RHSA-2026:2577
Vulnerability from csaf_redhat - Published: 2026-02-11 17:06 - Updated: 2026-02-12 06:50Summary
Red Hat Security Advisory: kernel-rt security update
Notes
Topic
An update for kernel-rt is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
* kernel: Linux kernel: ath9k_htc out-of-bounds access vulnerability (CVE-2022-49503)
* kernel: Linux kernel: Out-of-bounds write in VXLAN due to incorrect nexthop hash size leading to denial of service (CVE-2023-53192)
* kernel: Bluetooth: hci_event: call disconnect callback before deleting conn (CVE-2023-53673)
* kernel: devlink: rate: Unset parent pointer in devl_rate_nodes_destroy (CVE-2025-40251)
* kernel: Linux kernel Bluetooth L2CAP: Kernel crash due to use-after-free via race condition (CVE-2023-53751)
* kernel: Linux kernel: Out-of-bounds write in fbdev can lead to privilege escalation, information disclosure, or denial of service. (CVE-2025-40304)
* kernel: Linux kernel: Information disclosure and denial of service via out-of-bounds read in font glyph handling (CVE-2025-40322)
* kernel: ext4: fix use-after-free in ext4_orphan_cleanup (CVE-2022-50673)
* kernel: drm/i915: Fix NULL ptr deref by checking new_crtc_state (CVE-2023-53833)
* kernel: net: atlantic: fix fragment overflow handling in RX path (CVE-2025-68301)
* kernel: tcp: fix a signed-integer-overflow bug in tcp_add_backlog() (CVE-2022-50865)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for kernel-rt is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es):\n\n* kernel: Linux kernel: ath9k_htc out-of-bounds access vulnerability (CVE-2022-49503)\n\n* kernel: Linux kernel: Out-of-bounds write in VXLAN due to incorrect nexthop hash size leading to denial of service (CVE-2023-53192)\n\n* kernel: Bluetooth: hci_event: call disconnect callback before deleting conn (CVE-2023-53673)\n\n* kernel: devlink: rate: Unset parent pointer in devl_rate_nodes_destroy (CVE-2025-40251)\n\n* kernel: Linux kernel Bluetooth L2CAP: Kernel crash due to use-after-free via race condition (CVE-2023-53751)\n\n* kernel: Linux kernel: Out-of-bounds write in fbdev can lead to privilege escalation, information disclosure, or denial of service. (CVE-2025-40304)\n\n* kernel: Linux kernel: Information disclosure and denial of service via out-of-bounds read in font glyph handling (CVE-2025-40322)\n\n* kernel: ext4: fix use-after-free in ext4_orphan_cleanup (CVE-2022-50673)\n\n* kernel: drm/i915: Fix NULL ptr deref by checking new_crtc_state (CVE-2023-53833)\n\n* kernel: net: atlantic: fix fragment overflow handling in RX path (CVE-2025-68301)\n\n* kernel: tcp: fix a signed-integer-overflow bug in tcp_add_backlog() (CVE-2022-50865)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:2577",
"url": "https://access.redhat.com/errata/RHSA-2026:2577"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2347814",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2347814"
},
{
"category": "external",
"summary": "2395232",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395232"
},
{
"category": "external",
"summary": "2402193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2402193"
},
{
"category": "external",
"summary": "2418892",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418892"
},
{
"category": "external",
"summary": "2419858",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419858"
},
{
"category": "external",
"summary": "2419870",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419870"
},
{
"category": "external",
"summary": "2419902",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419902"
},
{
"category": "external",
"summary": "2420347",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2420347"
},
{
"category": "external",
"summary": "2420366",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2420366"
},
{
"category": "external",
"summary": "2422836",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2422836"
},
{
"category": "external",
"summary": "2426226",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2426226"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_2577.json"
}
],
"title": "Red Hat Security Advisory: kernel-rt security update",
"tracking": {
"current_release_date": "2026-02-12T06:50:56+00:00",
"generator": {
"date": "2026-02-12T06:50:56+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.1"
}
},
"id": "RHSA-2026:2577",
"initial_release_date": "2026-02-11T17:06:59+00:00",
"revision_history": [
{
"date": "2026-02-11T17:06:59+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-02-11T17:06:59+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-02-12T06:50:56+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product": {
"name": "Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_e4s:9.0::nfv"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product": {
"name": "Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_e4s:9.0::realtime"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"product": {
"name": "kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"product_id": "kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@5.14.0-70.165.1.rt21.237.el9_0?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product": {
"name": "kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product_id": "kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@5.14.0-70.165.1.rt21.237.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product": {
"name": "kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product_id": "kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-core@5.14.0-70.165.1.rt21.237.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product": {
"name": "kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product_id": "kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug@5.14.0-70.165.1.rt21.237.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product": {
"name": "kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product_id": "kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-core@5.14.0-70.165.1.rt21.237.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product": {
"name": "kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product_id": "kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-devel@5.14.0-70.165.1.rt21.237.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product": {
"name": "kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product_id": "kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-kvm@5.14.0-70.165.1.rt21.237.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product": {
"name": "kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product_id": "kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-modules@5.14.0-70.165.1.rt21.237.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product": {
"name": "kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product_id": "kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-modules-extra@5.14.0-70.165.1.rt21.237.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product": {
"name": "kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product_id": "kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-devel@5.14.0-70.165.1.rt21.237.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product": {
"name": "kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product_id": "kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-kvm@5.14.0-70.165.1.rt21.237.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product": {
"name": "kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product_id": "kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-modules@5.14.0-70.165.1.rt21.237.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product": {
"name": "kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product_id": "kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-modules-extra@5.14.0-70.165.1.rt21.237.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product": {
"name": "kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product_id": "kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@5.14.0-70.165.1.rt21.237.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product": {
"name": "kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product_id": "kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo@5.14.0-70.165.1.rt21.237.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product": {
"name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product_id": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common-x86_64@5.14.0-70.165.1.rt21.237.el9_0?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src"
},
"product_reference": "kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"relates_to_product_reference": "NFV-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
},
"product_reference": "kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"relates_to_product_reference": "NFV-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
},
"product_reference": "kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"relates_to_product_reference": "NFV-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
},
"product_reference": "kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"relates_to_product_reference": "NFV-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
},
"product_reference": "kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"relates_to_product_reference": "NFV-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
},
"product_reference": "kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"relates_to_product_reference": "NFV-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
},
"product_reference": "kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"relates_to_product_reference": "NFV-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
},
"product_reference": "kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"relates_to_product_reference": "NFV-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
},
"product_reference": "kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"relates_to_product_reference": "NFV-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
},
"product_reference": "kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"relates_to_product_reference": "NFV-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
},
"product_reference": "kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"relates_to_product_reference": "NFV-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
},
"product_reference": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"relates_to_product_reference": "NFV-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
},
"product_reference": "kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"relates_to_product_reference": "NFV-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
},
"product_reference": "kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"relates_to_product_reference": "NFV-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
},
"product_reference": "kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"relates_to_product_reference": "NFV-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
},
"product_reference": "kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"relates_to_product_reference": "NFV-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src"
},
"product_reference": "kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"relates_to_product_reference": "RT-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
},
"product_reference": "kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"relates_to_product_reference": "RT-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
},
"product_reference": "kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"relates_to_product_reference": "RT-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
},
"product_reference": "kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"relates_to_product_reference": "RT-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
},
"product_reference": "kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"relates_to_product_reference": "RT-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
},
"product_reference": "kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"relates_to_product_reference": "RT-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
},
"product_reference": "kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"relates_to_product_reference": "RT-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
},
"product_reference": "kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"relates_to_product_reference": "RT-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
},
"product_reference": "kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"relates_to_product_reference": "RT-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
},
"product_reference": "kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"relates_to_product_reference": "RT-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
},
"product_reference": "kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"relates_to_product_reference": "RT-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
},
"product_reference": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"relates_to_product_reference": "RT-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
},
"product_reference": "kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"relates_to_product_reference": "RT-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
},
"product_reference": "kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"relates_to_product_reference": "RT-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
},
"product_reference": "kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"relates_to_product_reference": "RT-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
},
"product_reference": "kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"relates_to_product_reference": "RT-9.0.0.Z.E4S"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-49503",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2025-02-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2347814"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nath9k_htc: fix potential out of bounds access with invalid rxstatus-\u003ers_keyix\n\nThe \"rxstatus-\u003ers_keyix\" eventually gets passed to test_bit() so we need to\nensure that it is within the bitmap.\n\ndrivers/net/wireless/ath/ath9k/common.c:46 ath9k_cmn_rx_accept()\nerror: passing untrusted data \u0027rx_stats-\u003ers_keyix\u0027 to \u0027test_bit()\u0027",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Linux kernel: ath9k_htc out-of-bounds access vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-49503"
},
{
"category": "external",
"summary": "RHBZ#2347814",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2347814"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-49503",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49503"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-49503",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-49503"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025022608-CVE-2022-49503-a3bf@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025022608-CVE-2022-49503-a3bf@gregkh/T"
}
],
"release_date": "2025-02-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-11T17:06:59+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2577"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Linux kernel: ath9k_htc out-of-bounds access vulnerability"
},
{
"cve": "CVE-2022-50673",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2025-12-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2420347"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free vulnerability was found in the ext4 filesystem\u0027s orphan inode cleanup routine in the Linux kernel. When ext4_inode_attach_jinode() fails with -ENOMEM during orphan cleanup at mount time, the error is not properly propagated. The inode is freed via iput(), but the orphan list still references the same inode number. On the next loop iteration, the freed inode structure is reused, triggering a use-after-free when adding it to the orphan list.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: ext4: fix use-after-free in ext4_orphan_cleanup",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw occurs during ext4 filesystem mount when memory allocation fails at a specific point in orphan inode processing. Exploitation requires local access to mount ext4 filesystems and the ability to induce memory pressure during the mount operation, making practical exploitation difficult.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-50673"
},
{
"category": "external",
"summary": "RHBZ#2420347",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2420347"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-50673",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50673"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-50673",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-50673"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025120947-CVE-2022-50673-f920@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025120947-CVE-2022-50673-f920@gregkh/T"
}
],
"release_date": "2025-12-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-11T17:06:59+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2577"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: ext4: fix use-after-free in ext4_orphan_cleanup"
},
{
"cve": "CVE-2022-50865",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2025-12-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2426226"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: fix a signed-integer-overflow bug in tcp_add_backlog()\n\nThe type of sk_rcvbuf and sk_sndbuf in struct sock is int, and\nin tcp_add_backlog(), the variable limit is caculated by adding\nsk_rcvbuf, sk_sndbuf and 64 * 1024, it may exceed the max value\nof int and overflow. This patch reduces the limit budget by\nhalving the sndbuf to solve this issue since ACK packets are much\nsmaller than the payload.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: tcp: fix a signed-integer-overflow bug in tcp_add_backlog()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "A signed integer overflow in tcp_add_backlog() could occur when computing the backlog limit from sk_rcvbuf and sk_sndbuf, potentially resulting in an incorrect, reduced limit. A remote peer can trigger this condition by sending network traffic that stresses the TCP backlog, leading to premature packet drops and degraded service availability.\nThis issue is a typical network robustness bug, as the integer overflow only affects internal backlog limit calculations and can at most cause packet drops or limited service degradation (DoS), without providing a realistic path to host crashes, memory corruption, privilege escalation, or code execution.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-50865"
},
{
"category": "external",
"summary": "RHBZ#2426226",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2426226"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-50865",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50865"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-50865",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-50865"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025123049-CVE-2022-50865-281e@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025123049-CVE-2022-50865-281e@gregkh/T"
}
],
"release_date": "2025-12-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-11T17:06:59+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2577"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: tcp: fix a signed-integer-overflow bug in tcp_add_backlog()"
},
{
"cve": "CVE-2023-53192",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2025-09-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2395232"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvxlan: Fix nexthop hash size\n\nThe nexthop code expects a 31 bit hash, such as what is returned by\nfib_multipath_hash() and rt6_multipath_hash(). Passing the 32 bit hash\nreturned by skb_get_hash() can lead to problems related to the fact that\n\u0027int hash\u0027 is a negative number when the MSB is set.\n\nIn the case of hash threshold nexthop groups, nexthop_select_path_hthr()\nwill disproportionately select the first nexthop group entry. In the case\nof resilient nexthop groups, nexthop_select_path_res() may do an out of\nbounds access in nh_buckets[], for example:\n hash = -912054133\n num_nh_buckets = 2\n bucket_index = 65535\n\nwhich leads to the following panic:\n\nBUG: unable to handle page fault for address: ffffc900025910c8\nPGD 100000067 P4D 100000067 PUD 10026b067 PMD 0\nOops: 0002 [#1] PREEMPT SMP KASAN NOPTI\nCPU: 4 PID: 856 Comm: kworker/4:3 Not tainted 6.5.0-rc2+ #34\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.2-debian-1.16.2-1 04/01/2014\nWorkqueue: ipv6_addrconf addrconf_dad_work\nRIP: 0010:nexthop_select_path+0x197/0xbf0\nCode: c1 e4 05 be 08 00 00 00 4c 8b 35 a4 14 7e 01 4e 8d 6c 25 00 4a 8d 7c 25 08 48 01 dd e8 c2 25 15 ff 49 8d 7d 08 e8 39 13 15 ff \u003c4d\u003e 89 75 08 48 89 ef e8 7d 12 15 ff 48 8b 5d 00 e8 14 55 2f 00 85\nRSP: 0018:ffff88810c36f260 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: 00000000002000c0 RCX: ffffffffaf02dd77\nRDX: dffffc0000000000 RSI: 0000000000000008 RDI: ffffc900025910c8\nRBP: ffffc900025910c0 R08: 0000000000000001 R09: fffff520004b2219\nR10: ffffc900025910cf R11: 31392d2068736168 R12: 00000000002000c0\nR13: ffffc900025910c0 R14: 00000000fffef608 R15: ffff88811840e900\nFS: 0000000000000000(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: ffffc900025910c8 CR3: 0000000129d00000 CR4: 0000000000750ee0\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n ? __die+0x23/0x70\n ? page_fault_oops+0x1ee/0x5c0\n ? __pfx_is_prefetch.constprop.0+0x10/0x10\n ? __pfx_page_fault_oops+0x10/0x10\n ? search_bpf_extables+0xfe/0x1c0\n ? fixup_exception+0x3b/0x470\n ? exc_page_fault+0xf6/0x110\n ? asm_exc_page_fault+0x26/0x30\n ? nexthop_select_path+0x197/0xbf0\n ? nexthop_select_path+0x197/0xbf0\n ? lock_is_held_type+0xe7/0x140\n vxlan_xmit+0x5b2/0x2340\n ? __lock_acquire+0x92b/0x3370\n ? __pfx_vxlan_xmit+0x10/0x10\n ? __pfx___lock_acquire+0x10/0x10\n ? __pfx_register_lock_class+0x10/0x10\n ? skb_network_protocol+0xce/0x2d0\n ? dev_hard_start_xmit+0xca/0x350\n ? __pfx_vxlan_xmit+0x10/0x10\n dev_hard_start_xmit+0xca/0x350\n __dev_queue_xmit+0x513/0x1e20\n ? __pfx___dev_queue_xmit+0x10/0x10\n ? __pfx_lock_release+0x10/0x10\n ? mark_held_locks+0x44/0x90\n ? skb_push+0x4c/0x80\n ? eth_header+0x81/0xe0\n ? __pfx_eth_header+0x10/0x10\n ? neigh_resolve_output+0x215/0x310\n ? ip6_finish_output2+0x2ba/0xc90\n ip6_finish_output2+0x2ba/0xc90\n ? lock_release+0x236/0x3e0\n ? ip6_mtu+0xbb/0x240\n ? __pfx_ip6_finish_output2+0x10/0x10\n ? find_held_lock+0x83/0xa0\n ? lock_is_held_type+0xe7/0x140\n ip6_finish_output+0x1ee/0x780\n ip6_output+0x138/0x460\n ? __pfx_ip6_output+0x10/0x10\n ? __pfx___lock_acquire+0x10/0x10\n ? __pfx_ip6_finish_output+0x10/0x10\n NF_HOOK.constprop.0+0xc0/0x420\n ? __pfx_NF_HOOK.constprop.0+0x10/0x10\n ? ndisc_send_skb+0x2c0/0x960\n ? __pfx_lock_release+0x10/0x10\n ? __local_bh_enable_ip+0x93/0x110\n ? lock_is_held_type+0xe7/0x140\n ndisc_send_skb+0x4be/0x960\n ? __pfx_ndisc_send_skb+0x10/0x10\n ? mark_held_locks+0x65/0x90\n ? find_held_lock+0x83/0xa0\n ndisc_send_ns+0xb0/0x110\n ? __pfx_ndisc_send_ns+0x10/0x10\n addrconf_dad_work+0x631/0x8e0\n ? lock_acquire+0x180/0x3f0\n ? __pfx_addrconf_dad_work+0x10/0x10\n ? mark_held_locks+0x24/0x90\n process_one_work+0x582/0x9c0\n ? __pfx_process_one_work+0x10/0x10\n ? __pfx_do_raw_spin_lock+0x10/0x10\n ? mark_held_locks+0x24/0x90\n worker_thread+0x93/0x630\n ? __kthread_parkme+0xdc/0x100\n ? __pfx_worker_thread+0x10/0x10\n kthread+0x1a5/0x1e0\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x34/0x60\n \n---truncated---",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Linux kernel: Out-of-bounds write in VXLAN due to incorrect nexthop hash size leading to denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability requires elevated privileges (`CAP_NET_ADMIN`) to exploit, since it can only be triggered if the system is configured to accept and forward VXLAN packets.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-53192"
},
{
"category": "external",
"summary": "RHBZ#2395232",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395232"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-53192",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53192"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-53192",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53192"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025091558-CVE-2023-53192-5ca6@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025091558-CVE-2023-53192-5ca6@gregkh/T"
}
],
"release_date": "2025-09-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-11T17:06:59+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2577"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Linux kernel: Out-of-bounds write in VXLAN due to incorrect nexthop hash size leading to denial of service"
},
{
"cve": "CVE-2023-53673",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2025-10-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2402193"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: hci_event: call disconnect callback before deleting conn\n\nIn hci_cs_disconnect, we do hci_conn_del even if disconnection failed.\n\nISO, L2CAP and SCO connections refer to the hci_conn without\nhci_conn_get, so disconn_cfm must be called so they can clean up their\nconn, otherwise use-after-free occurs.\n\nISO:\n==========================================================\niso_sock_connect:880: sk 00000000eabd6557\niso_connect_cis:356: 70:1a:b8:98:ff:a2 -\u003e 28:3d:c2:4a:7e:da\n...\niso_conn_add:140: hcon 000000001696f1fd conn 00000000b6251073\nhci_dev_put:1487: hci0 orig refcnt 17\n__iso_chan_add:214: conn 00000000b6251073\niso_sock_clear_timer:117: sock 00000000eabd6557 state 3\n...\nhci_rx_work:4085: hci0 Event packet\nhci_event_packet:7601: hci0: event 0x0f\nhci_cmd_status_evt:4346: hci0: opcode 0x0406\nhci_cs_disconnect:2760: hci0: status 0x0c\nhci_sent_cmd_data:3107: hci0 opcode 0x0406\nhci_conn_del:1151: hci0 hcon 000000001696f1fd handle 2560\nhci_conn_unlink:1102: hci0: hcon 000000001696f1fd\nhci_conn_drop:1451: hcon 00000000d8521aaf orig refcnt 2\nhci_chan_list_flush:2780: hcon 000000001696f1fd\nhci_dev_put:1487: hci0 orig refcnt 21\nhci_dev_put:1487: hci0 orig refcnt 20\nhci_req_cmd_complete:3978: opcode 0x0406 status 0x0c\n... \u003cno iso_* activity on sk/conn\u003e ...\niso_sock_sendmsg:1098: sock 00000000dea5e2e0, sk 00000000eabd6557\nBUG: kernel NULL pointer dereference, address: 0000000000000668\nPGD 0 P4D 0\nOops: 0000 [#1] PREEMPT SMP PTI\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-1.fc38 04/01/2014\nRIP: 0010:iso_sock_sendmsg (net/bluetooth/iso.c:1112) bluetooth\n==========================================================\n\nL2CAP:\n==================================================================\nhci_cmd_status_evt:4359: hci0: opcode 0x0406\nhci_cs_disconnect:2760: hci0: status 0x0c\nhci_sent_cmd_data:3085: hci0 opcode 0x0406\nhci_conn_del:1151: hci0 hcon ffff88800c999000 handle 3585\nhci_conn_unlink:1102: hci0: hcon ffff88800c999000\nhci_chan_list_flush:2780: hcon ffff88800c999000\nhci_chan_del:2761: hci0 hcon ffff88800c999000 chan ffff888018ddd280\n...\nBUG: KASAN: slab-use-after-free in hci_send_acl+0x2d/0x540 [bluetooth]\nRead of size 8 at addr ffff888018ddd298 by task bluetoothd/1175\n\nCPU: 0 PID: 1175 Comm: bluetoothd Tainted: G E 6.4.0-rc4+ #2\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-1.fc38 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x5b/0x90\n print_report+0xcf/0x670\n ? __virt_addr_valid+0xf8/0x180\n ? hci_send_acl+0x2d/0x540 [bluetooth]\n kasan_report+0xa8/0xe0\n ? hci_send_acl+0x2d/0x540 [bluetooth]\n hci_send_acl+0x2d/0x540 [bluetooth]\n ? __pfx___lock_acquire+0x10/0x10\n l2cap_chan_send+0x1fd/0x1300 [bluetooth]\n ? l2cap_sock_sendmsg+0xf2/0x170 [bluetooth]\n ? __pfx_l2cap_chan_send+0x10/0x10 [bluetooth]\n ? lock_release+0x1d5/0x3c0\n ? mark_held_locks+0x1a/0x90\n l2cap_sock_sendmsg+0x100/0x170 [bluetooth]\n sock_write_iter+0x275/0x280\n ? __pfx_sock_write_iter+0x10/0x10\n ? __pfx___lock_acquire+0x10/0x10\n do_iter_readv_writev+0x176/0x220\n ? __pfx_do_iter_readv_writev+0x10/0x10\n ? find_held_lock+0x83/0xa0\n ? selinux_file_permission+0x13e/0x210\n do_iter_write+0xda/0x340\n vfs_writev+0x1b4/0x400\n ? __pfx_vfs_writev+0x10/0x10\n ? __seccomp_filter+0x112/0x750\n ? populate_seccomp_data+0x182/0x220\n ? __fget_light+0xdf/0x100\n ? do_writev+0x19d/0x210\n do_writev+0x19d/0x210\n ? __pfx_do_writev+0x10/0x10\n ? mark_held_locks+0x1a/0x90\n do_syscall_64+0x60/0x90\n ? lockdep_hardirqs_on_prepare+0x149/0x210\n ? do_syscall_64+0x6c/0x90\n ? lockdep_hardirqs_on_prepare+0x149/0x210\n entry_SYSCALL_64_after_hwframe+0x72/0xdc\nRIP: 0033:0x7ff45cb23e64\nCode: 15 d1 1f 0d 00 f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b8 0f 1f 00 f3 0f 1e fa 80 3d 9d a7 0d 00 00 74 13 b8 14 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 54 c3 0f 1f 00 48 83 ec 28 89 54 24 1c 48 89\nRSP: 002b:00007fff21ae09b8 EFLAGS: 00000202 ORIG_RAX: 0000000000000014\nRAX: ffffffffffffffda RBX: \n---truncated---",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Bluetooth: hci_event: call disconnect callback before deleting conn",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw has been fixed in RHEL versions 9.4 and later.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-53673"
},
{
"category": "external",
"summary": "RHBZ#2402193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2402193"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-53673",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53673"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-53673",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53673"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025100706-CVE-2023-53673-36b9@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025100706-CVE-2023-53673-36b9@gregkh/T"
}
],
"release_date": "2025-10-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-11T17:06:59+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2577"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Bluetooth: hci_event: call disconnect callback before deleting conn"
},
{
"cve": "CVE-2023-53751",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2025-12-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419858"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: fix potential use-after-free bugs in TCP_Server_Info::hostname\n\nTCP_Server_Info::hostname may be updated once or many times during\nreconnect, so protect its access outside reconnect path as well and\nthen prevent any potential use-after-free bugs.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Linux kernel Bluetooth L2CAP: Kernel crash due to use-after-free via race condition",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "A use-after-free vulnerability was found in the Linux kernel Bluetooth L2CAP subsystem. Due to a race condition during L2CAP channel disconnect handling, a channel structure may be accessed after being freed. An adjacent attacker within Bluetooth range can trigger this issue without authentication, potentially causing a kernel crash, while reliable code execution would require precise timing and complex heap manipulation.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-53751"
},
{
"category": "external",
"summary": "RHBZ#2419858",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419858"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-53751",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53751"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-53751",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53751"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025120842-CVE-2023-53751-2ff2@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025120842-CVE-2023-53751-2ff2@gregkh/T"
}
],
"release_date": "2025-12-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-11T17:06:59+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2577"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Linux kernel Bluetooth L2CAP: Kernel crash due to use-after-free via race condition"
},
{
"cve": "CVE-2023-53833",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2025-12-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2420366"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference vulnerability was found in the Intel i915 graphics driver in the Linux kernel. The intel_atomic_get_new_crtc_state() function can return NULL if the CRTC state was not previously obtained via intel_atomic_get_crtc_state(), but the return value was not checked before use. This leads to a kernel crash when display mode changes are performed under certain conditions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: drm/i915: Fix NULL ptr deref by checking new_crtc_state",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is a NULL pointer dereference in the Intel i915 graphics driver that can cause a kernel crash during display configuration changes. The vulnerability requires local access and affects systems with Intel integrated graphics.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-53833"
},
{
"category": "external",
"summary": "RHBZ#2420366",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2420366"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-53833",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53833"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-53833",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53833"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025120954-CVE-2023-53833-09d9@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025120954-CVE-2023-53833-09d9@gregkh/T"
}
],
"release_date": "2025-12-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-11T17:06:59+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2577"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent the i915 module from being loaded. See https://access.redhat.com/solutions/41278 for instructions on how to blacklist a kernel module. Note that this will disable Intel integrated graphics.",
"product_ids": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: drm/i915: Fix NULL ptr deref by checking new_crtc_state"
},
{
"cve": "CVE-2025-40251",
"cwe": {
"id": "CWE-911",
"name": "Improper Update of Reference Count"
},
"discovery_date": "2025-12-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418892"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndevlink: rate: Unset parent pointer in devl_rate_nodes_destroy\n\nThe function devl_rate_nodes_destroy is documented to \"Unset parent for\nall rate objects\". However, it was only calling the driver-specific\n`rate_leaf_parent_set` or `rate_node_parent_set` ops and decrementing\nthe parent\u0027s refcount, without actually setting the\n`devlink_rate-\u003eparent` pointer to NULL.\n\nThis leaves a dangling pointer in the `devlink_rate` struct, which cause\nrefcount error in netdevsim[1] and mlx5[2]. In addition, this is\ninconsistent with the behavior of `devlink_nl_rate_parent_node_set`,\nwhere the parent pointer is correctly cleared.\n\nThis patch fixes the issue by explicitly setting `devlink_rate-\u003eparent`\nto NULL after notifying the driver, thus fulfilling the function\u0027s\ndocumented behavior for all rate objects.\n\n[1]\nrepro steps:\necho 1 \u003e /sys/bus/netdevsim/new_device\ndevlink dev eswitch set netdevsim/netdevsim1 mode switchdev\necho 1 \u003e /sys/bus/netdevsim/devices/netdevsim1/sriov_numvfs\ndevlink port function rate add netdevsim/netdevsim1/test_node\ndevlink port function rate set netdevsim/netdevsim1/128 parent test_node\necho 1 \u003e /sys/bus/netdevsim/del_device\n\ndmesg:\nrefcount_t: decrement hit 0; leaking memory.\nWARNING: CPU: 8 PID: 1530 at lib/refcount.c:31 refcount_warn_saturate+0x42/0xe0\nCPU: 8 UID: 0 PID: 1530 Comm: bash Not tainted 6.18.0-rc4+ #1 NONE\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014\nRIP: 0010:refcount_warn_saturate+0x42/0xe0\nCall Trace:\n \u003cTASK\u003e\n devl_rate_leaf_destroy+0x8d/0x90\n __nsim_dev_port_del+0x6c/0x70 [netdevsim]\n nsim_dev_reload_destroy+0x11c/0x140 [netdevsim]\n nsim_drv_remove+0x2b/0xb0 [netdevsim]\n device_release_driver_internal+0x194/0x1f0\n bus_remove_device+0xc6/0x130\n device_del+0x159/0x3c0\n device_unregister+0x1a/0x60\n del_device_store+0x111/0x170 [netdevsim]\n kernfs_fop_write_iter+0x12e/0x1e0\n vfs_write+0x215/0x3d0\n ksys_write+0x5f/0xd0\n do_syscall_64+0x55/0x10f0\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\n\n[2]\ndevlink dev eswitch set pci/0000:08:00.0 mode switchdev\ndevlink port add pci/0000:08:00.0 flavour pcisf pfnum 0 sfnum 1000\ndevlink port function rate add pci/0000:08:00.0/group1\ndevlink port function rate set pci/0000:08:00.0/32768 parent group1\nmodprobe -r mlx5_ib mlx5_fwctl mlx5_core\n\ndmesg:\nrefcount_t: decrement hit 0; leaking memory.\nWARNING: CPU: 7 PID: 16151 at lib/refcount.c:31 refcount_warn_saturate+0x42/0xe0\nCPU: 7 UID: 0 PID: 16151 Comm: bash Not tainted 6.17.0-rc7_for_upstream_min_debug_2025_10_02_12_44 #1 NONE\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014\nRIP: 0010:refcount_warn_saturate+0x42/0xe0\nCall Trace:\n \u003cTASK\u003e\n devl_rate_leaf_destroy+0x8d/0x90\n mlx5_esw_offloads_devlink_port_unregister+0x33/0x60 [mlx5_core]\n mlx5_esw_offloads_unload_rep+0x3f/0x50 [mlx5_core]\n mlx5_eswitch_unload_sf_vport+0x40/0x90 [mlx5_core]\n mlx5_sf_esw_event+0xc4/0x120 [mlx5_core]\n notifier_call_chain+0x33/0xa0\n blocking_notifier_call_chain+0x3b/0x50\n mlx5_eswitch_disable_locked+0x50/0x110 [mlx5_core]\n mlx5_eswitch_disable+0x63/0x90 [mlx5_core]\n mlx5_unload+0x1d/0x170 [mlx5_core]\n mlx5_uninit_one+0xa2/0x130 [mlx5_core]\n remove_one+0x78/0xd0 [mlx5_core]\n pci_device_remove+0x39/0xa0\n device_release_driver_internal+0x194/0x1f0\n unbind_store+0x99/0xa0\n kernfs_fop_write_iter+0x12e/0x1e0\n vfs_write+0x215/0x3d0\n ksys_write+0x5f/0xd0\n do_syscall_64+0x53/0x1f0\n entry_SYSCALL_64_after_hwframe+0x4b/0x53",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: devlink: rate: Unset parent pointer in devl_rate_nodes_destroy",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-40251"
},
{
"category": "external",
"summary": "RHBZ#2418892",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418892"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-40251",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40251"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-40251",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-40251"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025120431-CVE-2025-40251-7db7@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025120431-CVE-2025-40251-7db7@gregkh/T"
}
],
"release_date": "2025-12-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-11T17:06:59+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2577"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: devlink: rate: Unset parent pointer in devl_rate_nodes_destroy"
},
{
"cve": "CVE-2025-40304",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2025-12-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419870"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: Add bounds checking in bit_putcs to fix vmalloc-out-of-bounds\n\nAdd bounds checking to prevent writes past framebuffer boundaries when\nrendering text near screen edges. Return early if the Y position is off-screen\nand clip image height to screen boundary. Break from the rendering loop if the\nX position is off-screen. When clipping image width to fit the screen, update\nthe character count to match the clipped width to prevent buffer size\nmismatches.\n\nWithout the character count update, bit_putcs_aligned and bit_putcs_unaligned\nreceive mismatched parameters where the buffer is allocated for the clipped\nwidth but cnt reflects the original larger count, causing out-of-bounds writes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Linux kernel: Out-of-bounds write in fbdev can lead to privilege escalation, information disclosure, or denial of service.",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-40304"
},
{
"category": "external",
"summary": "RHBZ#2419870",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419870"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-40304",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40304"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-40304",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-40304"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025120820-CVE-2025-40304-47b3@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025120820-CVE-2025-40304-47b3@gregkh/T"
}
],
"release_date": "2025-12-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-11T17:06:59+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2577"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H",
"version": "3.1"
},
"products": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Linux kernel: Out-of-bounds write in fbdev can lead to privilege escalation, information disclosure, or denial of service."
},
{
"cve": "CVE-2025-40322",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2025-12-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419902"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: bitblit: bound-check glyph index in bit_putcs*\n\nbit_putcs_aligned()/unaligned() derived the glyph pointer from the\ncharacter value masked by 0xff/0x1ff, which may exceed the actual font\u0027s\nglyph count and read past the end of the built-in font array.\nClamp the index to the actual glyph count before computing the address.\n\nThis fixes a global out-of-bounds read reported by syzbot.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Linux kernel: Information disclosure and denial of service via out-of-bounds read in font glyph handling",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-40322"
},
{
"category": "external",
"summary": "RHBZ#2419902",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419902"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-40322",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40322"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-40322",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-40322"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025120823-CVE-2025-40322-6355@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025120823-CVE-2025-40322-6355@gregkh/T"
}
],
"release_date": "2025-12-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-11T17:06:59+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2577"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent the `fbdev` kernel module from loading if it is not required for system operation. Create a file named `/etc/modprobe.d/disable-fbdev.conf` with the following content:\n\n```\ninstall fbdev /bin/true\nblacklist fbdev\n```\n\nAfter creating the file, regenerate the initramfs using `dracut -f -v` and reboot the system for the changes to take effect. This mitigation may impact systems that rely on `fbdev` for console display or specific graphics hardware, requiring careful evaluation before implementation.",
"product_ids": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Linux kernel: Information disclosure and denial of service via out-of-bounds read in font glyph handling"
},
{
"cve": "CVE-2025-68301",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2025-12-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2422836"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds write vulnerability was found in the Aquantia Atlantic network driver in the Linux kernel. When receiving packets that span more than MAX_SKB_FRAGS (17) fragments, the driver writes beyond the skb fragment array bounds in skb_add_rx_frag(), causing kernel memory corruption and panic.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: net: atlantic: fix fragment overflow handling in RX path",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This affects systems with Aquantia AQC network adapters processing large fragmented packets. Network-adjacent attackers could potentially craft packets to trigger this condition.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68301"
},
{
"category": "external",
"summary": "RHBZ#2422836",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2422836"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68301",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68301"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68301",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68301"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025121643-CVE-2025-68301-be31@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025121643-CVE-2025-68301-be31@gregkh/T"
}
],
"release_date": "2025-12-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-11T17:06:59+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2577"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent the atlantic module from being loaded. See https://access.redhat.com/solutions/41278 for instructions.",
"product_ids": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.165.1.rt21.237.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: net: atlantic: fix fragment overflow handling in RX path"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…