Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

rocky логотип

RLSA-2025:12752

Опубликовано: 08 сент. 2025
Источник: rocky
Оценка: Important

Описание

Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • kernel: HID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove() (CVE-2025-21928)

  • kernel: memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove (CVE-2025-22020)

  • kernel: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc (CVE-2025-37890)

  • kernel: net/tipc: fix slab-use-after-free Read in tipc_aead_encrypt_done (CVE-2025-38052)

  • kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079)

  • kernel: ext4: avoid resizing to a partial cluster size (CVE-2022-50020)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Затронутые продукты

  • Rocky Linux 8

НаименованиеАрхитектураРелизRPM
bpftoolx86_64553.66.1.el8_10bpftool-4.18.0-553.66.1.el8_10.x86_64.rpm
kernelx86_64553.66.1.el8_10kernel-4.18.0-553.66.1.el8_10.x86_64.rpm
kernel-abi-stablelistsnoarch553.66.1.el8_10kernel-abi-stablelists-4.18.0-553.66.1.el8_10.noarch.rpm
kernel-corex86_64553.66.1.el8_10kernel-core-4.18.0-553.66.1.el8_10.x86_64.rpm
kernel-cross-headersx86_64553.66.1.el8_10kernel-cross-headers-4.18.0-553.66.1.el8_10.x86_64.rpm
kernel-debugx86_64553.66.1.el8_10kernel-debug-4.18.0-553.66.1.el8_10.x86_64.rpm
kernel-debug-corex86_64553.66.1.el8_10kernel-debug-core-4.18.0-553.66.1.el8_10.x86_64.rpm
kernel-debug-develx86_64553.66.1.el8_10kernel-debug-devel-4.18.0-553.66.1.el8_10.x86_64.rpm
kernel-debuginfo-common-x86_64x86_64553.66.1.el8_10kernel-debuginfo-common-x86_64-4.18.0-553.66.1.el8_10.x86_64.rpm
kernel-debug-modulesx86_64553.66.1.el8_10kernel-debug-modules-4.18.0-553.66.1.el8_10.x86_64.rpm

Показывать по

Связанные CVE

CVE-2022-50020
CVE-2025-21928
CVE-2025-22020
CVE-2025-37890
CVE-2025-38052
CVE-2025-38079

Ссылки на источники

Исправления

Связанные уязвимости

oracle-oval логотип

ELSA-2025-12752

oracle-oval
около 2 месяцев назад

ELSA-2025-12752: kernel security update (IMPORTANT)

ubuntu логотип

CVE-2022-50020

ubuntu
4 месяца назад

In the Linux kernel, the following vulnerability has been resolved: ext4: avoid resizing to a partial cluster size This patch avoids an attempt to resize the filesystem to an unaligned cluster boundary. An online resize to a size that is not integral to cluster size results in the last iteration attempting to grow the fs by a negative amount, which trips a BUG_ON and leaves the fs with a corrupted in-memory superblock.

redhat логотип

CVE-2022-50020

CVSS3: 7
redhat
4 месяца назад

In the Linux kernel, the following vulnerability has been resolved: ext4: avoid resizing to a partial cluster size This patch avoids an attempt to resize the filesystem to an unaligned cluster boundary. An online resize to a size that is not integral to cluster size results in the last iteration attempting to grow the fs by a negative amount, which trips a BUG_ON and leaves the fs with a corrupted in-memory superblock.

nvd логотип

CVE-2022-50020

nvd
4 месяца назад

In the Linux kernel, the following vulnerability has been resolved: ext4: avoid resizing to a partial cluster size This patch avoids an attempt to resize the filesystem to an unaligned cluster boundary. An online resize to a size that is not integral to cluster size results in the last iteration attempting to grow the fs by a negative amount, which trips a BUG_ON and leaves the fs with a corrupted in-memory superblock.

debian логотип

CVE-2022-50020

debian
4 месяца назад

In the Linux kernel, the following vulnerability has been resolved: e ...