RHSA-2026:7100
Vulnerability from csaf_redhat - Published: 2026-04-08 15:45 - Updated: 2026-04-08 20:50Summary
Red Hat Security Advisory: kernel-rt security update
Severity
Moderate
Notes
Topic: An update for kernel-rt is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
* kernel: Linux kernel: Use-after-free in BPF sockmap can lead to denial of service and privilege escalation (CVE-2025-38154)
* kernel: Linux kernel: Use-After-Free vulnerability in ATM subsystem (CVE-2025-38180)
* kernel: Kernel: Double free vulnerability in exFAT filesystem can lead to denial of service (CVE-2025-38206)
* kernel: Linux kernel:A use-after-free in bridge multicast in br_multicast_port_ctx_init (CVE-2025-38248)
* kernel: macvlan: fix error recovery in macvlan_common_newlink() (CVE-2026-23209)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the Linux kernel's BPF (Berkeley Packet Filter) sockmap subsystem. A race condition exists where the `sk_socket` is not properly locked or referenced during the `skb_send_sock()` function call, allowing for a use-after-free vulnerability. This can be exploited by a local attacker, leading to a system crash (Denial of Service) and potentially enabling information disclosure or privilege escalation.
7.0 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2026:7100
A flaw was found in the Linux kernel's Asynchronous Transfer Mode (ATM) subsystem. An authenticated local attacker could exploit a Use-After-Free (UAF) vulnerability in the /proc/net/atm/lec handling. This flaw occurs due to improper dev_put() calls without prior dev_hold() calls, leading to an imbalance in reference counting. Successful exploitation could allow the attacker to achieve privilege escalation or cause a denial of service.
7.1 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2026:7100
A flaw was found in the Linux kernel's exFAT filesystem driver. A local attacker with low privileges could exploit a double free vulnerability within the `delayed_free` function. This memory corruption flaw can lead to a denial of service (DoS), potentially causing system instability or crashes. It may also result in information disclosure.
7.3 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2026:7100
A flaw was found in the Linux kernel's bridge multicast functionality. A local user could trigger a use-after-free vulnerability, a type of memory corruption, by improperly configuring network bridge router ports. This issue arises because the system fails to correctly remove ports from its internal router port lists, leading to references to freed memory. Exploiting this flaw could result in system instability, denial of service, or potentially allow for privilege escalation.
7.0 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2026:7100
A use-after-free vulnerability was found in the macvlan driver. When creating a macvlan interface in source mode fails after the source MAC has been added to the hash table (e.g., due to an invalid interface name), the hash entry still references the freed net_device structure. Subsequent packets matching that source MAC trigger use-after-free in macvlan_forward_source().
7.0 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2026:7100
Workaround
To mitigate this issue, prevent module macvlan from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.
References
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for kernel-rt is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es):\n\n* kernel: Linux kernel: Use-after-free in BPF sockmap can lead to denial of service and privilege escalation (CVE-2025-38154)\n\n* kernel: Linux kernel: Use-After-Free vulnerability in ATM subsystem (CVE-2025-38180)\n\n* kernel: Kernel: Double free vulnerability in exFAT filesystem can lead to denial of service (CVE-2025-38206)\n\n* kernel: Linux kernel:A use-after-free in bridge multicast in br_multicast_port_ctx_init (CVE-2025-38248)\n\n* kernel: macvlan: fix error recovery in macvlan_common_newlink() (CVE-2026-23209)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:7100",
"url": "https://access.redhat.com/errata/RHSA-2026:7100"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2376056",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2376056"
},
{
"category": "external",
"summary": "2376376",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2376376"
},
{
"category": "external",
"summary": "2376377",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2376377"
},
{
"category": "external",
"summary": "2378981",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2378981"
},
{
"category": "external",
"summary": "2439900",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439900"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_7100.json"
}
],
"title": "Red Hat Security Advisory: kernel-rt security update",
"tracking": {
"current_release_date": "2026-04-08T20:50:09+00:00",
"generator": {
"date": "2026-04-08T20:50:09+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.5"
}
},
"id": "RHSA-2026:7100",
"initial_release_date": "2026-04-08T15:45:13+00:00",
"revision_history": [
{
"date": "2026-04-08T15:45:13+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-04-08T15:45:13+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-08T20:50:09+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product": {
"name": "Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_e4s:9.0::nfv"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product": {
"name": "Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_e4s:9.0::realtime"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.src",
"product": {
"name": "kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.src",
"product_id": "kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@5.14.0-70.173.1.rt21.245.el9_0?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"product": {
"name": "kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"product_id": "kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@5.14.0-70.173.1.rt21.245.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"product": {
"name": "kernel-rt-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"product_id": "kernel-rt-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-core@5.14.0-70.173.1.rt21.245.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"product": {
"name": "kernel-rt-debug-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"product_id": "kernel-rt-debug-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug@5.14.0-70.173.1.rt21.245.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"product": {
"name": "kernel-rt-debug-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"product_id": "kernel-rt-debug-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-core@5.14.0-70.173.1.rt21.245.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"product": {
"name": "kernel-rt-debug-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"product_id": "kernel-rt-debug-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-devel@5.14.0-70.173.1.rt21.245.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"product": {
"name": "kernel-rt-debug-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"product_id": "kernel-rt-debug-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-kvm@5.14.0-70.173.1.rt21.245.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"product": {
"name": "kernel-rt-debug-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"product_id": "kernel-rt-debug-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-modules@5.14.0-70.173.1.rt21.245.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"product": {
"name": "kernel-rt-debug-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"product_id": "kernel-rt-debug-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-modules-extra@5.14.0-70.173.1.rt21.245.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"product": {
"name": "kernel-rt-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"product_id": "kernel-rt-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-devel@5.14.0-70.173.1.rt21.245.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"product": {
"name": "kernel-rt-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"product_id": "kernel-rt-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-kvm@5.14.0-70.173.1.rt21.245.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"product": {
"name": "kernel-rt-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"product_id": "kernel-rt-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-modules@5.14.0-70.173.1.rt21.245.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"product": {
"name": "kernel-rt-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"product_id": "kernel-rt-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-modules-extra@5.14.0-70.173.1.rt21.245.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"product": {
"name": "kernel-rt-debug-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"product_id": "kernel-rt-debug-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@5.14.0-70.173.1.rt21.245.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"product": {
"name": "kernel-rt-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"product_id": "kernel-rt-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo@5.14.0-70.173.1.rt21.245.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"product": {
"name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"product_id": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common-x86_64@5.14.0-70.173.1.rt21.245.el9_0?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.src as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.src"
},
"product_reference": "kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.src",
"relates_to_product_reference": "NFV-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64"
},
"product_reference": "kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"relates_to_product_reference": "NFV-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64"
},
"product_reference": "kernel-rt-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"relates_to_product_reference": "NFV-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64"
},
"product_reference": "kernel-rt-debug-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"relates_to_product_reference": "NFV-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64"
},
"product_reference": "kernel-rt-debug-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"relates_to_product_reference": "NFV-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64"
},
"product_reference": "kernel-rt-debug-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"relates_to_product_reference": "NFV-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64"
},
"product_reference": "kernel-rt-debug-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"relates_to_product_reference": "NFV-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64"
},
"product_reference": "kernel-rt-debug-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"relates_to_product_reference": "NFV-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64"
},
"product_reference": "kernel-rt-debug-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"relates_to_product_reference": "NFV-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64"
},
"product_reference": "kernel-rt-debug-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"relates_to_product_reference": "NFV-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64"
},
"product_reference": "kernel-rt-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"relates_to_product_reference": "NFV-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64"
},
"product_reference": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"relates_to_product_reference": "NFV-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64"
},
"product_reference": "kernel-rt-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"relates_to_product_reference": "NFV-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64"
},
"product_reference": "kernel-rt-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"relates_to_product_reference": "NFV-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64"
},
"product_reference": "kernel-rt-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"relates_to_product_reference": "NFV-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64"
},
"product_reference": "kernel-rt-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"relates_to_product_reference": "NFV-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.src as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.src"
},
"product_reference": "kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.src",
"relates_to_product_reference": "RT-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64"
},
"product_reference": "kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"relates_to_product_reference": "RT-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64"
},
"product_reference": "kernel-rt-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"relates_to_product_reference": "RT-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64"
},
"product_reference": "kernel-rt-debug-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"relates_to_product_reference": "RT-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64"
},
"product_reference": "kernel-rt-debug-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"relates_to_product_reference": "RT-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64"
},
"product_reference": "kernel-rt-debug-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"relates_to_product_reference": "RT-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64"
},
"product_reference": "kernel-rt-debug-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"relates_to_product_reference": "RT-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64"
},
"product_reference": "kernel-rt-debug-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"relates_to_product_reference": "RT-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64"
},
"product_reference": "kernel-rt-debug-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"relates_to_product_reference": "RT-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64"
},
"product_reference": "kernel-rt-debug-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"relates_to_product_reference": "RT-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64"
},
"product_reference": "kernel-rt-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"relates_to_product_reference": "RT-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64"
},
"product_reference": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"relates_to_product_reference": "RT-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64"
},
"product_reference": "kernel-rt-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"relates_to_product_reference": "RT-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64"
},
"product_reference": "kernel-rt-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"relates_to_product_reference": "RT-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64"
},
"product_reference": "kernel-rt-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"relates_to_product_reference": "RT-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64"
},
"product_reference": "kernel-rt-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"relates_to_product_reference": "RT-9.0.0.Z.E4S"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-38154",
"cwe": {
"id": "CWE-821",
"name": "Incorrect Synchronization"
},
"discovery_date": "2025-07-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2376056"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u0027s BPF (Berkeley Packet Filter) sockmap subsystem. A race condition exists where the `sk_socket` is not properly locked or referenced during the `skb_send_sock()` function call, allowing for a use-after-free vulnerability. This can be exploited by a local attacker, leading to a system crash (Denial of Service) and potentially enabling information disclosure or privilege escalation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Linux kernel: Use-after-free in BPF sockmap can lead to denial of service and privilege escalation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-38154"
},
{
"category": "external",
"summary": "RHBZ#2376056",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2376056"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-38154",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38154"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-38154",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-38154"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025070337-CVE-2025-38154-8353@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025070337-CVE-2025-38154-8353@gregkh/T"
}
],
"release_date": "2025-07-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T15:45:13+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Linux kernel: Use-after-free in BPF sockmap can lead to denial of service and privilege escalation"
},
{
"cve": "CVE-2025-38180",
"cwe": {
"id": "CWE-911",
"name": "Improper Update of Reference Count"
},
"discovery_date": "2025-07-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2376376"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u0027s Asynchronous Transfer Mode (ATM) subsystem. An authenticated local attacker could exploit a Use-After-Free (UAF) vulnerability in the /proc/net/atm/lec handling. This flaw occurs due to improper dev_put() calls without prior dev_hold() calls, leading to an imbalance in reference counting. Successful exploitation could allow the attacker to achieve privilege escalation or cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Linux kernel: Use-After-Free vulnerability in ATM subsystem",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-38180"
},
{
"category": "external",
"summary": "RHBZ#2376376",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2376376"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-38180",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38180"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-38180",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-38180"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025070410-CVE-2025-38180-c6d0@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025070410-CVE-2025-38180-c6d0@gregkh/T"
}
],
"release_date": "2025-07-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T15:45:13+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Linux kernel: Use-After-Free vulnerability in ATM subsystem"
},
{
"cve": "CVE-2025-38206",
"cwe": {
"id": "CWE-763",
"name": "Release of Invalid Pointer or Reference"
},
"discovery_date": "2025-07-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2376377"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u0027s exFAT filesystem driver. A local attacker with low privileges could exploit a double free vulnerability within the `delayed_free` function. This memory corruption flaw can lead to a denial of service (DoS), potentially causing system instability or crashes. It may also result in information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Kernel: Double free vulnerability in exFAT filesystem can lead to denial of service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-38206"
},
{
"category": "external",
"summary": "RHBZ#2376377",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2376377"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-38206",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38206"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-38206",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-38206"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025070420-CVE-2025-38206-a077@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025070420-CVE-2025-38206-a077@gregkh/T"
}
],
"release_date": "2025-07-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T15:45:13+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H",
"version": "3.1"
},
"products": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Kernel: Double free vulnerability in exFAT filesystem can lead to denial of service"
},
{
"cve": "CVE-2025-38248",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2025-07-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2378981"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u0027s bridge multicast functionality. A local user could trigger a use-after-free vulnerability, a type of memory corruption, by improperly configuring network bridge router ports. This issue arises because the system fails to correctly remove ports from its internal router port lists, leading to references to freed memory. Exploiting this flaw could result in system instability, denial of service, or potentially allow for privilege escalation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Linux kernel:A use-after-free in bridge multicast in br_multicast_port_ctx_init",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-38248"
},
{
"category": "external",
"summary": "RHBZ#2378981",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2378981"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-38248",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38248"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-38248",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-38248"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025070934-CVE-2025-38248-003c@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025070934-CVE-2025-38248-003c@gregkh/T"
}
],
"release_date": "2025-07-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T15:45:13+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Linux kernel:A use-after-free in bridge multicast in br_multicast_port_ctx_init"
},
{
"cve": "CVE-2026-23209",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2026-02-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2439900"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free vulnerability was found in the macvlan driver. When creating a macvlan interface in source mode fails after the source MAC has been added to the hash table (e.g., due to an invalid interface name), the hash entry still references the freed net_device structure. Subsequent packets matching that source MAC trigger use-after-free in macvlan_forward_source().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: macvlan: fix error recovery in macvlan_common_newlink()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability can be exploited by a local user with CAP_NET_ADMIN to trigger use-after-free by creating a macvlan with an invalid name. The detailed reproducer and analysis were provided by a security researcher. This could potentially be used for privilege escalation via controlled memory corruption.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-23209"
},
{
"category": "external",
"summary": "RHBZ#2439900",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439900"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-23209",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23209"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-23209",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23209"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2026021439-CVE-2026-23209-9ad6@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2026021439-CVE-2026-23209-9ad6@gregkh/T"
}
],
"release_date": "2026-02-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T15:45:13+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:7100"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent module macvlan from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.173.1.rt21.245.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: macvlan: fix error recovery in macvlan_common_newlink()"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…