RHSA-2026:1443
Vulnerability from csaf_redhat - Published: 2026-01-28 00:26 - Updated: 2026-01-28 22:46Summary
Red Hat Security Advisory: kernel-rt security update
Notes
Topic
An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
* kernel: Linux kernel: iommufd/iova_bitmap shift-out-of-bounds vulnerability (CVE-2025-21724)
* kernel: ntb_hw_switchtec: Fix shift-out-of-bounds in switchtec_ntb_mw_set_trans (CVE-2023-53034)
* kernel: Linux kernel: SCTP use-after-free due to race condition in sendmsg (CVE-2025-23142)
* kernel: net: openvswitch: fix nested key length validation in the set() action (CVE-2025-37789)
* kernel: KVM: arm64: Tear down vGIC on failed vCPU creation (CVE-2025-37849)
* kernel: xsk: check IFF_UP earlier in Tx path (CVE-2023-53240)
* kernel: e1000e: fix heap overflow in e1000_set_eeprom (CVE-2025-39898)
* kernel: drm/i915: mark requests for GuC virtual engines to avoid use-after-free (CVE-2023-53552)
* kernel: net/mlx5e: Check for NOT_READY flag state after locking (CVE-2023-53581)
* kernel: i40e: fix idx validation in config queues msg (CVE-2025-39971)
* kernel: ipv6: Fix out-of-bounds access in ipv6_find_tlv() (CVE-2023-53705)
* kernel: ASoC: Intel: bytcr_rt5640: Fix invalid quirk input mapping (CVE-2025-40154)
* kernel: Bluetooth: ISO: Fix possible UAF on iso_conn_free (CVE-2025-40141)
* kernel: drm/vmwgfx: Validate command header size against SVGA_CMD_MAX_DATASIZE (CVE-2025-40277)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es):\n\n* kernel: Linux kernel: iommufd/iova_bitmap shift-out-of-bounds vulnerability (CVE-2025-21724)\n\n* kernel: ntb_hw_switchtec: Fix shift-out-of-bounds in switchtec_ntb_mw_set_trans (CVE-2023-53034)\n\n* kernel: Linux kernel: SCTP use-after-free due to race condition in sendmsg (CVE-2025-23142)\n\n* kernel: net: openvswitch: fix nested key length validation in the set() action (CVE-2025-37789)\n\n* kernel: KVM: arm64: Tear down vGIC on failed vCPU creation (CVE-2025-37849)\n\n* kernel: xsk: check IFF_UP earlier in Tx path (CVE-2023-53240)\n\n* kernel: e1000e: fix heap overflow in e1000_set_eeprom (CVE-2025-39898)\n\n* kernel: drm/i915: mark requests for GuC virtual engines to avoid use-after-free (CVE-2023-53552)\n\n* kernel: net/mlx5e: Check for NOT_READY flag state after locking (CVE-2023-53581)\n\n* kernel: i40e: fix idx validation in config queues msg (CVE-2025-39971)\n\n* kernel: ipv6: Fix out-of-bounds access in ipv6_find_tlv() (CVE-2023-53705)\n\n* kernel: ASoC: Intel: bytcr_rt5640: Fix invalid quirk input mapping (CVE-2025-40154)\n\n* kernel: Bluetooth: ISO: Fix possible UAF on iso_conn_free (CVE-2025-40141)\n\n* kernel: drm/vmwgfx: Validate command header size against SVGA_CMD_MAX_DATASIZE (CVE-2025-40277)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:1443",
"url": "https://access.redhat.com/errata/RHSA-2026:1443"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2348649",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348649"
},
{
"category": "external",
"summary": "2360239",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2360239"
},
{
"category": "external",
"summary": "2363300",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2363300"
},
{
"category": "external",
"summary": "2363315",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2363315"
},
{
"category": "external",
"summary": "2365271",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2365271"
},
{
"category": "external",
"summary": "2395413",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395413"
},
{
"category": "external",
"summary": "2400598",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2400598"
},
{
"category": "external",
"summary": "2401514",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2401514"
},
{
"category": "external",
"summary": "2401545",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2401545"
},
{
"category": "external",
"summary": "2404108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2404108"
},
{
"category": "external",
"summary": "2405713",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2405713"
},
{
"category": "external",
"summary": "2414494",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414494"
},
{
"category": "external",
"summary": "2414522",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414522"
},
{
"category": "external",
"summary": "2419954",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419954"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_1443.json"
}
],
"title": "Red Hat Security Advisory: kernel-rt security update",
"tracking": {
"current_release_date": "2026-01-28T22:46:41+00:00",
"generator": {
"date": "2026-01-28T22:46:41+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.16"
}
},
"id": "RHSA-2026:1443",
"initial_release_date": "2026-01-28T00:26:44+00:00",
"revision_history": [
{
"date": "2026-01-28T00:26:44+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-01-28T00:26:44+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-01-28T22:46:41+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"product": {
"name": "Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"product_id": "RT-9.2.0.Z.E4S",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_e4s:9.2::realtime"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"product": {
"name": "Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"product_id": "NFV-9.2.0.Z.E4S",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_e4s:9.2::nfv"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"product": {
"name": "kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"product_id": "kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@5.14.0-284.154.1.rt14.439.el9_2?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"product": {
"name": "kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"product_id": "kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@5.14.0-284.154.1.rt14.439.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"product": {
"name": "kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"product_id": "kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-core@5.14.0-284.154.1.rt14.439.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"product": {
"name": "kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"product_id": "kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug@5.14.0-284.154.1.rt14.439.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"product": {
"name": "kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"product_id": "kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-core@5.14.0-284.154.1.rt14.439.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"product": {
"name": "kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"product_id": "kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-devel@5.14.0-284.154.1.rt14.439.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"product": {
"name": "kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"product_id": "kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-modules@5.14.0-284.154.1.rt14.439.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"product": {
"name": "kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"product_id": "kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-modules-core@5.14.0-284.154.1.rt14.439.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"product": {
"name": "kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"product_id": "kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-modules-extra@5.14.0-284.154.1.rt14.439.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"product": {
"name": "kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"product_id": "kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-devel@5.14.0-284.154.1.rt14.439.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"product": {
"name": "kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"product_id": "kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-modules@5.14.0-284.154.1.rt14.439.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"product": {
"name": "kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"product_id": "kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-modules-core@5.14.0-284.154.1.rt14.439.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"product": {
"name": "kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"product_id": "kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-modules-extra@5.14.0-284.154.1.rt14.439.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"product": {
"name": "kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"product_id": "kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@5.14.0-284.154.1.rt14.439.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"product": {
"name": "kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"product_id": "kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo@5.14.0-284.154.1.rt14.439.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"product": {
"name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"product_id": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common-x86_64@5.14.0-284.154.1.rt14.439.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"product": {
"name": "kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"product_id": "kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-kvm@5.14.0-284.154.1.rt14.439.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"product": {
"name": "kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"product_id": "kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-kvm@5.14.0-284.154.1.rt14.439.el9_2?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"product_id": "NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src"
},
"product_reference": "kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"relates_to_product_reference": "NFV-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"product_id": "NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
},
"product_reference": "kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"product_id": "NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
},
"product_reference": "kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"product_id": "NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"product_id": "NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"product_id": "NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"product_id": "NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"product_id": "NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"product_id": "NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"product_id": "NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"product_id": "NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"product_id": "NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
},
"product_reference": "kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"product_id": "NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
},
"product_reference": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"product_id": "NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
},
"product_reference": "kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"product_id": "NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
},
"product_reference": "kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"product_id": "NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
},
"product_reference": "kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"product_id": "NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
},
"product_reference": "kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"product_id": "NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
},
"product_reference": "kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"product_id": "RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src"
},
"product_reference": "kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"relates_to_product_reference": "RT-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"product_id": "RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
},
"product_reference": "kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"product_id": "RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
},
"product_reference": "kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"product_id": "RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"product_id": "RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"product_id": "RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"product_id": "RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"product_id": "RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"product_id": "RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"product_id": "RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"product_id": "RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"product_id": "RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
},
"product_reference": "kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"product_id": "RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
},
"product_reference": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"product_id": "RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
},
"product_reference": "kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"product_id": "RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
},
"product_reference": "kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"product_id": "RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
},
"product_reference": "kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"product_id": "RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
},
"product_reference": "kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"product_id": "RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
},
"product_reference": "kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.E4S"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-53034",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2025-04-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2360239"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nntb_hw_switchtec: Fix shift-out-of-bounds in switchtec_ntb_mw_set_trans\n\nThere is a kernel API ntb_mw_clear_trans() would pass 0 to both addr and\nsize. This would make xlate_pos negative.\n\n[ 23.734156] switchtec switchtec0: MW 0: part 0 addr 0x0000000000000000 size 0x0000000000000000\n[ 23.734158] ================================================================================\n[ 23.734172] UBSAN: shift-out-of-bounds in drivers/ntb/hw/mscc/ntb_hw_switchtec.c:293:7\n[ 23.734418] shift exponent -1 is negative\n\nEnsuring xlate_pos is a positive or zero before BIT.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: ntb_hw_switchtec: Fix shift-out-of-bounds in switchtec_ntb_mw_set_trans",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-53034"
},
{
"category": "external",
"summary": "RHBZ#2360239",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2360239"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-53034",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53034"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-53034",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53034"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025041650-CVE-2023-53034-8c3b@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025041650-CVE-2023-53034-8c3b@gregkh/T"
}
],
"release_date": "2025-04-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-28T00:26:44+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1443"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: ntb_hw_switchtec: Fix shift-out-of-bounds in switchtec_ntb_mw_set_trans"
},
{
"cve": "CVE-2023-53240",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2025-09-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2395413"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxsk: check IFF_UP earlier in Tx path\n\nXsk Tx can be triggered via either sendmsg() or poll() syscalls. These\ntwo paths share a call to common function xsk_xmit() which has two\nsanity checks within. A pseudo code example to show the two paths:\n\n__xsk_sendmsg() : xsk_poll():\nif (unlikely(!xsk_is_bound(xs))) if (unlikely(!xsk_is_bound(xs)))\n return -ENXIO; return mask;\nif (unlikely(need_wait)) (...)\n return -EOPNOTSUPP; xsk_xmit()\nmark napi id\n(...)\nxsk_xmit()\n\nxsk_xmit():\nif (unlikely(!(xs-\u003edev-\u003eflags \u0026 IFF_UP)))\n\treturn -ENETDOWN;\nif (unlikely(!xs-\u003etx))\n\treturn -ENOBUFS;\n\nAs it can be observed above, in sendmsg() napi id can be marked on\ninterface that was not brought up and this causes a NULL ptr\ndereference:\n\n[31757.505631] BUG: kernel NULL pointer dereference, address: 0000000000000018\n[31757.512710] #PF: supervisor read access in kernel mode\n[31757.517936] #PF: error_code(0x0000) - not-present page\n[31757.523149] PGD 0 P4D 0\n[31757.525726] Oops: 0000 [#1] PREEMPT SMP NOPTI\n[31757.530154] CPU: 26 PID: 95641 Comm: xdpsock Not tainted 6.2.0-rc5+ #40\n[31757.536871] Hardware name: Intel Corporation S2600WFT/S2600WFT, BIOS SE5C620.86B.02.01.0008.031920191559 03/19/2019\n[31757.547457] RIP: 0010:xsk_sendmsg+0xde/0x180\n[31757.551799] Code: 00 75 a2 48 8b 00 a8 04 75 9b 84 d2 74 69 8b 85 14 01 00 00 85 c0 75 1b 48 8b 85 28 03 00 00 48 8b 80 98 00 00 00 48 8b 40 20 \u003c8b\u003e 40 18 89 85 14 01 00 00 8b bd 14 01 00 00 81 ff 00 01 00 00 0f\n[31757.570840] RSP: 0018:ffffc90034f27dc0 EFLAGS: 00010246\n[31757.576143] RAX: 0000000000000000 RBX: ffffc90034f27e18 RCX: 0000000000000000\n[31757.583389] RDX: 0000000000000001 RSI: ffffc90034f27e18 RDI: ffff88984cf3c100\n[31757.590631] RBP: ffff88984714a800 R08: ffff88984714a800 R09: 0000000000000000\n[31757.597877] R10: 0000000000000001 R11: 0000000000000000 R12: 00000000fffffffa\n[31757.605123] R13: 0000000000000000 R14: 0000000000000003 R15: 0000000000000000\n[31757.612364] FS: 00007fb4c5931180(0000) GS:ffff88afdfa00000(0000) knlGS:0000000000000000\n[31757.620571] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[31757.626406] CR2: 0000000000000018 CR3: 000000184b41c003 CR4: 00000000007706e0\n[31757.633648] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[31757.640894] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[31757.648139] PKRU: 55555554\n[31757.650894] Call Trace:\n[31757.653385] \u003cTASK\u003e\n[31757.655524] sock_sendmsg+0x8f/0xa0\n[31757.659077] ? sockfd_lookup_light+0x12/0x70\n[31757.663416] __sys_sendto+0xfc/0x170\n[31757.667051] ? do_sched_setscheduler+0xdb/0x1b0\n[31757.671658] __x64_sys_sendto+0x20/0x30\n[31757.675557] do_syscall_64+0x38/0x90\n[31757.679197] entry_SYSCALL_64_after_hwframe+0x72/0xdc\n[31757.687969] Code: 8e f6 ff 44 8b 4c 24 2c 4c 8b 44 24 20 41 89 c4 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b 7c 24 08 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 3a 44 89 e7 48 89 44 24 08 e8 b5 8e f6 ff 48\n[31757.707007] RSP: 002b:00007ffd49c73c70 EFLAGS: 00000293 ORIG_RAX: 000000000000002c\n[31757.714694] RAX: ffffffffffffffda RBX: 000055a996565380 RCX: 00007fb4c5727c16\n[31757.721939] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003\n[31757.729184] RBP: 0000000000000040 R08: 0000000000000000 R09: 0000000000000000\n[31757.736429] R10: 0000000000000040 R11: 0000000000000293 R12: 0000000000000000\n[31757.743673] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000\n[31757.754940] \u003c/TASK\u003e\n\nTo fix this, let\u0027s make xsk_xmit a function that will be responsible for\ngeneric Tx, where RCU is handled accordingly and pull out sanity checks\nand xs-\u003ezc handling. Populate sanity checks to __xsk_sendmsg() and\nxsk_poll().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: xsk: check IFF_UP earlier in Tx path",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-53240"
},
{
"category": "external",
"summary": "RHBZ#2395413",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395413"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-53240",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53240"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-53240",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53240"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025091516-CVE-2023-53240-c379@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025091516-CVE-2023-53240-c379@gregkh/T"
}
],
"release_date": "2025-09-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-28T00:26:44+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1443"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: xsk: check IFF_UP earlier in Tx path"
},
{
"cve": "CVE-2023-53552",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2025-10-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2401514"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/i915: mark requests for GuC virtual engines to avoid use-after-free\n\nReferences to i915_requests may be trapped by userspace inside a\nsync_file or dmabuf (dma-resv) and held indefinitely across different\nproceses. To counter-act the memory leaks, we try to not to keep\nreferences from the request past their completion.\nOn the other side on fence release we need to know if rq-\u003eengine\nis valid and points to hw engine (true for non-virtual requests).\nTo make it possible extra bit has been added to rq-\u003eexecution_mask,\nfor marking virtual engines.\n\n(cherry picked from commit 280410677af763f3871b93e794a199cfcf6fb580)",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: drm/i915: mark requests for GuC virtual engines to avoid use-after-free",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Fence release code needs to determine if rq-\u003eengine is valid for non-virtual requests, but the check was insufficient for GuC virtual engines. Userspace can hold i915_request references indefinitely across processes via sync_file or dmabuf (dma-resv). The driver attempts to free request resources after completion to prevent memory leaks, but on fence release it must validate the engine pointer. For GuC virtual engines, the validation was incorrect, allowing use-after-free when the engine structure was freed but still referenced.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-53552"
},
{
"category": "external",
"summary": "RHBZ#2401514",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2401514"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-53552",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53552"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-53552",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53552"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025100447-CVE-2023-53552-5ba9@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025100447-CVE-2023-53552-5ba9@gregkh/T"
}
],
"release_date": "2025-10-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-28T00:26:44+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1443"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent the i915 module from loading. See https://access.redhat.com/solutions/41278 for instructions on blacklisting kernel modules.",
"product_ids": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: drm/i915: mark requests for GuC virtual engines to avoid use-after-free"
},
{
"cve": "CVE-2023-53581",
"discovery_date": "2025-10-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2401545"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: Check for NOT_READY flag state after locking\n\nCurrently the check for NOT_READY flag is performed before obtaining the\nnecessary lock. This opens a possibility for race condition when the flow\nis concurrently removed from unready_flows list by the workqueue task,\nwhich causes a double-removal from the list and a crash[0]. Fix the issue\nby moving the flag check inside the section protected by\nuplink_priv-\u003eunready_flows_lock mutex.\n\n[0]:\n[44376.389654] general protection fault, probably for non-canonical address 0xdead000000000108: 0000 [#1] SMP\n[44376.391665] CPU: 7 PID: 59123 Comm: tc Not tainted 6.4.0-rc4+ #1\n[44376.392984] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n[44376.395342] RIP: 0010:mlx5e_tc_del_fdb_flow+0xb3/0x340 [mlx5_core]\n[44376.396857] Code: 00 48 8b b8 68 ce 02 00 e8 8a 4d 02 00 4c 8d a8 a8 01 00 00 4c 89 ef e8 8b 79 88 e1 48 8b 83 98 06 00 00 48 8b 93 90 06 00 00 \u003c48\u003e 89 42 08 48 89 10 48 b8 00 01 00 00 00 00 ad de 48 89 83 90 06\n[44376.399167] RSP: 0018:ffff88812cc97570 EFLAGS: 00010246\n[44376.399680] RAX: dead000000000122 RBX: ffff8881088e3800 RCX: ffff8881881bac00\n[44376.400337] RDX: dead000000000100 RSI: ffff88812cc97500 RDI: ffff8881242f71b0\n[44376.401001] RBP: ffff88811cbb0940 R08: 0000000000000400 R09: 0000000000000001\n[44376.401663] R10: 0000000000000001 R11: 0000000000000000 R12: ffff88812c944000\n[44376.402342] R13: ffff8881242f71a8 R14: ffff8881222b4000 R15: 0000000000000000\n[44376.402999] FS: 00007f0451104800(0000) GS:ffff88852cb80000(0000) knlGS:0000000000000000\n[44376.403787] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[44376.404343] CR2: 0000000000489108 CR3: 0000000123a79003 CR4: 0000000000370ea0\n[44376.405004] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[44376.405665] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[44376.406339] Call Trace:\n[44376.406651] \u003cTASK\u003e\n[44376.406939] ? die_addr+0x33/0x90\n[44376.407311] ? exc_general_protection+0x192/0x390\n[44376.407795] ? asm_exc_general_protection+0x22/0x30\n[44376.408292] ? mlx5e_tc_del_fdb_flow+0xb3/0x340 [mlx5_core]\n[44376.408876] __mlx5e_tc_del_fdb_peer_flow+0xbc/0xe0 [mlx5_core]\n[44376.409482] mlx5e_tc_del_flow+0x42/0x210 [mlx5_core]\n[44376.410055] mlx5e_flow_put+0x25/0x50 [mlx5_core]\n[44376.410529] mlx5e_delete_flower+0x24b/0x350 [mlx5_core]\n[44376.411043] tc_setup_cb_reoffload+0x22/0x80\n[44376.411462] fl_reoffload+0x261/0x2f0 [cls_flower]\n[44376.411907] ? mlx5e_rep_indr_setup_ft_cb+0x160/0x160 [mlx5_core]\n[44376.412481] ? mlx5e_rep_indr_setup_ft_cb+0x160/0x160 [mlx5_core]\n[44376.413044] tcf_block_playback_offloads+0x76/0x170\n[44376.413497] tcf_block_unbind+0x7b/0xd0\n[44376.413881] tcf_block_setup+0x17d/0x1c0\n[44376.414269] tcf_block_offload_cmd.isra.0+0xf1/0x130\n[44376.414725] tcf_block_offload_unbind+0x43/0x70\n[44376.415153] __tcf_block_put+0x82/0x150\n[44376.415532] ingress_destroy+0x22/0x30 [sch_ingress]\n[44376.415986] qdisc_destroy+0x3b/0xd0\n[44376.416343] qdisc_graft+0x4d0/0x620\n[44376.416706] tc_get_qdisc+0x1c9/0x3b0\n[44376.417074] rtnetlink_rcv_msg+0x29c/0x390\n[44376.419978] ? rep_movs_alternative+0x3a/0xa0\n[44376.420399] ? rtnl_calcit.isra.0+0x120/0x120\n[44376.420813] netlink_rcv_skb+0x54/0x100\n[44376.421192] netlink_unicast+0x1f6/0x2c0\n[44376.421573] netlink_sendmsg+0x232/0x4a0\n[44376.421980] sock_sendmsg+0x38/0x60\n[44376.422328] ____sys_sendmsg+0x1d0/0x1e0\n[44376.422709] ? copy_msghdr_from_user+0x6d/0xa0\n[44376.423127] ___sys_sendmsg+0x80/0xc0\n[44376.423495] ? ___sys_recvmsg+0x8b/0xc0\n[44376.423869] __sys_sendmsg+0x51/0x90\n[44376.424226] do_syscall_64+0x3d/0x90\n[44376.424587] entry_SYSCALL_64_after_hwframe+0x46/0xb0\n[44376.425046] RIP: 0033:0x7f045134f887\n[44376.425403] Code: 0a 00 f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b9 0f 1f 00 f3 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 b8 2e 00\n---truncated---",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: net/mlx5e: Check for NOT_READY flag state after locking",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The issue arises because of incorrect lock ordering in the flow deletion path. When mlx5e_tc_del_fdb_flow() processes a flow deletion, it first checks the NOT_READY flag to determine if the flow is on the unready_flows list, then acquires the uplink_priv-\u003eunready_flows_lock mutex to remove it. However, between the flag check and lock acquisition, a workqueue task can acquire the same lock and remove the flow from the list. When the original thread then acquires the lock and attempts list removal, it performs a double-removal on an entry that is no longer in the list. This corrupts the linked list pointers, causing subsequent list operations to access freed memory containing poison values (0xdead000000000100). The race window is narrow, requiring the workqueue to execute between the flag check and lock acquisition. While this reliably causes kernel crashes when the race occurs, the underlying list corruption represents a memory safety violation that could potentially be leveraged for more sophisticated attacks with careful timing and heap manipulation.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-53581"
},
{
"category": "external",
"summary": "RHBZ#2401545",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2401545"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-53581",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53581"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-53581",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53581"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025100424-CVE-2023-53581-80fa@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025100424-CVE-2023-53581-80fa@gregkh/T"
}
],
"release_date": "2025-10-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-28T00:26:44+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1443"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent the mlx5_core module from loading. See https://access.redhat.com/solutions/41278 for instructions on blacklisting kernel modules.",
"product_ids": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: net/mlx5e: Check for NOT_READY flag state after locking"
},
{
"cve": "CVE-2023-53705",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2025-10-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2405713"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: Fix out-of-bounds access in ipv6_find_tlv()\n\noptlen is fetched without checking whether there is more than one byte to parse.\nIt can lead to out-of-bounds access.\n\nFound by InfoTeCS on behalf of Linux Verification Center\n(linuxtesting.org) with SVACE.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: ipv6: Fix out-of-bounds access in ipv6_find_tlv()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The function ipv6_find_tlv() parsed IPv6 extension headers without checking that at least two bytes were available before reading the option length field.\nAn attacker could send a malformed IPv6 packet with a truncated extension header, causing an out-of-bounds read and potential kernel crash or memory fault while parsing.\nThe fix adds a length check (if (len \u003c 2) goto bad;) before accessing the second byte, preventing buffer overrun.\nThis issue is remotely triggerable via network traffic and can lead to kernel panic (DoS) or, in rare cases, information leakage through speculative execution paths.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-53705"
},
{
"category": "external",
"summary": "RHBZ#2405713",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2405713"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-53705",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53705"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-53705",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53705"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025102212-CVE-2023-53705-38d9@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025102212-CVE-2023-53705-38d9@gregkh/T"
}
],
"release_date": "2025-10-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-28T00:26:44+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1443"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: ipv6: Fix out-of-bounds access in ipv6_find_tlv()"
},
{
"cve": "CVE-2025-21724",
"discovery_date": "2025-02-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2348649"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommufd/iova_bitmap: Fix shift-out-of-bounds in iova_bitmap_offset_to_index()\n\nResolve a UBSAN shift-out-of-bounds issue in iova_bitmap_offset_to_index()\nwhere shifting the constant \"1\" (of type int) by bitmap-\u003emapped.pgshift\n(an unsigned long value) could result in undefined behavior.\n\nThe constant \"1\" defaults to a 32-bit \"int\", and when \"pgshift\" exceeds\n31 (e.g., pgshift = 63) the shift operation overflows, as the result\ncannot be represented in a 32-bit type.\n\nTo resolve this, the constant is updated to \"1UL\", promoting it to an\nunsigned long type to match the operand\u0027s type.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Linux kernel: iommufd/iova_bitmap shift-out-of-bounds vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-21724"
},
{
"category": "external",
"summary": "RHBZ#2348649",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348649"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-21724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21724"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-21724",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-21724"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025022647-CVE-2025-21724-f4b1@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025022647-CVE-2025-21724-f4b1@gregkh/T"
}
],
"release_date": "2025-02-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-28T00:26:44+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1443"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Linux kernel: iommufd/iova_bitmap shift-out-of-bounds vulnerability"
},
{
"cve": "CVE-2025-23142",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2025-05-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2363300"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: detect and prevent references to a freed transport in sendmsg\n\nsctp_sendmsg() re-uses associations and transports when possible by\ndoing a lookup based on the socket endpoint and the message destination\naddress, and then sctp_sendmsg_to_asoc() sets the selected transport in\nall the message chunks to be sent.\n\nThere\u0027s a possible race condition if another thread triggers the removal\nof that selected transport, for instance, by explicitly unbinding an\naddress with setsockopt(SCTP_SOCKOPT_BINDX_REM), after the chunks have\nbeen set up and before the message is sent. This can happen if the send\nbuffer is full, during the period when the sender thread temporarily\nreleases the socket lock in sctp_wait_for_sndbuf().\n\nThis causes the access to the transport data in\nsctp_outq_select_transport(), when the association outqueue is flushed,\nto result in a use-after-free read.\n\nThis change avoids this scenario by having sctp_transport_free() signal\nthe freeing of the transport, tagging it as \"dead\". In order to do this,\nthe patch restores the \"dead\" bit in struct sctp_transport, which was\nremoved in\ncommit 47faa1e4c50e (\"sctp: remove the dead field of sctp_transport\").\n\nThen, in the scenario where the sender thread has released the socket\nlock in sctp_wait_for_sndbuf(), the bit is checked again after\nre-acquiring the socket lock to detect the deletion. This is done while\nholding a reference to the transport to prevent it from being freed in\nthe process.\n\nIf the transport was deleted while the socket lock was relinquished,\nsctp_sendmsg_to_asoc() will return -EAGAIN to let userspace retry the\nsend.\n\nThe bug was found by a private syzbot instance (see the error report [1]\nand the C reproducer that triggers it [2]).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Linux kernel: SCTP use-after-free due to race condition in sendmsg",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-23142"
},
{
"category": "external",
"summary": "RHBZ#2363300",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2363300"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-23142",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23142"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-23142",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-23142"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025050124-CVE-2025-23142-ac59@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025050124-CVE-2025-23142-ac59@gregkh/T"
}
],
"release_date": "2025-05-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-28T00:26:44+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1443"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Linux kernel: SCTP use-after-free due to race condition in sendmsg"
},
{
"cve": "CVE-2025-37789",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2025-05-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2363315"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: openvswitch: fix nested key length validation in the set() action\n\nIt\u0027s not safe to access nla_len(ovs_key) if the data is smaller than\nthe netlink header. Check that the attribute is OK first.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: net: openvswitch: fix nested key length validation in the set() action",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-37789"
},
{
"category": "external",
"summary": "RHBZ#2363315",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2363315"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-37789",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37789"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-37789",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-37789"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025050119-CVE-2025-37789-3f0b@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025050119-CVE-2025-37789-3f0b@gregkh/T"
}
],
"release_date": "2025-05-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-28T00:26:44+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1443"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: net: openvswitch: fix nested key length validation in the set() action"
},
{
"cve": "CVE-2025-37849",
"cwe": {
"id": "CWE-459",
"name": "Incomplete Cleanup"
},
"discovery_date": "2025-05-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2365271"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: arm64: Tear down vGIC on failed vCPU creation\n\nIf kvm_arch_vcpu_create() fails to share the vCPU page with the\nhypervisor, we propagate the error back to the ioctl but leave the\nvGIC vCPU data initialised. Note only does this leak the corresponding\nmemory when the vCPU is destroyed but it can also lead to use-after-free\nif the redistributor device handling tries to walk into the vCPU.\n\nAdd the missing cleanup to kvm_arch_vcpu_create(), ensuring that the\nvGIC vCPU structures are destroyed on error.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: KVM: arm64: Tear down vGIC on failed vCPU creation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-37849"
},
{
"category": "external",
"summary": "RHBZ#2365271",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2365271"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-37849",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37849"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-37849",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-37849"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025050918-CVE-2025-37849-2a30@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025050918-CVE-2025-37849-2a30@gregkh/T"
}
],
"release_date": "2025-05-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-28T00:26:44+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1443"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: KVM: arm64: Tear down vGIC on failed vCPU creation"
},
{
"cve": "CVE-2025-39898",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"discovery_date": "2025-10-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2400598"
}
],
"notes": [
{
"category": "description",
"text": "No description is available for this CVE.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: e1000e: fix heap overflow in e1000_set_eeprom",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE has been marked as Rejected by the assigning CNA.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-39898"
},
{
"category": "external",
"summary": "RHBZ#2400598",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2400598"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-39898",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39898"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-39898",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-39898"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025100116-CVE-2025-39898-d844@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025100116-CVE-2025-39898-d844@gregkh/T"
}
],
"release_date": "2025-10-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-28T00:26:44+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1443"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 0.0,
"baseSeverity": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: e1000e: fix heap overflow in e1000_set_eeprom"
},
{
"cve": "CVE-2025-39971",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2025-10-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2404108"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni40e: fix idx validation in config queues msg\n\nEnsure idx is within range of active/initialized TCs when iterating over\nvf-\u003ech[idx] in i40e_vc_config_queues_msg().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: i40e: fix idx validation in config queues msg",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-39971"
},
{
"category": "external",
"summary": "RHBZ#2404108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2404108"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-39971",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39971"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-39971",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-39971"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025101556-CVE-2025-39971-97e2@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025101556-CVE-2025-39971-97e2@gregkh/T"
}
],
"release_date": "2025-10-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-28T00:26:44+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1443"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: i40e: fix idx validation in config queues msg"
},
{
"cve": "CVE-2025-40141",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2025-11-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2414522"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: ISO: Fix possible UAF on iso_conn_free\n\nThis attempt to fix similar issue to sco_conn_free where if the\nconn-\u003esk is not set to NULL may lead to UAF on iso_conn_free.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Bluetooth: ISO: Fix possible UAF on iso_conn_free",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-40141"
},
{
"category": "external",
"summary": "RHBZ#2414522",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414522"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-40141",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40141"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-40141",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-40141"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025111256-CVE-2025-40141-072e@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025111256-CVE-2025-40141-072e@gregkh/T"
}
],
"release_date": "2025-11-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-28T00:26:44+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1443"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Bluetooth: ISO: Fix possible UAF on iso_conn_free"
},
{
"cve": "CVE-2025-40154",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2025-11-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2414494"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: Intel: bytcr_rt5640: Fix invalid quirk input mapping\n\nWhen an invalid value is passed via quirk option, currently\nbytcr_rt5640 driver only shows an error message but leaves as is.\nThis may lead to unepxected results like OOB access.\n\nThis patch corrects the input mapping to the certain default value if\nan invalid value is passed.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: ASoC: Intel: bytcr_rt5640: Fix invalid quirk input mapping",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-40154"
},
{
"category": "external",
"summary": "RHBZ#2414494",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414494"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-40154",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40154"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-40154",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-40154"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025111258-CVE-2025-40154-fd98@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025111258-CVE-2025-40154-fd98@gregkh/T"
}
],
"release_date": "2025-11-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-28T00:26:44+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1443"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent module snd-soc-core from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: ASoC: Intel: bytcr_rt5640: Fix invalid quirk input mapping"
},
{
"cve": "CVE-2025-40277",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2025-12-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419954"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vmwgfx: Validate command header size against SVGA_CMD_MAX_DATASIZE\n\nThis data originates from userspace and is used in buffer offset\ncalculations which could potentially overflow causing an out-of-bounds\naccess.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: drm/vmwgfx: Validate command header size against SVGA_CMD_MAX_DATASIZE",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "A local attacker with access to the vmwgfx device could trigger an integer overflow when sending crafted SVGA3D command buffers with a malformed header size. The unchecked header-\u003esize field is used in buffer offset arithmetic, leading to potential out-of-bounds memory access in the kernel. The patch enforces a maximum bound (SVGA_CMD_MAX_DATASIZE) to prevent overflows. This issue may allow denial of service or privilege escalation within the guest VM.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-40277"
},
{
"category": "external",
"summary": "RHBZ#2419954",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419954"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-40277",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40277"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-40277",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-40277"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025120717-CVE-2025-40277-d511@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025120717-CVE-2025-40277-d511@gregkh/T"
}
],
"release_date": "2025-12-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-28T00:26:44+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1443"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent module vmwgfx from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.154.1.rt14.439.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: drm/vmwgfx: Validate command header size against SVGA_CMD_MAX_DATASIZE"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…