RHSA-2026:1495
Vulnerability from csaf_redhat - Published: 2026-01-28 15:08 - Updated: 2026-01-29 15:24Summary
Red Hat Security Advisory: kernel-rt security update
Notes
Topic
An update for kernel-rt is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
* kernel: mac80211: fix potential double free on mesh join (CVE-2022-49290)
* kernel: net: bonding: fix use-after-free after 802.3ad slave unbind (CVE-2022-49667)
* kernel: Linux kernel: be2net buffer overflow in be_get_module_eeprom (CVE-2022-49581)
* kernel: ntb_hw_switchtec: Fix shift-out-of-bounds in switchtec_ntb_mw_set_trans (CVE-2023-53034)
* kernel: net: openvswitch: fix nested key length validation in the set() action (CVE-2025-37789)
* kernel: KVM: arm64: Tear down vGIC on failed vCPU creation (CVE-2025-37849)
* kernel: smb: client: Fix use-after-free in cifs_fill_dirent (CVE-2025-38051)
* kernel: RDMA/rxe: Fix incomplete state save in rxe_requester (CVE-2023-53539)
* kernel: i40e: fix idx validation in config queues msg (CVE-2025-39971)
* kernel: ASoC: Intel: bytcr_rt5640: Fix invalid quirk input mapping (CVE-2025-40154)
* kernel: Linux kernel: vsock vulnerability may lead to memory corruption (CVE-2025-40248)
* kernel: mptcp: fix race condition in mptcp_schedule_work() (CVE-2025-40258)
* kernel: drm/vmwgfx: Validate command header size against SVGA_CMD_MAX_DATASIZE (CVE-2025-40277)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for kernel-rt is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es):\n\n* kernel: mac80211: fix potential double free on mesh join (CVE-2022-49290)\n\n* kernel: net: bonding: fix use-after-free after 802.3ad slave unbind (CVE-2022-49667)\n\n* kernel: Linux kernel: be2net buffer overflow in be_get_module_eeprom (CVE-2022-49581)\n\n* kernel: ntb_hw_switchtec: Fix shift-out-of-bounds in switchtec_ntb_mw_set_trans (CVE-2023-53034)\n\n* kernel: net: openvswitch: fix nested key length validation in the set() action (CVE-2025-37789)\n\n* kernel: KVM: arm64: Tear down vGIC on failed vCPU creation (CVE-2025-37849)\n\n* kernel: smb: client: Fix use-after-free in cifs_fill_dirent (CVE-2025-38051)\n\n* kernel: RDMA/rxe: Fix incomplete state save in rxe_requester (CVE-2023-53539)\n\n* kernel: i40e: fix idx validation in config queues msg (CVE-2025-39971)\n\n* kernel: ASoC: Intel: bytcr_rt5640: Fix invalid quirk input mapping (CVE-2025-40154)\n\n* kernel: Linux kernel: vsock vulnerability may lead to memory corruption (CVE-2025-40248)\n\n* kernel: mptcp: fix race condition in mptcp_schedule_work() (CVE-2025-40258)\n\n* kernel: drm/vmwgfx: Validate command header size against SVGA_CMD_MAX_DATASIZE (CVE-2025-40277)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:1495",
"url": "https://access.redhat.com/errata/RHSA-2026:1495"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2347727",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2347727"
},
{
"category": "external",
"summary": "2347982",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2347982"
},
{
"category": "external",
"summary": "2348269",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348269"
},
{
"category": "external",
"summary": "2360239",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2360239"
},
{
"category": "external",
"summary": "2363315",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2363315"
},
{
"category": "external",
"summary": "2365271",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2365271"
},
{
"category": "external",
"summary": "2373329",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2373329"
},
{
"category": "external",
"summary": "2401510",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2401510"
},
{
"category": "external",
"summary": "2404108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2404108"
},
{
"category": "external",
"summary": "2414494",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414494"
},
{
"category": "external",
"summary": "2418872",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418872"
},
{
"category": "external",
"summary": "2418876",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418876"
},
{
"category": "external",
"summary": "2419954",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419954"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_1495.json"
}
],
"title": "Red Hat Security Advisory: kernel-rt security update",
"tracking": {
"current_release_date": "2026-01-29T15:24:28+00:00",
"generator": {
"date": "2026-01-29T15:24:28+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.16"
}
},
"id": "RHSA-2026:1495",
"initial_release_date": "2026-01-28T15:08:02+00:00",
"revision_history": [
{
"date": "2026-01-28T15:08:02+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-01-28T15:08:02+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-01-29T15:24:28+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product": {
"name": "Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_e4s:9.0::nfv"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product": {
"name": "Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_e4s:9.0::realtime"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"product": {
"name": "kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"product_id": "kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@5.14.0-70.163.1.rt21.235.el9_0?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"product": {
"name": "kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"product_id": "kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@5.14.0-70.163.1.rt21.235.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"product": {
"name": "kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"product_id": "kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-core@5.14.0-70.163.1.rt21.235.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"product": {
"name": "kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"product_id": "kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug@5.14.0-70.163.1.rt21.235.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"product": {
"name": "kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"product_id": "kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-core@5.14.0-70.163.1.rt21.235.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"product": {
"name": "kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"product_id": "kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-devel@5.14.0-70.163.1.rt21.235.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"product": {
"name": "kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"product_id": "kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-kvm@5.14.0-70.163.1.rt21.235.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"product": {
"name": "kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"product_id": "kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-modules@5.14.0-70.163.1.rt21.235.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"product": {
"name": "kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"product_id": "kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-modules-extra@5.14.0-70.163.1.rt21.235.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"product": {
"name": "kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"product_id": "kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-devel@5.14.0-70.163.1.rt21.235.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"product": {
"name": "kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"product_id": "kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-kvm@5.14.0-70.163.1.rt21.235.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"product": {
"name": "kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"product_id": "kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-modules@5.14.0-70.163.1.rt21.235.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"product": {
"name": "kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"product_id": "kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-modules-extra@5.14.0-70.163.1.rt21.235.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"product": {
"name": "kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"product_id": "kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@5.14.0-70.163.1.rt21.235.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"product": {
"name": "kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"product_id": "kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo@5.14.0-70.163.1.rt21.235.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"product": {
"name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"product_id": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common-x86_64@5.14.0-70.163.1.rt21.235.el9_0?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src"
},
"product_reference": "kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"relates_to_product_reference": "NFV-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64"
},
"product_reference": "kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"relates_to_product_reference": "NFV-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64"
},
"product_reference": "kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"relates_to_product_reference": "NFV-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64"
},
"product_reference": "kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"relates_to_product_reference": "NFV-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64"
},
"product_reference": "kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"relates_to_product_reference": "NFV-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64"
},
"product_reference": "kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"relates_to_product_reference": "NFV-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64"
},
"product_reference": "kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"relates_to_product_reference": "NFV-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64"
},
"product_reference": "kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"relates_to_product_reference": "NFV-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64"
},
"product_reference": "kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"relates_to_product_reference": "NFV-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64"
},
"product_reference": "kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"relates_to_product_reference": "NFV-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64"
},
"product_reference": "kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"relates_to_product_reference": "NFV-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64"
},
"product_reference": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"relates_to_product_reference": "NFV-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64"
},
"product_reference": "kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"relates_to_product_reference": "NFV-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64"
},
"product_reference": "kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"relates_to_product_reference": "NFV-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64"
},
"product_reference": "kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"relates_to_product_reference": "NFV-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64"
},
"product_reference": "kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"relates_to_product_reference": "NFV-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src"
},
"product_reference": "kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"relates_to_product_reference": "RT-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64"
},
"product_reference": "kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"relates_to_product_reference": "RT-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64"
},
"product_reference": "kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"relates_to_product_reference": "RT-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64"
},
"product_reference": "kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"relates_to_product_reference": "RT-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64"
},
"product_reference": "kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"relates_to_product_reference": "RT-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64"
},
"product_reference": "kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"relates_to_product_reference": "RT-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64"
},
"product_reference": "kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"relates_to_product_reference": "RT-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64"
},
"product_reference": "kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"relates_to_product_reference": "RT-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64"
},
"product_reference": "kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"relates_to_product_reference": "RT-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64"
},
"product_reference": "kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"relates_to_product_reference": "RT-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64"
},
"product_reference": "kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"relates_to_product_reference": "RT-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64"
},
"product_reference": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"relates_to_product_reference": "RT-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64"
},
"product_reference": "kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"relates_to_product_reference": "RT-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64"
},
"product_reference": "kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"relates_to_product_reference": "RT-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64"
},
"product_reference": "kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"relates_to_product_reference": "RT-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64"
},
"product_reference": "kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"relates_to_product_reference": "RT-9.0.0.Z.E4S"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-49290",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"discovery_date": "2025-02-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2347727"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmac80211: fix potential double free on mesh join\n\nWhile commit 6a01afcf8468 (\"mac80211: mesh: Free ie data when leaving\nmesh\") fixed a memory leak on mesh leave / teardown it introduced a\npotential memory corruption caused by a double free when rejoining the\nmesh:\n\n ieee80211_leave_mesh()\n -\u003e kfree(sdata-\u003eu.mesh.ie);\n ...\n ieee80211_join_mesh()\n -\u003e copy_mesh_setup()\n -\u003e old_ie = ifmsh-\u003eie;\n -\u003e kfree(old_ie);\n\nThis double free / kernel panics can be reproduced by using wpa_supplicant\nwith an encrypted mesh (if set up without encryption via \"iw\" then\nifmsh-\u003eie is always NULL, which avoids this issue). And then calling:\n\n $ iw dev mesh0 mesh leave\n $ iw dev mesh0 mesh join my-mesh\n\nNote that typically these commands are not used / working when using\nwpa_supplicant. And it seems that wpa_supplicant or wpa_cli are going\nthrough a NETDEV_DOWN/NETDEV_UP cycle between a mesh leave and mesh join\nwhere the NETDEV_UP resets the mesh.ie to NULL via a memcpy of\ndefault_mesh_setup in cfg80211_netdev_notifier_call, which then avoids\nthe memory corruption, too.\n\nThe issue was first observed in an application which was not using\nwpa_supplicant but \"Senf\" instead, which implements its own calls to\nnl80211.\n\nFixing the issue by removing the kfree()\u0027ing of the mesh IE in the mesh\njoin function and leaving it solely up to the mesh leave to free the\nmesh IE.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: mac80211: fix potential double free on mesh join",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-49290"
},
{
"category": "external",
"summary": "RHBZ#2347727",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2347727"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-49290",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49290"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-49290",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-49290"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025022633-CVE-2022-49290-42e8@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025022633-CVE-2022-49290-42e8@gregkh/T"
}
],
"release_date": "2025-02-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-28T15:08:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1495"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: mac80211: fix potential double free on mesh join"
},
{
"cve": "CVE-2022-49581",
"cwe": {
"id": "CWE-805",
"name": "Buffer Access with Incorrect Length Value"
},
"discovery_date": "2025-02-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2348269"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbe2net: Fix buffer overflow in be_get_module_eeprom\n\nbe_cmd_read_port_transceiver_data assumes that it is given a buffer that\nis at least PAGE_DATA_LEN long, or twice that if the module supports SFF\n8472. However, this is not always the case.\n\nFix this by passing the desired offset and length to\nbe_cmd_read_port_transceiver_data so that we only copy the bytes once.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Linux kernel: be2net buffer overflow in be_get_module_eeprom",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat has stack protection mechanisms in place, such as FORTIFY_SOURCE, Position Independent Executables or Stack Smashing Protection.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-49581"
},
{
"category": "external",
"summary": "RHBZ#2348269",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348269"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-49581",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49581"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-49581",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-49581"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025022608-CVE-2022-49581-b9dc@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025022608-CVE-2022-49581-b9dc@gregkh/T"
}
],
"release_date": "2025-02-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-28T15:08:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1495"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Linux kernel: be2net buffer overflow in be_get_module_eeprom"
},
{
"cve": "CVE-2022-49667",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2025-02-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2347982"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: bonding: fix use-after-free after 802.3ad slave unbind\n\ncommit 0622cab0341c (\"bonding: fix 802.3ad aggregator reselection\"),\nresolve case, when there is several aggregation groups in the same bond.\nbond_3ad_unbind_slave will invalidate (clear) aggregator when\n__agg_active_ports return zero. So, ad_clear_agg can be executed even, when\nnum_of_ports!=0. Than bond_3ad_unbind_slave can be executed again for,\npreviously cleared aggregator. NOTE: at this time bond_3ad_unbind_slave\nwill not update slave ports list, because lag_ports==NULL. So, here we\ngot slave ports, pointing to freed aggregator memory.\n\nFix with checking actual number of ports in group (as was before\ncommit 0622cab0341c (\"bonding: fix 802.3ad aggregator reselection\") ),\nbefore ad_clear_agg().\n\nThe KASAN logs are as follows:\n\n[ 767.617392] ==================================================================\n[ 767.630776] BUG: KASAN: use-after-free in bond_3ad_state_machine_handler+0x13dc/0x1470\n[ 767.638764] Read of size 2 at addr ffff00011ba9d430 by task kworker/u8:7/767\n[ 767.647361] CPU: 3 PID: 767 Comm: kworker/u8:7 Tainted: G O 5.15.11 #15\n[ 767.655329] Hardware name: DNI AmazonGo1 A7040 board (DT)\n[ 767.660760] Workqueue: lacp_1 bond_3ad_state_machine_handler\n[ 767.666468] Call trace:\n[ 767.668930] dump_backtrace+0x0/0x2d0\n[ 767.672625] show_stack+0x24/0x30\n[ 767.675965] dump_stack_lvl+0x68/0x84\n[ 767.679659] print_address_description.constprop.0+0x74/0x2b8\n[ 767.685451] kasan_report+0x1f0/0x260\n[ 767.689148] __asan_load2+0x94/0xd0\n[ 767.692667] bond_3ad_state_machine_handler+0x13dc/0x1470",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: net: bonding: fix use-after-free after 802.3ad slave unbind",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The bug could happen if bonding network ports in the Linux being used. For triggering the bug need to detach one of the bonded ports and some other conditions to happen all-together. The security impact is limited, because only local user with access to administration of bonded ports can trigger it.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-49667"
},
{
"category": "external",
"summary": "RHBZ#2347982",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2347982"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-49667",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49667"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-49667",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-49667"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025022623-CVE-2022-49667-4710@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025022623-CVE-2022-49667-4710@gregkh/T"
}
],
"release_date": "2025-02-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-28T15:08:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1495"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent module bonding from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: net: bonding: fix use-after-free after 802.3ad slave unbind"
},
{
"cve": "CVE-2023-53034",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2025-04-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2360239"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nntb_hw_switchtec: Fix shift-out-of-bounds in switchtec_ntb_mw_set_trans\n\nThere is a kernel API ntb_mw_clear_trans() would pass 0 to both addr and\nsize. This would make xlate_pos negative.\n\n[ 23.734156] switchtec switchtec0: MW 0: part 0 addr 0x0000000000000000 size 0x0000000000000000\n[ 23.734158] ================================================================================\n[ 23.734172] UBSAN: shift-out-of-bounds in drivers/ntb/hw/mscc/ntb_hw_switchtec.c:293:7\n[ 23.734418] shift exponent -1 is negative\n\nEnsuring xlate_pos is a positive or zero before BIT.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: ntb_hw_switchtec: Fix shift-out-of-bounds in switchtec_ntb_mw_set_trans",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-53034"
},
{
"category": "external",
"summary": "RHBZ#2360239",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2360239"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-53034",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53034"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-53034",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53034"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025041650-CVE-2023-53034-8c3b@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025041650-CVE-2023-53034-8c3b@gregkh/T"
}
],
"release_date": "2025-04-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-28T15:08:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1495"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: ntb_hw_switchtec: Fix shift-out-of-bounds in switchtec_ntb_mw_set_trans"
},
{
"cve": "CVE-2023-53539",
"discovery_date": "2025-10-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2401510"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/rxe: Fix incomplete state save in rxe_requester\n\nIf a send packet is dropped by the IP layer in rxe_requester()\nthe call to rxe_xmit_packet() can fail with err == -EAGAIN.\nTo recover, the state of the wqe is restored to the state before\nthe packet was sent so it can be resent. However, the routines\nthat save and restore the state miss a significnt part of the\nvariable state in the wqe, the dma struct which is used to process\nthrough the sge table. And, the state is not saved before the packet\nis built which modifies the dma struct.\n\nUnder heavy stress testing with many QPs on a fast node sending\nlarge messages to a slow node dropped packets are observed and\nthe resent packets are corrupted because the dma struct was not\nrestored. This patch fixes this behavior and allows the test cases\nto succeed.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: RDMA/rxe: Fix incomplete state save in rxe_requester",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerability occurs when rxe_requester attempts to retransmit a packet after receiving -EAGAIN from the IP layer. The code saves work queue element state to enable retransmission, but fails to preserve the DMA structure that tracks scatter-gather list processing. Additionally, the state snapshot happens after packet construction has already modified the DMA fields. When heavy network stress causes packet drops\u2014particularly when a fast sender communicates with a slow receiver across multiple queue pairs\u2014the incomplete restoration causes retransmitted packets to carry corrupted payload data.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-53539"
},
{
"category": "external",
"summary": "RHBZ#2401510",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2401510"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-53539",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53539"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-53539",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53539"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025100443-CVE-2023-53539-4411@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025100443-CVE-2023-53539-4411@gregkh/T"
}
],
"release_date": "2025-10-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-28T15:08:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1495"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent the rdma_rxe module from being loaded. See https://access.redhat.com/solutions/41278 for instructions on blacklisting kernel modules.",
"product_ids": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: RDMA/rxe: Fix incomplete state save in rxe_requester"
},
{
"cve": "CVE-2025-37789",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2025-05-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2363315"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: openvswitch: fix nested key length validation in the set() action\n\nIt\u0027s not safe to access nla_len(ovs_key) if the data is smaller than\nthe netlink header. Check that the attribute is OK first.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: net: openvswitch: fix nested key length validation in the set() action",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-37789"
},
{
"category": "external",
"summary": "RHBZ#2363315",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2363315"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-37789",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37789"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-37789",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-37789"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025050119-CVE-2025-37789-3f0b@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025050119-CVE-2025-37789-3f0b@gregkh/T"
}
],
"release_date": "2025-05-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-28T15:08:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1495"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L",
"version": "3.1"
},
"products": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: net: openvswitch: fix nested key length validation in the set() action"
},
{
"cve": "CVE-2025-37849",
"cwe": {
"id": "CWE-459",
"name": "Incomplete Cleanup"
},
"discovery_date": "2025-05-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2365271"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: arm64: Tear down vGIC on failed vCPU creation\n\nIf kvm_arch_vcpu_create() fails to share the vCPU page with the\nhypervisor, we propagate the error back to the ioctl but leave the\nvGIC vCPU data initialised. Note only does this leak the corresponding\nmemory when the vCPU is destroyed but it can also lead to use-after-free\nif the redistributor device handling tries to walk into the vCPU.\n\nAdd the missing cleanup to kvm_arch_vcpu_create(), ensuring that the\nvGIC vCPU structures are destroyed on error.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: KVM: arm64: Tear down vGIC on failed vCPU creation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-37849"
},
{
"category": "external",
"summary": "RHBZ#2365271",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2365271"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-37849",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37849"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-37849",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-37849"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025050918-CVE-2025-37849-2a30@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025050918-CVE-2025-37849-2a30@gregkh/T"
}
],
"release_date": "2025-05-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-28T15:08:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1495"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: KVM: arm64: Tear down vGIC on failed vCPU creation"
},
{
"cve": "CVE-2025-38051",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2025-06-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2373329"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: Fix use-after-free in cifs_fill_dirent\n\nThere is a race condition in the readdir concurrency process, which may\naccess the rsp buffer after it has been released, triggering the\nfollowing KASAN warning.\n\n ==================================================================\n BUG: KASAN: slab-use-after-free in cifs_fill_dirent+0xb03/0xb60 [cifs]\n Read of size 4 at addr ffff8880099b819c by task a.out/342975\n\n CPU: 2 UID: 0 PID: 342975 Comm: a.out Not tainted 6.15.0-rc6+ #240 PREEMPT(full)\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.1-2.fc37 04/01/2014\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x53/0x70\n print_report+0xce/0x640\n kasan_report+0xb8/0xf0\n cifs_fill_dirent+0xb03/0xb60 [cifs]\n cifs_readdir+0x12cb/0x3190 [cifs]\n iterate_dir+0x1a1/0x520\n __x64_sys_getdents+0x134/0x220\n do_syscall_64+0x4b/0x110\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n RIP: 0033:0x7f996f64b9f9\n Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89\n f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01\n f0 ff ff 0d f7 c3 0c 00 f7 d8 64 89 8\n RSP: 002b:00007f996f53de78 EFLAGS: 00000207 ORIG_RAX: 000000000000004e\n RAX: ffffffffffffffda RBX: 00007f996f53ecdc RCX: 00007f996f64b9f9\n RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003\n RBP: 00007f996f53dea0 R08: 0000000000000000 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000207 R12: ffffffffffffff88\n R13: 0000000000000000 R14: 00007ffc8cd9a500 R15: 00007f996f51e000\n \u003c/TASK\u003e\n\n Allocated by task 408:\n kasan_save_stack+0x20/0x40\n kasan_save_track+0x14/0x30\n __kasan_slab_alloc+0x6e/0x70\n kmem_cache_alloc_noprof+0x117/0x3d0\n mempool_alloc_noprof+0xf2/0x2c0\n cifs_buf_get+0x36/0x80 [cifs]\n allocate_buffers+0x1d2/0x330 [cifs]\n cifs_demultiplex_thread+0x22b/0x2690 [cifs]\n kthread+0x394/0x720\n ret_from_fork+0x34/0x70\n ret_from_fork_asm+0x1a/0x30\n\n Freed by task 342979:\n kasan_save_stack+0x20/0x40\n kasan_save_track+0x14/0x30\n kasan_save_free_info+0x3b/0x60\n __kasan_slab_free+0x37/0x50\n kmem_cache_free+0x2b8/0x500\n cifs_buf_release+0x3c/0x70 [cifs]\n cifs_readdir+0x1c97/0x3190 [cifs]\n iterate_dir+0x1a1/0x520\n __x64_sys_getdents64+0x134/0x220\n do_syscall_64+0x4b/0x110\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\n The buggy address belongs to the object at ffff8880099b8000\n which belongs to the cache cifs_request of size 16588\n The buggy address is located 412 bytes inside of\n freed 16588-byte region [ffff8880099b8000, ffff8880099bc0cc)\n\n The buggy address belongs to the physical page:\n page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x99b8\n head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0\n anon flags: 0x80000000000040(head|node=0|zone=1)\n page_type: f5(slab)\n raw: 0080000000000040 ffff888001e03400 0000000000000000 dead000000000001\n raw: 0000000000000000 0000000000010001 00000000f5000000 0000000000000000\n head: 0080000000000040 ffff888001e03400 0000000000000000 dead000000000001\n head: 0000000000000000 0000000000010001 00000000f5000000 0000000000000000\n head: 0080000000000003 ffffea0000266e01 00000000ffffffff 00000000ffffffff\n head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008\n page dumped because: kasan: bad access detected\n\n Memory state around the buggy address:\n ffff8880099b8080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n ffff8880099b8100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n \u003effff8880099b8180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n ^\n ffff8880099b8200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n ffff8880099b8280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n ==================================================================\n\nPOC is available in the link [1].\n\nThe problem triggering process is as follows:\n\nProcess 1 Process 2\n-----------------------------------\n---truncated---",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: smb: client: Fix use-after-free in cifs_fill_dirent",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-38051"
},
{
"category": "external",
"summary": "RHBZ#2373329",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2373329"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-38051",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38051"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-38051",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-38051"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025061831-CVE-2025-38051-77da@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025061831-CVE-2025-38051-77da@gregkh/T"
}
],
"release_date": "2025-06-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-28T15:08:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1495"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: smb: client: Fix use-after-free in cifs_fill_dirent"
},
{
"cve": "CVE-2025-39971",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2025-10-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2404108"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni40e: fix idx validation in config queues msg\n\nEnsure idx is within range of active/initialized TCs when iterating over\nvf-\u003ech[idx] in i40e_vc_config_queues_msg().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: i40e: fix idx validation in config queues msg",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-39971"
},
{
"category": "external",
"summary": "RHBZ#2404108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2404108"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-39971",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39971"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-39971",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-39971"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025101556-CVE-2025-39971-97e2@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025101556-CVE-2025-39971-97e2@gregkh/T"
}
],
"release_date": "2025-10-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-28T15:08:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1495"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: i40e: fix idx validation in config queues msg"
},
{
"cve": "CVE-2025-40154",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2025-11-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2414494"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: Intel: bytcr_rt5640: Fix invalid quirk input mapping\n\nWhen an invalid value is passed via quirk option, currently\nbytcr_rt5640 driver only shows an error message but leaves as is.\nThis may lead to unepxected results like OOB access.\n\nThis patch corrects the input mapping to the certain default value if\nan invalid value is passed.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: ASoC: Intel: bytcr_rt5640: Fix invalid quirk input mapping",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-40154"
},
{
"category": "external",
"summary": "RHBZ#2414494",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414494"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-40154",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40154"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-40154",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-40154"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025111258-CVE-2025-40154-fd98@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025111258-CVE-2025-40154-fd98@gregkh/T"
}
],
"release_date": "2025-11-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-28T15:08:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1495"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent module snd-soc-core from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: ASoC: Intel: bytcr_rt5640: Fix invalid quirk input mapping"
},
{
"cve": "CVE-2025-40248",
"cwe": {
"id": "CWE-364",
"name": "Signal Handler Race Condition"
},
"discovery_date": "2025-12-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418872"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u0027s `vsock` component. This vulnerability occurs when a `connect()` operation on an already established socket is interrupted by a signal or timeout, causing the system to mishandle the socket\u0027s state. This incorrect handling can lead to a race condition, potentially resulting in memory corruption, such as a use-after-free or null-pointer dereference. A local attacker could exploit this to cause a denial of service or potentially escalate privileges.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Linux kernel: vsock vulnerability may lead to memory corruption",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat Enterprise Linux 7, 8, 9, and 10. A flaw in the Linux kernel\u0027s `vsock` component allows a local attacker to cause memory corruption, potentially leading to a denial of service or privilege escalation. This occurs when a `connect()` operation on an established socket is interrupted by a signal or timeout, leading to an incorrect handling of the socket\u0027s state.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-40248"
},
{
"category": "external",
"summary": "RHBZ#2418872",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418872"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-40248",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40248"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-40248",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-40248"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025120430-CVE-2025-40248-506e@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025120430-CVE-2025-40248-506e@gregkh/T"
}
],
"release_date": "2025-12-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-28T15:08:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1495"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: Linux kernel: vsock vulnerability may lead to memory corruption"
},
{
"cve": "CVE-2025-40258",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"discovery_date": "2025-12-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418876"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: fix race condition in mptcp_schedule_work()\n\nsyzbot reported use-after-free in mptcp_schedule_work() [1]\n\nIssue here is that mptcp_schedule_work() schedules a work,\nthen gets a refcount on sk-\u003esk_refcnt if the work was scheduled.\nThis refcount will be released by mptcp_worker().\n\n[A] if (schedule_work(...)) {\n[B] sock_hold(sk);\n return true;\n }\n\nProblem is that mptcp_worker() can run immediately and complete before [B]\n\nWe need instead :\n\n sock_hold(sk);\n if (schedule_work(...))\n return true;\n sock_put(sk);\n\n[1]\nrefcount_t: addition on 0; use-after-free.\n WARNING: CPU: 1 PID: 29 at lib/refcount.c:25 refcount_warn_saturate+0xfa/0x1d0 lib/refcount.c:25\nCall Trace:\n \u003cTASK\u003e\n __refcount_add include/linux/refcount.h:-1 [inline]\n __refcount_inc include/linux/refcount.h:366 [inline]\n refcount_inc include/linux/refcount.h:383 [inline]\n sock_hold include/net/sock.h:816 [inline]\n mptcp_schedule_work+0x164/0x1a0 net/mptcp/protocol.c:943\n mptcp_tout_timer+0x21/0xa0 net/mptcp/protocol.c:2316\n call_timer_fn+0x17e/0x5f0 kernel/time/timer.c:1747\n expire_timers kernel/time/timer.c:1798 [inline]\n __run_timers kernel/time/timer.c:2372 [inline]\n __run_timer_base+0x648/0x970 kernel/time/timer.c:2384\n run_timer_base kernel/time/timer.c:2393 [inline]\n run_timer_softirq+0xb7/0x180 kernel/time/timer.c:2403\n handle_softirqs+0x22f/0x710 kernel/softirq.c:622\n __do_softirq kernel/softirq.c:656 [inline]\n run_ktimerd+0xcf/0x190 kernel/softirq.c:1138\n smpboot_thread_fn+0x542/0xa60 kernel/smpboot.c:160\n kthread+0x711/0x8a0 kernel/kthread.c:463\n ret_from_fork+0x4bc/0x870 arch/x86/kernel/process.c:158\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: mptcp: fix race condition in mptcp_schedule_work()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "By default, the MPTCP support is disabled in RHEL. This bug is only applicable if enabled.\nThe MPTCP disabled by default (in Red Hat Enterprise Linux or Fedora). Particular this CVE looks higher severity, because could lead to privileges escalation potentially. The MPTCP is networking protocol (so if enabled by root, then potentially could be triggered). The protocol alive and being used in some scenarios, but known to be not safe enough to be enabled by default (need to use it with care taking in mind CVEs like this). There is one more similar previous CVE (one or two weeks ago) that is also MPTCP, but less danger that is CVE-2024-53122",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-40258"
},
{
"category": "external",
"summary": "RHBZ#2418876",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418876"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-40258",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40258"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-40258",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-40258"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025120433-CVE-2025-40258-d10d@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025120433-CVE-2025-40258-d10d@gregkh/T"
}
],
"release_date": "2025-12-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-28T15:08:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1495"
},
{
"category": "workaround",
"details": "If enabled, you may disable MPTCP support. For more information please read https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/8/html/configuring_and_managing_networking/getting-started-with-multipath-tcp_configuring-and-managing-networking#preparing-rhel-to-enable-mptcp-support_getting-started-with-multipath-tcp",
"product_ids": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: mptcp: fix race condition in mptcp_schedule_work()"
},
{
"cve": "CVE-2025-40277",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2025-12-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419954"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vmwgfx: Validate command header size against SVGA_CMD_MAX_DATASIZE\n\nThis data originates from userspace and is used in buffer offset\ncalculations which could potentially overflow causing an out-of-bounds\naccess.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: drm/vmwgfx: Validate command header size against SVGA_CMD_MAX_DATASIZE",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "A local attacker with access to the vmwgfx device could trigger an integer overflow when sending crafted SVGA3D command buffers with a malformed header size. The unchecked header-\u003esize field is used in buffer offset arithmetic, leading to potential out-of-bounds memory access in the kernel. The patch enforces a maximum bound (SVGA_CMD_MAX_DATASIZE) to prevent overflows. This issue may allow denial of service or privilege escalation within the guest VM.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-40277"
},
{
"category": "external",
"summary": "RHBZ#2419954",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419954"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-40277",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40277"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-40277",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-40277"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025120717-CVE-2025-40277-d511@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025120717-CVE-2025-40277-d511@gregkh/T"
}
],
"release_date": "2025-12-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-28T15:08:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1495"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent module vmwgfx from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.163.1.rt21.235.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: drm/vmwgfx: Validate command header size against SVGA_CMD_MAX_DATASIZE"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…