init+0x2b/0x56 [mt7921e \u003cHASH:d290 7\u003e]\n[2.702792] mt7921_register_device+0x2eb/0x5a5 [mt7921_common \u003cHASH:6a2f 6\u003e]\n[2.702795] ? mt7921_irq_tasklet+0x1d4/0x1d4 [mt7921e \u003cHASH:d290 7\u003e]\n[2.702797] mt7921_pci_probe+0x2d6/0x319 [mt7921e \u003cHASH:d290 7\u003e]\n[2.702799] pci_device_probe+0x9f/0x12a",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: mt76: mt7921: fix kernel panic by accessing unallocated eeprom.data",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-53232"
},
{
"category": "external",
"summary": "RHBZ#2395322",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395322"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-53232",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53232"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-53232",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53232"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025091515-CVE-2023-53232-39fa@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025091515-CVE-2023-53232-39fa@gregkh/T"
}
],
"release_date": "2025-09-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-12T13:52:24+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:21128"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: mt76: mt7921: fix kernel panic by accessing unallocated eeprom.data"
},
{
"cve": "CVE-2023-53305",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2025-09-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2395858"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: L2CAP: Fix use-after-free\n\nFix potential use-after-free in l2cap_le_command_rej.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Bluetooth: L2CAP: Fix use-after-free",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This L2CAP issue is adjacency-only (Bluetooth LE): an attacker must be within radio range and craft malicious LE frames. Impact is primarily kernel crash / DoS.\nIt could trigger a use-after-free condition when processing LE command rejection.\nIn practice an attacker must either establish a BLE connection or rely on the device accepting unauthenticated L2CAP traffic. If the device enforces pairing/authentication for L2CAP operations, exploitation from an unauthenticated remote actor is unlikely.\nFixed in Red Hat Enterprise Linux 9 starting from 9.4.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-53305"
},
{
"category": "external",
"summary": "RHBZ#2395858",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395858"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-53305",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53305"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-53305",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53305"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025091641-CVE-2023-53305-b8fe@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025091641-CVE-2023-53305-b8fe@gregkh/T"
}
],
"release_date": "2025-09-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-12T13:52:24+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:21128"
},
{
"category": "workaround",
"details": "To mitigate these vulnerabilities on the operating system level, disable the Bluetooth functionality via blocklisting kernel modules in the Linux kernel. The kernel modules can be prevented from being loaded by using system-wide modprobe rules. Instructions on how to disable Bluetooth modules are available on the customer portal at https://access.redhat.com/solutions/2682931.\n\nAlternatively, bluetooth can be disabled within the hardware or at the BIOS level, which will also provide effective mitigation as the kernel will not detect Bluetooth hardware on the system.",
"product_ids": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Bluetooth: L2CAP: Fix use-after-free"
},
{
"cve": "CVE-2023-53331",
"cwe": {
"id": "CWE-129",
"name": "Improper Validation of Array Index"
},
"discovery_date": "2025-09-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2395880"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npstore/ram: Check start of empty przs during init\n\nAfter commit 30696378f68a (\"pstore/ram: Do not treat empty buffers as\nvalid\"), initialization would assume a prz was valid after seeing that\nthe buffer_size is zero (regardless of the buffer start position). This\nunchecked start value means it could be outside the bounds of the buffer,\nleading to future access panics when written to:\n\n sysdump_panic_event+0x3b4/0x5b8\n atomic_notifier_call_chain+0x54/0x90\n panic+0x1c8/0x42c\n die+0x29c/0x2a8\n die_kernel_fault+0x68/0x78\n __do_kernel_fault+0x1c4/0x1e0\n do_bad_area+0x40/0x100\n do_translation_fault+0x68/0x80\n do_mem_abort+0x68/0xf8\n el1_da+0x1c/0xc0\n __raw_writeb+0x38/0x174\n __memcpy_toio+0x40/0xac\n persistent_ram_update+0x44/0x12c\n persistent_ram_write+0x1a8/0x1b8\n ramoops_pstore_write+0x198/0x1e8\n pstore_console_write+0x94/0xe0\n ...\n\nTo avoid this, also check if the prz start is 0 during the initialization\nphase. If not, the next prz sanity check case will discover it (start \u003e\nsize) and zap the buffer back to a sane state.\n\n[kees: update commit log with backtrace and clarifications]",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: pstore/ram: Check start of empty przs during init",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-53331"
},
{
"category": "external",
"summary": "RHBZ#2395880",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395880"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-53331",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53331"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-53331",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53331"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025091645-CVE-2023-53331-50a3@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025091645-CVE-2023-53331-50a3@gregkh/T"
}
],
"release_date": "2025-09-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-12T13:52:24+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:21128"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: pstore/ram: Check start of empty przs during init"
},
{
"cve": "CVE-2023-53373",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2025-09-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2396379"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: seqiv - Handle EBUSY correctly\n\nAs it is seqiv only handles the special return value of EINPROGERSS,\nwhich means that in all other cases it will free data related to the\nrequest.\n\nHowever, as the caller of seqiv may specify MAY_BACKLOG, we also need\nto expect EBUSY and treat it in the same way. Otherwise backlogged\nrequests will trigger a use-after-free.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: crypto: seqiv - Handle EBUSY correctly",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The flaw is in the seqiv IV generator and can lead to a use-after-free when backlogged crypto requests return -EBUSY. Triggering it is easier locally by flooding the kernel crypto API (e.g. via AF_ALG or many concurrent AEAD requests) because the attacker must create backlog conditions. Remote triggering is much harder and only realistic for specific configurations (for example an in-kernel IPsec/TLS path that uses seqiv for AEAD). In practice this means an unprivileged local user with access to the kernel crypto interface is the most likely threat vector, while a remote attacker would need the target to both use seqiv and be inducible into heavy crypto backlog.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-53373"
},
{
"category": "external",
"summary": "RHBZ#2396379",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2396379"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-53373",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53373"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-53373",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53373"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025091855-CVE-2023-53373-087e@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025091855-CVE-2023-53373-087e@gregkh/T"
}
],
"release_date": "2025-09-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-12T13:52:24+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:21128"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: crypto: seqiv - Handle EBUSY correctly"
},
{
"cve": "CVE-2023-53386",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2025-09-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2396419"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: Fix potential use-after-free when clear keys\n\nSimilar to commit c5d2b6fa26b5 (\"Bluetooth: Fix use-after-free in\nhci_remove_ltk/hci_remove_irk\"). We can not access k after kfree_rcu()\ncall.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Bluetooth: Fix potential use-after-free when clear keys",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "A use-after-free bug was identified in the Bluetooth stack when clearing link and security keys. The code iterated with list_for_each_entry() and freed items with kfree_rcu(), allowing access to freed memory.\nA local user with Bluetooth administration privileges (e.g. able to unpair devices, reset the adapter or manage stored keys) can reliably trigger this bug, causing use-after-free and likely DoS/kernel crash. And the confidential data leakage from freed memory is theoretically possible. Triggering this remotely is difficult \u2014 an unauthenticated/unknown device generally cannot force the kernel to clear those local key lists \u2014 and would realistically require a device that is already paired/authenticated (or otherwise an exploit chain) to influence the same code paths.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-53386"
},
{
"category": "external",
"summary": "RHBZ#2396419",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2396419"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-53386",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53386"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-53386",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53386"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025091857-CVE-2023-53386-8ab2@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025091857-CVE-2023-53386-8ab2@gregkh/T"
}
],
"release_date": "2025-09-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-12T13:52:24+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:21128"
},
{
"category": "workaround",
"details": "To mitigate these vulnerabilities on the operating system level, disable the Bluetooth functionality via blocklisting kernel modules in the Linux kernel. The kernel modules can be prevented from being loaded by using system-wide modprobe rules. Instructions on how to disable Bluetooth modules are available on the customer portal at https://access.redhat.com/solutions/2682931.\n\nAlternatively, bluetooth can be disabled within the hardware or at the BIOS level, which will also provide effective mitigation as the kernel will not detect Bluetooth hardware on the system.",
"product_ids": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Bluetooth: Fix potential use-after-free when clear keys"
},
{
"cve": "CVE-2023-53401",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"discovery_date": "2025-09-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2396417"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: kmem: fix a NULL pointer dereference in obj_stock_flush_required()\n\nKCSAN found an issue in obj_stock_flush_required():\nstock-\u003ecached_objcg can be reset between the check and dereference:\n\n==================================================================\nBUG: KCSAN: data-race in drain_all_stock / drain_obj_stock\n\nwrite to 0xffff888237c2a2f8 of 8 bytes by task 19625 on cpu 0:\n drain_obj_stock+0x408/0x4e0 mm/memcontrol.c:3306\n refill_obj_stock+0x9c/0x1e0 mm/memcontrol.c:3340\n obj_cgroup_uncharge+0xe/0x10 mm/memcontrol.c:3408\n memcg_slab_free_hook mm/slab.h:587 [inline]\n __cache_free mm/slab.c:3373 [inline]\n __do_kmem_cache_free mm/slab.c:3577 [inline]\n kmem_cache_free+0x105/0x280 mm/slab.c:3602\n __d_free fs/dcache.c:298 [inline]\n dentry_free fs/dcache.c:375 [inline]\n __dentry_kill+0x422/0x4a0 fs/dcache.c:621\n dentry_kill+0x8d/0x1e0\n dput+0x118/0x1f0 fs/dcache.c:913\n __fput+0x3bf/0x570 fs/file_table.c:329\n ____fput+0x15/0x20 fs/file_table.c:349\n task_work_run+0x123/0x160 kernel/task_work.c:179\n resume_user_mode_work include/linux/resume_user_mode.h:49 [inline]\n exit_to_user_mode_loop+0xcf/0xe0 kernel/entry/common.c:171\n exit_to_user_mode_prepare+0x6a/0xa0 kernel/entry/common.c:203\n __syscall_exit_to_user_mode_work kernel/entry/common.c:285 [inline]\n syscall_exit_to_user_mode+0x26/0x140 kernel/entry/common.c:296\n do_syscall_64+0x4d/0xc0 arch/x86/entry/common.c:86\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nread to 0xffff888237c2a2f8 of 8 bytes by task 19632 on cpu 1:\n obj_stock_flush_required mm/memcontrol.c:3319 [inline]\n drain_all_stock+0x174/0x2a0 mm/memcontrol.c:2361\n try_charge_memcg+0x6d0/0xd10 mm/memcontrol.c:2703\n try_charge mm/memcontrol.c:2837 [inline]\n mem_cgroup_charge_skmem+0x51/0x140 mm/memcontrol.c:7290\n sock_reserve_memory+0xb1/0x390 net/core/sock.c:1025\n sk_setsockopt+0x800/0x1e70 net/core/sock.c:1525\n udp_lib_setsockopt+0x99/0x6c0 net/ipv4/udp.c:2692\n udp_setsockopt+0x73/0xa0 net/ipv4/udp.c:2817\n sock_common_setsockopt+0x61/0x70 net/core/sock.c:3668\n __sys_setsockopt+0x1c3/0x230 net/socket.c:2271\n __do_sys_setsockopt net/socket.c:2282 [inline]\n __se_sys_setsockopt net/socket.c:2279 [inline]\n __x64_sys_setsockopt+0x66/0x80 net/socket.c:2279\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nvalue changed: 0xffff8881382d52c0 -\u003e 0xffff888138893740\n\nReported by Kernel Concurrency Sanitizer on:\nCPU: 1 PID: 19632 Comm: syz-executor.0 Not tainted 6.3.0-rc2-syzkaller-00387-g534293368afa #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023\n\nFix it by using READ_ONCE()/WRITE_ONCE() for all accesses to\nstock-\u003ecached_objcg.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: mm: kmem: fix a NULL pointer dereference in obj_stock_flush_required()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "A race in the memcg/objcg accounting allowed stock-\u003ecached_objcg to change between check and use, leading to a NULL pointer dereference and kernel crash under concurrency. The fix uses READ_ONCE/WRITE_ONCE for all accesses to cached_objcg, eliminating the data race observed by KCSAN. Impact is a local kernel DoS",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-53401"
},
{
"category": "external",
"summary": "RHBZ#2396417",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2396417"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-53401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53401"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-53401",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53401"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025091800-CVE-2023-53401-b668@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025091800-CVE-2023-53401-b668@gregkh/T"
}
],
"release_date": "2025-09-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-12T13:52:24+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:21128"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: mm: kmem: fix a NULL pointer dereference in obj_stock_flush_required()"
},
{
"cve": "CVE-2023-53494",
"cwe": {
"id": "CWE-664",
"name": "Improper Control of a Resource Through its Lifetime"
},
"discovery_date": "2025-10-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2400777"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: xts - Handle EBUSY correctly\n\nAs it is xts only handles the special return value of EINPROGRESS,\nwhich means that in all other cases it will free data related to the\nrequest.\n\nHowever, as the caller of xts may specify MAY_BACKLOG, we also need\nto expect EBUSY and treat it in the same way. Otherwise backlogged\nrequests will trigger a use-after-free.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: crypto: xts - Handle EBUSY correctly",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The patch fixes a use-after-free in the XTS skcipher template where -EBUSY from the crypto backend (with MAY_BACKLOG) was not treated like -EINPROGRESS, causing request data to be freed while still referenced.\nImpact is kernel memory corruption (high integrity/availability impact).\nFor the CVSS the PR:L because triggering requires the ability to invoke kernel crypto operations (e.g., via AF_ALG skcipher XTS) and craft conditions that lead to a backlogged request.\nNote: In a standard Linux installation, this vulnerability can only be triggered by the root user, since access to the kernel crypto API (e.g., via AF_ALG sockets or device-mapper targets using XTS mode) requires CAP_SYS_ADMIN privileges.\nHowever, in specific environments such as containers or sandboxed setups where unprivileged users are granted CAP_SYS_ADMIN (or equivalent capabilities), a non-root user within that environment may also be able to exploit the issue.\nIn hardened setups where AF_ALG is restricted, this path may be limited to privileged users.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-53494"
},
{
"category": "external",
"summary": "RHBZ#2400777",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2400777"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-53494",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53494"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-53494",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53494"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025100124-CVE-2023-53494-6542@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025100124-CVE-2023-53494-6542@gregkh/T"
}
],
"release_date": "2025-10-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-12T13:52:24+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:21128"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent module xts from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: crypto: xts - Handle EBUSY correctly"
},
{
"cve": "CVE-2025-38614",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2025-08-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2389491"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\neventpoll: Fix semi-unbounded recursion\n\nEnsure that epoll instances can never form a graph deeper than\nEP_MAX_NESTS+1 links.\n\nCurrently, ep_loop_check_proc() ensures that the graph is loop-free and\ndoes some recursion depth checks, but those recursion depth checks don\u0027t\nlimit the depth of the resulting tree for two reasons:\n\n - They don\u0027t look upwards in the tree.\n - If there are multiple downwards paths of different lengths, only one of\n the paths is actually considered for the depth check since commit\n 28d82dc1c4ed (\"epoll: limit paths\").\n\nEssentially, the current recursion depth check in ep_loop_check_proc() just\nserves to prevent it from recursing too deeply while checking for loops.\n\nA more thorough check is done in reverse_path_check() after the new graph\nedge has already been created; this checks, among other things, that no\npaths going upwards from any non-epoll file with a length of more than 5\nedges exist. However, this check does not apply to non-epoll files.\n\nAs a result, it is possible to recurse to a depth of at least roughly 500,\ntested on v6.15. (I am unsure if deeper recursion is possible; and this may\nhave changed with commit 8c44dac8add7 (\"eventpoll: Fix priority inversion\nproblem\").)\n\nTo fix it:\n\n1. In ep_loop_check_proc(), note the subtree depth of each visited node,\nand use subtree depths for the total depth calculation even when a subtree\nhas already been visited.\n2. Add ep_get_upwards_depth_proc() for similarly determining the maximum\ndepth of an upwards walk.\n3. In ep_loop_check(), use these values to limit the total path length\nbetween epoll nodes to EP_MAX_NESTS edges.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: eventpoll: Fix semi-unbounded recursion",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "A local unprivileged user can trigger this issue by creating deeply nested chains of epoll file descriptors using the standard epoll_create and epoll_ctl syscalls. No special capabilities or elevated rights are required \u2014 any user with the ability to open file descriptors can exploit it. This can lead to excessive kernel stack usage and ultimately a denial of service (system crash).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-38614"
},
{
"category": "external",
"summary": "RHBZ#2389491",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2389491"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-38614",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38614"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-38614",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-38614"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025081924-CVE-2025-38614-883c@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025081924-CVE-2025-38614-883c@gregkh/T"
}
],
"release_date": "2025-08-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-12T13:52:24+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:21128"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: eventpoll: Fix semi-unbounded recursion"
},
{
"cve": "CVE-2025-39697",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"discovery_date": "2025-09-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2393481"
}
],
"notes": [
{
"category": "description",
"text": "A flaw use after free in the Linux kernel NFS functionality was found in the way connected user sends malicious data to the server. A remote user could use this flaw to crash the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: NFS: Fix a race when updating an existing write",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "A race condition in the NFS write path allowed a request to be removed after it was checked but before the page-group lock was taken. The fix acquires the page-group lock earlier and holds it across request removal, preventing use-after-state races. This can be triggered by a client with write access to an export and may lead to a kernel crash (remote DoS).\nThis race condition is difficult to trigger in practice, as it requires several conditions to align (concurrent write activity and timing), and there is no evidence of remote control over memory contents. Therefore the most likely outcome is a denial of service (Availability: High), with Confidentiality and Integrity unaffected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-39697"
},
{
"category": "external",
"summary": "RHBZ#2393481",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2393481"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-39697",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39697"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-39697",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-39697"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025090548-CVE-2025-39697-5284@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025090548-CVE-2025-39697-5284@gregkh/T"
}
],
"release_date": "2025-09-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-12T13:52:24+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:21128"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent module nfs from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.146.1.rt14.431.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: NFS: Fix a race when updating an existing write"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…