Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

rocky логотип

RLSA-2025:13602

Опубликовано: 04 окт. 2025
Источник: rocky
Оценка: Moderate

Описание

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system.

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

The kernel packages contain the Linux kernel, the core of any Linux operating system.

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079)

The kernel packages contain the Linux kernel, the core of any Linux operating system.

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

The kernel packages contain the Linux kernel, the core of any Linux operating system.

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • kernel: crypto: algif_hash - fix double free in hash_accept (CVE-2025-38079)

  • kernel: wifi: ath12k: fix invalid access to memory (CVE-2025-38292)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Затронутые продукты

  • Rocky Linux 9

НаименованиеАрхитектураРелизRPM
kernelx86_64570.33.2.el9_6kernel-5.14.0-570.33.2.el9_6.x86_64.rpm
kernel-abi-stablelistsnoarch570.33.2.el9_6kernel-abi-stablelists-5.14.0-570.33.2.el9_6.noarch.rpm
kernel-abi-stablelistsnoarch570.33.2.el9_6kernel-abi-stablelists-5.14.0-570.33.2.el9_6.noarch.rpm
kernel-abi-stablelistsnoarch570.33.2.el9_6kernel-abi-stablelists-5.14.0-570.33.2.el9_6.noarch.rpm
kernel-abi-stablelistsnoarch570.33.2.el9_6kernel-abi-stablelists-5.14.0-570.33.2.el9_6.noarch.rpm
kernel-corex86_64570.33.2.el9_6kernel-core-5.14.0-570.33.2.el9_6.x86_64.rpm
kernel-debugx86_64570.33.2.el9_6kernel-debug-5.14.0-570.33.2.el9_6.x86_64.rpm
kernel-debug-corex86_64570.33.2.el9_6kernel-debug-core-5.14.0-570.33.2.el9_6.x86_64.rpm
kernel-debug-modulesx86_64570.33.2.el9_6kernel-debug-modules-5.14.0-570.33.2.el9_6.x86_64.rpm
kernel-debug-modules-corex86_64570.33.2.el9_6kernel-debug-modules-core-5.14.0-570.33.2.el9_6.x86_64.rpm

Показывать по

Связанные CVE

CVE-2025-38079
CVE-2025-38292

Ссылки на источники

Исправления

Связанные уязвимости

oracle-oval логотип

ELSA-2025-13602

oracle-oval
4 месяца назад

ELSA-2025-13602: kernel security update (MODERATE)

rocky логотип

RLSA-2025:13598

rocky
3 месяца назад

Moderate: kernel security update

oracle-oval логотип

ELSA-2025-13598

oracle-oval
4 месяца назад

ELSA-2025-13598: kernel security update (MODERATE)

ubuntu логотип

CVE-2025-38292

CVSS3: 7.1
ubuntu
5 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix invalid access to memory In ath12k_dp_rx_msdu_coalesce(), rxcb is fetched from skb and boolean is_continuation is part of rxcb. Currently, after freeing the skb, the rxcb->is_continuation accessed again which is wrong since the memory is already freed. This might lead use-after-free error. Hence, fix by locally defining bool is_continuation from rxcb, so that after freeing skb, is_continuation can be used. Compile tested only.

redhat логотип

CVE-2025-38292

CVSS3: 7.3
redhat
5 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix invalid access to memory In ath12k_dp_rx_msdu_coalesce(), rxcb is fetched from skb and boolean is_continuation is part of rxcb. Currently, after freeing the skb, the rxcb->is_continuation accessed again which is wrong since the memory is already freed. This might lead use-after-free error. Hence, fix by locally defining bool is_continuation from rxcb, so that after freeing skb, is_continuation can be used. Compile tested only.