Описание
Important: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
-
kernel: ndisc: use RCU protection in ndisc_alloc_skb() (CVE-2025-21764)
-
kernel: ovl: fix UAF in ovl_dentry_update_reval by moving dput() in ovl_link_up (CVE-2025-21887)
-
kernel: keys: Fix UAF in key_put() (CVE-2025-21893)
-
kernel: cifs: Fix integer overflow while processing closetimeo mount option (CVE-2025-21962)
-
kernel: Bluetooth: L2CAP: Fix slab-use-after-free Read in l2cap_send_cmd (CVE-2025-21969)
-
kernel: cifs: Fix integer overflow while processing acdirmax mount option (CVE-2025-21963)
-
kernel: wifi: cfg80211: cancel wiphy_work before freeing wiphy (CVE-2025-21979)
-
kernel: smb: client: fix UAF in decryption with multichannel (CVE-2025-37750)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Затронутые продукты
Rocky Linux 10
Ссылки на источники
Исправления
- Red Hat - 2348575
- Red Hat - 2355405
- Red Hat - 2356295
- Red Hat - 2356624
- Red Hat - 2356633
- Red Hat - 2356642
- Red Hat - 2356652
- Red Hat - 2363341
Связанные уязвимости
In the Linux kernel, the following vulnerability has been resolved: ndisc: use RCU protection in ndisc_alloc_skb() ndisc_alloc_skb() can be called without RTNL or RCU being held. Add RCU protection to avoid possible UAF.
In the Linux kernel, the following vulnerability has been resolved: ndisc: use RCU protection in ndisc_alloc_skb() ndisc_alloc_skb() can be called without RTNL or RCU being held. Add RCU protection to avoid possible UAF.
In the Linux kernel, the following vulnerability has been resolved: ndisc: use RCU protection in ndisc_alloc_skb() ndisc_alloc_skb() can be called without RTNL or RCU being held. Add RCU protection to avoid possible UAF.
