Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

rocky логотип

RLSA-2025:22865

Опубликовано: 13 дек. 2025
Источник: rocky
Оценка: Moderate

Описание

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • kernel: can: j1939: implement NETDEV_UNREGISTER notification handler (CVE-2025-39925)

  • kernel: net/mlx5: fs, fix UAF in flow counter release (CVE-2025-39979)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Затронутые продукты

  • Rocky Linux 9

НаименованиеАрхитектураРелизRPM
kernelx86_64611.13.1.el9_7kernel-5.14.0-611.13.1.el9_7.x86_64.rpm
kernel-abi-stablelistsnoarch611.13.1.el9_7kernel-abi-stablelists-5.14.0-611.13.1.el9_7.noarch.rpm
kernel-abi-stablelistsnoarch611.13.1.el9_7kernel-abi-stablelists-5.14.0-611.13.1.el9_7.noarch.rpm
kernel-abi-stablelistsnoarch611.13.1.el9_7kernel-abi-stablelists-5.14.0-611.13.1.el9_7.noarch.rpm
kernel-abi-stablelistsnoarch611.13.1.el9_7kernel-abi-stablelists-5.14.0-611.13.1.el9_7.noarch.rpm
kernel-corex86_64611.13.1.el9_7kernel-core-5.14.0-611.13.1.el9_7.x86_64.rpm
kernel-debugx86_64611.13.1.el9_7kernel-debug-5.14.0-611.13.1.el9_7.x86_64.rpm
kernel-debug-corex86_64611.13.1.el9_7kernel-debug-core-5.14.0-611.13.1.el9_7.x86_64.rpm
kernel-debuginfo-common-x86_64x86_64611.13.1.el9_7kernel-debuginfo-common-x86_64-5.14.0-611.13.1.el9_7.x86_64.rpm
kernel-debug-modulesx86_64611.13.1.el9_7kernel-debug-modules-5.14.0-611.13.1.el9_7.x86_64.rpm

Показывать по

Связанные CVE

CVE-2025-39925
CVE-2025-39979

Ссылки на источники

Исправления

Связанные уязвимости

oracle-oval логотип

ELSA-2025-22865

oracle-oval
9 дней назад

ELSA-2025-22865: kernel security update (MODERATE)

oracle-oval логотип

ELSA-2025-22854

oracle-oval
10 дней назад

ELSA-2025-22854: kernel security update (MODERATE)

ubuntu логотип

CVE-2025-39979

ubuntu
2 месяца назад

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: fs, fix UAF in flow counter release Fix a kernel trace [1] caused by releasing an HWS action of a local flow counter in mlx5_cmd_hws_delete_fte(), where the HWS action refcount and mutex were not initialized and the counter struct could already be freed when deleting the rule. Fix it by adding the missing initializations and adding refcount for the local flow counter struct. [1] Kernel log: Call Trace: <TASK> dump_stack_lvl+0x34/0x48 mlx5_fs_put_hws_action.part.0.cold+0x21/0x94 [mlx5_core] mlx5_fc_put_hws_action+0x96/0xad [mlx5_core] mlx5_fs_destroy_fs_actions+0x8b/0x152 [mlx5_core] mlx5_cmd_hws_delete_fte+0x5a/0xa0 [mlx5_core] del_hw_fte+0x1ce/0x260 [mlx5_core] mlx5_del_flow_rules+0x12d/0x240 [mlx5_core] ? ttwu_queue_wakelist+0xf4/0x110 mlx5_ib_destroy_flow+0x103/0x1b0 [mlx5_ib] uverbs_free_flow+0x20/0x50 [ib_uverbs] destroy_hw_idr_uobject+0x1b/0x50 [ib_uverbs] uverbs_destroy_uobject+0x34/0x1a0 [ib_uverbs...

nvd логотип

CVE-2025-39979

nvd
2 месяца назад

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: fs, fix UAF in flow counter release Fix a kernel trace [1] caused by releasing an HWS action of a local flow counter in mlx5_cmd_hws_delete_fte(), where the HWS action refcount and mutex were not initialized and the counter struct could already be freed when deleting the rule. Fix it by adding the missing initializations and adding refcount for the local flow counter struct. [1] Kernel log: Call Trace: <TASK> dump_stack_lvl+0x34/0x48 mlx5_fs_put_hws_action.part.0.cold+0x21/0x94 [mlx5_core] mlx5_fc_put_hws_action+0x96/0xad [mlx5_core] mlx5_fs_destroy_fs_actions+0x8b/0x152 [mlx5_core] mlx5_cmd_hws_delete_fte+0x5a/0xa0 [mlx5_core] del_hw_fte+0x1ce/0x260 [mlx5_core] mlx5_del_flow_rules+0x12d/0x240 [mlx5_core] ? ttwu_queue_wakelist+0xf4/0x110 mlx5_ib_destroy_flow+0x103/0x1b0 [mlx5_ib] uverbs_free_flow+0x20/0x50 [ib_uverbs] destroy_hw_idr_uobject+0x1b/0x50 [ib_uverbs] uverbs_destroy_u

debian логотип

CVE-2025-39979

debian
2 месяца назад

In the Linux kernel, the following vulnerability has been resolved: n ...