rhsa-2025:21667
Vulnerability from csaf_redhat
Published
2025-11-18 09:02
Modified
2025-11-21 19:31
Summary
Red Hat Security Advisory: kernel security update
Notes
Topic
An update for kernel is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
* kernel: nfsd: don't ignore the return code of svc_proc_register() (CVE-2025-22026)
* kernel: net_sched: hfsc: Fix a UAF vulnerability in class handling (CVE-2025-37797)
* kernel: net: usb: smsc75xx: Limit packet length to skb->len (CVE-2023-53125)
* kernel: ALSA: bcd2000: Fix a UAF bug on the error path of probing (CVE-2022-50229)
* kernel: KVM: SVM: Don't BUG if userspace injects an interrupt with GIF=0 (CVE-2022-50228)
* kernel: firmware: arm_scpi: Ensure scpi_info is not assigned if the probe fails (CVE-2022-50087)
* kernel: drm/amd/display: clear optc underflow before turn off odm clock (CVE-2022-49969)
* kernel: mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race (CVE-2025-38085)
* kernel: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds (CVE-2025-38159)
* kernel: i40e: fix MMIO write access to an invalid page in i40e_clear_hw (CVE-2025-38200)
* kernel: RDMA/iwcm: Fix use-after-free of work objects after cm_id destruction (CVE-2025-38211)
* kernel: scsi: lpfc: Use memcpy() for BIOS version (CVE-2025-38332)
* kernel: drm/gem: Acquire references on GEM handles for framebuffers (CVE-2025-38449)
* kernel: net/sched: sch_qfq: Fix race condition on qfq_aggregate (CVE-2025-38477)
* kernel: do_change_type(): refuse to operate on unmounted/not ours mounts (CVE-2025-38498)
* kernel: smb: client: fix use-after-free in cifs_oplock_break (CVE-2025-38527)
* kernel: HID: core: Harden s32ton() against conversion to 0 bits (CVE-2025-38556)
* kernel: tls: separate no-async decryption request handling from async (CVE-2024-58240)
* kernel: NFS: Fix filehandle bounds checking in nfs_fh_to_dentry() (CVE-2025-39730)
* kernel: ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control (CVE-2025-39751)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for kernel is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* kernel: nfsd: don\u0027t ignore the return code of svc_proc_register() (CVE-2025-22026)\n\n* kernel: net_sched: hfsc: Fix a UAF vulnerability in class handling (CVE-2025-37797)\n\n* kernel: net: usb: smsc75xx: Limit packet length to skb-\u003elen (CVE-2023-53125)\n\n* kernel: ALSA: bcd2000: Fix a UAF bug on the error path of probing (CVE-2022-50229)\n\n* kernel: KVM: SVM: Don\u0027t BUG if userspace injects an interrupt with GIF=0 (CVE-2022-50228)\n\n* kernel: firmware: arm_scpi: Ensure scpi_info is not assigned if the probe fails (CVE-2022-50087)\n\n* kernel: drm/amd/display: clear optc underflow before turn off odm clock (CVE-2022-49969)\n\n* kernel: mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race (CVE-2025-38085)\n\n* kernel: wifi: rtw88: fix the \u0027para\u0027 buffer size to avoid reading out of bounds (CVE-2025-38159)\n\n* kernel: i40e: fix MMIO write access to an invalid page in i40e_clear_hw (CVE-2025-38200)\n\n* kernel: RDMA/iwcm: Fix use-after-free of work objects after cm_id destruction (CVE-2025-38211)\n\n* kernel: scsi: lpfc: Use memcpy() for BIOS version (CVE-2025-38332)\n\n* kernel: drm/gem: Acquire references on GEM handles for framebuffers (CVE-2025-38449)\n\n* kernel: net/sched: sch_qfq: Fix race condition on qfq_aggregate (CVE-2025-38477)\n\n* kernel: do_change_type(): refuse to operate on unmounted/not ours mounts (CVE-2025-38498)\n\n* kernel: smb: client: fix use-after-free in cifs_oplock_break (CVE-2025-38527)\n\n* kernel: HID: core: Harden s32ton() against conversion to 0 bits (CVE-2025-38556)\n\n* kernel: tls: separate no-async decryption request handling from async (CVE-2024-58240)\n\n* kernel: NFS: Fix filehandle bounds checking in nfs_fh_to_dentry() (CVE-2025-39730)\n\n* kernel: ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control (CVE-2025-39751)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:21667",
"url": "https://access.redhat.com/errata/RHSA-2025:21667"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2360224",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2360224"
},
{
"category": "external",
"summary": "2363672",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2363672"
},
{
"category": "external",
"summary": "2363686",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2363686"
},
{
"category": "external",
"summary": "2373460",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2373460"
},
{
"category": "external",
"summary": "2373529",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2373529"
},
{
"category": "external",
"summary": "2373539",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2373539"
},
{
"category": "external",
"summary": "2373635",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2373635"
},
{
"category": "external",
"summary": "2375304",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2375304"
},
{
"category": "external",
"summary": "2376064",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2376064"
},
{
"category": "external",
"summary": "2376392",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2376392"
},
{
"category": "external",
"summary": "2376406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2376406"
},
{
"category": "external",
"summary": "2379246",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2379246"
},
{
"category": "external",
"summary": "2383519",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2383519"
},
{
"category": "external",
"summary": "2383922",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2383922"
},
{
"category": "external",
"summary": "2384422",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2384422"
},
{
"category": "external",
"summary": "2388928",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2388928"
},
{
"category": "external",
"summary": "2389456",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2389456"
},
{
"category": "external",
"summary": "2391431",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2391431"
},
{
"category": "external",
"summary": "2393731",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2393731"
},
{
"category": "external",
"summary": "2394624",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2394624"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_21667.json"
}
],
"title": "Red Hat Security Advisory: kernel security update",
"tracking": {
"current_release_date": "2025-11-21T19:31:49+00:00",
"generator": {
"date": "2025-11-21T19:31:49+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2025:21667",
"initial_release_date": "2025-11-18T09:02:45+00:00",
"revision_history": [
{
"date": "2025-11-18T09:02:45+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-11-18T09:02:45+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T19:31:49+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_aus:8.2::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "bpftool-0:4.18.0-193.173.1.el8_2.x86_64",
"product": {
"name": "bpftool-0:4.18.0-193.173.1.el8_2.x86_64",
"product_id": "bpftool-0:4.18.0-193.173.1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bpftool@4.18.0-193.173.1.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-0:4.18.0-193.173.1.el8_2.x86_64",
"product": {
"name": "kernel-0:4.18.0-193.173.1.el8_2.x86_64",
"product_id": "kernel-0:4.18.0-193.173.1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel@4.18.0-193.173.1.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-core-0:4.18.0-193.173.1.el8_2.x86_64",
"product": {
"name": "kernel-core-0:4.18.0-193.173.1.el8_2.x86_64",
"product_id": "kernel-core-0:4.18.0-193.173.1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-core@4.18.0-193.173.1.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-0:4.18.0-193.173.1.el8_2.x86_64",
"product": {
"name": "kernel-debug-0:4.18.0-193.173.1.el8_2.x86_64",
"product_id": "kernel-debug-0:4.18.0-193.173.1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug@4.18.0-193.173.1.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-core-0:4.18.0-193.173.1.el8_2.x86_64",
"product": {
"name": "kernel-debug-core-0:4.18.0-193.173.1.el8_2.x86_64",
"product_id": "kernel-debug-core-0:4.18.0-193.173.1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-core@4.18.0-193.173.1.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"product": {
"name": "kernel-debug-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"product_id": "kernel-debug-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-devel@4.18.0-193.173.1.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"product": {
"name": "kernel-debug-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"product_id": "kernel-debug-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules@4.18.0-193.173.1.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"product": {
"name": "kernel-debug-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"product_id": "kernel-debug-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules-extra@4.18.0-193.173.1.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"product": {
"name": "kernel-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"product_id": "kernel-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-devel@4.18.0-193.173.1.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"product": {
"name": "kernel-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"product_id": "kernel-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules@4.18.0-193.173.1.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"product": {
"name": "kernel-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"product_id": "kernel-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules-extra@4.18.0-193.173.1.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-0:4.18.0-193.173.1.el8_2.x86_64",
"product": {
"name": "kernel-tools-0:4.18.0-193.173.1.el8_2.x86_64",
"product_id": "kernel-tools-0:4.18.0-193.173.1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools@4.18.0-193.173.1.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-libs-0:4.18.0-193.173.1.el8_2.x86_64",
"product": {
"name": "kernel-tools-libs-0:4.18.0-193.173.1.el8_2.x86_64",
"product_id": "kernel-tools-libs-0:4.18.0-193.173.1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-libs@4.18.0-193.173.1.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "perf-0:4.18.0-193.173.1.el8_2.x86_64",
"product": {
"name": "perf-0:4.18.0-193.173.1.el8_2.x86_64",
"product_id": "perf-0:4.18.0-193.173.1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/perf@4.18.0-193.173.1.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-perf-0:4.18.0-193.173.1.el8_2.x86_64",
"product": {
"name": "python3-perf-0:4.18.0-193.173.1.el8_2.x86_64",
"product_id": "python3-perf-0:4.18.0-193.173.1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-perf@4.18.0-193.173.1.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "bpftool-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"product": {
"name": "bpftool-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"product_id": "bpftool-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bpftool-debuginfo@4.18.0-193.173.1.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"product": {
"name": "kernel-debug-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"product_id": "kernel-debug-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-debuginfo@4.18.0-193.173.1.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"product": {
"name": "kernel-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"product_id": "kernel-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo@4.18.0-193.173.1.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-common-x86_64-0:4.18.0-193.173.1.el8_2.x86_64",
"product": {
"name": "kernel-debuginfo-common-x86_64-0:4.18.0-193.173.1.el8_2.x86_64",
"product_id": "kernel-debuginfo-common-x86_64-0:4.18.0-193.173.1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo-common-x86_64@4.18.0-193.173.1.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"product": {
"name": "kernel-tools-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"product_id": "kernel-tools-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-debuginfo@4.18.0-193.173.1.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"product": {
"name": "perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"product_id": "perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/perf-debuginfo@4.18.0-193.173.1.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"product": {
"name": "python3-perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"product_id": "python3-perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-perf-debuginfo@4.18.0-193.173.1.el8_2?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-0:4.18.0-193.173.1.el8_2.src",
"product": {
"name": "kernel-0:4.18.0-193.173.1.el8_2.src",
"product_id": "kernel-0:4.18.0-193.173.1.el8_2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel@4.18.0-193.173.1.el8_2?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-abi-whitelists-0:4.18.0-193.173.1.el8_2.noarch",
"product": {
"name": "kernel-abi-whitelists-0:4.18.0-193.173.1.el8_2.noarch",
"product_id": "kernel-abi-whitelists-0:4.18.0-193.173.1.el8_2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-abi-whitelists@4.18.0-193.173.1.el8_2?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "kernel-doc-0:4.18.0-193.173.1.el8_2.noarch",
"product": {
"name": "kernel-doc-0:4.18.0-193.173.1.el8_2.noarch",
"product_id": "kernel-doc-0:4.18.0-193.173.1.el8_2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-doc@4.18.0-193.173.1.el8_2?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "bpftool-0:4.18.0-193.173.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.173.1.el8_2.x86_64"
},
"product_reference": "bpftool-0:4.18.0-193.173.1.el8_2.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bpftool-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64"
},
"product_reference": "bpftool-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:4.18.0-193.173.1.el8_2.src as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.src"
},
"product_reference": "kernel-0:4.18.0-193.173.1.el8_2.src",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:4.18.0-193.173.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.x86_64"
},
"product_reference": "kernel-0:4.18.0-193.173.1.el8_2.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-abi-whitelists-0:4.18.0-193.173.1.el8_2.noarch as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.173.1.el8_2.noarch"
},
"product_reference": "kernel-abi-whitelists-0:4.18.0-193.173.1.el8_2.noarch",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-core-0:4.18.0-193.173.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.173.1.el8_2.x86_64"
},
"product_reference": "kernel-core-0:4.18.0-193.173.1.el8_2.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-0:4.18.0-193.173.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.173.1.el8_2.x86_64"
},
"product_reference": "kernel-debug-0:4.18.0-193.173.1.el8_2.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-core-0:4.18.0-193.173.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.173.1.el8_2.x86_64"
},
"product_reference": "kernel-debug-core-0:4.18.0-193.173.1.el8_2.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64"
},
"product_reference": "kernel-debug-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-0:4.18.0-193.173.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.173.1.el8_2.x86_64"
},
"product_reference": "kernel-debug-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-0:4.18.0-193.173.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.173.1.el8_2.x86_64"
},
"product_reference": "kernel-debug-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64"
},
"product_reference": "kernel-debug-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64"
},
"product_reference": "kernel-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-common-x86_64-0:4.18.0-193.173.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.173.1.el8_2.x86_64"
},
"product_reference": "kernel-debuginfo-common-x86_64-0:4.18.0-193.173.1.el8_2.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-0:4.18.0-193.173.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.173.1.el8_2.x86_64"
},
"product_reference": "kernel-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-doc-0:4.18.0-193.173.1.el8_2.noarch as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.173.1.el8_2.noarch"
},
"product_reference": "kernel-doc-0:4.18.0-193.173.1.el8_2.noarch",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-0:4.18.0-193.173.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.173.1.el8_2.x86_64"
},
"product_reference": "kernel-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64"
},
"product_reference": "kernel-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-0:4.18.0-193.173.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.173.1.el8_2.x86_64"
},
"product_reference": "kernel-tools-0:4.18.0-193.173.1.el8_2.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64"
},
"product_reference": "kernel-tools-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-libs-0:4.18.0-193.173.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.173.1.el8_2.x86_64"
},
"product_reference": "kernel-tools-libs-0:4.18.0-193.173.1.el8_2.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-0:4.18.0-193.173.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.173.1.el8_2.x86_64"
},
"product_reference": "perf-0:4.18.0-193.173.1.el8_2.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64"
},
"product_reference": "perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-perf-0:4.18.0-193.173.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.173.1.el8_2.x86_64"
},
"product_reference": "python3-perf-0:4.18.0-193.173.1.el8_2.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64"
},
"product_reference": "python3-perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-49969",
"discovery_date": "2025-06-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2373635"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: clear optc underflow before turn off odm clock\n\n[Why]\nAfter ODM clock off, optc underflow bit will be kept there always and clear not work.\nWe need to clear that before clock off.\n\n[How]\nClear that if have when clock off.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: drm/amd/display: clear optc underflow before turn off odm clock",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-49969"
},
{
"category": "external",
"summary": "RHBZ#2373635",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2373635"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-49969",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49969"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-49969",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-49969"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025061816-CVE-2022-49969-fd54@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025061816-CVE-2022-49969-fd54@gregkh/T"
}
],
"release_date": "2025-06-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-18T09:02:45+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64"
],
"restart_required": {
"category": "machine"
},
"url": "https://access.redhat.com/errata/RHSA-2025:21667"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: drm/amd/display: clear optc underflow before turn off odm clock"
},
{
"cve": "CVE-2022-50087",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2025-06-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2373539"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfirmware: arm_scpi: Ensure scpi_info is not assigned if the probe fails\n\nWhen scpi probe fails, at any point, we need to ensure that the scpi_info\nis not set and will remain NULL until the probe succeeds. If it is not\ntaken care, then it could result use-after-free as the value is exported\nvia get_scpi_ops() and could refer to a memory allocated via devm_kzalloc()\nbut freed when the probe fails.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: firmware: arm_scpi: Ensure scpi_info is not assigned if the probe fails",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-50087"
},
{
"category": "external",
"summary": "RHBZ#2373539",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2373539"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-50087",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50087"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-50087",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-50087"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025061859-CVE-2022-50087-53b1@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025061859-CVE-2022-50087-53b1@gregkh/T"
}
],
"release_date": "2025-06-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-18T09:02:45+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64"
],
"restart_required": {
"category": "machine"
},
"url": "https://access.redhat.com/errata/RHSA-2025:21667"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: firmware: arm_scpi: Ensure scpi_info is not assigned if the probe fails"
},
{
"cve": "CVE-2022-50228",
"discovery_date": "2025-06-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2373529"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: SVM: Don\u0027t BUG if userspace injects an interrupt with GIF=0\n\nDon\u0027t BUG/WARN on interrupt injection due to GIF being cleared,\nsince it\u0027s trivial for userspace to force the situation via\nKVM_SET_VCPU_EVENTS (even if having at least a WARN there would be correct\nfor KVM internally generated injections).\n\n kernel BUG at arch/x86/kvm/svm/svm.c:3386!\n invalid opcode: 0000 [#1] SMP\n CPU: 15 PID: 926 Comm: smm_test Not tainted 5.17.0-rc3+ #264\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 0.0.0 02/06/2015\n RIP: 0010:svm_inject_irq+0xab/0xb0 [kvm_amd]\n Code: \u003c0f\u003e 0b 0f 1f 00 0f 1f 44 00 00 80 3d ac b3 01 00 00 55 48 89 f5 53\n RSP: 0018:ffffc90000b37d88 EFLAGS: 00010246\n RAX: 0000000000000000 RBX: ffff88810a234ac0 RCX: 0000000000000006\n RDX: 0000000000000000 RSI: ffffc90000b37df7 RDI: ffff88810a234ac0\n RBP: ffffc90000b37df7 R08: ffff88810a1fa410 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000\n R13: ffff888109571000 R14: ffff88810a234ac0 R15: 0000000000000000\n FS: 0000000001821380(0000) GS:ffff88846fdc0000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f74fc550008 CR3: 000000010a6fe000 CR4: 0000000000350ea0\n Call Trace:\n \u003cTASK\u003e\n inject_pending_event+0x2f7/0x4c0 [kvm]\n kvm_arch_vcpu_ioctl_run+0x791/0x17a0 [kvm]\n kvm_vcpu_ioctl+0x26d/0x650 [kvm]\n __x64_sys_ioctl+0x82/0xb0\n do_syscall_64+0x3b/0xc0\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n \u003c/TASK\u003e",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: KVM: SVM: Don\u0027t BUG if userspace injects an interrupt with GIF=0",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-50228"
},
{
"category": "external",
"summary": "RHBZ#2373529",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2373529"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-50228",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50228"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-50228",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-50228"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025061849-CVE-2022-50228-3904@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025061849-CVE-2022-50228-3904@gregkh/T"
}
],
"release_date": "2025-06-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-18T09:02:45+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64"
],
"restart_required": {
"category": "machine"
},
"url": "https://access.redhat.com/errata/RHSA-2025:21667"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: KVM: SVM: Don\u0027t BUG if userspace injects an interrupt with GIF=0"
},
{
"cve": "CVE-2022-50229",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2025-06-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2373460"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: bcd2000: Fix a UAF bug on the error path of probing\n\nWhen the driver fails in snd_card_register() at probe time, it will free\nthe \u0027bcd2k-\u003emidi_out_urb\u0027 before killing it, which may cause a UAF bug.\n\nThe following log can reveal it:\n\n[ 50.727020] BUG: KASAN: use-after-free in bcd2000_input_complete+0x1f1/0x2e0 [snd_bcd2000]\n[ 50.727623] Read of size 8 at addr ffff88810fab0e88 by task swapper/4/0\n[ 50.729530] Call Trace:\n[ 50.732899] bcd2000_input_complete+0x1f1/0x2e0 [snd_bcd2000]\n\nFix this by adding usb_kill_urb() before usb_free_urb().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: ALSA: bcd2000: Fix a UAF bug on the error path of probing",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-50229"
},
{
"category": "external",
"summary": "RHBZ#2373460",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2373460"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-50229",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50229"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-50229",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-50229"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025061850-CVE-2022-50229-702e@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025061850-CVE-2022-50229-702e@gregkh/T"
}
],
"release_date": "2025-06-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-18T09:02:45+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64"
],
"restart_required": {
"category": "machine"
},
"url": "https://access.redhat.com/errata/RHSA-2025:21667"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: ALSA: bcd2000: Fix a UAF bug on the error path of probing"
},
{
"cve": "CVE-2023-53125",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2025-05-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2363686"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: usb: smsc75xx: Limit packet length to skb-\u003elen\n\nPacket length retrieved from skb data may be larger than\nthe actual socket buffer length (up to 9026 bytes). In such\ncase the cloned skb passed up the network stack will leak\nkernel memory contents.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: net: usb: smsc75xx: Limit packet length to skb-\u003elen",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerability in SMSC LAN75XX based USB 2.0 gigabit ethernet devices driver arises because the driver fails to properly validate packet length fields when receiving network frames. Specifically, the code used size values that could exceed the actual skb-\u003elen, leading to a situation where kernel memory beyond the buffer is copied into the outgoing skb. If the driver is active, a remote attacker on the same network can send oversized Ethernet frames to trigger this bug, resulting in leakage of uninitialized kernel memory (CIA: HNN, Confidentiality: High).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-53125"
},
{
"category": "external",
"summary": "RHBZ#2363686",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2363686"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-53125",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53125"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-53125",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53125"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025050232-CVE-2023-53125-67cf@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025050232-CVE-2023-53125-67cf@gregkh/T"
}
],
"release_date": "2025-05-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-18T09:02:45+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64"
],
"restart_required": {
"category": "machine"
},
"url": "https://access.redhat.com/errata/RHSA-2025:21667"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent module smsc75xx from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: net: usb: smsc75xx: Limit packet length to skb-\u003elen"
},
{
"cve": "CVE-2024-58240",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2025-08-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2391431"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntls: separate no-async decryption request handling from async\n\nIf we\u0027re not doing async, the handling is much simpler. There\u0027s no\nreference counting, we just need to wait for the completion to wake us\nup and return its result.\n\nWe should preferably also use a separate crypto_wait. I\u0027m not seeing a\nUAF as I did in the past, I think aec7961916f3 (\"tls: fix race between\nasync notify and socket close\") took care of it.\n\nThis will make the next fix easier.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: tls: separate no-async decryption request handling from async",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This patch refactors TLS RX decryption to use a separate, stack-local crypto_wait for the non-async path and bypass the async reference-counting/notification logic. It doesn\u2019t fix a user-triggerable bug by itself; it\u2019s a correctness/simplification change that reduces coupling and prepares the ground for a follow-up fix (\u201ctls: fix use-after-free on failed backlog decryption\u201d). No externally exploitable behavior changes are introduced.\nThe bug is actual for the older versions of Red Hat Enterprise Linux (before 9.3 and for all versions of the Red Hat Enterprise Linux 8) where patch aec7961916f3 \"tls: fix race between async notify and socket close\" not backported yet.\nThe CVSS being calculated for worse case scenario where the previous patch aec7961916f3 not applied yet (that leads to the use after free possibility).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-58240"
},
{
"category": "external",
"summary": "RHBZ#2391431",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2391431"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-58240",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58240"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-58240",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-58240"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025082836-CVE-2024-58240-b2b3@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025082836-CVE-2024-58240-b2b3@gregkh/T"
}
],
"release_date": "2025-08-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-18T09:02:45+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64"
],
"restart_required": {
"category": "machine"
},
"url": "https://access.redhat.com/errata/RHSA-2025:21667"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent module tls from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: tls: separate no-async decryption request handling from async"
},
{
"cve": "CVE-2025-22026",
"cwe": {
"id": "CWE-252",
"name": "Unchecked Return Value"
},
"discovery_date": "2025-04-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2360224"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: don\u0027t ignore the return code of svc_proc_register()\n\nCurrently, nfsd_proc_stat_init() ignores the return value of\nsvc_proc_register(). If the procfile creation fails, then the kernel\nwill WARN when it tries to remove the entry later.\n\nFix nfsd_proc_stat_init() to return the same type of pointer as\nsvc_proc_register(), and fix up nfsd_net_init() to check that and fail\nthe nfsd_net construction if it occurs.\n\nsvc_proc_register() can fail if the dentry can\u0027t be allocated, or if an\nidentical dentry already exists. The second case is pretty unlikely in\nthe nfsd_net construction codepath, so if this happens, return -ENOMEM.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: nfsd: don\u0027t ignore the return code of svc_proc_register()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22026"
},
{
"category": "external",
"summary": "RHBZ#2360224",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2360224"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22026",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22026"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22026",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22026"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025041654-CVE-2025-22026-f6be@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025041654-CVE-2025-22026-f6be@gregkh/T"
}
],
"release_date": "2025-04-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-18T09:02:45+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64"
],
"restart_required": {
"category": "machine"
},
"url": "https://access.redhat.com/errata/RHSA-2025:21667"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: nfsd: don\u0027t ignore the return code of svc_proc_register()"
},
{
"cve": "CVE-2025-37797",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2025-05-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2363672"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: hfsc: Fix a UAF vulnerability in class handling\n\nThis patch fixes a Use-After-Free vulnerability in the HFSC qdisc class\nhandling. The issue occurs due to a time-of-check/time-of-use condition\nin hfsc_change_class() when working with certain child qdiscs like netem\nor codel.\n\nThe vulnerability works as follows:\n1. hfsc_change_class() checks if a class has packets (q.qlen != 0)\n2. It then calls qdisc_peek_len(), which for certain qdiscs (e.g.,\n codel, netem) might drop packets and empty the queue\n3. The code continues assuming the queue is still non-empty, adding\n the class to vttree\n4. This breaks HFSC scheduler assumptions that only non-empty classes\n are in vttree\n5. Later, when the class is destroyed, this can lead to a Use-After-Free\n\nThe fix adds a second queue length check after qdisc_peek_len() to verify\nthe queue wasn\u0027t emptied.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: net_sched: hfsc: Fix a UAF vulnerability in class handling",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The bug could happen only when qdisc with child qdiscs like netem or codel being used.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-37797"
},
{
"category": "external",
"summary": "RHBZ#2363672",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2363672"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-37797",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37797"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-37797",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-37797"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025050210-CVE-2025-37797-2aab@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025050210-CVE-2025-37797-2aab@gregkh/T"
}
],
"release_date": "2025-05-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-18T09:02:45+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64"
],
"restart_required": {
"category": "machine"
},
"url": "https://access.redhat.com/errata/RHSA-2025:21667"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent module sch_hfsc from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: net_sched: hfsc: Fix a UAF vulnerability in class handling"
},
{
"cve": "CVE-2025-38085",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2025-06-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2375304"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race\n\nhuge_pmd_unshare() drops a reference on a page table that may have\npreviously been shared across processes, potentially turning it into a\nnormal page table used in another process in which unrelated VMAs can\nafterwards be installed.\n\nIf this happens in the middle of a concurrent gup_fast(), gup_fast() could\nend up walking the page tables of another process. While I don\u0027t see any\nway in which that immediately leads to kernel memory corruption, it is\nreally weird and unexpected.\n\nFix it with an explicit broadcast IPI through tlb_remove_table_sync_one(),\njust like we do in khugepaged when removing page tables for a THP\ncollapse.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-38085"
},
{
"category": "external",
"summary": "RHBZ#2375304",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2375304"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-38085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38085"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-38085",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-38085"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025062836-CVE-2025-38085-8075@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025062836-CVE-2025-38085-8075@gregkh/T"
}
],
"release_date": "2025-06-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-18T09:02:45+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64"
],
"restart_required": {
"category": "machine"
},
"url": "https://access.redhat.com/errata/RHSA-2025:21667"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race"
},
{
"cve": "CVE-2025-38159",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2025-07-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2376064"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtw88: fix the \u0027para\u0027 buffer size to avoid reading out of bounds\n\nSet the size to 6 instead of 2, since \u0027para\u0027 array is passed to\n\u0027rtw_fw_bt_wifi_control(rtwdev, para[0], \u0026para[1])\u0027, which reads\n5 bytes:\n\nvoid rtw_fw_bt_wifi_control(struct rtw_dev *rtwdev, u8 op_code, u8 *data)\n{\n ...\n SET_BT_WIFI_CONTROL_DATA1(h2c_pkt, *data);\n SET_BT_WIFI_CONTROL_DATA2(h2c_pkt, *(data + 1));\n ...\n SET_BT_WIFI_CONTROL_DATA5(h2c_pkt, *(data + 4));\n\nDetected using the static analysis tool - Svace.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: wifi: rtw88: fix the \u0027para\u0027 buffer size to avoid reading out of bounds",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The bug in the rtw88 driver causes an out-of-bounds read due to incorrect buffer size (para[2] instead of the required para[6]). Since the buffer is passed to rtw_fw_bt_wifi_control(), which accesses up to 5 additional bytes, this can lead to memory disclosure or a kernel crash. This issue can be triggered by local users with the ability to manipulate Bluetooth/Wi-Fi coexistence settings.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-38159"
},
{
"category": "external",
"summary": "RHBZ#2376064",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2376064"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-38159",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38159"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-38159",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-38159"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025070339-CVE-2025-38159-0c95@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025070339-CVE-2025-38159-0c95@gregkh/T"
}
],
"release_date": "2025-07-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-18T09:02:45+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64"
],
"restart_required": {
"category": "machine"
},
"url": "https://access.redhat.com/errata/RHSA-2025:21667"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent module rtw88 from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: wifi: rtw88: fix the \u0027para\u0027 buffer size to avoid reading out of bounds"
},
{
"cve": "CVE-2025-38200",
"cwe": {
"id": "CWE-191",
"name": "Integer Underflow (Wrap or Wraparound)"
},
"discovery_date": "2025-07-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2376392"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni40e: fix MMIO write access to an invalid page in i40e_clear_hw\n\nWhen the device sends a specific input, an integer underflow can occur, leading\nto MMIO write access to an invalid page.\n\nPrevent the integer underflow by changing the type of related variables.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: i40e: fix MMIO write access to an invalid page in i40e_clear_hw",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-38200"
},
{
"category": "external",
"summary": "RHBZ#2376392",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2376392"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-38200",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38200"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-38200",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-38200"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025070418-CVE-2025-38200-47d9@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025070418-CVE-2025-38200-47d9@gregkh/T"
}
],
"release_date": "2025-07-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-18T09:02:45+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64"
],
"restart_required": {
"category": "machine"
},
"url": "https://access.redhat.com/errata/RHSA-2025:21667"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: i40e: fix MMIO write access to an invalid page in i40e_clear_hw"
},
{
"cve": "CVE-2025-38211",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2025-07-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2376406"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/iwcm: Fix use-after-free of work objects after cm_id destruction\n\nThe commit 59c68ac31e15 (\"iw_cm: free cm_id resources on the last\nderef\") simplified cm_id resource management by freeing cm_id once all\nreferences to the cm_id were removed. The references are removed either\nupon completion of iw_cm event handlers or when the application destroys\nthe cm_id. This commit introduced the use-after-free condition where\ncm_id_private object could still be in use by event handler works during\nthe destruction of cm_id. The commit aee2424246f9 (\"RDMA/iwcm: Fix a\nuse-after-free related to destroying CM IDs\") addressed this use-after-\nfree by flushing all pending works at the cm_id destruction.\n\nHowever, still another use-after-free possibility remained. It happens\nwith the work objects allocated for each cm_id_priv within\nalloc_work_entries() during cm_id creation, and subsequently freed in\ndealloc_work_entries() once all references to the cm_id are removed.\nIf the cm_id\u0027s last reference is decremented in the event handler work,\nthe work object for the work itself gets removed, and causes the use-\nafter-free BUG below:\n\n BUG: KASAN: slab-use-after-free in __pwq_activate_work+0x1ff/0x250\n Read of size 8 at addr ffff88811f9cf800 by task kworker/u16:1/147091\n\n CPU: 2 UID: 0 PID: 147091 Comm: kworker/u16:1 Not tainted 6.15.0-rc2+ #27 PREEMPT(voluntary)\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-3.fc41 04/01/2014\n Workqueue: 0x0 (iw_cm_wq)\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x6a/0x90\n print_report+0x174/0x554\n ? __virt_addr_valid+0x208/0x430\n ? __pwq_activate_work+0x1ff/0x250\n kasan_report+0xae/0x170\n ? __pwq_activate_work+0x1ff/0x250\n __pwq_activate_work+0x1ff/0x250\n pwq_dec_nr_in_flight+0x8c5/0xfb0\n process_one_work+0xc11/0x1460\n ? __pfx_process_one_work+0x10/0x10\n ? assign_work+0x16c/0x240\n worker_thread+0x5ef/0xfd0\n ? __pfx_worker_thread+0x10/0x10\n kthread+0x3b0/0x770\n ? __pfx_kthread+0x10/0x10\n ? rcu_is_watching+0x11/0xb0\n ? _raw_spin_unlock_irq+0x24/0x50\n ? rcu_is_watching+0x11/0xb0\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x30/0x70\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n\n Allocated by task 147416:\n kasan_save_stack+0x2c/0x50\n kasan_save_track+0x10/0x30\n __kasan_kmalloc+0xa6/0xb0\n alloc_work_entries+0xa9/0x260 [iw_cm]\n iw_cm_connect+0x23/0x4a0 [iw_cm]\n rdma_connect_locked+0xbfd/0x1920 [rdma_cm]\n nvme_rdma_cm_handler+0x8e5/0x1b60 [nvme_rdma]\n cma_cm_event_handler+0xae/0x320 [rdma_cm]\n cma_work_handler+0x106/0x1b0 [rdma_cm]\n process_one_work+0x84f/0x1460\n worker_thread+0x5ef/0xfd0\n kthread+0x3b0/0x770\n ret_from_fork+0x30/0x70\n ret_from_fork_asm+0x1a/0x30\n\n Freed by task 147091:\n kasan_save_stack+0x2c/0x50\n kasan_save_track+0x10/0x30\n kasan_save_free_info+0x37/0x60\n __kasan_slab_free+0x4b/0x70\n kfree+0x13a/0x4b0\n dealloc_work_entries+0x125/0x1f0 [iw_cm]\n iwcm_deref_id+0x6f/0xa0 [iw_cm]\n cm_work_handler+0x136/0x1ba0 [iw_cm]\n process_one_work+0x84f/0x1460\n worker_thread+0x5ef/0xfd0\n kthread+0x3b0/0x770\n ret_from_fork+0x30/0x70\n ret_from_fork_asm+0x1a/0x30\n\n Last potentially related work creation:\n kasan_save_stack+0x2c/0x50\n kasan_record_aux_stack+0xa3/0xb0\n __queue_work+0x2ff/0x1390\n queue_work_on+0x67/0xc0\n cm_event_handler+0x46a/0x820 [iw_cm]\n siw_cm_upcall+0x330/0x650 [siw]\n siw_cm_work_handler+0x6b9/0x2b20 [siw]\n process_one_work+0x84f/0x1460\n worker_thread+0x5ef/0xfd0\n kthread+0x3b0/0x770\n ret_from_fork+0x30/0x70\n ret_from_fork_asm+0x1a/0x30\n\nThis BUG is reproducible by repeating the blktests test case nvme/061\nfor the rdma transport and the siw driver.\n\nTo avoid the use-after-free of cm_id_private work objects, ensure that\nthe last reference to the cm_id is decremented not in the event handler\nworks, but in the cm_id destruction context. For that purpose, mo\n---truncated---",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: RDMA/iwcm: Fix use-after-free of work objects after cm_id destruction",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "A use-after-free occurs when a cm_id\u0027s last reference is released from within a work item that still depends on it, resulting in a crash in __pwq_activate_work(). This race condition was reproducible via RDMA/siw transport using repeated execution of blktests nvme/061, demonstrating that deallocation of work entries must not occur from within the active work context. The CVSS Privileges Required (PR:L) rating reflects that RDMA stack access is needed, but not full root privileges, to trigger this memory corruption issue. The vulnerability does not lead to information leakage or data corruption, but results in a use-after-free crash within the kernel\u0027s RDMA workqueue processing. Therefore, for the CVSS only availability is impacted and Integrity/Confidentiality are Low (potentially impacted). As the bug causes a kernel panic or crash when triggered, the impact is rated as High on Availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-38211"
},
{
"category": "external",
"summary": "RHBZ#2376406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2376406"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-38211",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38211"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-38211",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-38211"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025070422-CVE-2025-38211-215a@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025070422-CVE-2025-38211-215a@gregkh/T"
}
],
"release_date": "2025-07-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-18T09:02:45+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64"
],
"restart_required": {
"category": "machine"
},
"url": "https://access.redhat.com/errata/RHSA-2025:21667"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent InfiniBand modules from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically. The names of the modules are: ib_addr, ib_cm, ib_core, ib_mad, ib_sa, ib_ucm, ib_umad, iw_cm.",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: RDMA/iwcm: Fix use-after-free of work objects after cm_id destruction"
},
{
"cve": "CVE-2025-38332",
"cwe": {
"id": "CWE-170",
"name": "Improper Null Termination"
},
"discovery_date": "2025-07-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2379246"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: lpfc: Use memcpy() for BIOS version\n\nThe strlcat() with FORTIFY support is triggering a panic because it\nthinks the target buffer will overflow although the correct target\nbuffer size is passed in.\n\nAnyway, instead of memset() with 0 followed by a strlcat(), just use\nmemcpy() and ensure that the resulting buffer is NULL terminated.\n\nBIOSVersion is only used for the lpfc_printf_log() which expects a\nproperly terminated string.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: scsi: lpfc: Use memcpy() for BIOS version",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-38332"
},
{
"category": "external",
"summary": "RHBZ#2379246",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2379246"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-38332",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38332"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-38332",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-38332"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025071033-CVE-2025-38332-9590@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025071033-CVE-2025-38332-9590@gregkh/T"
}
],
"release_date": "2025-07-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-18T09:02:45+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64"
],
"restart_required": {
"category": "machine"
},
"url": "https://access.redhat.com/errata/RHSA-2025:21667"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: scsi: lpfc: Use memcpy() for BIOS version"
},
{
"cve": "CVE-2025-38449",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2025-07-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2383519"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/gem: Acquire references on GEM handles for framebuffers\n\nA GEM handle can be released while the GEM buffer object is attached\nto a DRM framebuffer. This leads to the release of the dma-buf backing\nthe buffer object, if any. [1] Trying to use the framebuffer in further\nmode-setting operations leads to a segmentation fault. Most easily\nhappens with driver that use shadow planes for vmap-ing the dma-buf\nduring a page flip. An example is shown below.\n\n[ 156.791968] ------------[ cut here ]------------\n[ 156.796830] WARNING: CPU: 2 PID: 2255 at drivers/dma-buf/dma-buf.c:1527 dma_buf_vmap+0x224/0x430\n[...]\n[ 156.942028] RIP: 0010:dma_buf_vmap+0x224/0x430\n[ 157.043420] Call Trace:\n[ 157.045898] \u003cTASK\u003e\n[ 157.048030] ? show_trace_log_lvl+0x1af/0x2c0\n[ 157.052436] ? show_trace_log_lvl+0x1af/0x2c0\n[ 157.056836] ? show_trace_log_lvl+0x1af/0x2c0\n[ 157.061253] ? drm_gem_shmem_vmap+0x74/0x710\n[ 157.065567] ? dma_buf_vmap+0x224/0x430\n[ 157.069446] ? __warn.cold+0x58/0xe4\n[ 157.073061] ? dma_buf_vmap+0x224/0x430\n[ 157.077111] ? report_bug+0x1dd/0x390\n[ 157.080842] ? handle_bug+0x5e/0xa0\n[ 157.084389] ? exc_invalid_op+0x14/0x50\n[ 157.088291] ? asm_exc_invalid_op+0x16/0x20\n[ 157.092548] ? dma_buf_vmap+0x224/0x430\n[ 157.096663] ? dma_resv_get_singleton+0x6d/0x230\n[ 157.101341] ? __pfx_dma_buf_vmap+0x10/0x10\n[ 157.105588] ? __pfx_dma_resv_get_singleton+0x10/0x10\n[ 157.110697] drm_gem_shmem_vmap+0x74/0x710\n[ 157.114866] drm_gem_vmap+0xa9/0x1b0\n[ 157.118763] drm_gem_vmap_unlocked+0x46/0xa0\n[ 157.123086] drm_gem_fb_vmap+0xab/0x300\n[ 157.126979] drm_atomic_helper_prepare_planes.part.0+0x487/0xb10\n[ 157.133032] ? lockdep_init_map_type+0x19d/0x880\n[ 157.137701] drm_atomic_helper_commit+0x13d/0x2e0\n[ 157.142671] ? drm_atomic_nonblocking_commit+0xa0/0x180\n[ 157.147988] drm_mode_atomic_ioctl+0x766/0xe40\n[...]\n[ 157.346424] ---[ end trace 0000000000000000 ]---\n\nAcquiring GEM handles for the framebuffer\u0027s GEM buffer objects prevents\nthis from happening. The framebuffer\u0027s cleanup later puts the handle\nreferences.\n\nCommit 1a148af06000 (\"drm/gem-shmem: Use dma_buf from GEM object\ninstance\") triggers the segmentation fault easily by using the dma-buf\nfield more widely. The underlying issue with reference counting has\nbeen present before.\n\nv2:\n- acquire the handle instead of the BO (Christian)\n- fix comment style (Christian)\n- drop the Fixes tag (Christian)\n- rename err_ gotos\n- add missing Link tag",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: drm/gem: Acquire references on GEM handles for framebuffers",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is a use-after-free in the DRM subsystem, where a GEM handle may be released while still in use by a framebuffer. A local unprivileged user with access to /dev/dri/card0 can trigger this bug by closing a GEM handle prematurely and then initiating a modeset operation, leading to a kernel crash.\n\nA clear Denial-of-Service scenario involves creating a framebuffer with a GEM object, releasing the handle from user space, and then triggering a page flip, causing a crash via dma_buf_vmap().\n\nThis vulnerability is only relevant on systems where Direct Rendering Infrastructure (DRI) is in use, typically on desktop environments or graphical workstations with active GPU drivers (e.g., amdgpu, i915, nouveau). If the system does not use DRI-based graphics or lacks a graphical environment altogether (e.g., headless servers), the issue is not practically exploitable.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-38449"
},
{
"category": "external",
"summary": "RHBZ#2383519",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2383519"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-38449",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38449"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-38449",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-38449"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025072504-CVE-2025-38449-cbf0@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025072504-CVE-2025-38449-cbf0@gregkh/T"
}
],
"release_date": "2025-07-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-18T09:02:45+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64"
],
"restart_required": {
"category": "machine"
},
"url": "https://access.redhat.com/errata/RHSA-2025:21667"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent module drm from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: drm/gem: Acquire references on GEM handles for framebuffers"
},
{
"cve": "CVE-2025-38477",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2025-07-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2383922"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: sch_qfq: Fix race condition on qfq_aggregate\n\nA race condition can occur when \u0027agg\u0027 is modified in qfq_change_agg\n(called during qfq_enqueue) while other threads access it\nconcurrently. For example, qfq_dump_class may trigger a NULL\ndereference, and qfq_delete_class may cause a use-after-free.\n\nThis patch addresses the issue by:\n\n1. Moved qfq_destroy_class into the critical section.\n\n2. Added sch_tree_lock protection to qfq_dump_class and\nqfq_dump_class_stats.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: net/sched: sch_qfq: Fix race condition on qfq_aggregate",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This patch fixes a race condition in the QFQ packet scheduler, where concurrent modification and access to cl-\u003eagg may result in a use-after-free or NULL pointer dereference.\nThe bug occurs when qfq_change_class() reassigns the agg pointer while other threads read it in qfq_dump_class() or qfq_delete_class().\nThe fix synchronizes access using sch_tree_lock() and reorders destruction logic to avoid concurrency issues.\nThis issue can be triggered locally by users with CAP_NET_ADMIN privileges and may lead to kernel crashes or denial-of-service.\nAlthough the vulnerability involves a use-after-free, it only results in stale reads of deallocated memory, used in netlink reporting functions.\nThere is no write primitive, function pointer corruption, or kernel state modification, making privilege escalation infeasible in this case.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-38477"
},
{
"category": "external",
"summary": "RHBZ#2383922",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2383922"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-38477",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38477"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-38477",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-38477"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025072813-CVE-2025-38477-8b42@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025072813-CVE-2025-38477-8b42@gregkh/T"
}
],
"release_date": "2025-07-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-18T09:02:45+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64"
],
"restart_required": {
"category": "machine"
},
"url": "https://access.redhat.com/errata/RHSA-2025:21667"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent module sch_qfq from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: net/sched: sch_qfq: Fix race condition on qfq_aggregate"
},
{
"cve": "CVE-2025-38498",
"discovery_date": "2025-07-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2384422"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndo_change_type(): refuse to operate on unmounted/not ours mounts\n\nEnsure that propagation settings can only be changed for mounts located\nin the caller\u0027s mount namespace. This change aligns permission checking\nwith the rest of mount(2).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: do_change_type(): refuse to operate on unmounted/not ours mounts",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "A flaw in do_change_type() allowed a process to change mount propagation flags on mounts outside its own mount namespace, breaking expected isolation guarantees. This could enable a local attacker with mount privileges to disrupt or alter mount behavior in other namespaces, potentially causing system-wide denial of service.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-38498"
},
{
"category": "external",
"summary": "RHBZ#2384422",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2384422"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-38498",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38498"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-38498",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-38498"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025073029-CVE-2025-38498-e3ab@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025073029-CVE-2025-38498-e3ab@gregkh/T"
}
],
"release_date": "2025-07-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-18T09:02:45+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64"
],
"restart_required": {
"category": "machine"
},
"url": "https://access.redhat.com/errata/RHSA-2025:21667"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: do_change_type(): refuse to operate on unmounted/not ours mounts"
},
{
"cve": "CVE-2025-38527",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2025-08-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2388928"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix use-after-free in cifs_oplock_break\n\nA race condition can occur in cifs_oplock_break() leading to a\nuse-after-free of the cinode structure when unmounting:\n\n cifs_oplock_break()\n _cifsFileInfo_put(cfile)\n cifsFileInfo_put_final()\n cifs_sb_deactive()\n [last ref, start releasing sb]\n kill_sb()\n kill_anon_super()\n generic_shutdown_super()\n evict_inodes()\n dispose_list()\n evict()\n destroy_inode()\n call_rcu(\u0026inode-\u003ei_rcu, i_callback)\n spin_lock(\u0026cinode-\u003eopen_file_lock) \u003c- OK\n [later] i_callback()\n cifs_free_inode()\n kmem_cache_free(cinode)\n spin_unlock(\u0026cinode-\u003eopen_file_lock) \u003c- UAF\n cifs_done_oplock_break(cinode) \u003c- UAF\n\nThe issue occurs when umount has already released its reference to the\nsuperblock. When _cifsFileInfo_put() calls cifs_sb_deactive(), this\nreleases the last reference, triggering the immediate cleanup of all\ninodes under RCU. However, cifs_oplock_break() continues to access the\ncinode after this point, resulting in use-after-free.\n\nFix this by holding an extra reference to the superblock during the\nentire oplock break operation. This ensures that the superblock and\nits inodes remain valid until the oplock break completes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: smb: client: fix use-after-free in cifs_oplock_break",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-38527"
},
{
"category": "external",
"summary": "RHBZ#2388928",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2388928"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-38527",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38527"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-38527",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-38527"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025081654-CVE-2025-38527-c389@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025081654-CVE-2025-38527-c389@gregkh/T"
}
],
"release_date": "2025-08-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-18T09:02:45+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64"
],
"restart_required": {
"category": "machine"
},
"url": "https://access.redhat.com/errata/RHSA-2025:21667"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: smb: client: fix use-after-free in cifs_oplock_break"
},
{
"cve": "CVE-2025-38556",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2025-08-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2389456"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: core: Harden s32ton() against conversion to 0 bits\n\nTesting by the syzbot fuzzer showed that the HID core gets a\nshift-out-of-bounds exception when it tries to convert a 32-bit\nquantity to a 0-bit quantity. Ideally this should never occur, but\nthere are buggy devices and some might have a report field with size\nset to zero; we shouldn\u0027t reject the report or the device just because\nof that.\n\nInstead, harden the s32ton() routine so that it returns a reasonable\nresult instead of crashing when it is called with the number of bits\nset to 0 -- the same as what snto32() does.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: HID: core: Harden s32ton() against conversion to 0 bits",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "HID core could crash on malformed devices that define a 0-bit report field, causing a shift-out-of-bounds in s32ton(). Exploitation requires only connecting a malicious HID device (no privileges or user interaction), leading to kernel crash.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-38556"
},
{
"category": "external",
"summary": "RHBZ#2389456",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2389456"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-38556",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38556"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-38556",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-38556"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025081905-CVE-2025-38556-521e@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025081905-CVE-2025-38556-521e@gregkh/T"
}
],
"release_date": "2025-08-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-18T09:02:45+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64"
],
"restart_required": {
"category": "machine"
},
"url": "https://access.redhat.com/errata/RHSA-2025:21667"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: HID: core: Harden s32ton() against conversion to 0 bits"
},
{
"cve": "CVE-2025-39730",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2025-09-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2393731"
}
],
"notes": [
{
"category": "description",
"text": "A flaw out of boundary read in the Linux kernel NFS functionality was found in the way connected user sends malicious data to the server. A remote user could use this flaw to crash the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: NFS: Fix filehandle bounds checking in nfs_fh_to_dentry()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "A flaw was found in the NFS server implementation where nfs_fh_to_dentry() failed to properly validate the minimal filehandle length before accessing the embedded structure. An attacker with access to an exported NFS share could send a crafted filehandle, leading to out-of-bounds memory access and a potential kernel crash. This issue results in a remote denial of service against the NFS server.\nThis flaw is limited to a missing bounds check in nfs_fh_to_dentry(), which causes an out-of-bounds read and a kernel crash.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-39730"
},
{
"category": "external",
"summary": "RHBZ#2393731",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2393731"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-39730",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39730"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-39730",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-39730"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025090730-CVE-2025-39730-72c9@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025090730-CVE-2025-39730-72c9@gregkh/T"
}
],
"release_date": "2025-09-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-18T09:02:45+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64"
],
"restart_required": {
"category": "machine"
},
"url": "https://access.redhat.com/errata/RHSA-2025:21667"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent module nfs from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: NFS: Fix filehandle bounds checking in nfs_fh_to_dentry()"
},
{
"cve": "CVE-2025-39751",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2025-09-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2394624"
}
],
"notes": [
{
"category": "description",
"text": "No description is available for this CVE.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Linux kernel ALSA hda/ca0132 buffer overflow",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-39751"
},
{
"category": "external",
"summary": "RHBZ#2394624",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2394624"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-39751",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39751"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-39751",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-39751"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025091142-CVE-2025-39751-c340@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025091142-CVE-2025-39751-c340@gregkh/T"
}
],
"release_date": "2025-09-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-18T09:02:45+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64"
],
"restart_required": {
"category": "machine"
},
"url": "https://access.redhat.com/errata/RHSA-2025:21667"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.173.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.173.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.173.1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Linux kernel ALSA hda/ca0132 buffer overflow"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…