ALSA-2025:19469 Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: ipv6: sr: Fix MAC comparison to be constant-time CVE-2025-39702 kernel: kernfs: Fix UAF in polling when open file is released CVE-2025-39881 For more details about the security issues,...

RLSA-2025:19106 Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: NFS: Fix a race when updating an existing write CVE-2025-39697 kernel: vsock/virtio: Validate length in packet header before skbput CVE-2025-39718 kernel: NFS: Fix filehandle bounds...

kernel-rt security update

An update is available for kernel-rt. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel-rt packages provide the Real Time Linux Kernel, which enables...

OESA-2025-2551 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved:sunrpc: fix one UAF issue caused by sunrpc kernel tcp socketBUG: KASAN: slab-use-after-free in tcpwritetimerhandler+0x156/0x3e0Read of size 1 at addr...

RHSA-2025:19224 Red Hat Security Advisory: kernel security update

Bulletin has no description...

Input: uinput - zero-initialize uinput_ff_upload_compat to avoid info leak

...

AZL-68942 CVE-2025-40071 affecting package kernel for versions less than 6.6.112.1-2

In the Linux kernel, the following vulnerability has been resolved: tty: ngsm: Don't block input queue by waiting MSC Currently gsmqueue processes incoming frames and when opening a DLC channel it calls gsmdlciopen which calls gsmmodemupdate. If basic mode is used it calls gsmmodemupdviamsc and i...

AZL-68915 CVE-2025-40049 affecting package kernel for versions less than 6.6.112.1-2

In the Linux kernel, the following vulnerability has been resolved: Squashfs: fix uninit-value in squashfsgetparent Syzkaller reports a "KMSAN: uninit-value in squashfsgetparent" bug. This is caused by openbyhandleat being called with a file handle containing an invalid parent inode number. In...

CVE-2025-40075 tcp_metrics: use dst_dev_net_rcu()

In the Linux kernel, the following vulnerability has been resolved: tcpmetrics: use dstdevnetrcu Replace three dstdev with a lockdep enabled helper...

CVE-2025-40065 RISC-V: KVM: Write hgatp register with valid mode bits

In the Linux kernel, the following vulnerability has been resolved: RISC-V: KVM: Write hgatp register with valid mode bits According to the RISC-V Privileged Architecture Spec, when MODE=Bare is selected,software must write zero to the remaining fields of hgatp. We have detected the valid mode...

CVE-2025-40050 bpf: Skip scalar adjustment for BPF_NEG if dst is a pointer

In the Linux kernel, the following vulnerability has been resolved: bpf: Skip scalar adjustment for BPFNEG if dst is a pointer In checkaluop, the verifier currently calls checkregarg and adjustscalarminmaxvals unconditionally for BPFNEG operations. However, if the destination register holds a...

CVE-2025-40030 pinctrl: check the return value of pinmux_ops::get_function_name()

In the Linux kernel, the following vulnerability has been resolved: pinctrl: check the return value of pinmuxops::getfunctionname While the API contract in docs doesn't specify it explicitly, the generic implementation of the getfunctionname callback from struct pinmuxops -...

CVE-2025-40030 pinctrl: check the return value of pinmux_ops::get_function_name()

In the Linux kernel, the following vulnerability has been resolved: pinctrl: check the return value of pinmuxops::getfunctionname While the API contract in docs doesn't specify it explicitly, the generic implementation of the getfunctionname callback from struct pinmuxops -...

RHSA-2025:19105 Red Hat Security Advisory: kernel security update

Bulletin has no description...

RHSA-2025:19104 Red Hat Security Advisory: kernel security update

Bulletin has no description...

Moderate: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

Important: kernel-livepatch-4.14.355-280.698

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Use rawsmpprocessorid instead of smpprocessorid CVE-2023-53530 Affected Packages: kernel-livepatch-4.14.355-280.698 Issue Correction: Please ensure you have live patching enabled. Run yum update...

kernel security update

4.18.0-553.81.1 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...

ALSA-2025:19102 Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Bluetooth: L2CAP: fix "bad unlock balance" in l2capdisconnectrsp CVE-2023-53297 kernel: efivarfs: Fix slab-out-of-bounds in efivarfsdcompare CVE-2025-39817 kernel: Bluetooth: Fix potentia...

RLSA-2025:18318 Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: KVM: x86/hyper-v: Skip non-canonical addresses during PV TLB flush CVE-2025-38351 kernel: sunrpc: fix client side handling of tls alerts CVE-2025-38571 kernel: eventpoll: Fix semi-unbound...