Vulnerability-Lookup

RHSA-2026:1512

Vulnerability from csaf_redhat - Published: 2026-01-28 19:17 - Updated: 2026-01-29 15:24

Summary

Red Hat Security Advisory: kernel security update

Notes

Topic

An update for kernel is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Details

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: e1000e: fix heap overflow in e1000_set_eeprom (CVE-2025-39898) * kernel: media: rc: fix races with imon_disconnect() (CVE-2025-39993) * kernel: ipv6: Fix out-of-bounds access in ipv6_find_tlv() (CVE-2023-53705) * kernel: Linux kernel: vsock vulnerability may lead to memory corruption (CVE-2025-40248) * kernel: Linux kernel Bluetooth L2CAP: Kernel crash due to use-after-free via race condition (CVE-2023-53751) * kernel: drm/vmwgfx: Validate command header size against SVGA_CMD_MAX_DATASIZE (CVE-2025-40277) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update for kernel is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "The kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* kernel: e1000e: fix heap overflow in e1000_set_eeprom (CVE-2025-39898)\n\n* kernel: media: rc: fix races with imon_disconnect() (CVE-2025-39993)\n\n* kernel: ipv6: Fix out-of-bounds access in ipv6_find_tlv() (CVE-2023-53705)\n\n* kernel: Linux kernel: vsock vulnerability may lead to memory corruption (CVE-2025-40248)\n\n* kernel: Linux kernel Bluetooth L2CAP: Kernel crash due to use-after-free via race condition (CVE-2023-53751)\n\n* kernel: drm/vmwgfx: Validate command header size against SVGA_CMD_MAX_DATASIZE (CVE-2025-40277)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2026:1512",
        "url": "https://access.redhat.com/errata/RHSA-2026:1512"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "2400598",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2400598"
      },
      {
        "category": "external",
        "summary": "2404121",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2404121"
      },
      {
        "category": "external",
        "summary": "2405713",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2405713"
      },
      {
        "category": "external",
        "summary": "2418872",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418872"
      },
      {
        "category": "external",
        "summary": "2419858",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419858"
      },
      {
        "category": "external",
        "summary": "2419954",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419954"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_1512.json"
      }
    ],
    "title": "Red Hat Security Advisory: kernel security update",
    "tracking": {
      "current_release_date": "2026-01-29T15:24:22+00:00",
      "generator": {
        "date": "2026-01-29T15:24:22+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.6.16"
        }
      },
      "id": "RHSA-2026:1512",
      "initial_release_date": "2026-01-28T19:17:58+00:00",
      "revision_history": [
        {
          "date": "2026-01-28T19:17:58+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2026-01-28T19:17:58+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-01-29T15:24:22+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
                "product": {
                  "name": "Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
                  "product_id": "BaseOS-8.2.0.Z.AUS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:rhel_aus:8.2::baseos"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "bpftool-0:4.18.0-193.183.1.el8_2.x86_64",
                "product": {
                  "name": "bpftool-0:4.18.0-193.183.1.el8_2.x86_64",
                  "product_id": "bpftool-0:4.18.0-193.183.1.el8_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/bpftool@4.18.0-193.183.1.el8_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-0:4.18.0-193.183.1.el8_2.x86_64",
                "product": {
                  "name": "kernel-0:4.18.0-193.183.1.el8_2.x86_64",
                  "product_id": "kernel-0:4.18.0-193.183.1.el8_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel@4.18.0-193.183.1.el8_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-core-0:4.18.0-193.183.1.el8_2.x86_64",
                "product": {
                  "name": "kernel-core-0:4.18.0-193.183.1.el8_2.x86_64",
                  "product_id": "kernel-core-0:4.18.0-193.183.1.el8_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-core@4.18.0-193.183.1.el8_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-debug-0:4.18.0-193.183.1.el8_2.x86_64",
                "product": {
                  "name": "kernel-debug-0:4.18.0-193.183.1.el8_2.x86_64",
                  "product_id": "kernel-debug-0:4.18.0-193.183.1.el8_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-debug@4.18.0-193.183.1.el8_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-debug-core-0:4.18.0-193.183.1.el8_2.x86_64",
                "product": {
                  "name": "kernel-debug-core-0:4.18.0-193.183.1.el8_2.x86_64",
                  "product_id": "kernel-debug-core-0:4.18.0-193.183.1.el8_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-debug-core@4.18.0-193.183.1.el8_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-debug-devel-0:4.18.0-193.183.1.el8_2.x86_64",
                "product": {
                  "name": "kernel-debug-devel-0:4.18.0-193.183.1.el8_2.x86_64",
                  "product_id": "kernel-debug-devel-0:4.18.0-193.183.1.el8_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-debug-devel@4.18.0-193.183.1.el8_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-debug-modules-0:4.18.0-193.183.1.el8_2.x86_64",
                "product": {
                  "name": "kernel-debug-modules-0:4.18.0-193.183.1.el8_2.x86_64",
                  "product_id": "kernel-debug-modules-0:4.18.0-193.183.1.el8_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-debug-modules@4.18.0-193.183.1.el8_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-debug-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
                "product": {
                  "name": "kernel-debug-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
                  "product_id": "kernel-debug-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-debug-modules-extra@4.18.0-193.183.1.el8_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-devel-0:4.18.0-193.183.1.el8_2.x86_64",
                "product": {
                  "name": "kernel-devel-0:4.18.0-193.183.1.el8_2.x86_64",
                  "product_id": "kernel-devel-0:4.18.0-193.183.1.el8_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-devel@4.18.0-193.183.1.el8_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-modules-0:4.18.0-193.183.1.el8_2.x86_64",
                "product": {
                  "name": "kernel-modules-0:4.18.0-193.183.1.el8_2.x86_64",
                  "product_id": "kernel-modules-0:4.18.0-193.183.1.el8_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-modules@4.18.0-193.183.1.el8_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
                "product": {
                  "name": "kernel-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
                  "product_id": "kernel-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-modules-extra@4.18.0-193.183.1.el8_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-tools-0:4.18.0-193.183.1.el8_2.x86_64",
                "product": {
                  "name": "kernel-tools-0:4.18.0-193.183.1.el8_2.x86_64",
                  "product_id": "kernel-tools-0:4.18.0-193.183.1.el8_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-tools@4.18.0-193.183.1.el8_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-tools-libs-0:4.18.0-193.183.1.el8_2.x86_64",
                "product": {
                  "name": "kernel-tools-libs-0:4.18.0-193.183.1.el8_2.x86_64",
                  "product_id": "kernel-tools-libs-0:4.18.0-193.183.1.el8_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-tools-libs@4.18.0-193.183.1.el8_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "perf-0:4.18.0-193.183.1.el8_2.x86_64",
                "product": {
                  "name": "perf-0:4.18.0-193.183.1.el8_2.x86_64",
                  "product_id": "perf-0:4.18.0-193.183.1.el8_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/perf@4.18.0-193.183.1.el8_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "python3-perf-0:4.18.0-193.183.1.el8_2.x86_64",
                "product": {
                  "name": "python3-perf-0:4.18.0-193.183.1.el8_2.x86_64",
                  "product_id": "python3-perf-0:4.18.0-193.183.1.el8_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/python3-perf@4.18.0-193.183.1.el8_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "bpftool-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
                "product": {
                  "name": "bpftool-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
                  "product_id": "bpftool-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/bpftool-debuginfo@4.18.0-193.183.1.el8_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-debug-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
                "product": {
                  "name": "kernel-debug-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
                  "product_id": "kernel-debug-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-debug-debuginfo@4.18.0-193.183.1.el8_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
                "product": {
                  "name": "kernel-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
                  "product_id": "kernel-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-debuginfo@4.18.0-193.183.1.el8_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-debuginfo-common-x86_64-0:4.18.0-193.183.1.el8_2.x86_64",
                "product": {
                  "name": "kernel-debuginfo-common-x86_64-0:4.18.0-193.183.1.el8_2.x86_64",
                  "product_id": "kernel-debuginfo-common-x86_64-0:4.18.0-193.183.1.el8_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-debuginfo-common-x86_64@4.18.0-193.183.1.el8_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-tools-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
                "product": {
                  "name": "kernel-tools-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
                  "product_id": "kernel-tools-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-tools-debuginfo@4.18.0-193.183.1.el8_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
                "product": {
                  "name": "perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
                  "product_id": "perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/perf-debuginfo@4.18.0-193.183.1.el8_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "python3-perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
                "product": {
                  "name": "python3-perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
                  "product_id": "python3-perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/python3-perf-debuginfo@4.18.0-193.183.1.el8_2?arch=x86_64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-0:4.18.0-193.183.1.el8_2.src",
                "product": {
                  "name": "kernel-0:4.18.0-193.183.1.el8_2.src",
                  "product_id": "kernel-0:4.18.0-193.183.1.el8_2.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel@4.18.0-193.183.1.el8_2?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-abi-whitelists-0:4.18.0-193.183.1.el8_2.noarch",
                "product": {
                  "name": "kernel-abi-whitelists-0:4.18.0-193.183.1.el8_2.noarch",
                  "product_id": "kernel-abi-whitelists-0:4.18.0-193.183.1.el8_2.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-abi-whitelists@4.18.0-193.183.1.el8_2?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-doc-0:4.18.0-193.183.1.el8_2.noarch",
                "product": {
                  "name": "kernel-doc-0:4.18.0-193.183.1.el8_2.noarch",
                  "product_id": "kernel-doc-0:4.18.0-193.183.1.el8_2.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-doc@4.18.0-193.183.1.el8_2?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "bpftool-0:4.18.0-193.183.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
          "product_id": "BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.183.1.el8_2.x86_64"
        },
        "product_reference": "bpftool-0:4.18.0-193.183.1.el8_2.x86_64",
        "relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "bpftool-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
          "product_id": "BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64"
        },
        "product_reference": "bpftool-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
        "relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-0:4.18.0-193.183.1.el8_2.src as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
          "product_id": "BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.src"
        },
        "product_reference": "kernel-0:4.18.0-193.183.1.el8_2.src",
        "relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-0:4.18.0-193.183.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
          "product_id": "BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.x86_64"
        },
        "product_reference": "kernel-0:4.18.0-193.183.1.el8_2.x86_64",
        "relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-abi-whitelists-0:4.18.0-193.183.1.el8_2.noarch as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
          "product_id": "BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.183.1.el8_2.noarch"
        },
        "product_reference": "kernel-abi-whitelists-0:4.18.0-193.183.1.el8_2.noarch",
        "relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-core-0:4.18.0-193.183.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
          "product_id": "BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.183.1.el8_2.x86_64"
        },
        "product_reference": "kernel-core-0:4.18.0-193.183.1.el8_2.x86_64",
        "relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-debug-0:4.18.0-193.183.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
          "product_id": "BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.183.1.el8_2.x86_64"
        },
        "product_reference": "kernel-debug-0:4.18.0-193.183.1.el8_2.x86_64",
        "relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-debug-core-0:4.18.0-193.183.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
          "product_id": "BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.183.1.el8_2.x86_64"
        },
        "product_reference": "kernel-debug-core-0:4.18.0-193.183.1.el8_2.x86_64",
        "relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-debug-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
          "product_id": "BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64"
        },
        "product_reference": "kernel-debug-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
        "relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-debug-devel-0:4.18.0-193.183.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
          "product_id": "BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.183.1.el8_2.x86_64"
        },
        "product_reference": "kernel-debug-devel-0:4.18.0-193.183.1.el8_2.x86_64",
        "relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-debug-modules-0:4.18.0-193.183.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
          "product_id": "BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.183.1.el8_2.x86_64"
        },
        "product_reference": "kernel-debug-modules-0:4.18.0-193.183.1.el8_2.x86_64",
        "relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-debug-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
          "product_id": "BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64"
        },
        "product_reference": "kernel-debug-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
        "relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
          "product_id": "BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64"
        },
        "product_reference": "kernel-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
        "relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-debuginfo-common-x86_64-0:4.18.0-193.183.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
          "product_id": "BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.183.1.el8_2.x86_64"
        },
        "product_reference": "kernel-debuginfo-common-x86_64-0:4.18.0-193.183.1.el8_2.x86_64",
        "relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-devel-0:4.18.0-193.183.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
          "product_id": "BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.183.1.el8_2.x86_64"
        },
        "product_reference": "kernel-devel-0:4.18.0-193.183.1.el8_2.x86_64",
        "relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-doc-0:4.18.0-193.183.1.el8_2.noarch as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
          "product_id": "BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.183.1.el8_2.noarch"
        },
        "product_reference": "kernel-doc-0:4.18.0-193.183.1.el8_2.noarch",
        "relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-modules-0:4.18.0-193.183.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
          "product_id": "BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.183.1.el8_2.x86_64"
        },
        "product_reference": "kernel-modules-0:4.18.0-193.183.1.el8_2.x86_64",
        "relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
          "product_id": "BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64"
        },
        "product_reference": "kernel-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
        "relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-tools-0:4.18.0-193.183.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
          "product_id": "BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.183.1.el8_2.x86_64"
        },
        "product_reference": "kernel-tools-0:4.18.0-193.183.1.el8_2.x86_64",
        "relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-tools-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
          "product_id": "BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64"
        },
        "product_reference": "kernel-tools-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
        "relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-tools-libs-0:4.18.0-193.183.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
          "product_id": "BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.183.1.el8_2.x86_64"
        },
        "product_reference": "kernel-tools-libs-0:4.18.0-193.183.1.el8_2.x86_64",
        "relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "perf-0:4.18.0-193.183.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
          "product_id": "BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.183.1.el8_2.x86_64"
        },
        "product_reference": "perf-0:4.18.0-193.183.1.el8_2.x86_64",
        "relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
          "product_id": "BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64"
        },
        "product_reference": "perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
        "relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python3-perf-0:4.18.0-193.183.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
          "product_id": "BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.183.1.el8_2.x86_64"
        },
        "product_reference": "python3-perf-0:4.18.0-193.183.1.el8_2.x86_64",
        "relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python3-perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
          "product_id": "BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64"
        },
        "product_reference": "python3-perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
        "relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-53705",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "discovery_date": "2025-10-22T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2405713"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: Fix out-of-bounds access in ipv6_find_tlv()\n\noptlen is fetched without checking whether there is more than one byte to parse.\nIt can lead to out-of-bounds access.\n\nFound by InfoTeCS on behalf of Linux Verification Center\n(linuxtesting.org) with SVACE.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: ipv6: Fix out-of-bounds access in ipv6_find_tlv()",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The function ipv6_find_tlv() parsed IPv6 extension headers without checking that at least two bytes were available before reading the option length field.\nAn attacker could send a malformed IPv6 packet with a truncated extension header, causing an out-of-bounds read and potential kernel crash or memory fault while parsing.\nThe fix adds a length check (if (len \u003c 2) goto bad;) before accessing the second byte, preventing buffer overrun.\nThis issue is remotely triggerable via network traffic and can lead to kernel panic (DoS) or, in rare cases, information leakage through speculative execution paths.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.src",
          "BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.183.1.el8_2.noarch",
          "BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.183.1.el8_2.noarch",
          "BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-53705"
        },
        {
          "category": "external",
          "summary": "RHBZ#2405713",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2405713"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-53705",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-53705"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-53705",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53705"
        },
        {
          "category": "external",
          "summary": "https://lore.kernel.org/linux-cve-announce/2025102212-CVE-2023-53705-38d9@gregkh/T",
          "url": "https://lore.kernel.org/linux-cve-announce/2025102212-CVE-2023-53705-38d9@gregkh/T"
        }
      ],
      "release_date": "2025-10-22T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-01-28T19:17:58+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
          "product_ids": [
            "BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.src",
            "BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.183.1.el8_2.noarch",
            "BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.183.1.el8_2.noarch",
            "BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64"
          ],
          "restart_required": {
            "category": "machine"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:1512"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.src",
            "BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.183.1.el8_2.noarch",
            "BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.183.1.el8_2.noarch",
            "BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.src",
            "BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.183.1.el8_2.noarch",
            "BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.183.1.el8_2.noarch",
            "BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "kernel: ipv6: Fix out-of-bounds access in ipv6_find_tlv()"
    },
    {
      "cve": "CVE-2023-53751",
      "cwe": {
        "id": "CWE-825",
        "name": "Expired Pointer Dereference"
      },
      "discovery_date": "2025-12-08T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2419858"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: fix potential use-after-free bugs in TCP_Server_Info::hostname\n\nTCP_Server_Info::hostname may be updated once or many times during\nreconnect, so protect its access outside reconnect path as well and\nthen prevent any potential use-after-free bugs.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: Linux kernel Bluetooth L2CAP: Kernel crash due to use-after-free via race condition",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "A use-after-free vulnerability was found in the Linux kernel Bluetooth L2CAP subsystem. Due to a race condition during L2CAP channel disconnect handling, a channel structure may be accessed after being freed. An adjacent attacker within Bluetooth range can trigger this issue without authentication, potentially causing a kernel crash, while reliable code execution would require precise timing and complex heap manipulation.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.src",
          "BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.183.1.el8_2.noarch",
          "BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.183.1.el8_2.noarch",
          "BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-53751"
        },
        {
          "category": "external",
          "summary": "RHBZ#2419858",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419858"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-53751",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-53751"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-53751",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53751"
        },
        {
          "category": "external",
          "summary": "https://lore.kernel.org/linux-cve-announce/2025120842-CVE-2023-53751-2ff2@gregkh/T",
          "url": "https://lore.kernel.org/linux-cve-announce/2025120842-CVE-2023-53751-2ff2@gregkh/T"
        }
      ],
      "release_date": "2025-12-08T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-01-28T19:17:58+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
          "product_ids": [
            "BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.src",
            "BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.183.1.el8_2.noarch",
            "BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.183.1.el8_2.noarch",
            "BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64"
          ],
          "restart_required": {
            "category": "machine"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:1512"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.src",
            "BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.183.1.el8_2.noarch",
            "BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.183.1.el8_2.noarch",
            "BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "kernel: Linux kernel Bluetooth L2CAP: Kernel crash due to use-after-free via race condition"
    },
    {
      "cve": "CVE-2025-39898",
      "cwe": {
        "id": "CWE-122",
        "name": "Heap-based Buffer Overflow"
      },
      "discovery_date": "2025-10-01T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2400598"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "No description is available for this CVE.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: e1000e: fix heap overflow in e1000_set_eeprom",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This CVE has been marked as Rejected by the assigning CNA.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.src",
          "BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.183.1.el8_2.noarch",
          "BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.183.1.el8_2.noarch",
          "BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-39898"
        },
        {
          "category": "external",
          "summary": "RHBZ#2400598",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2400598"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-39898",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-39898"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-39898",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-39898"
        },
        {
          "category": "external",
          "summary": "https://lore.kernel.org/linux-cve-announce/2025100116-CVE-2025-39898-d844@gregkh/T",
          "url": "https://lore.kernel.org/linux-cve-announce/2025100116-CVE-2025-39898-d844@gregkh/T"
        }
      ],
      "release_date": "2025-10-01T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-01-28T19:17:58+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
          "product_ids": [
            "BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.src",
            "BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.183.1.el8_2.noarch",
            "BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.183.1.el8_2.noarch",
            "BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64"
          ],
          "restart_required": {
            "category": "machine"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:1512"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.src",
            "BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.183.1.el8_2.noarch",
            "BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.183.1.el8_2.noarch",
            "BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 0.0,
            "baseSeverity": "NONE",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.src",
            "BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.183.1.el8_2.noarch",
            "BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.183.1.el8_2.noarch",
            "BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "kernel: e1000e: fix heap overflow in e1000_set_eeprom"
    },
    {
      "cve": "CVE-2025-39993",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "discovery_date": "2025-10-15T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2404121"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: rc: fix races with imon_disconnect()\n\nSyzbot reports a KASAN issue as below:\nBUG: KASAN: use-after-free in __create_pipe include/linux/usb.h:1945 [inline]\nBUG: KASAN: use-after-free in send_packet+0xa2d/0xbc0 drivers/media/rc/imon.c:627\nRead of size 4 at addr ffff8880256fb000 by task syz-executor314/4465\n\nCPU: 2 PID: 4465 Comm: syz-executor314 Not tainted 6.0.0-rc1-syzkaller #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n__dump_stack lib/dump_stack.c:88 [inline]\ndump_stack_lvl+0xcd/0x134 lib/dump_stack.c:106\nprint_address_description mm/kasan/report.c:317 [inline]\nprint_report.cold+0x2ba/0x6e9 mm/kasan/report.c:433\nkasan_report+0xb1/0x1e0 mm/kasan/report.c:495\n__create_pipe include/linux/usb.h:1945 [inline]\nsend_packet+0xa2d/0xbc0 drivers/media/rc/imon.c:627\nvfd_write+0x2d9/0x550 drivers/media/rc/imon.c:991\nvfs_write+0x2d7/0xdd0 fs/read_write.c:576\nksys_write+0x127/0x250 fs/read_write.c:631\ndo_syscall_x64 arch/x86/entry/common.c:50 [inline]\ndo_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80\nentry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nThe iMON driver improperly releases the usb_device reference in\nimon_disconnect without coordinating with active users of the\ndevice.\n\nSpecifically, the fields usbdev_intf0 and usbdev_intf1 are not\nprotected by the users counter (ictx-\u003eusers). During probe,\nimon_init_intf0 or imon_init_intf1 increments the usb_device\nreference count depending on the interface. However, during\ndisconnect, usb_put_dev is called unconditionally, regardless of\nactual usage.\n\nAs a result, if vfd_write or other operations are still in\nprogress after disconnect, this can lead to a use-after-free of\nthe usb_device pointer.\n\nThread 1 vfd_write                      Thread 2 imon_disconnect\n                                        ...\n                                        if\n                                          usb_put_dev(ictx-\u003eusbdev_intf0)\n                                        else\n                                          usb_put_dev(ictx-\u003eusbdev_intf1)\n...\nwhile\n  send_packet\n    if\n      pipe = usb_sndintpipe(\n        ictx-\u003eusbdev_intf0) UAF\n    else\n      pipe = usb_sndctrlpipe(\n        ictx-\u003eusbdev_intf0, 0) UAF\n\nGuard access to usbdev_intf0 and usbdev_intf1 after disconnect by\nchecking ictx-\u003edisconnected in all writer paths. Add early return\nwith -ENODEV in send_packet(), vfd_write(), lcd_write() and\ndisplay_open() if the device is no longer present.\n\nSet and read ictx-\u003edisconnected under ictx-\u003elock to ensure memory\nsynchronization. Acquire the lock in imon_disconnect() before setting\nthe flag to synchronize with any ongoing operations.\n\nEnsure writers exit early and safely after disconnect before the USB\ncore proceeds with cleanup.\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: media: rc: fix races with imon_disconnect()",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.src",
          "BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.183.1.el8_2.noarch",
          "BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.183.1.el8_2.noarch",
          "BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-39993"
        },
        {
          "category": "external",
          "summary": "RHBZ#2404121",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2404121"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-39993",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-39993"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-39993",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-39993"
        },
        {
          "category": "external",
          "summary": "https://lore.kernel.org/linux-cve-announce/2025101527-CVE-2025-39993-caef@gregkh/T",
          "url": "https://lore.kernel.org/linux-cve-announce/2025101527-CVE-2025-39993-caef@gregkh/T"
        }
      ],
      "release_date": "2025-10-15T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-01-28T19:17:58+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
          "product_ids": [
            "BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.src",
            "BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.183.1.el8_2.noarch",
            "BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.183.1.el8_2.noarch",
            "BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64"
          ],
          "restart_required": {
            "category": "machine"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:1512"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.src",
            "BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.183.1.el8_2.noarch",
            "BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.183.1.el8_2.noarch",
            "BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.src",
            "BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.183.1.el8_2.noarch",
            "BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.183.1.el8_2.noarch",
            "BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "kernel: media: rc: fix races with imon_disconnect()"
    },
    {
      "cve": "CVE-2025-40248",
      "cwe": {
        "id": "CWE-364",
        "name": "Signal Handler Race Condition"
      },
      "discovery_date": "2025-12-04T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2418872"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the Linux kernel\u0027s `vsock` component. This vulnerability occurs when a `connect()` operation on an already established socket is interrupted by a signal or timeout, causing the system to mishandle the socket\u0027s state. This incorrect handling can lead to a race condition, potentially resulting in memory corruption, such as a use-after-free or null-pointer dereference. A local attacker could exploit this to cause a denial of service or potentially escalate privileges.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: Linux kernel: vsock vulnerability may lead to memory corruption",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability is rated Important for Red Hat Enterprise Linux 7, 8, 9, and 10. A flaw in the Linux kernel\u0027s `vsock` component allows a local attacker to cause memory corruption, potentially leading to a denial of service or privilege escalation. This occurs when a `connect()` operation on an established socket is interrupted by a signal or timeout, leading to an incorrect handling of the socket\u0027s state.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.src",
          "BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.183.1.el8_2.noarch",
          "BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.183.1.el8_2.noarch",
          "BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-40248"
        },
        {
          "category": "external",
          "summary": "RHBZ#2418872",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418872"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-40248",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-40248"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-40248",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-40248"
        },
        {
          "category": "external",
          "summary": "https://lore.kernel.org/linux-cve-announce/2025120430-CVE-2025-40248-506e@gregkh/T",
          "url": "https://lore.kernel.org/linux-cve-announce/2025120430-CVE-2025-40248-506e@gregkh/T"
        }
      ],
      "release_date": "2025-12-04T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-01-28T19:17:58+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
          "product_ids": [
            "BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.src",
            "BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.183.1.el8_2.noarch",
            "BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.183.1.el8_2.noarch",
            "BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64"
          ],
          "restart_required": {
            "category": "machine"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:1512"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.src",
            "BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.183.1.el8_2.noarch",
            "BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.183.1.el8_2.noarch",
            "BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "kernel: Linux kernel: vsock vulnerability may lead to memory corruption"
    },
    {
      "cve": "CVE-2025-40277",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "discovery_date": "2025-12-06T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2419954"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vmwgfx: Validate command header size against SVGA_CMD_MAX_DATASIZE\n\nThis data originates from userspace and is used in buffer offset\ncalculations which could potentially overflow causing an out-of-bounds\naccess.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: drm/vmwgfx: Validate command header size against SVGA_CMD_MAX_DATASIZE",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "A local attacker with access to the vmwgfx device could trigger an integer overflow when sending crafted SVGA3D command buffers with a malformed header size. The unchecked header-\u003esize field is used in buffer offset arithmetic, leading to potential out-of-bounds memory access in the kernel. The patch enforces a maximum bound (SVGA_CMD_MAX_DATASIZE) to prevent overflows. This issue may allow denial of service or privilege escalation within the guest VM.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.src",
          "BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.183.1.el8_2.noarch",
          "BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.183.1.el8_2.noarch",
          "BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.183.1.el8_2.x86_64",
          "BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-40277"
        },
        {
          "category": "external",
          "summary": "RHBZ#2419954",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419954"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-40277",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-40277"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-40277",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-40277"
        },
        {
          "category": "external",
          "summary": "https://lore.kernel.org/linux-cve-announce/2025120717-CVE-2025-40277-d511@gregkh/T",
          "url": "https://lore.kernel.org/linux-cve-announce/2025120717-CVE-2025-40277-d511@gregkh/T"
        }
      ],
      "release_date": "2025-12-06T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-01-28T19:17:58+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
          "product_ids": [
            "BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.src",
            "BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.183.1.el8_2.noarch",
            "BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.183.1.el8_2.noarch",
            "BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64"
          ],
          "restart_required": {
            "category": "machine"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:1512"
        },
        {
          "category": "workaround",
          "details": "To mitigate this issue, prevent module vmwgfx from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.",
          "product_ids": [
            "BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.src",
            "BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.183.1.el8_2.noarch",
            "BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.183.1.el8_2.noarch",
            "BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.src",
            "BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.183.1.el8_2.noarch",
            "BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.183.1.el8_2.noarch",
            "BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.183.1.el8_2.x86_64",
            "BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.183.1.el8_2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "kernel: drm/vmwgfx: Validate command header size against SVGA_CMD_MAX_DATASIZE"
    }
  ]
}

CVE-2025-39898 (GCVE-0-2025-39898)

Vulnerability from cvelistv5 – Published: 2025-10-01 07:42 – Updated: 2025-10-24 11:41

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "cna": {
      "providerMetadata": {
        "dateUpdated": "2025-10-24T11:41:53.958Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "rejectedReasons": [
        {
          "lang": "en",
          "value": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2025-39898",
    "datePublished": "2025-10-01T07:42:46.360Z",
    "dateRejected": "2025-10-24T11:41:53.958Z",
    "dateReserved": "2025-04-16T07:20:57.146Z",
    "dateUpdated": "2025-10-24T11:41:53.958Z",
    "state": "REJECTED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-39993 (GCVE-0-2025-39993)

Vulnerability from cvelistv5 – Published: 2025-10-15 07:58 – Updated: 2025-12-01 06:16

Title

media: rc: fix races with imon_disconnect()

Summary

In the Linux kernel, the following vulnerability has been resolved: media: rc: fix races with imon_disconnect() Syzbot reports a KASAN issue as below: BUG: KASAN: use-after-free in __create_pipe include/linux/usb.h:1945 [inline] BUG: KASAN: use-after-free in send_packet+0xa2d/0xbc0 drivers/media/rc/imon.c:627 Read of size 4 at addr ffff8880256fb000 by task syz-executor314/4465 CPU: 2 PID: 4465 Comm: syz-executor314 Not tainted 6.0.0-rc1-syzkaller #0 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014 Call Trace: <TASK> __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0xcd/0x134 lib/dump_stack.c:106 print_address_description mm/kasan/report.c:317 [inline] print_report.cold+0x2ba/0x6e9 mm/kasan/report.c:433 kasan_report+0xb1/0x1e0 mm/kasan/report.c:495 __create_pipe include/linux/usb.h:1945 [inline] send_packet+0xa2d/0xbc0 drivers/media/rc/imon.c:627 vfd_write+0x2d9/0x550 drivers/media/rc/imon.c:991 vfs_write+0x2d7/0xdd0 fs/read_write.c:576 ksys_write+0x127/0x250 fs/read_write.c:631 do_syscall_x64 arch/x86/entry/common.c:50 [inline] do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80 entry_SYSCALL_64_after_hwframe+0x63/0xcd The iMON driver improperly releases the usb_device reference in imon_disconnect without coordinating with active users of the device. Specifically, the fields usbdev_intf0 and usbdev_intf1 are not protected by the users counter (ictx->users). During probe, imon_init_intf0 or imon_init_intf1 increments the usb_device reference count depending on the interface. However, during disconnect, usb_put_dev is called unconditionally, regardless of actual usage. As a result, if vfd_write or other operations are still in progress after disconnect, this can lead to a use-after-free of the usb_device pointer. Thread 1 vfd_write Thread 2 imon_disconnect ... if usb_put_dev(ictx->usbdev_intf0) else usb_put_dev(ictx->usbdev_intf1) ... while send_packet if pipe = usb_sndintpipe( ictx->usbdev_intf0) UAF else pipe = usb_sndctrlpipe( ictx->usbdev_intf0, 0) UAF Guard access to usbdev_intf0 and usbdev_intf1 after disconnect by checking ictx->disconnected in all writer paths. Add early return with -ENODEV in send_packet(), vfd_write(), lcd_write() and display_open() if the device is no longer present. Set and read ictx->disconnected under ictx->lock to ensure memory synchronization. Acquire the lock in imon_disconnect() before setting the flag to synchronize with any ongoing operations. Ensure writers exit early and safely after disconnect before the USB core proceeds with cleanup. Found by Linux Verification Center (linuxtesting.org) with Syzkaller.

Severity ?

No CVSS data available.

Assigner

Linux

References

URL

Tags

	https://git.kernel.org/stable/c/9348976003e39754a…
	https://git.kernel.org/stable/c/b03fac6e2a38331fa…
	https://git.kernel.org/stable/c/71c52b073922d05e7…
	https://git.kernel.org/stable/c/71096a6161a25e84a…
	https://git.kernel.org/stable/c/71da40648741d15b3…
	https://git.kernel.org/stable/c/fd5d3e6b149ec8cce…
	https://git.kernel.org/stable/c/d9f6ce99624a41c3b…
	https://git.kernel.org/stable/c/2e7fd93b9cc565b83…
	https://git.kernel.org/stable/c/fa0f61cc1d828178a…

Impacted products

Vendor

Product

Version

Linux

Affected: 21677cfc562a27e099719d413287bc8d1d24deb7 , < 9348976003e39754af344949579e824a0a210fc4 (git)
Affected: 21677cfc562a27e099719d413287bc8d1d24deb7 , < b03fac6e2a38331faf8510b480becfa90cea1c9f (git)
Affected: 21677cfc562a27e099719d413287bc8d1d24deb7 , < 71c52b073922d05e79e6de7fc7f5f38f927929a4 (git)
Affected: 21677cfc562a27e099719d413287bc8d1d24deb7 , < 71096a6161a25e84acddb89a9d77f138502d26ab (git)
Affected: 21677cfc562a27e099719d413287bc8d1d24deb7 , < 71da40648741d15b302700b68973fe8b382aef3c (git)
Affected: 21677cfc562a27e099719d413287bc8d1d24deb7 , < fd5d3e6b149ec8cce045d86a2b5e3664d6b32ba5 (git)
Affected: 21677cfc562a27e099719d413287bc8d1d24deb7 , < d9f6ce99624a41c3bcb29a8d7d79b800665229dd (git)
Affected: 21677cfc562a27e099719d413287bc8d1d24deb7 , < 2e7fd93b9cc565b839bc55a6662475718963e156 (git)
Affected: 21677cfc562a27e099719d413287bc8d1d24deb7 , < fa0f61cc1d828178aa921475a9b786e7fbb65ccb (git)

Linux

Affected: 2.6.35
Unaffected: 0 , < 2.6.35 (semver)
Unaffected: 5.4.301 , ≤ 5.4.* (semver)
Unaffected: 5.10.246 , ≤ 5.10.* (semver)
Unaffected: 5.15.195 , ≤ 5.15.* (semver)
Unaffected: 6.1.156 , ≤ 6.1.* (semver)
Unaffected: 6.6.110 , ≤ 6.6.* (semver)
Unaffected: 6.12.51 , ≤ 6.12.* (semver)
Unaffected: 6.16.11 , ≤ 6.16.* (semver)
Unaffected: 6.17.1 , ≤ 6.17.* (semver)
Unaffected: 6.18 , ≤ * (original_commit_for_fix)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/media/rc/imon.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "9348976003e39754af344949579e824a0a210fc4",
              "status": "affected",
              "version": "21677cfc562a27e099719d413287bc8d1d24deb7",
              "versionType": "git"
            },
            {
              "lessThan": "b03fac6e2a38331faf8510b480becfa90cea1c9f",
              "status": "affected",
              "version": "21677cfc562a27e099719d413287bc8d1d24deb7",
              "versionType": "git"
            },
            {
              "lessThan": "71c52b073922d05e79e6de7fc7f5f38f927929a4",
              "status": "affected",
              "version": "21677cfc562a27e099719d413287bc8d1d24deb7",
              "versionType": "git"
            },
            {
              "lessThan": "71096a6161a25e84acddb89a9d77f138502d26ab",
              "status": "affected",
              "version": "21677cfc562a27e099719d413287bc8d1d24deb7",
              "versionType": "git"
            },
            {
              "lessThan": "71da40648741d15b302700b68973fe8b382aef3c",
              "status": "affected",
              "version": "21677cfc562a27e099719d413287bc8d1d24deb7",
              "versionType": "git"
            },
            {
              "lessThan": "fd5d3e6b149ec8cce045d86a2b5e3664d6b32ba5",
              "status": "affected",
              "version": "21677cfc562a27e099719d413287bc8d1d24deb7",
              "versionType": "git"
            },
            {
              "lessThan": "d9f6ce99624a41c3bcb29a8d7d79b800665229dd",
              "status": "affected",
              "version": "21677cfc562a27e099719d413287bc8d1d24deb7",
              "versionType": "git"
            },
            {
              "lessThan": "2e7fd93b9cc565b839bc55a6662475718963e156",
              "status": "affected",
              "version": "21677cfc562a27e099719d413287bc8d1d24deb7",
              "versionType": "git"
            },
            {
              "lessThan": "fa0f61cc1d828178aa921475a9b786e7fbb65ccb",
              "status": "affected",
              "version": "21677cfc562a27e099719d413287bc8d1d24deb7",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/media/rc/imon.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "2.6.35"
            },
            {
              "lessThan": "2.6.35",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.301",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.246",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.195",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.156",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.110",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.12.*",
              "status": "unaffected",
              "version": "6.12.51",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.16.*",
              "status": "unaffected",
              "version": "6.16.11",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.17.*",
              "status": "unaffected",
              "version": "6.17.1",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.18",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.4.301",
                  "versionStartIncluding": "2.6.35",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.246",
                  "versionStartIncluding": "2.6.35",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.195",
                  "versionStartIncluding": "2.6.35",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.156",
                  "versionStartIncluding": "2.6.35",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6.110",
                  "versionStartIncluding": "2.6.35",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.12.51",
                  "versionStartIncluding": "2.6.35",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.16.11",
                  "versionStartIncluding": "2.6.35",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.17.1",
                  "versionStartIncluding": "2.6.35",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.18",
                  "versionStartIncluding": "2.6.35",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: rc: fix races with imon_disconnect()\n\nSyzbot reports a KASAN issue as below:\nBUG: KASAN: use-after-free in __create_pipe include/linux/usb.h:1945 [inline]\nBUG: KASAN: use-after-free in send_packet+0xa2d/0xbc0 drivers/media/rc/imon.c:627\nRead of size 4 at addr ffff8880256fb000 by task syz-executor314/4465\n\nCPU: 2 PID: 4465 Comm: syz-executor314 Not tainted 6.0.0-rc1-syzkaller #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n__dump_stack lib/dump_stack.c:88 [inline]\ndump_stack_lvl+0xcd/0x134 lib/dump_stack.c:106\nprint_address_description mm/kasan/report.c:317 [inline]\nprint_report.cold+0x2ba/0x6e9 mm/kasan/report.c:433\nkasan_report+0xb1/0x1e0 mm/kasan/report.c:495\n__create_pipe include/linux/usb.h:1945 [inline]\nsend_packet+0xa2d/0xbc0 drivers/media/rc/imon.c:627\nvfd_write+0x2d9/0x550 drivers/media/rc/imon.c:991\nvfs_write+0x2d7/0xdd0 fs/read_write.c:576\nksys_write+0x127/0x250 fs/read_write.c:631\ndo_syscall_x64 arch/x86/entry/common.c:50 [inline]\ndo_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80\nentry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nThe iMON driver improperly releases the usb_device reference in\nimon_disconnect without coordinating with active users of the\ndevice.\n\nSpecifically, the fields usbdev_intf0 and usbdev_intf1 are not\nprotected by the users counter (ictx-\u003eusers). During probe,\nimon_init_intf0 or imon_init_intf1 increments the usb_device\nreference count depending on the interface. However, during\ndisconnect, usb_put_dev is called unconditionally, regardless of\nactual usage.\n\nAs a result, if vfd_write or other operations are still in\nprogress after disconnect, this can lead to a use-after-free of\nthe usb_device pointer.\n\nThread 1 vfd_write                      Thread 2 imon_disconnect\n                                        ...\n                                        if\n                                          usb_put_dev(ictx-\u003eusbdev_intf0)\n                                        else\n                                          usb_put_dev(ictx-\u003eusbdev_intf1)\n...\nwhile\n  send_packet\n    if\n      pipe = usb_sndintpipe(\n        ictx-\u003eusbdev_intf0) UAF\n    else\n      pipe = usb_sndctrlpipe(\n        ictx-\u003eusbdev_intf0, 0) UAF\n\nGuard access to usbdev_intf0 and usbdev_intf1 after disconnect by\nchecking ictx-\u003edisconnected in all writer paths. Add early return\nwith -ENODEV in send_packet(), vfd_write(), lcd_write() and\ndisplay_open() if the device is no longer present.\n\nSet and read ictx-\u003edisconnected under ictx-\u003elock to ensure memory\nsynchronization. Acquire the lock in imon_disconnect() before setting\nthe flag to synchronize with any ongoing operations.\n\nEnsure writers exit early and safely after disconnect before the USB\ncore proceeds with cleanup.\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-01T06:16:03.732Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/9348976003e39754af344949579e824a0a210fc4"
        },
        {
          "url": "https://git.kernel.org/stable/c/b03fac6e2a38331faf8510b480becfa90cea1c9f"
        },
        {
          "url": "https://git.kernel.org/stable/c/71c52b073922d05e79e6de7fc7f5f38f927929a4"
        },
        {
          "url": "https://git.kernel.org/stable/c/71096a6161a25e84acddb89a9d77f138502d26ab"
        },
        {
          "url": "https://git.kernel.org/stable/c/71da40648741d15b302700b68973fe8b382aef3c"
        },
        {
          "url": "https://git.kernel.org/stable/c/fd5d3e6b149ec8cce045d86a2b5e3664d6b32ba5"
        },
        {
          "url": "https://git.kernel.org/stable/c/d9f6ce99624a41c3bcb29a8d7d79b800665229dd"
        },
        {
          "url": "https://git.kernel.org/stable/c/2e7fd93b9cc565b839bc55a6662475718963e156"
        },
        {
          "url": "https://git.kernel.org/stable/c/fa0f61cc1d828178aa921475a9b786e7fbb65ccb"
        }
      ],
      "title": "media: rc: fix races with imon_disconnect()",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2025-39993",
    "datePublished": "2025-10-15T07:58:18.621Z",
    "dateReserved": "2025-04-16T07:20:57.150Z",
    "dateUpdated": "2025-12-01T06:16:03.732Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-40248 (GCVE-0-2025-40248)

Vulnerability from cvelistv5 – Published: 2025-12-04 16:08 – Updated: 2025-12-06 21:38

Title

vsock: Ignore signal/timeout on connect() if already established

Summary

In the Linux kernel, the following vulnerability has been resolved: vsock: Ignore signal/timeout on connect() if already established During connect(), acting on a signal/timeout by disconnecting an already established socket leads to several issues: 1. connect() invoking vsock_transport_cancel_pkt() -> virtio_transport_purge_skbs() may race with sendmsg() invoking virtio_transport_get_credit(). This results in a permanently elevated `vvs->bytes_unsent`. Which, in turn, confuses the SOCK_LINGER handling. 2. connect() resetting a connected socket's state may race with socket being placed in a sockmap. A disconnected socket remaining in a sockmap breaks sockmap's assumptions. And gives rise to WARNs. 3. connect() transitioning SS_CONNECTED -> SS_UNCONNECTED allows for a transport change/drop after TCP_ESTABLISHED. Which poses a problem for any simultaneous sendmsg() or connect() and may result in a use-after-free/null-ptr-deref. Do not disconnect socket on signal/timeout. Keep the logic for unconnected sockets: they don't linger, can't be placed in a sockmap, are rejected by sendmsg(). [1]: https://lore.kernel.org/netdev/e07fd95c-9a38-4eea-9638-133e38c2ec9b@rbox.co/ [2]: https://lore.kernel.org/netdev/20250317-vsock-trans-signal-race-v4-0-fc8837f3f1d4@rbox.co/ [3]: https://lore.kernel.org/netdev/60f1b7db-3099-4f6a-875e-af9f6ef194f6@rbox.co/

Severity ?

No CVSS data available.

Assigner

Linux

References

URL

Tags

	https://git.kernel.org/stable/c/3f71753935d648082…
	https://git.kernel.org/stable/c/da664101fb4a0de5c…
	https://git.kernel.org/stable/c/67432915145848658…
	https://git.kernel.org/stable/c/eeca93f06df89be5a…
	https://git.kernel.org/stable/c/5998da5a8208ae9ad…
	https://git.kernel.org/stable/c/f1c170cae285e4b8f…
	https://git.kernel.org/stable/c/ab6b19f690d89ae47…
	https://git.kernel.org/stable/c/002541ef650b742a1…

Impacted products

Vendor

Product

Version

Linux

Affected: d021c344051af91f42c5ba9fdedc176740cbd238 , < 3f71753935d648082a8279a97d30efe6b85be680 (git)
Affected: d021c344051af91f42c5ba9fdedc176740cbd238 , < da664101fb4a0de5cb70d2bae6a650df954df2af (git)
Affected: d021c344051af91f42c5ba9fdedc176740cbd238 , < 67432915145848658149683101104e32f9fd6559 (git)
Affected: d021c344051af91f42c5ba9fdedc176740cbd238 , < eeca93f06df89be5a36305b7b9dae1ed65550dfc (git)
Affected: d021c344051af91f42c5ba9fdedc176740cbd238 , < 5998da5a8208ae9ad7838ba322bccb2bdcd95e81 (git)
Affected: d021c344051af91f42c5ba9fdedc176740cbd238 , < f1c170cae285e4b8f61be043bb17addc3d0a14b5 (git)
Affected: d021c344051af91f42c5ba9fdedc176740cbd238 , < ab6b19f690d89ae4709fba73a3c4a7911f495b7a (git)
Affected: d021c344051af91f42c5ba9fdedc176740cbd238 , < 002541ef650b742a198e4be363881439bb9d86b4 (git)

Linux

Affected: 3.9
Unaffected: 0 , < 3.9 (semver)
Unaffected: 5.4.302 , ≤ 5.4.* (semver)
Unaffected: 5.10.247 , ≤ 5.10.* (semver)
Unaffected: 5.15.197 , ≤ 5.15.* (semver)
Unaffected: 6.1.159 , ≤ 6.1.* (semver)
Unaffected: 6.6.118 , ≤ 6.6.* (semver)
Unaffected: 6.12.60 , ≤ 6.12.* (semver)
Unaffected: 6.17.10 , ≤ 6.17.* (semver)
Unaffected: 6.18 , ≤ * (original_commit_for_fix)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/vmw_vsock/af_vsock.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "3f71753935d648082a8279a97d30efe6b85be680",
              "status": "affected",
              "version": "d021c344051af91f42c5ba9fdedc176740cbd238",
              "versionType": "git"
            },
            {
              "lessThan": "da664101fb4a0de5cb70d2bae6a650df954df2af",
              "status": "affected",
              "version": "d021c344051af91f42c5ba9fdedc176740cbd238",
              "versionType": "git"
            },
            {
              "lessThan": "67432915145848658149683101104e32f9fd6559",
              "status": "affected",
              "version": "d021c344051af91f42c5ba9fdedc176740cbd238",
              "versionType": "git"
            },
            {
              "lessThan": "eeca93f06df89be5a36305b7b9dae1ed65550dfc",
              "status": "affected",
              "version": "d021c344051af91f42c5ba9fdedc176740cbd238",
              "versionType": "git"
            },
            {
              "lessThan": "5998da5a8208ae9ad7838ba322bccb2bdcd95e81",
              "status": "affected",
              "version": "d021c344051af91f42c5ba9fdedc176740cbd238",
              "versionType": "git"
            },
            {
              "lessThan": "f1c170cae285e4b8f61be043bb17addc3d0a14b5",
              "status": "affected",
              "version": "d021c344051af91f42c5ba9fdedc176740cbd238",
              "versionType": "git"
            },
            {
              "lessThan": "ab6b19f690d89ae4709fba73a3c4a7911f495b7a",
              "status": "affected",
              "version": "d021c344051af91f42c5ba9fdedc176740cbd238",
              "versionType": "git"
            },
            {
              "lessThan": "002541ef650b742a198e4be363881439bb9d86b4",
              "status": "affected",
              "version": "d021c344051af91f42c5ba9fdedc176740cbd238",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/vmw_vsock/af_vsock.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "3.9"
            },
            {
              "lessThan": "3.9",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.302",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.247",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.197",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.159",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.118",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.12.*",
              "status": "unaffected",
              "version": "6.12.60",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.17.*",
              "status": "unaffected",
              "version": "6.17.10",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.18",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.4.302",
                  "versionStartIncluding": "3.9",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.247",
                  "versionStartIncluding": "3.9",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.197",
                  "versionStartIncluding": "3.9",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.159",
                  "versionStartIncluding": "3.9",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6.118",
                  "versionStartIncluding": "3.9",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.12.60",
                  "versionStartIncluding": "3.9",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.17.10",
                  "versionStartIncluding": "3.9",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.18",
                  "versionStartIncluding": "3.9",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock: Ignore signal/timeout on connect() if already established\n\nDuring connect(), acting on a signal/timeout by disconnecting an already\nestablished socket leads to several issues:\n\n1. connect() invoking vsock_transport_cancel_pkt() -\u003e\n   virtio_transport_purge_skbs() may race with sendmsg() invoking\n   virtio_transport_get_credit(). This results in a permanently elevated\n   `vvs-\u003ebytes_unsent`. Which, in turn, confuses the SOCK_LINGER handling.\n\n2. connect() resetting a connected socket\u0027s state may race with socket\n   being placed in a sockmap. A disconnected socket remaining in a sockmap\n   breaks sockmap\u0027s assumptions. And gives rise to WARNs.\n\n3. connect() transitioning SS_CONNECTED -\u003e SS_UNCONNECTED allows for a\n   transport change/drop after TCP_ESTABLISHED. Which poses a problem for\n   any simultaneous sendmsg() or connect() and may result in a\n   use-after-free/null-ptr-deref.\n\nDo not disconnect socket on signal/timeout. Keep the logic for unconnected\nsockets: they don\u0027t linger, can\u0027t be placed in a sockmap, are rejected by\nsendmsg().\n\n[1]: https://lore.kernel.org/netdev/e07fd95c-9a38-4eea-9638-133e38c2ec9b@rbox.co/\n[2]: https://lore.kernel.org/netdev/20250317-vsock-trans-signal-race-v4-0-fc8837f3f1d4@rbox.co/\n[3]: https://lore.kernel.org/netdev/60f1b7db-3099-4f6a-875e-af9f6ef194f6@rbox.co/"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-06T21:38:46.423Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/3f71753935d648082a8279a97d30efe6b85be680"
        },
        {
          "url": "https://git.kernel.org/stable/c/da664101fb4a0de5cb70d2bae6a650df954df2af"
        },
        {
          "url": "https://git.kernel.org/stable/c/67432915145848658149683101104e32f9fd6559"
        },
        {
          "url": "https://git.kernel.org/stable/c/eeca93f06df89be5a36305b7b9dae1ed65550dfc"
        },
        {
          "url": "https://git.kernel.org/stable/c/5998da5a8208ae9ad7838ba322bccb2bdcd95e81"
        },
        {
          "url": "https://git.kernel.org/stable/c/f1c170cae285e4b8f61be043bb17addc3d0a14b5"
        },
        {
          "url": "https://git.kernel.org/stable/c/ab6b19f690d89ae4709fba73a3c4a7911f495b7a"
        },
        {
          "url": "https://git.kernel.org/stable/c/002541ef650b742a198e4be363881439bb9d86b4"
        }
      ],
      "title": "vsock: Ignore signal/timeout on connect() if already established",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2025-40248",
    "datePublished": "2025-12-04T16:08:11.509Z",
    "dateReserved": "2025-04-16T07:20:57.181Z",
    "dateUpdated": "2025-12-06T21:38:46.423Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2023-53751 (GCVE-0-2023-53751)

Vulnerability from cvelistv5 – Published: 2025-12-08 01:19 – Updated: 2026-01-05 10:32

Title

cifs: fix potential use-after-free bugs in TCP_Server_Info::hostname

Summary

In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential use-after-free bugs in TCP_Server_Info::hostname TCP_Server_Info::hostname may be updated once or many times during reconnect, so protect its access outside reconnect path as well and then prevent any potential use-after-free bugs.

Severity ?

No CVSS data available.

Assigner

Linux

References

URL

Tags

	https://git.kernel.org/stable/c/64d62ac6d6514cba1…
	https://git.kernel.org/stable/c/c511954bf142fe199…
	https://git.kernel.org/stable/c/0b08c4c499200be67…
	https://git.kernel.org/stable/c/90c49fce1c43e1cc1…

Impacted products

Vendor

Product

Version

Linux

Affected: 93d5cb517db39e8af8d1292f9e785e4983b7f708 , < 64d62ac6d6514cba1305bd08e271ec1843bdd612 (git)
Affected: 93d5cb517db39e8af8d1292f9e785e4983b7f708 , < c511954bf142fe1995aec3c739a9f1a76990283a (git)
Affected: 93d5cb517db39e8af8d1292f9e785e4983b7f708 , < 0b08c4c499200be67d54c439d56e5ea866869945 (git)
Affected: 93d5cb517db39e8af8d1292f9e785e4983b7f708 , < 90c49fce1c43e1cc152695e20363ff5087897c09 (git)

Linux

Affected: 5.0
Unaffected: 0 , < 5.0 (semver)
Unaffected: 6.1.28 , ≤ 6.1.* (semver)
Unaffected: 6.2.15 , ≤ 6.2.* (semver)
Unaffected: 6.3.2 , ≤ 6.3.* (semver)
Unaffected: 6.4 , ≤ * (original_commit_for_fix)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/cifs/cifs_debug.c",
            "fs/cifs/cifs_debug.h",
            "fs/cifs/connect.c",
            "fs/cifs/sess.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "64d62ac6d6514cba1305bd08e271ec1843bdd612",
              "status": "affected",
              "version": "93d5cb517db39e8af8d1292f9e785e4983b7f708",
              "versionType": "git"
            },
            {
              "lessThan": "c511954bf142fe1995aec3c739a9f1a76990283a",
              "status": "affected",
              "version": "93d5cb517db39e8af8d1292f9e785e4983b7f708",
              "versionType": "git"
            },
            {
              "lessThan": "0b08c4c499200be67d54c439d56e5ea866869945",
              "status": "affected",
              "version": "93d5cb517db39e8af8d1292f9e785e4983b7f708",
              "versionType": "git"
            },
            {
              "lessThan": "90c49fce1c43e1cc152695e20363ff5087897c09",
              "status": "affected",
              "version": "93d5cb517db39e8af8d1292f9e785e4983b7f708",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "fs/cifs/cifs_debug.c",
            "fs/cifs/cifs_debug.h",
            "fs/cifs/connect.c",
            "fs/cifs/sess.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.0"
            },
            {
              "lessThan": "5.0",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.28",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.2.*",
              "status": "unaffected",
              "version": "6.2.15",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.3.*",
              "status": "unaffected",
              "version": "6.3.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.4",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.28",
                  "versionStartIncluding": "5.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.2.15",
                  "versionStartIncluding": "5.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.3.2",
                  "versionStartIncluding": "5.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.4",
                  "versionStartIncluding": "5.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: fix potential use-after-free bugs in TCP_Server_Info::hostname\n\nTCP_Server_Info::hostname may be updated once or many times during\nreconnect, so protect its access outside reconnect path as well and\nthen prevent any potential use-after-free bugs."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-01-05T10:32:40.396Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/64d62ac6d6514cba1305bd08e271ec1843bdd612"
        },
        {
          "url": "https://git.kernel.org/stable/c/c511954bf142fe1995aec3c739a9f1a76990283a"
        },
        {
          "url": "https://git.kernel.org/stable/c/0b08c4c499200be67d54c439d56e5ea866869945"
        },
        {
          "url": "https://git.kernel.org/stable/c/90c49fce1c43e1cc152695e20363ff5087897c09"
        }
      ],
      "title": "cifs: fix potential use-after-free bugs in TCP_Server_Info::hostname",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-53751",
    "datePublished": "2025-12-08T01:19:11.160Z",
    "dateReserved": "2025-12-08T01:18:04.279Z",
    "dateUpdated": "2026-01-05T10:32:40.396Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-40277 (GCVE-0-2025-40277)

Vulnerability from cvelistv5 – Published: 2025-12-06 21:51 – Updated: 2025-12-06 21:51

Title

drm/vmwgfx: Validate command header size against SVGA_CMD_MAX_DATASIZE

Summary

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Validate command header size against SVGA_CMD_MAX_DATASIZE This data originates from userspace and is used in buffer offset calculations which could potentially overflow causing an out-of-bounds access.

Severity ?

No CVSS data available.

Assigner

Linux

References

URL

Tags

	https://git.kernel.org/stable/c/e58559845021c3bad…
	https://git.kernel.org/stable/c/54d458b244893e47b…
	https://git.kernel.org/stable/c/709e5c088f9c99a5c…
	https://git.kernel.org/stable/c/a3abb54c27b2c393c…
	https://git.kernel.org/stable/c/b5df9e06eed3df6a4…
	https://git.kernel.org/stable/c/5aea2cde03d4247cd…
	https://git.kernel.org/stable/c/f3f3a8eb3f0ba799f…
	https://git.kernel.org/stable/c/32b415a9dc2c212e8…

Impacted products

Vendor

Product

Version

Linux

Affected: 8ce75f8ab9044fe11caaaf2b2c82471023212f9f , < e58559845021c3bad5e094219378b869157fad53 (git)
Affected: 8ce75f8ab9044fe11caaaf2b2c82471023212f9f , < 54d458b244893e47bda52ec3943fdfbc8d7d068b (git)
Affected: 8ce75f8ab9044fe11caaaf2b2c82471023212f9f , < 709e5c088f9c99a5cf2c1d1c6ce58f2cca7ab173 (git)
Affected: 8ce75f8ab9044fe11caaaf2b2c82471023212f9f , < a3abb54c27b2c393c44362399777ad2f6e1ff17e (git)
Affected: 8ce75f8ab9044fe11caaaf2b2c82471023212f9f , < b5df9e06eed3df6a4f5c6f8453013b0cabb927b4 (git)
Affected: 8ce75f8ab9044fe11caaaf2b2c82471023212f9f , < 5aea2cde03d4247cdcf53f9ab7d0747c9dca1cfc (git)
Affected: 8ce75f8ab9044fe11caaaf2b2c82471023212f9f , < f3f3a8eb3f0ba799fae057091d8c67cca12d6fa0 (git)
Affected: 8ce75f8ab9044fe11caaaf2b2c82471023212f9f , < 32b415a9dc2c212e809b7ebc2b14bc3fbda2b9af (git)

Linux

Affected: 4.3
Unaffected: 0 , < 4.3 (semver)
Unaffected: 5.4.302 , ≤ 5.4.* (semver)
Unaffected: 5.10.247 , ≤ 5.10.* (semver)
Unaffected: 5.15.197 , ≤ 5.15.* (semver)
Unaffected: 6.1.159 , ≤ 6.1.* (semver)
Unaffected: 6.6.117 , ≤ 6.6.* (semver)
Unaffected: 6.12.59 , ≤ 6.12.* (semver)
Unaffected: 6.17.9 , ≤ 6.17.* (semver)
Unaffected: 6.18 , ≤ * (original_commit_for_fix)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/vmwgfx/vmwgfx_execbuf.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "e58559845021c3bad5e094219378b869157fad53",
              "status": "affected",
              "version": "8ce75f8ab9044fe11caaaf2b2c82471023212f9f",
              "versionType": "git"
            },
            {
              "lessThan": "54d458b244893e47bda52ec3943fdfbc8d7d068b",
              "status": "affected",
              "version": "8ce75f8ab9044fe11caaaf2b2c82471023212f9f",
              "versionType": "git"
            },
            {
              "lessThan": "709e5c088f9c99a5cf2c1d1c6ce58f2cca7ab173",
              "status": "affected",
              "version": "8ce75f8ab9044fe11caaaf2b2c82471023212f9f",
              "versionType": "git"
            },
            {
              "lessThan": "a3abb54c27b2c393c44362399777ad2f6e1ff17e",
              "status": "affected",
              "version": "8ce75f8ab9044fe11caaaf2b2c82471023212f9f",
              "versionType": "git"
            },
            {
              "lessThan": "b5df9e06eed3df6a4f5c6f8453013b0cabb927b4",
              "status": "affected",
              "version": "8ce75f8ab9044fe11caaaf2b2c82471023212f9f",
              "versionType": "git"
            },
            {
              "lessThan": "5aea2cde03d4247cdcf53f9ab7d0747c9dca1cfc",
              "status": "affected",
              "version": "8ce75f8ab9044fe11caaaf2b2c82471023212f9f",
              "versionType": "git"
            },
            {
              "lessThan": "f3f3a8eb3f0ba799fae057091d8c67cca12d6fa0",
              "status": "affected",
              "version": "8ce75f8ab9044fe11caaaf2b2c82471023212f9f",
              "versionType": "git"
            },
            {
              "lessThan": "32b415a9dc2c212e809b7ebc2b14bc3fbda2b9af",
              "status": "affected",
              "version": "8ce75f8ab9044fe11caaaf2b2c82471023212f9f",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/vmwgfx/vmwgfx_execbuf.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.3"
            },
            {
              "lessThan": "4.3",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.302",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.247",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.197",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.159",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.117",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.12.*",
              "status": "unaffected",
              "version": "6.12.59",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.17.*",
              "status": "unaffected",
              "version": "6.17.9",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.18",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.4.302",
                  "versionStartIncluding": "4.3",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.247",
                  "versionStartIncluding": "4.3",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.197",
                  "versionStartIncluding": "4.3",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.159",
                  "versionStartIncluding": "4.3",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6.117",
                  "versionStartIncluding": "4.3",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.12.59",
                  "versionStartIncluding": "4.3",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.17.9",
                  "versionStartIncluding": "4.3",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.18",
                  "versionStartIncluding": "4.3",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vmwgfx: Validate command header size against SVGA_CMD_MAX_DATASIZE\n\nThis data originates from userspace and is used in buffer offset\ncalculations which could potentially overflow causing an out-of-bounds\naccess."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-06T21:51:00.437Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/e58559845021c3bad5e094219378b869157fad53"
        },
        {
          "url": "https://git.kernel.org/stable/c/54d458b244893e47bda52ec3943fdfbc8d7d068b"
        },
        {
          "url": "https://git.kernel.org/stable/c/709e5c088f9c99a5cf2c1d1c6ce58f2cca7ab173"
        },
        {
          "url": "https://git.kernel.org/stable/c/a3abb54c27b2c393c44362399777ad2f6e1ff17e"
        },
        {
          "url": "https://git.kernel.org/stable/c/b5df9e06eed3df6a4f5c6f8453013b0cabb927b4"
        },
        {
          "url": "https://git.kernel.org/stable/c/5aea2cde03d4247cdcf53f9ab7d0747c9dca1cfc"
        },
        {
          "url": "https://git.kernel.org/stable/c/f3f3a8eb3f0ba799fae057091d8c67cca12d6fa0"
        },
        {
          "url": "https://git.kernel.org/stable/c/32b415a9dc2c212e809b7ebc2b14bc3fbda2b9af"
        }
      ],
      "title": "drm/vmwgfx: Validate command header size against SVGA_CMD_MAX_DATASIZE",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2025-40277",
    "datePublished": "2025-12-06T21:51:00.437Z",
    "dateReserved": "2025-04-16T07:20:57.184Z",
    "dateUpdated": "2025-12-06T21:51:00.437Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2023-53705 (GCVE-0-2023-53705)

Vulnerability from cvelistv5 – Published: 2025-10-22 13:23 – Updated: 2025-10-22 13:23

Title

ipv6: Fix out-of-bounds access in ipv6_find_tlv()

Summary

In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix out-of-bounds access in ipv6_find_tlv() optlen is fetched without checking whether there is more than one byte to parse. It can lead to out-of-bounds access. Found by InfoTeCS on behalf of Linux Verification Center (linuxtesting.org) with SVACE.

Severity ?

No CVSS data available.

Assigner

Linux

References

URL

Tags

	https://git.kernel.org/stable/c/59e656d0d4a84ea0e…
	https://git.kernel.org/stable/c/04bf69e3de435d793…
	https://git.kernel.org/stable/c/011f47c8b8389154f…
	https://git.kernel.org/stable/c/e5f82688ae10f5f38…
	https://git.kernel.org/stable/c/9b92e2d0eb696d758…
	https://git.kernel.org/stable/c/91dd8aab9c9f19321…
	https://git.kernel.org/stable/c/ae68c0f7edbc9a294…
	https://git.kernel.org/stable/c/878ecb0897f4737a4…

Impacted products

Vendor

Product

Version

Linux

Affected: c61a404325093250b676f40ad8f4dd00f3bcab5f , < 59e656d0d4a84ea0ee9a39c6f69160a3effccc94 (git)
Affected: c61a404325093250b676f40ad8f4dd00f3bcab5f , < 04bf69e3de435d793a203aacc4b774f8f9f2baeb (git)
Affected: c61a404325093250b676f40ad8f4dd00f3bcab5f , < 011f47c8b8389154f996f5f69da8efc3a3beefef (git)
Affected: c61a404325093250b676f40ad8f4dd00f3bcab5f , < e5f82688ae10f5f386952e65e941bb8868ee54dc (git)
Affected: c61a404325093250b676f40ad8f4dd00f3bcab5f , < 9b92e2d0eb696d7586ba832c8854653b59887da0 (git)
Affected: c61a404325093250b676f40ad8f4dd00f3bcab5f , < 91dd8aab9c9f193210681b86b6b92840ffe74f0c (git)
Affected: c61a404325093250b676f40ad8f4dd00f3bcab5f , < ae68c0f7edbc9a294094ce03a0aaf45aa489ce40 (git)
Affected: c61a404325093250b676f40ad8f4dd00f3bcab5f , < 878ecb0897f4737a4c9401f3523fd49589025671 (git)

Linux

Affected: 2.6.19
Unaffected: 0 , < 2.6.19 (semver)
Unaffected: 4.14.316 , ≤ 4.14.* (semver)
Unaffected: 4.19.284 , ≤ 4.19.* (semver)
Unaffected: 5.4.244 , ≤ 5.4.* (semver)
Unaffected: 5.10.181 , ≤ 5.10.* (semver)
Unaffected: 5.15.114 , ≤ 5.15.* (semver)
Unaffected: 6.1.31 , ≤ 6.1.* (semver)
Unaffected: 6.3.5 , ≤ 6.3.* (semver)
Unaffected: 6.4 , ≤ * (original_commit_for_fix)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/ipv6/exthdrs_core.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "59e656d0d4a84ea0ee9a39c6f69160a3effccc94",
              "status": "affected",
              "version": "c61a404325093250b676f40ad8f4dd00f3bcab5f",
              "versionType": "git"
            },
            {
              "lessThan": "04bf69e3de435d793a203aacc4b774f8f9f2baeb",
              "status": "affected",
              "version": "c61a404325093250b676f40ad8f4dd00f3bcab5f",
              "versionType": "git"
            },
            {
              "lessThan": "011f47c8b8389154f996f5f69da8efc3a3beefef",
              "status": "affected",
              "version": "c61a404325093250b676f40ad8f4dd00f3bcab5f",
              "versionType": "git"
            },
            {
              "lessThan": "e5f82688ae10f5f386952e65e941bb8868ee54dc",
              "status": "affected",
              "version": "c61a404325093250b676f40ad8f4dd00f3bcab5f",
              "versionType": "git"
            },
            {
              "lessThan": "9b92e2d0eb696d7586ba832c8854653b59887da0",
              "status": "affected",
              "version": "c61a404325093250b676f40ad8f4dd00f3bcab5f",
              "versionType": "git"
            },
            {
              "lessThan": "91dd8aab9c9f193210681b86b6b92840ffe74f0c",
              "status": "affected",
              "version": "c61a404325093250b676f40ad8f4dd00f3bcab5f",
              "versionType": "git"
            },
            {
              "lessThan": "ae68c0f7edbc9a294094ce03a0aaf45aa489ce40",
              "status": "affected",
              "version": "c61a404325093250b676f40ad8f4dd00f3bcab5f",
              "versionType": "git"
            },
            {
              "lessThan": "878ecb0897f4737a4c9401f3523fd49589025671",
              "status": "affected",
              "version": "c61a404325093250b676f40ad8f4dd00f3bcab5f",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/ipv6/exthdrs_core.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "2.6.19"
            },
            {
              "lessThan": "2.6.19",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.316",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.284",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.244",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.181",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.114",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.31",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.3.*",
              "status": "unaffected",
              "version": "6.3.5",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.4",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.14.316",
                  "versionStartIncluding": "2.6.19",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.19.284",
                  "versionStartIncluding": "2.6.19",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.4.244",
                  "versionStartIncluding": "2.6.19",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.181",
                  "versionStartIncluding": "2.6.19",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.114",
                  "versionStartIncluding": "2.6.19",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.31",
                  "versionStartIncluding": "2.6.19",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.3.5",
                  "versionStartIncluding": "2.6.19",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.4",
                  "versionStartIncluding": "2.6.19",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: Fix out-of-bounds access in ipv6_find_tlv()\n\noptlen is fetched without checking whether there is more than one byte to parse.\nIt can lead to out-of-bounds access.\n\nFound by InfoTeCS on behalf of Linux Verification Center\n(linuxtesting.org) with SVACE."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-10-22T13:23:42.641Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/59e656d0d4a84ea0ee9a39c6f69160a3effccc94"
        },
        {
          "url": "https://git.kernel.org/stable/c/04bf69e3de435d793a203aacc4b774f8f9f2baeb"
        },
        {
          "url": "https://git.kernel.org/stable/c/011f47c8b8389154f996f5f69da8efc3a3beefef"
        },
        {
          "url": "https://git.kernel.org/stable/c/e5f82688ae10f5f386952e65e941bb8868ee54dc"
        },
        {
          "url": "https://git.kernel.org/stable/c/9b92e2d0eb696d7586ba832c8854653b59887da0"
        },
        {
          "url": "https://git.kernel.org/stable/c/91dd8aab9c9f193210681b86b6b92840ffe74f0c"
        },
        {
          "url": "https://git.kernel.org/stable/c/ae68c0f7edbc9a294094ce03a0aaf45aa489ce40"
        },
        {
          "url": "https://git.kernel.org/stable/c/878ecb0897f4737a4c9401f3523fd49589025671"
        }
      ],
      "title": "ipv6: Fix out-of-bounds access in ipv6_find_tlv()",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-53705",
    "datePublished": "2025-10-22T13:23:42.641Z",
    "dateReserved": "2025-10-22T13:21:37.346Z",
    "dateUpdated": "2025-10-22T13:23:42.641Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

RHSA-2026:1512

CVE-2025-39898 (GCVE-0-2025-39898)

CVE-2025-39993 (GCVE-0-2025-39993)

CVE-2025-40248 (GCVE-0-2025-40248)

CVE-2023-53751 (GCVE-0-2023-53751)

CVE-2025-40277 (GCVE-0-2025-40277)

CVE-2023-53705 (GCVE-0-2023-53705)

Tags

Sightings

Nomenclature