Security Bulletin: Vulnerabilities in kernel affects IBM Netezza Appliance

Summary The kernel package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVEs CVE-2022-49846, CVE-2025-21759, CVE-2025-21887, CVE-2025-22004, CVE-2025-37799 Vulnerability Details CVEID:CVE-2022-49846 DESCRIPTION: In the Linux kernel, the following...

K000157341: Linux kernel vulnerability CVE-2025-21887

Security Advisory Description In the Linux kernel, the following vulnerability has been resolved: ovl: fix UAF in ovldentryupdatereval by moving dput in ovllinkup The issue was caused by dputupper being called before ovldentryupdatereval, while upper-dflags was still accessed in ovldentryremote...

kernel security update

An update is available for kernel. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux operating...

RHEL 9 : kernel (RHSA-2025:11810)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:11810 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: drm/amd/display: Implement...

AlmaLinux 9 : kernel (ALSA-2025:10379)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:10379 advisory. kernel: ipv6: mcast: extend RCU protection in igmp6send CVE-2025-21759 kernel: ovl: fix UAF in ovldentryupdatereval by moving dput in ovllinkup...

ALSA-2025:10379 Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: ipv6: mcast: extend RCU protection in igmp6send CVE-2025-21759 kernel: ovl: fix UAF in ovldentryupdatereval by moving dput in ovllinkup CVE-2025-21887 kernel: net: atm: fix use after free...

RHEL 9 : kernel (RHSA-2025:10379)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:10379 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: ipv6: mcast: extend RCU...

Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: ipv6: mcast: extend RCU protection in igmp6send CVE-2025-21759 kernel: ovl: fix UAF in ovldentryupdatereval by moving dput in ovllinkup CVE-2025-21887 kernel: net: atm: fix use after free...

RHEL 10 : kernel (RHSA-2025:9079)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:9079 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: ndisc: use RCU protection in...

Azure Linux 3.0 Security Update: kernel (CVE-2025-21887)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21887 advisory. - In the Linux kernel, the following vulnerability has been resolved: ovl: fix UAF in ovldentryupdatereval by...

CBL Mariner 2.0 Security Update: kernel (CVE-2025-21887)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21887 advisory. - In the Linux kernel, the following vulnerability has been resolved: ovl: fix UAF in ovldentryupdatereval by...

CVE-2025-21887 affecting package kernel for versions less than 5.15.180.1-1

CVE-2025-21887 affecting package kernel for versions less than 5.15.180.1-1. An upgraded version of the package is available that resolves this issue...

CVE-2025-21887 affecting package kernel for versions less than 6.6.82.1-1

CVE-2025-21887 affecting package kernel for versions less than 6.6.82.1-1. An upgraded version of the package is available that resolves this issue...

BELL-CVE-2025-21887

Bulletin has no description...

CVE-2025-21887

In the Linux kernel, the following vulnerability has been resolved: ovl: fix UAF in ovldentryupdatereval by moving dput in ovllinkup The issue was caused by dputupper being called before ovldentryupdatereval, while upper-dflags was still accessed in ovldentryremote. Move dputupper after its last...

CVE-2025-21887

In CVE-2025-21887, the Linux kernel overlayfs (ovl) had a use-after-free in ovl_dentry_remote/ovl_dentry_update_reval caused by calling dput(upper) before upper is no longer safe to use; the fix moves dput(upper) to after its final use in ovl_link_up, preventing the UAF. The issue is addressed in...