Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

rocky логотип

RLSA-2025:10371

Опубликовано: 03 окт. 2025
Источник: rocky
Оценка: Important

Описание

Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • kernel: ipv6: mcast: extend RCU protection in igmp6_send() (CVE-2025-21759)

  • kernel: x86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes (CVE-2025-21991)

  • kernel: vmxnet3: Fix malformed packet sizing in vmxnet3_process_xdp (CVE-2025-37799)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Затронутые продукты

  • Rocky Linux 10

НаименованиеАрхитектураРелизRPM
kernelx86_6455.20.1.el10_0kernel-6.12.0-55.20.1.el10_0.x86_64.rpm
kernel-abi-stablelistsnoarch55.20.1.el10_0kernel-abi-stablelists-6.12.0-55.20.1.el10_0.noarch.rpm
kernel-corex86_6455.20.1.el10_0kernel-core-6.12.0-55.20.1.el10_0.x86_64.rpm
kernel-debugx86_6455.20.1.el10_0kernel-debug-6.12.0-55.20.1.el10_0.x86_64.rpm
kernel-debug-corex86_6455.20.1.el10_0kernel-debug-core-6.12.0-55.20.1.el10_0.x86_64.rpm
kernel-debuginfo-common-x86_64x86_6455.20.1.el10_0kernel-debuginfo-common-x86_64-6.12.0-55.20.1.el10_0.x86_64.rpm
kernel-debug-modulesx86_6455.20.1.el10_0kernel-debug-modules-6.12.0-55.20.1.el10_0.x86_64.rpm
kernel-debug-modules-corex86_6455.20.1.el10_0kernel-debug-modules-core-6.12.0-55.20.1.el10_0.x86_64.rpm
kernel-debug-modules-extrax86_6455.20.1.el10_0kernel-debug-modules-extra-6.12.0-55.20.1.el10_0.x86_64.rpm
kernel-debug-uki-virtx86_6455.20.1.el10_0kernel-debug-uki-virt-6.12.0-55.20.1.el10_0.x86_64.rpm

Показывать по

Связанные CVE

CVE-2025-21759
CVE-2025-21991
CVE-2025-37799

Ссылки на источники

Исправления

Связанные уязвимости

oracle-oval логотип

ELSA-2025-10371

oracle-oval
4 месяца назад

ELSA-2025-10371: kernel security update (IMPORTANT)

oracle-oval логотип

ELSA-2025-10379

oracle-oval
4 месяца назад

ELSA-2025-10379: kernel security update (IMPORTANT)

ubuntu логотип

CVE-2025-21759

CVSS3: 7.8
ubuntu
8 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: extend RCU protection in igmp6_send() igmp6_send() can be called without RTNL or RCU being held. Extend RCU protection so that we can safely fetch the net pointer and avoid a potential UAF. Note that we no longer can use sock_alloc_send_skb() because ipv6.igmp_sk uses GFP_KERNEL allocations which can sleep. Instead use alloc_skb() and charge the net->ipv6.igmp_sk socket under RCU protection.

redhat логотип

CVE-2025-21759

CVSS3: 6.6
redhat
8 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: extend RCU protection in igmp6_send() igmp6_send() can be called without RTNL or RCU being held. Extend RCU protection so that we can safely fetch the net pointer and avoid a potential UAF. Note that we no longer can use sock_alloc_send_skb() because ipv6.igmp_sk uses GFP_KERNEL allocations which can sleep. Instead use alloc_skb() and charge the net->ipv6.igmp_sk socket under RCU protection.

nvd логотип

CVE-2025-21759

CVSS3: 7.8
nvd
8 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: extend RCU protection in igmp6_send() igmp6_send() can be called without RTNL or RCU being held. Extend RCU protection so that we can safely fetch the net pointer and avoid a potential UAF. Note that we no longer can use sock_alloc_send_skb() because ipv6.igmp_sk uses GFP_KERNEL allocations which can sleep. Instead use alloc_skb() and charge the net->ipv6.igmp_sk socket under RCU protection.