RHSA-2026:1512
Vulnerability from csaf_redhat - Published: 2026-01-28 19:17 - Updated: 2026-03-19 07:38Summary
Red Hat Security Advisory: kernel security update
Severity
Important
Notes
Topic: An update for kernel is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
* kernel: e1000e: fix heap overflow in e1000_set_eeprom (CVE-2025-39898)
* kernel: media: rc: fix races with imon_disconnect() (CVE-2025-39993)
* kernel: ipv6: Fix out-of-bounds access in ipv6_find_tlv() (CVE-2023-53705)
* kernel: Linux kernel: vsock vulnerability may lead to memory corruption (CVE-2025-40248)
* kernel: Linux kernel Bluetooth L2CAP: Kernel crash due to use-after-free via race condition (CVE-2023-53751)
* kernel: drm/vmwgfx: Validate command header size against SVGA_CMD_MAX_DATASIZE (CVE-2025-40277)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
An out of bounds (OOB) memory access flaw was found in the Linux kernel's ipv6 network subsystem. This could allow a local attacker to crash the system or leak kernel internal information.
7.3 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2026:1512
Workaround
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in the Linux kernel's Common Internet File System (CIFS) component. This use-after-free vulnerability occurs due to improper handling of server hostname information during connection re-establishment. An attacker on an adjacent network could exploit this, potentially leading to a compromise of data integrity or a denial of service.
7.1 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2026:1512
Workaround
To mitigate this issue, prevent the `cifs` kernel module from loading if CIFS functionality is not required. Create a file named `/etc/modprobe.d/disable-cifs.conf` with the following content:
```
install cifs /bin/true
```
This will prevent the `cifs` module from being loaded automatically. A system reboot is required for this change to take effect. Note that disabling the `cifs` module will prevent the system from mounting CIFS shares.
A heap‑overflow vulnerability was discovered in the linux kernel e1000e driver’s e1000_set_eeprom() function, insufficient validation of the requested length for an EEPROM change could allow a local, low‑privilege user to trigger memory corruption (heap overflow). A local unprivileged user with access to the driver could exploit this flaw to cause memory corruption, potentially leading to confidentiality, integrity, and availability damage.
0.0 (None)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2026:1512
Workaround
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A use-after-free flaw exists in the Linux kernel’s media/rc subsystem. When the device is disconnected via imon_disconnect(), the driver may unconditionally release a usb_device reference (via usb_put_dev) even while other operations (such as vfd_write, send_packet, display_open, lcd_write) are still in progress. Because the pointers usbdev_intf0/usbdev_intf1 are not properly protected by a users-counter or locking, this situation can lead to a use-after-free of the usb_device pointer and therefore memory corruption or kernel stability issues
7.0 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2026:1512
Workaround
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in the Linux kernel's `vsock` component. This vulnerability occurs when a `connect()` operation on an already established socket is interrupted by a signal or timeout, causing the system to mishandle the socket's state. This incorrect handling can lead to a race condition, potentially resulting in memory corruption, such as a use-after-free or null-pointer dereference. A local attacker could exploit this to cause a denial of service or potentially escalate privileges.
7.0 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2026:1512
In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Validate command header size against SVGA_CMD_MAX_DATASIZE This data originates from userspace and is used in buffer offset calculations which could potentially overflow causing an out-of-bounds access.
7.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2026:1512
Workaround
To mitigate this issue, prevent module vmwgfx from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.
References
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for kernel is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* kernel: e1000e: fix heap overflow in e1000_set_eeprom (CVE-2025-39898)\n\n* kernel: media: rc: fix races with imon_disconnect() (CVE-2025-39993)\n\n* kernel: ipv6: Fix out-of-bounds access in ipv6_find_tlv() (CVE-2023-53705)\n\n* kernel: Linux kernel: vsock vulnerability may lead to memory corruption (CVE-2025-40248)\n\n* kernel: Linux kernel Bluetooth L2CAP: Kernel crash due to use-after-free via race condition (CVE-2023-53751)\n\n* kernel: drm/vmwgfx: Validate command header size against SVGA_CMD_MAX_DATASIZE (CVE-2025-40277)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:1512",
"url": "https://access.redhat.com/errata/RHSA-2026:1512"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2400598",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2400598"
},
{
"category": "external",
"summary": "2404121",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2404121"
},
{
"category": "external",
"summary": "2405713",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2405713"
},
{
"category": "external",
"summary": "2418872",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418872"
},
{
"category": "external",
"summary": "2419858",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419858"
},
{
"category": "external",
"summary": "2419954",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419954"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_1512.json"
}
],
"title": "Red Hat Security Advisory: kernel security update",
"tracking": {
"current_release_date": "2026-03-19T07:38:53+00:00",
"generator": {
"date": "2026-03-19T07:38:53+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.3"
}
},
"id": "RHSA-2026:1512",
"initial_release_date": "2026-01-28T19:17:58+00:00",
"revision_history": [
{
"date": "2026-01-28T19:17:58+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-01-28T19:17:58+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-03-19T07:38:53+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_aus:8.2::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "bpftool-0:4.18.0-193.183.1.el8_2.x86_64",
"product": {
"name": "bpftool-0:4.18.0-193.183.1.el8_2.x86_64",
"product_id": "bpftool-0:4.18.0-193.183.1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bpftool@4.18.0-193.183.1.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-0:4.18.0-193.183.1.el8_2.x86_64",
"product": {
"name": "kernel-0:4.18.0-193.183.1.el8_2.x86_64",
"product_id": "kernel-0:4.18.0-193.183.1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel@4.18.0-193.183.1.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-core-0:4.18.0-193.183.1.el8_2.x86_64",
"product": {
"name": "kernel-core-0:4.18.0-193.183.1.el8_2.x86_64",
"product_id": "kernel-core-0:4.18.0-193.183.1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-core@4.18.0-193.183.1.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-0:4.18.0-193.183.1.el8_2.x86_64",
"product": {
"name": "kernel-debug-0:4.18.0-193.183.1.el8_2.x86_64",
"product_id": "kernel-debug-0:4.18.0-193.183.1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug@4.18.0-193.183.1.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-core-0:4.18.0-193.183.1.el8_2.x86_64",
"product": {
"name": "kernel-debug-core-0:4.18.0-193.183.1.el8_2.x86_64",
"product_id": "kernel-debug-core-0:4.18.0-193.183.1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-core@4.18.0-193.183.1.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-0:4.18.0-193.183.1.el8_2.x86_64",
"product": {
"name": "kernel-debug-devel-0:4.18.0-193.183.1.el8_2.x86_64",
"product_id": "kernel-debug-devel-0:4.18.0-193.183.1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-devel@4.18.0-193.183.1.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-0:4.18.0-193.183.1.el8_2.x86_64",
"product": {
"name": "kernel-debug-modules-0:4.18.0-193.183.1.el8_2.x86_64",
"product_id": "kernel-debug-modules-0:4.18.0-193.183.1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules@4.18.0-193.183.1.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
"product": {
"name": "kernel-debug-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
"product_id": "kernel-debug-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules-extra@4.18.0-193.183.1.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-devel-0:4.18.0-193.183.1.el8_2.x86_64",
"product": {
"name": "kernel-devel-0:4.18.0-193.183.1.el8_2.x86_64",
"product_id": "kernel-devel-0:4.18.0-193.183.1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-devel@4.18.0-193.183.1.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-0:4.18.0-193.183.1.el8_2.x86_64",
"product": {
"name": "kernel-modules-0:4.18.0-193.183.1.el8_2.x86_64",
"product_id": "kernel-modules-0:4.18.0-193.183.1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules@4.18.0-193.183.1.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
"product": {
"name": "kernel-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
"product_id": "kernel-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules-extra@4.18.0-193.183.1.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-0:4.18.0-193.183.1.el8_2.x86_64",
"product": {
"name": "kernel-tools-0:4.18.0-193.183.1.el8_2.x86_64",
"product_id": "kernel-tools-0:4.18.0-193.183.1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools@4.18.0-193.183.1.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-libs-0:4.18.0-193.183.1.el8_2.x86_64",
"product": {
"name": "kernel-tools-libs-0:4.18.0-193.183.1.el8_2.x86_64",
"product_id": "kernel-tools-libs-0:4.18.0-193.183.1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-libs@4.18.0-193.183.1.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "perf-0:4.18.0-193.183.1.el8_2.x86_64",
"product": {
"name": "perf-0:4.18.0-193.183.1.el8_2.x86_64",
"product_id": "perf-0:4.18.0-193.183.1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/perf@4.18.0-193.183.1.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-perf-0:4.18.0-193.183.1.el8_2.x86_64",
"product": {
"name": "python3-perf-0:4.18.0-193.183.1.el8_2.x86_64",
"product_id": "python3-perf-0:4.18.0-193.183.1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-perf@4.18.0-193.183.1.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "bpftool-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"product": {
"name": "bpftool-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"product_id": "bpftool-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bpftool-debuginfo@4.18.0-193.183.1.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"product": {
"name": "kernel-debug-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"product_id": "kernel-debug-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-debuginfo@4.18.0-193.183.1.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"product": {
"name": "kernel-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"product_id": "kernel-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo@4.18.0-193.183.1.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-common-x86_64-0:4.18.0-193.183.1.el8_2.x86_64",
"product": {
"name": "kernel-debuginfo-common-x86_64-0:4.18.0-193.183.1.el8_2.x86_64",
"product_id": "kernel-debuginfo-common-x86_64-0:4.18.0-193.183.1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo-common-x86_64@4.18.0-193.183.1.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"product": {
"name": "kernel-tools-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"product_id": "kernel-tools-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-debuginfo@4.18.0-193.183.1.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"product": {
"name": "perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"product_id": "perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/perf-debuginfo@4.18.0-193.183.1.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"product": {
"name": "python3-perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"product_id": "python3-perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-perf-debuginfo@4.18.0-193.183.1.el8_2?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-0:4.18.0-193.183.1.el8_2.src",
"product": {
"name": "kernel-0:4.18.0-193.183.1.el8_2.src",
"product_id": "kernel-0:4.18.0-193.183.1.el8_2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel@4.18.0-193.183.1.el8_2?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-abi-whitelists-0:4.18.0-193.183.1.el8_2.noarch",
"product": {
"name": "kernel-abi-whitelists-0:4.18.0-193.183.1.el8_2.noarch",
"product_id": "kernel-abi-whitelists-0:4.18.0-193.183.1.el8_2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-abi-whitelists@4.18.0-193.183.1.el8_2?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "kernel-doc-0:4.18.0-193.183.1.el8_2.noarch",
"product": {
"name": "kernel-doc-0:4.18.0-193.183.1.el8_2.noarch",
"product_id": "kernel-doc-0:4.18.0-193.183.1.el8_2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-doc@4.18.0-193.183.1.el8_2?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "bpftool-0:4.18.0-193.183.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.183.1.el8_2.x86_64"
},
"product_reference": "bpftool-0:4.18.0-193.183.1.el8_2.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bpftool-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64"
},
"product_reference": "bpftool-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:4.18.0-193.183.1.el8_2.src as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.src"
},
"product_reference": "kernel-0:4.18.0-193.183.1.el8_2.src",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:4.18.0-193.183.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.x86_64"
},
"product_reference": "kernel-0:4.18.0-193.183.1.el8_2.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-abi-whitelists-0:4.18.0-193.183.1.el8_2.noarch as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.183.1.el8_2.noarch"
},
"product_reference": "kernel-abi-whitelists-0:4.18.0-193.183.1.el8_2.noarch",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-core-0:4.18.0-193.183.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.183.1.el8_2.x86_64"
},
"product_reference": "kernel-core-0:4.18.0-193.183.1.el8_2.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-0:4.18.0-193.183.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.183.1.el8_2.x86_64"
},
"product_reference": "kernel-debug-0:4.18.0-193.183.1.el8_2.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-core-0:4.18.0-193.183.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.183.1.el8_2.x86_64"
},
"product_reference": "kernel-debug-core-0:4.18.0-193.183.1.el8_2.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64"
},
"product_reference": "kernel-debug-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-0:4.18.0-193.183.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.183.1.el8_2.x86_64"
},
"product_reference": "kernel-debug-devel-0:4.18.0-193.183.1.el8_2.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-0:4.18.0-193.183.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.183.1.el8_2.x86_64"
},
"product_reference": "kernel-debug-modules-0:4.18.0-193.183.1.el8_2.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64"
},
"product_reference": "kernel-debug-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64"
},
"product_reference": "kernel-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-common-x86_64-0:4.18.0-193.183.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.183.1.el8_2.x86_64"
},
"product_reference": "kernel-debuginfo-common-x86_64-0:4.18.0-193.183.1.el8_2.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-0:4.18.0-193.183.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.183.1.el8_2.x86_64"
},
"product_reference": "kernel-devel-0:4.18.0-193.183.1.el8_2.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-doc-0:4.18.0-193.183.1.el8_2.noarch as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.183.1.el8_2.noarch"
},
"product_reference": "kernel-doc-0:4.18.0-193.183.1.el8_2.noarch",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-0:4.18.0-193.183.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.183.1.el8_2.x86_64"
},
"product_reference": "kernel-modules-0:4.18.0-193.183.1.el8_2.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64"
},
"product_reference": "kernel-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-0:4.18.0-193.183.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.183.1.el8_2.x86_64"
},
"product_reference": "kernel-tools-0:4.18.0-193.183.1.el8_2.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64"
},
"product_reference": "kernel-tools-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-libs-0:4.18.0-193.183.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.183.1.el8_2.x86_64"
},
"product_reference": "kernel-tools-libs-0:4.18.0-193.183.1.el8_2.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-0:4.18.0-193.183.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.183.1.el8_2.x86_64"
},
"product_reference": "perf-0:4.18.0-193.183.1.el8_2.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64"
},
"product_reference": "perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-perf-0:4.18.0-193.183.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.183.1.el8_2.x86_64"
},
"product_reference": "python3-perf-0:4.18.0-193.183.1.el8_2.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64"
},
"product_reference": "python3-perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-53705",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2025-10-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2405713"
}
],
"notes": [
{
"category": "description",
"text": "An out of bounds (OOB) memory access flaw was found in the Linux kernel\u0027s ipv6 network subsystem. This could allow a local attacker to crash the system or leak kernel internal information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: ipv6: Fix out-of-bounds access in ipv6_find_tlv()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The function ipv6_find_tlv() parsed IPv6 extension headers without checking that at least two bytes were available before reading the option length field.\nAn attacker could send a malformed IPv6 packet with a truncated extension header, causing an out-of-bounds read and potential kernel crash or memory fault while parsing.\nThe fix adds a length check (if (len \u003c 2) goto bad;) before accessing the second byte, preventing buffer overrun.\nThis issue is remotely triggerable via network traffic and can lead to kernel panic (DoS) or, in rare cases, information leakage through speculative execution paths.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.183.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.183.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-53705"
},
{
"category": "external",
"summary": "RHBZ#2405713",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2405713"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-53705",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53705"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-53705",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53705"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025102212-CVE-2023-53705-38d9@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025102212-CVE-2023-53705-38d9@gregkh/T"
}
],
"release_date": "2025-10-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-28T19:17:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.183.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.183.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64"
],
"restart_required": {
"category": "machine"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1512"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.183.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.183.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.183.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.183.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: ipv6: Fix out-of-bounds access in ipv6_find_tlv()"
},
{
"cve": "CVE-2023-53751",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2025-12-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419858"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u0027s Common Internet File System (CIFS) component. This use-after-free vulnerability occurs due to improper handling of server hostname information during connection re-establishment. An attacker on an adjacent network could exploit this, potentially leading to a compromise of data integrity or a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Linux kernel (CIFS): Use-after-free vulnerability allows data integrity compromise and denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This MODERATE impact use-after-free flaw in the Linux kernel\u0027s CIFS component. An attacker on an adjacent network could exploit this vulnerability during connection re-establishment, potentially leading to data integrity compromise or a denial of service.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.183.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.183.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-53751"
},
{
"category": "external",
"summary": "RHBZ#2419858",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419858"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-53751",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53751"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-53751",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53751"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025120842-CVE-2023-53751-2ff2@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025120842-CVE-2023-53751-2ff2@gregkh/T"
}
],
"release_date": "2025-12-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-28T19:17:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.183.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.183.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64"
],
"restart_required": {
"category": "machine"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1512"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent the `cifs` kernel module from loading if CIFS functionality is not required. Create a file named `/etc/modprobe.d/disable-cifs.conf` with the following content:\n\n```\ninstall cifs /bin/true\n```\n\nThis will prevent the `cifs` module from being loaded automatically. A system reboot is required for this change to take effect. Note that disabling the `cifs` module will prevent the system from mounting CIFS shares.",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.183.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.183.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.183.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.183.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Linux kernel (CIFS): Use-after-free vulnerability allows data integrity compromise and denial of service"
},
{
"cve": "CVE-2025-39898",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"discovery_date": "2025-10-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2400598"
}
],
"notes": [
{
"category": "description",
"text": "A heap\u2011overflow vulnerability was discovered in the linux kernel e1000e driver\u2019s e1000_set_eeprom() function, insufficient validation of the requested length for an EEPROM change could allow a local, low\u2011privilege user to trigger memory corruption (heap overflow). A local unprivileged user with access to the driver could exploit this flaw to cause memory corruption, potentially leading to confidentiality, integrity, and availability damage.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: e1000e: fix heap overflow in e1000_set_eeprom",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE has been marked as Rejected by the assigning CNA.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.183.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.183.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-39898"
},
{
"category": "external",
"summary": "RHBZ#2400598",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2400598"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-39898",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39898"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-39898",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-39898"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025100116-CVE-2025-39898-d844@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025100116-CVE-2025-39898-d844@gregkh/T"
}
],
"release_date": "2025-10-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-28T19:17:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.183.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.183.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64"
],
"restart_required": {
"category": "machine"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1512"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.183.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.183.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 0.0,
"baseSeverity": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.183.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.183.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: e1000e: fix heap overflow in e1000_set_eeprom"
},
{
"cve": "CVE-2025-39993",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2025-10-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2404121"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw exists in the Linux kernel\u2019s media/rc subsystem. When the device is disconnected via imon_disconnect(), the driver may unconditionally release a usb_device reference (via usb_put_dev) even while other operations (such as vfd_write, send_packet, display_open, lcd_write) are still in progress. Because the pointers usbdev_intf0/usbdev_intf1 are not properly protected by a users-counter or locking, this situation can lead to a use-after-free of the usb_device pointer and therefore memory corruption or kernel stability issues",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: media: rc: fix races with imon_disconnect()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.183.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.183.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-39993"
},
{
"category": "external",
"summary": "RHBZ#2404121",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2404121"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-39993",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39993"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-39993",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-39993"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025101527-CVE-2025-39993-caef@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025101527-CVE-2025-39993-caef@gregkh/T"
}
],
"release_date": "2025-10-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-28T19:17:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.183.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.183.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64"
],
"restart_required": {
"category": "machine"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1512"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.183.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.183.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.183.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.183.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: media: rc: fix races with imon_disconnect()"
},
{
"cve": "CVE-2025-40248",
"cwe": {
"id": "CWE-364",
"name": "Signal Handler Race Condition"
},
"discovery_date": "2025-12-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418872"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u0027s `vsock` component. This vulnerability occurs when a `connect()` operation on an already established socket is interrupted by a signal or timeout, causing the system to mishandle the socket\u0027s state. This incorrect handling can lead to a race condition, potentially resulting in memory corruption, such as a use-after-free or null-pointer dereference. A local attacker could exploit this to cause a denial of service or potentially escalate privileges.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Linux kernel: vsock vulnerability may lead to memory corruption",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat Enterprise Linux 7, 8, 9, and 10. A flaw in the Linux kernel\u0027s `vsock` component allows a local attacker to cause memory corruption, potentially leading to a denial of service or privilege escalation. This occurs when a `connect()` operation on an established socket is interrupted by a signal or timeout, leading to an incorrect handling of the socket\u0027s state.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.183.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.183.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-40248"
},
{
"category": "external",
"summary": "RHBZ#2418872",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418872"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-40248",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40248"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-40248",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-40248"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025120430-CVE-2025-40248-506e@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025120430-CVE-2025-40248-506e@gregkh/T"
}
],
"release_date": "2025-12-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-28T19:17:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.183.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.183.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64"
],
"restart_required": {
"category": "machine"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1512"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.183.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.183.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: Linux kernel: vsock vulnerability may lead to memory corruption"
},
{
"cve": "CVE-2025-40277",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2025-12-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419954"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vmwgfx: Validate command header size against SVGA_CMD_MAX_DATASIZE\n\nThis data originates from userspace and is used in buffer offset\ncalculations which could potentially overflow causing an out-of-bounds\naccess.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: drm/vmwgfx: Validate command header size against SVGA_CMD_MAX_DATASIZE",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "A local attacker with access to the vmwgfx device could trigger an integer overflow when sending crafted SVGA3D command buffers with a malformed header size. The unchecked header-\u003esize field is used in buffer offset arithmetic, leading to potential out-of-bounds memory access in the kernel. The patch enforces a maximum bound (SVGA_CMD_MAX_DATASIZE) to prevent overflows. This issue may allow denial of service or privilege escalation within the guest VM.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.183.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.183.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-40277"
},
{
"category": "external",
"summary": "RHBZ#2419954",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419954"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-40277",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40277"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-40277",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-40277"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025120717-CVE-2025-40277-d511@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025120717-CVE-2025-40277-d511@gregkh/T"
}
],
"release_date": "2025-12-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-28T19:17:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.183.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.183.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64"
],
"restart_required": {
"category": "machine"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1512"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent module vmwgfx from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.183.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.183.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.183.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.183.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.183.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: drm/vmwgfx: Validate command header size against SVGA_CMD_MAX_DATASIZE"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…