RHSA-2026:2577
Vulnerability from csaf_redhat - Published: 2026-02-11 17:06 - Updated: 2026-03-19 07:39Summary
Red Hat Security Advisory: kernel-rt security update
Severity
Moderate
Notes
Topic: An update for kernel-rt is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
* kernel: Linux kernel: ath9k_htc out-of-bounds access vulnerability (CVE-2022-49503)
* kernel: Linux kernel: Out-of-bounds write in VXLAN due to incorrect nexthop hash size leading to denial of service (CVE-2023-53192)
* kernel: Bluetooth: hci_event: call disconnect callback before deleting conn (CVE-2023-53673)
* kernel: devlink: rate: Unset parent pointer in devl_rate_nodes_destroy (CVE-2025-40251)
* kernel: Linux kernel Bluetooth L2CAP: Kernel crash due to use-after-free via race condition (CVE-2023-53751)
* kernel: Linux kernel: Out-of-bounds write in fbdev can lead to privilege escalation, information disclosure, or denial of service. (CVE-2025-40304)
* kernel: Linux kernel: Information disclosure and denial of service via out-of-bounds read in font glyph handling (CVE-2025-40322)
* kernel: ext4: fix use-after-free in ext4_orphan_cleanup (CVE-2022-50673)
* kernel: drm/i915: Fix NULL ptr deref by checking new_crtc_state (CVE-2023-53833)
* kernel: net: atlantic: fix fragment overflow handling in RX path (CVE-2025-68301)
* kernel: tcp: fix a signed-integer-overflow bug in tcp_add_backlog() (CVE-2022-50865)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the Linux kernel's ath9k_htc component. This vulnerability allows a local attacker to cause a denial of service or potentially disclose sensitive information via passing untrusted data to `test_bit()`.
7.1 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2026:2577
A use-after-free vulnerability was found in the ext4 filesystem's orphan inode cleanup routine in the Linux kernel. When ext4_inode_attach_jinode() fails with -ENOMEM during orphan cleanup at mount time, the error is not properly propagated. The inode is freed via iput(), but the orphan list still references the same inode number. On the next loop iteration, the freed inode structure is reused, triggering a use-after-free when adding it to the orphan list.
7.0 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2026:2577
A flaw was found in the Linux kernel’s TCP implementation in the function tcp_add_backlog(). When calculating the maximum acceptable backlog for TCP sockets, the sum of the receive buffer (sk_rcvbuf), the send buffer (sk_sndbuf), and a fixed constant may exceed the maximum value of a signed integer due to both buffer values being of type int. This can result in a signed integer overflow, potentially leading to incorrect backlog limits and unexpected TCP behavior under certain workloads.
7.5 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2026:2577
Workaround
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in the Linux kernel's Virtual Extensible LAN (VXLAN) implementation. An attacker with elevated privileges (CAP_NET_ADMIN) can exploit this vulnerability by configuring the system to accept and forward VXLAN packets. The issue arises from an incorrect nexthop hash size, where a 32-bit hash is used instead of the expected 31-bit hash, leading to negative hash values. This can cause an out-of-bounds write in the nexthop group selection, resulting in a kernel panic and a denial of service (DoS).
6.0 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2026:2577
A flaw was found in the Linux kernel in which a callback is not called when a Bluetooth peripheral is disconnected. This flaw leads to a use-after-free, which an attacker could use to escalate their privileges, corrupt system memory, or otherwise cause a denial of service.
7.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2026:2577
A flaw was found in the Linux kernel's Common Internet File System (CIFS) component. This use-after-free vulnerability occurs due to improper handling of server hostname information during connection re-establishment. An attacker on an adjacent network could exploit this, potentially leading to a compromise of data integrity or a denial of service.
7.1 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2026:2577
Workaround
To mitigate this issue, prevent the `cifs` kernel module from loading if CIFS functionality is not required. Create a file named `/etc/modprobe.d/disable-cifs.conf` with the following content:
```
install cifs /bin/true
```
This will prevent the `cifs` module from being loaded automatically. A system reboot is required for this change to take effect. Note that disabling the `cifs` module will prevent the system from mounting CIFS shares.
A NULL pointer dereference vulnerability was found in the Intel i915 graphics driver in the Linux kernel. The intel_atomic_get_new_crtc_state() function can return NULL if the CRTC state was not previously obtained via intel_atomic_get_crtc_state(), but the return value was not checked before use. This leads to a kernel crash when display mode changes are performed under certain conditions.
7.0 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2026:2577
Workaround
To mitigate this issue, prevent the i915 module from being loaded. See https://access.redhat.com/solutions/41278 for instructions on how to blacklist a kernel module. Note that this will disable Intel integrated graphics.
A dangling pointer access problem was found while devl_rate_nodes_destroy in net/devlink/rate.c in devlink in the Linux Kernel. This flaw may allow an attacker to cause a denial of service.
7.1 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2026:2577
Workaround
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in the Linux kernel, specifically within the framebuffer device (fbdev) subsystem. This vulnerability, an out-of-bounds write, occurs because the `bit_putcs` function does not properly check boundaries when displaying text near the edges of the screen. A local user with low privileges could exploit this to write data beyond the intended memory area. This could potentially lead to serious consequences such as gaining unauthorized access (privilege escalation), revealing sensitive information (information disclosure), or causing the system to become unavailable (denial of service).
7.3 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2026:2577
A flaw was found in the Linux kernel. A local attacker can exploit this vulnerability by providing a specially crafted font glyph index to the bitblit component. This can lead to an out-of-bounds read, potentially resulting in information disclosure or a denial of service.
7.1 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2026:2577
Workaround
To mitigate this issue, prevent the `fbdev` kernel module from loading if it is not required for system operation. Create a file named `/etc/modprobe.d/disable-fbdev.conf` with the following content:
```
install fbdev /bin/true
blacklist fbdev
```
After creating the file, regenerate the initramfs using `dracut -f -v` and reboot the system for the changes to take effect. This mitigation may impact systems that rely on `fbdev` for console display or specific graphics hardware, requiring careful evaluation before implementation.
An out-of-bounds write vulnerability was found in the Aquantia Atlantic network driver in the Linux kernel. When receiving packets that span more than MAX_SKB_FRAGS (17) fragments, the driver writes beyond the skb fragment array bounds in skb_add_rx_frag(), causing kernel memory corruption and panic.
7.0 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2026:2577
Workaround
To mitigate this issue, prevent the atlantic module from being loaded. See https://access.redhat.com/solutions/41278 for instructions.
References
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for kernel-rt is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es):\n\n* kernel: Linux kernel: ath9k_htc out-of-bounds access vulnerability (CVE-2022-49503)\n\n* kernel: Linux kernel: Out-of-bounds write in VXLAN due to incorrect nexthop hash size leading to denial of service (CVE-2023-53192)\n\n* kernel: Bluetooth: hci_event: call disconnect callback before deleting conn (CVE-2023-53673)\n\n* kernel: devlink: rate: Unset parent pointer in devl_rate_nodes_destroy (CVE-2025-40251)\n\n* kernel: Linux kernel Bluetooth L2CAP: Kernel crash due to use-after-free via race condition (CVE-2023-53751)\n\n* kernel: Linux kernel: Out-of-bounds write in fbdev can lead to privilege escalation, information disclosure, or denial of service. (CVE-2025-40304)\n\n* kernel: Linux kernel: Information disclosure and denial of service via out-of-bounds read in font glyph handling (CVE-2025-40322)\n\n* kernel: ext4: fix use-after-free in ext4_orphan_cleanup (CVE-2022-50673)\n\n* kernel: drm/i915: Fix NULL ptr deref by checking new_crtc_state (CVE-2023-53833)\n\n* kernel: net: atlantic: fix fragment overflow handling in RX path (CVE-2025-68301)\n\n* kernel: tcp: fix a signed-integer-overflow bug in tcp_add_backlog() (CVE-2022-50865)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:2577",
"url": "https://access.redhat.com/errata/RHSA-2026:2577"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2347814",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2347814"
},
{
"category": "external",
"summary": "2395232",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395232"
},
{
"category": "external",
"summary": "2402193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2402193"
},
{
"category": "external",
"summary": "2418892",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418892"
},
{
"category": "external",
"summary": "2419858",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419858"
},
{
"category": "external",
"summary": "2419870",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419870"
},
{
"category": "external",
"summary": "2419902",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419902"
},
{
"category": "external",
"summary": "2420347",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2420347"
},
{
"category": "external",
"summary": "2420366",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2420366"
},
{
"category": "external",
"summary": "2422836",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2422836"
},
{
"category": "external",
"summary": "2426226",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2426226"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_2577.json"
}
],
"title": "Red Hat Security Advisory: kernel-rt security update",
"tracking": {
"current_release_date": "2026-03-19T07:39:07+00:00",
"generator": {
"date": "2026-03-19T07:39:07+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.3"
}
},
"id": "RHSA-2026:2577",
"initial_release_date": "2026-02-11T17:06:59+00:00",
"revision_history": [
{
"date": "2026-02-11T17:06:59+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-02-11T17:06:59+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-03-19T07:39:07+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product": {
"name": "Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_e4s:9.0::nfv"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product": {
"name": "Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_e4s:9.0::realtime"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"product": {
"name": "kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"product_id": "kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@5.14.0-70.165.1.rt21.237.el9_0?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product": {
"name": "kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product_id": "kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@5.14.0-70.165.1.rt21.237.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product": {
"name": "kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product_id": "kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-core@5.14.0-70.165.1.rt21.237.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product": {
"name": "kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product_id": "kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug@5.14.0-70.165.1.rt21.237.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product": {
"name": "kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product_id": "kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-core@5.14.0-70.165.1.rt21.237.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product": {
"name": "kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product_id": "kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-devel@5.14.0-70.165.1.rt21.237.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product": {
"name": "kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product_id": "kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-kvm@5.14.0-70.165.1.rt21.237.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product": {
"name": "kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product_id": "kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-modules@5.14.0-70.165.1.rt21.237.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product": {
"name": "kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product_id": "kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-modules-extra@5.14.0-70.165.1.rt21.237.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product": {
"name": "kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product_id": "kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-devel@5.14.0-70.165.1.rt21.237.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product": {
"name": "kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product_id": "kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-kvm@5.14.0-70.165.1.rt21.237.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product": {
"name": "kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product_id": "kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-modules@5.14.0-70.165.1.rt21.237.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product": {
"name": "kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product_id": "kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-modules-extra@5.14.0-70.165.1.rt21.237.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product": {
"name": "kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product_id": "kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@5.14.0-70.165.1.rt21.237.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product": {
"name": "kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product_id": "kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo@5.14.0-70.165.1.rt21.237.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product": {
"name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product_id": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common-x86_64@5.14.0-70.165.1.rt21.237.el9_0?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src"
},
"product_reference": "kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"relates_to_product_reference": "NFV-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
},
"product_reference": "kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"relates_to_product_reference": "NFV-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
},
"product_reference": "kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"relates_to_product_reference": "NFV-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
},
"product_reference": "kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"relates_to_product_reference": "NFV-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
},
"product_reference": "kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"relates_to_product_reference": "NFV-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
},
"product_reference": "kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"relates_to_product_reference": "NFV-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
},
"product_reference": "kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"relates_to_product_reference": "NFV-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
},
"product_reference": "kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"relates_to_product_reference": "NFV-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
},
"product_reference": "kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"relates_to_product_reference": "NFV-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
},
"product_reference": "kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"relates_to_product_reference": "NFV-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
},
"product_reference": "kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"relates_to_product_reference": "NFV-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
},
"product_reference": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"relates_to_product_reference": "NFV-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
},
"product_reference": "kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"relates_to_product_reference": "NFV-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
},
"product_reference": "kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"relates_to_product_reference": "NFV-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
},
"product_reference": "kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"relates_to_product_reference": "NFV-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
},
"product_reference": "kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"relates_to_product_reference": "NFV-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src"
},
"product_reference": "kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"relates_to_product_reference": "RT-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
},
"product_reference": "kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"relates_to_product_reference": "RT-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
},
"product_reference": "kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"relates_to_product_reference": "RT-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
},
"product_reference": "kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"relates_to_product_reference": "RT-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
},
"product_reference": "kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"relates_to_product_reference": "RT-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
},
"product_reference": "kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"relates_to_product_reference": "RT-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
},
"product_reference": "kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"relates_to_product_reference": "RT-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
},
"product_reference": "kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"relates_to_product_reference": "RT-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
},
"product_reference": "kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"relates_to_product_reference": "RT-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
},
"product_reference": "kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"relates_to_product_reference": "RT-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
},
"product_reference": "kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"relates_to_product_reference": "RT-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
},
"product_reference": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"relates_to_product_reference": "RT-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
},
"product_reference": "kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"relates_to_product_reference": "RT-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
},
"product_reference": "kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"relates_to_product_reference": "RT-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
},
"product_reference": "kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"relates_to_product_reference": "RT-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
},
"product_reference": "kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"relates_to_product_reference": "RT-9.0.0.Z.E4S"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-49503",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2025-02-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2347814"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u0027s ath9k_htc component. This vulnerability allows a local attacker to cause a denial of service or potentially disclose sensitive information via passing untrusted data to `test_bit()`.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Linux kernel: ath9k_htc out-of-bounds access vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-49503"
},
{
"category": "external",
"summary": "RHBZ#2347814",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2347814"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-49503",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49503"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-49503",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-49503"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025022608-CVE-2022-49503-a3bf@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025022608-CVE-2022-49503-a3bf@gregkh/T"
}
],
"release_date": "2025-02-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-11T17:06:59+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2577"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Linux kernel: ath9k_htc out-of-bounds access vulnerability"
},
{
"cve": "CVE-2022-50673",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2025-12-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2420347"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free vulnerability was found in the ext4 filesystem\u0027s orphan inode cleanup routine in the Linux kernel. When ext4_inode_attach_jinode() fails with -ENOMEM during orphan cleanup at mount time, the error is not properly propagated. The inode is freed via iput(), but the orphan list still references the same inode number. On the next loop iteration, the freed inode structure is reused, triggering a use-after-free when adding it to the orphan list.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: ext4: fix use-after-free in ext4_orphan_cleanup",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw occurs during ext4 filesystem mount when memory allocation fails at a specific point in orphan inode processing. Exploitation requires local access to mount ext4 filesystems and the ability to induce memory pressure during the mount operation, making practical exploitation difficult.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-50673"
},
{
"category": "external",
"summary": "RHBZ#2420347",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2420347"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-50673",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50673"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-50673",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-50673"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025120947-CVE-2022-50673-f920@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025120947-CVE-2022-50673-f920@gregkh/T"
}
],
"release_date": "2025-12-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-11T17:06:59+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2577"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: ext4: fix use-after-free in ext4_orphan_cleanup"
},
{
"cve": "CVE-2022-50865",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2025-12-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2426226"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u2019s TCP implementation in the function tcp_add_backlog(). When calculating the maximum acceptable backlog for TCP sockets, the sum of the receive buffer (sk_rcvbuf), the send buffer (sk_sndbuf), and a fixed constant may exceed the maximum value of a signed integer due to both buffer values being of type int. This can result in a signed integer overflow, potentially leading to incorrect backlog limits and unexpected TCP behavior under certain workloads.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: tcp: fix a signed-integer-overflow bug in tcp_add_backlog()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "A signed integer overflow in tcp_add_backlog() could occur when computing the backlog limit from sk_rcvbuf and sk_sndbuf, potentially resulting in an incorrect, reduced limit. A remote peer can trigger this condition by sending network traffic that stresses the TCP backlog, leading to premature packet drops and degraded service availability.\nThis issue is a typical network robustness bug, as the integer overflow only affects internal backlog limit calculations and can at most cause packet drops or limited service degradation (DoS), without providing a realistic path to host crashes, memory corruption, privilege escalation, or code execution.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-50865"
},
{
"category": "external",
"summary": "RHBZ#2426226",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2426226"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-50865",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50865"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-50865",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-50865"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025123049-CVE-2022-50865-281e@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025123049-CVE-2022-50865-281e@gregkh/T"
}
],
"release_date": "2025-12-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-11T17:06:59+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2577"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: tcp: fix a signed-integer-overflow bug in tcp_add_backlog()"
},
{
"cve": "CVE-2023-53192",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2025-09-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2395232"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u0027s Virtual Extensible LAN (VXLAN) implementation. An attacker with elevated privileges (CAP_NET_ADMIN) can exploit this vulnerability by configuring the system to accept and forward VXLAN packets. The issue arises from an incorrect nexthop hash size, where a 32-bit hash is used instead of the expected 31-bit hash, leading to negative hash values. This can cause an out-of-bounds write in the nexthop group selection, resulting in a kernel panic and a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Linux kernel: Out-of-bounds write in VXLAN due to incorrect nexthop hash size leading to denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability requires elevated privileges (`CAP_NET_ADMIN`) to exploit, since it can only be triggered if the system is configured to accept and forward VXLAN packets.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-53192"
},
{
"category": "external",
"summary": "RHBZ#2395232",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395232"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-53192",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53192"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-53192",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53192"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025091558-CVE-2023-53192-5ca6@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025091558-CVE-2023-53192-5ca6@gregkh/T"
}
],
"release_date": "2025-09-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-11T17:06:59+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2577"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Linux kernel: Out-of-bounds write in VXLAN due to incorrect nexthop hash size leading to denial of service"
},
{
"cve": "CVE-2023-53673",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2025-10-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2402193"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel in which a callback is not called when a Bluetooth peripheral is disconnected. This flaw leads to a use-after-free, which an attacker could use to escalate their privileges, corrupt system memory, or otherwise cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Bluetooth: hci_event: call disconnect callback before deleting conn",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw has been fixed in RHEL versions 9.4 and later.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-53673"
},
{
"category": "external",
"summary": "RHBZ#2402193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2402193"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-53673",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53673"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-53673",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53673"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025100706-CVE-2023-53673-36b9@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025100706-CVE-2023-53673-36b9@gregkh/T"
}
],
"release_date": "2025-10-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-11T17:06:59+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2577"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Bluetooth: hci_event: call disconnect callback before deleting conn"
},
{
"cve": "CVE-2023-53751",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2025-12-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419858"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u0027s Common Internet File System (CIFS) component. This use-after-free vulnerability occurs due to improper handling of server hostname information during connection re-establishment. An attacker on an adjacent network could exploit this, potentially leading to a compromise of data integrity or a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Linux kernel (CIFS): Use-after-free vulnerability allows data integrity compromise and denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This MODERATE impact use-after-free flaw in the Linux kernel\u0027s CIFS component. An attacker on an adjacent network could exploit this vulnerability during connection re-establishment, potentially leading to data integrity compromise or a denial of service.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-53751"
},
{
"category": "external",
"summary": "RHBZ#2419858",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419858"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-53751",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53751"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-53751",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53751"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025120842-CVE-2023-53751-2ff2@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025120842-CVE-2023-53751-2ff2@gregkh/T"
}
],
"release_date": "2025-12-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-11T17:06:59+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2577"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent the `cifs` kernel module from loading if CIFS functionality is not required. Create a file named `/etc/modprobe.d/disable-cifs.conf` with the following content:\n\n```\ninstall cifs /bin/true\n```\n\nThis will prevent the `cifs` module from being loaded automatically. A system reboot is required for this change to take effect. Note that disabling the `cifs` module will prevent the system from mounting CIFS shares.",
"product_ids": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Linux kernel (CIFS): Use-after-free vulnerability allows data integrity compromise and denial of service"
},
{
"cve": "CVE-2023-53833",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2025-12-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2420366"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference vulnerability was found in the Intel i915 graphics driver in the Linux kernel. The intel_atomic_get_new_crtc_state() function can return NULL if the CRTC state was not previously obtained via intel_atomic_get_crtc_state(), but the return value was not checked before use. This leads to a kernel crash when display mode changes are performed under certain conditions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: drm/i915: Fix NULL ptr deref by checking new_crtc_state",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is a NULL pointer dereference in the Intel i915 graphics driver that can cause a kernel crash during display configuration changes. The vulnerability requires local access and affects systems with Intel integrated graphics.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-53833"
},
{
"category": "external",
"summary": "RHBZ#2420366",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2420366"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-53833",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53833"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-53833",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53833"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025120954-CVE-2023-53833-09d9@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025120954-CVE-2023-53833-09d9@gregkh/T"
}
],
"release_date": "2025-12-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-11T17:06:59+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2577"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent the i915 module from being loaded. See https://access.redhat.com/solutions/41278 for instructions on how to blacklist a kernel module. Note that this will disable Intel integrated graphics.",
"product_ids": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: drm/i915: Fix NULL ptr deref by checking new_crtc_state"
},
{
"cve": "CVE-2025-40251",
"cwe": {
"id": "CWE-911",
"name": "Improper Update of Reference Count"
},
"discovery_date": "2025-12-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418892"
}
],
"notes": [
{
"category": "description",
"text": "A dangling pointer access problem was found while devl_rate_nodes_destroy in net/devlink/rate.c in devlink in the Linux Kernel. This flaw may allow an attacker to cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: devlink: rate: Unset parent pointer in devl_rate_nodes_destroy",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-40251"
},
{
"category": "external",
"summary": "RHBZ#2418892",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418892"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-40251",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40251"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-40251",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-40251"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025120431-CVE-2025-40251-7db7@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025120431-CVE-2025-40251-7db7@gregkh/T"
}
],
"release_date": "2025-12-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-11T17:06:59+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2577"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: devlink: rate: Unset parent pointer in devl_rate_nodes_destroy"
},
{
"cve": "CVE-2025-40304",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2025-12-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419870"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel, specifically within the framebuffer device (fbdev) subsystem. This vulnerability, an out-of-bounds write, occurs because the `bit_putcs` function does not properly check boundaries when displaying text near the edges of the screen. A local user with low privileges could exploit this to write data beyond the intended memory area. This could potentially lead to serious consequences such as gaining unauthorized access (privilege escalation), revealing sensitive information (information disclosure), or causing the system to become unavailable (denial of service).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Linux kernel: Out-of-bounds write in fbdev can lead to privilege escalation, information disclosure, or denial of service.",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-40304"
},
{
"category": "external",
"summary": "RHBZ#2419870",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419870"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-40304",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40304"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-40304",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-40304"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025120820-CVE-2025-40304-47b3@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025120820-CVE-2025-40304-47b3@gregkh/T"
}
],
"release_date": "2025-12-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-11T17:06:59+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2577"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H",
"version": "3.1"
},
"products": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Linux kernel: Out-of-bounds write in fbdev can lead to privilege escalation, information disclosure, or denial of service."
},
{
"cve": "CVE-2025-40322",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2025-12-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419902"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel. A local attacker can exploit this vulnerability by providing a specially crafted font glyph index to the bitblit component. This can lead to an out-of-bounds read, potentially resulting in information disclosure or a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Linux kernel: Information disclosure and denial of service via out-of-bounds read in font glyph handling",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-40322"
},
{
"category": "external",
"summary": "RHBZ#2419902",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419902"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-40322",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40322"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-40322",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-40322"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025120823-CVE-2025-40322-6355@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025120823-CVE-2025-40322-6355@gregkh/T"
}
],
"release_date": "2025-12-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-11T17:06:59+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2577"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent the `fbdev` kernel module from loading if it is not required for system operation. Create a file named `/etc/modprobe.d/disable-fbdev.conf` with the following content:\n\n```\ninstall fbdev /bin/true\nblacklist fbdev\n```\n\nAfter creating the file, regenerate the initramfs using `dracut -f -v` and reboot the system for the changes to take effect. This mitigation may impact systems that rely on `fbdev` for console display or specific graphics hardware, requiring careful evaluation before implementation.",
"product_ids": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Linux kernel: Information disclosure and denial of service via out-of-bounds read in font glyph handling"
},
{
"cve": "CVE-2025-68301",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2025-12-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2422836"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds write vulnerability was found in the Aquantia Atlantic network driver in the Linux kernel. When receiving packets that span more than MAX_SKB_FRAGS (17) fragments, the driver writes beyond the skb fragment array bounds in skb_add_rx_frag(), causing kernel memory corruption and panic.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: net: atlantic: fix fragment overflow handling in RX path",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This affects systems with Aquantia AQC network adapters processing large fragmented packets. Network-adjacent attackers could potentially craft packets to trigger this condition.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68301"
},
{
"category": "external",
"summary": "RHBZ#2422836",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2422836"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68301",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68301"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68301",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68301"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025121643-CVE-2025-68301-be31@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025121643-CVE-2025-68301-be31@gregkh/T"
}
],
"release_date": "2025-12-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-11T17:06:59+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2577"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent the atlantic module from being loaded. See https://access.redhat.com/solutions/41278 for instructions.",
"product_ids": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: net: atlantic: fix fragment overflow handling in RX path"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…