rhsa-2025:10675
Vulnerability from csaf_redhat
Published
2025-07-09 00:29
Modified
2025-08-06 02:59
Summary
Red Hat Security Advisory: kernel-rt security update
Notes
Topic
An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
* Kernel: use-after-free in nfsd4_ssc_setup_dul in fs/nfsd/nfs4proc.c (CVE-2023-1652)
* kernel: ext4: ignore xattrs past end (CVE-2025-37738)
* kernel: udf: Fix a slab-out-of-bounds write bug in udf_find_entry() (CVE-2022-49846)
* kernel: net: atlantic: fix aq_vec index out of range error (CVE-2022-50066)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es):\n\n* Kernel: use-after-free in nfsd4_ssc_setup_dul in fs/nfsd/nfs4proc.c (CVE-2023-1652)\n\n* kernel: ext4: ignore xattrs past end (CVE-2025-37738)\n\n* kernel: udf: Fix a slab-out-of-bounds write bug in udf_find_entry() (CVE-2022-49846)\n\n* kernel: net: atlantic: fix aq_vec index out of range error (CVE-2022-50066)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:10675",
"url": "https://access.redhat.com/errata/RHSA-2025:10675"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2182031",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182031"
},
{
"category": "external",
"summary": "2363305",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2363305"
},
{
"category": "external",
"summary": "2363432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2363432"
},
{
"category": "external",
"summary": "2373683",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2373683"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_10675.json"
}
],
"title": "Red Hat Security Advisory: kernel-rt security update",
"tracking": {
"current_release_date": "2025-08-06T02:59:35+00:00",
"generator": {
"date": "2025-08-06T02:59:35+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.6"
}
},
"id": "RHSA-2025:10675",
"initial_release_date": "2025-07-09T00:29:11+00:00",
"revision_history": [
{
"date": "2025-07-09T00:29:11+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-07-09T00:29:11+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-08-06T02:59:35+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"product": {
"name": "Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"product_id": "RT-9.2.0.Z.E4S",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_e4s:9.2::realtime"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"product": {
"name": "Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"product_id": "NFV-9.2.0.Z.E4S",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_e4s:9.2::nfv"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.src",
"product": {
"name": "kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.src",
"product_id": "kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@5.14.0-284.124.1.rt14.409.el9_2?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"product": {
"name": "kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"product_id": "kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@5.14.0-284.124.1.rt14.409.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"product": {
"name": "kernel-rt-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"product_id": "kernel-rt-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-core@5.14.0-284.124.1.rt14.409.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"product": {
"name": "kernel-rt-debug-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"product_id": "kernel-rt-debug-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug@5.14.0-284.124.1.rt14.409.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"product": {
"name": "kernel-rt-debug-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"product_id": "kernel-rt-debug-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-core@5.14.0-284.124.1.rt14.409.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"product": {
"name": "kernel-rt-debug-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"product_id": "kernel-rt-debug-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-devel@5.14.0-284.124.1.rt14.409.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"product": {
"name": "kernel-rt-debug-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"product_id": "kernel-rt-debug-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-modules@5.14.0-284.124.1.rt14.409.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"product": {
"name": "kernel-rt-debug-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"product_id": "kernel-rt-debug-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-modules-core@5.14.0-284.124.1.rt14.409.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"product": {
"name": "kernel-rt-debug-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"product_id": "kernel-rt-debug-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-modules-extra@5.14.0-284.124.1.rt14.409.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"product": {
"name": "kernel-rt-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"product_id": "kernel-rt-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-devel@5.14.0-284.124.1.rt14.409.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"product": {
"name": "kernel-rt-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"product_id": "kernel-rt-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-modules@5.14.0-284.124.1.rt14.409.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"product": {
"name": "kernel-rt-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"product_id": "kernel-rt-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-modules-core@5.14.0-284.124.1.rt14.409.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"product": {
"name": "kernel-rt-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"product_id": "kernel-rt-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-modules-extra@5.14.0-284.124.1.rt14.409.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"product": {
"name": "kernel-rt-debug-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"product_id": "kernel-rt-debug-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@5.14.0-284.124.1.rt14.409.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"product": {
"name": "kernel-rt-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"product_id": "kernel-rt-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo@5.14.0-284.124.1.rt14.409.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"product": {
"name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"product_id": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common-x86_64@5.14.0-284.124.1.rt14.409.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"product": {
"name": "kernel-rt-debug-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"product_id": "kernel-rt-debug-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-kvm@5.14.0-284.124.1.rt14.409.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"product": {
"name": "kernel-rt-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"product_id": "kernel-rt-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-kvm@5.14.0-284.124.1.rt14.409.el9_2?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.src as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"product_id": "NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.src"
},
"product_reference": "kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.src",
"relates_to_product_reference": "NFV-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"product_id": "NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64"
},
"product_reference": "kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"product_id": "NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64"
},
"product_reference": "kernel-rt-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"product_id": "NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"product_id": "NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"product_id": "NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"product_id": "NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"product_id": "NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"product_id": "NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"product_id": "NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"product_id": "NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"product_id": "NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64"
},
"product_reference": "kernel-rt-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"product_id": "NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64"
},
"product_reference": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"product_id": "NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64"
},
"product_reference": "kernel-rt-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"product_id": "NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64"
},
"product_reference": "kernel-rt-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"product_id": "NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64"
},
"product_reference": "kernel-rt-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"product_id": "NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64"
},
"product_reference": "kernel-rt-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"product_id": "NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64"
},
"product_reference": "kernel-rt-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.src as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"product_id": "RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.src"
},
"product_reference": "kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.src",
"relates_to_product_reference": "RT-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"product_id": "RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64"
},
"product_reference": "kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"product_id": "RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64"
},
"product_reference": "kernel-rt-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"product_id": "RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"product_id": "RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"product_id": "RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"product_id": "RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"product_id": "RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"product_id": "RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"product_id": "RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"product_id": "RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"product_id": "RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64"
},
"product_reference": "kernel-rt-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"product_id": "RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64"
},
"product_reference": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"product_id": "RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64"
},
"product_reference": "kernel-rt-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"product_id": "RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64"
},
"product_reference": "kernel-rt-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"product_id": "RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64"
},
"product_reference": "kernel-rt-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"product_id": "RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64"
},
"product_reference": "kernel-rt-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"product_id": "RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64"
},
"product_reference": "kernel-rt-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.E4S"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-49846",
"discovery_date": "2025-05-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2363432"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nudf: Fix a slab-out-of-bounds write bug in udf_find_entry()\n\nSyzbot reported a slab-out-of-bounds Write bug:\n\nloop0: detected capacity change from 0 to 2048\n==================================================================\nBUG: KASAN: slab-out-of-bounds in udf_find_entry+0x8a5/0x14f0\nfs/udf/namei.c:253\nWrite of size 105 at addr ffff8880123ff896 by task syz-executor323/3610\n\nCPU: 0 PID: 3610 Comm: syz-executor323 Not tainted\n6.1.0-rc2-syzkaller-00105-gb229b6ca5abb #0\nHardware name: Google Compute Engine/Google Compute Engine, BIOS\nGoogle 10/11/2022\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x1b1/0x28e lib/dump_stack.c:106\n print_address_description+0x74/0x340 mm/kasan/report.c:284\n print_report+0x107/0x1f0 mm/kasan/report.c:395\n kasan_report+0xcd/0x100 mm/kasan/report.c:495\n kasan_check_range+0x2a7/0x2e0 mm/kasan/generic.c:189\n memcpy+0x3c/0x60 mm/kasan/shadow.c:66\n udf_find_entry+0x8a5/0x14f0 fs/udf/namei.c:253\n udf_lookup+0xef/0x340 fs/udf/namei.c:309\n lookup_open fs/namei.c:3391 [inline]\n open_last_lookups fs/namei.c:3481 [inline]\n path_openat+0x10e6/0x2df0 fs/namei.c:3710\n do_filp_open+0x264/0x4f0 fs/namei.c:3740\n do_sys_openat2+0x124/0x4e0 fs/open.c:1310\n do_sys_open fs/open.c:1326 [inline]\n __do_sys_creat fs/open.c:1402 [inline]\n __se_sys_creat fs/open.c:1396 [inline]\n __x64_sys_creat+0x11f/0x160 fs/open.c:1396\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x3d/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\nRIP: 0033:0x7ffab0d164d9\nCode: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89\nf7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01\nf0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007ffe1a7e6bb8 EFLAGS: 00000246 ORIG_RAX: 0000000000000055\nRAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007ffab0d164d9\nRDX: 00007ffab0d164d9 RSI: 0000000000000000 RDI: 0000000020000180\nRBP: 00007ffab0cd5a10 R08: 0000000000000000 R09: 0000000000000000\nR10: 00005555573552c0 R11: 0000000000000246 R12: 00007ffab0cd5aa0\nR13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000\n \u003c/TASK\u003e\n\nAllocated by task 3610:\n kasan_save_stack mm/kasan/common.c:45 [inline]\n kasan_set_track+0x3d/0x60 mm/kasan/common.c:52\n ____kasan_kmalloc mm/kasan/common.c:371 [inline]\n __kasan_kmalloc+0x97/0xb0 mm/kasan/common.c:380\n kmalloc include/linux/slab.h:576 [inline]\n udf_find_entry+0x7b6/0x14f0 fs/udf/namei.c:243\n udf_lookup+0xef/0x340 fs/udf/namei.c:309\n lookup_open fs/namei.c:3391 [inline]\n open_last_lookups fs/namei.c:3481 [inline]\n path_openat+0x10e6/0x2df0 fs/namei.c:3710\n do_filp_open+0x264/0x4f0 fs/namei.c:3740\n do_sys_openat2+0x124/0x4e0 fs/open.c:1310\n do_sys_open fs/open.c:1326 [inline]\n __do_sys_creat fs/open.c:1402 [inline]\n __se_sys_creat fs/open.c:1396 [inline]\n __x64_sys_creat+0x11f/0x160 fs/open.c:1396\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x3d/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nThe buggy address belongs to the object at ffff8880123ff800\n which belongs to the cache kmalloc-256 of size 256\nThe buggy address is located 150 bytes inside of\n 256-byte region [ffff8880123ff800, ffff8880123ff900)\n\nThe buggy address belongs to the physical page:\npage:ffffea000048ff80 refcount:1 mapcount:0 mapping:0000000000000000\nindex:0x0 pfn:0x123fe\nhead:ffffea000048ff80 order:1 compound_mapcount:0 compound_pincount:0\nflags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff)\nraw: 00fff00000010200 ffffea00004b8500 dead000000000003 ffff888012041b40\nraw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000\npage dumped because: kasan: bad access detected\npage_owner tracks the page as allocated\npage last allocated via order 0, migratetype Unmovable, gfp_mask 0x0(),\npid 1, tgid 1 (swapper/0), ts 1841222404, free_ts 0\n create_dummy_stack mm/page_owner.c:\n---truncated---",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: udf: Fix a slab-out-of-bounds write bug in udf_find_entry()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "A slab-out-of-bounds write was discovered in udf_find_entry() due to incorrect allocation size when handling long filenames in split name descriptors. This can be triggered by mounting a crafted UDF image and attempting to create a file with a specially constructed name. Although local privileges are required, the flaw allows kernel memory corruption, leading to potential privilege escalation or DoS.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-49846"
},
{
"category": "external",
"summary": "RHBZ#2363432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2363432"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-49846",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49846"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-49846",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-49846"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025050142-CVE-2022-49846-728c@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025050142-CVE-2022-49846-728c@gregkh/T"
}
],
"release_date": "2025-05-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-09T00:29:11+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10675"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent module udf from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: udf: Fix a slab-out-of-bounds write bug in udf_find_entry()"
},
{
"cve": "CVE-2022-50066",
"cwe": {
"id": "CWE-823",
"name": "Use of Out-of-range Pointer Offset"
},
"discovery_date": "2025-06-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2373683"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Linux kernel\u0027s Aquantia Atlantic driver, where a lack of proper bounds checking during loop indexing can lead to an out-of-bounds access. This can lead to undefined system behavior and a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: net: atlantic: fix aq_vec index out of range error",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in the Aquantia network driver (atlantic) allows out-of-bounds access to the aq_vec[] array, which can lead to a kernel crash. However, triggering this issue requires privileges, as it occurs in internal kernel functions like aq_nic_stop() and aq_vec_isr(), typically invoked during device suspend or shutdown. This bug was observable through a UBSAN report in aq_nic_stop().",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-50066"
},
{
"category": "external",
"summary": "RHBZ#2373683",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2373683"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-50066",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50066"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-50066",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-50066"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025061851-CVE-2022-50066-a2ad@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025061851-CVE-2022-50066-a2ad@gregkh/T"
}
],
"release_date": "2025-06-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-09T00:29:11+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10675"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent module atlantic from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: net: atlantic: fix aq_vec index out of range error"
},
{
"acknowledgments": [
{
"names": [
"1. Xingyuan Mo",
"2. Gengjia Chen"
],
"organization": "IceSword Lab"
}
],
"cve": "CVE-2023-1652",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2023-03-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2182031"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in nfsd4_ssc_setup_dul in fs/nfsd/nfs4proc.c in the NFS filesystem in the Linux Kernel. This issue could allow a local attacker to crash the system or it may lead to a kernel information leak problem.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Kernel: use-after-free in nfsd4_ssc_setup_dul in fs/nfsd/nfs4proc.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-1652"
},
{
"category": "external",
"summary": "RHBZ#2182031",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182031"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-1652",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1652"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-1652",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1652"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=e6cf91b7b47ff82b624bdfe2fdcde32bb52e71dd",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=e6cf91b7b47ff82b624bdfe2fdcde32bb52e71dd"
}
],
"release_date": "2023-01-12T06:30:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-09T00:29:11+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10675"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Kernel: use-after-free in nfsd4_ssc_setup_dul in fs/nfsd/nfs4proc.c"
},
{
"cve": "CVE-2025-37738",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2025-05-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2363305"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free vulnerability has been discovered in the Linux kernel, specifically within the ext4_xattr_inode_dec_ref_all function (related to the ext4 filesystem\u0027s extended attributes). An attacker could exploit this flaw by providing a specially crafted payload, leading to a denial of service condition that compromises system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: ext4: ignore xattrs past end",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-37738"
},
{
"category": "external",
"summary": "RHBZ#2363305",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2363305"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-37738",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37738"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-37738",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-37738"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025050132-CVE-2025-37738-deb1@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025050132-CVE-2025-37738-deb1@gregkh/T"
}
],
"release_date": "2025-05-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-09T00:29:11+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10675"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.124.1.rt14.409.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: ext4: ignore xattrs past end"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…