Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

rocky логотип

RLSA-2025:9580

Опубликовано: 29 июл. 2025
Источник: rocky
Оценка: Moderate

Описание

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • kernel: cifs: fix double free race when mount fails in cifs_get_root() (CVE-2022-48919)

  • kernel: security/keys: fix slab-out-of-bounds in key_task_permission (CVE-2024-50301)

  • kernel: idpf: fix idpf_vc_core_init error path (CVE-2024-53064)

  • kernel: ndisc: use RCU protection in ndisc_alloc_skb() (CVE-2025-21764)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Затронутые продукты

  • Rocky Linux 8

НаименованиеАрхитектураРелизRPM
bpftoolx86_64553.58.1.el8_10bpftool-4.18.0-553.58.1.el8_10.x86_64.rpm
kernelx86_64553.58.1.el8_10kernel-4.18.0-553.58.1.el8_10.x86_64.rpm
kernel-abi-stablelistsnoarch553.58.1.el8_10kernel-abi-stablelists-4.18.0-553.58.1.el8_10.noarch.rpm
kernel-corex86_64553.58.1.el8_10kernel-core-4.18.0-553.58.1.el8_10.x86_64.rpm
kernel-cross-headersx86_64553.58.1.el8_10kernel-cross-headers-4.18.0-553.58.1.el8_10.x86_64.rpm
kernel-debugx86_64553.58.1.el8_10kernel-debug-4.18.0-553.58.1.el8_10.x86_64.rpm
kernel-debug-corex86_64553.58.1.el8_10kernel-debug-core-4.18.0-553.58.1.el8_10.x86_64.rpm
kernel-debug-develx86_64553.58.1.el8_10kernel-debug-devel-4.18.0-553.58.1.el8_10.x86_64.rpm
kernel-debuginfo-common-x86_64x86_64553.58.1.el8_10kernel-debuginfo-common-x86_64-4.18.0-553.58.1.el8_10.x86_64.rpm
kernel-debug-modulesx86_64553.58.1.el8_10kernel-debug-modules-4.18.0-553.58.1.el8_10.x86_64.rpm

Показывать по

Связанные CVE

CVE-2022-48919
CVE-2024-50301
CVE-2024-53064
CVE-2025-21764
CVE-2025-38053

Ссылки на источники

Исправления

Связанные уязвимости

oracle-oval логотип

ELSA-2025-9580

oracle-oval
около 1 месяца назад

ELSA-2025-9580: kernel security update (MODERATE)

ubuntu логотип

CVE-2022-48919

CVSS3: 7.8
ubuntu
12 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: cifs: fix double free race when mount fails in cifs_get_root() When cifs_get_root() fails during cifs_smb3_do_mount() we call deactivate_locked_super() which eventually will call delayed_free() which will free the context. In this situation we should not proceed to enter the out: section in cifs_smb3_do_mount() and free the same resources a second time. [Thu Feb 10 12:59:06 2022] BUG: KASAN: use-after-free in rcu_cblist_dequeue+0x32/0x60 [Thu Feb 10 12:59:06 2022] Read of size 8 at addr ffff888364f4d110 by task swapper/1/0 [Thu Feb 10 12:59:06 2022] CPU: 1 PID: 0 Comm: swapper/1 Tainted: G OE 5.17.0-rc3+ #4 [Thu Feb 10 12:59:06 2022] Hardware name: Microsoft Corporation Virtual Machine/Virtual Machine, BIOS Hyper-V UEFI Release v4.0 12/17/2019 [Thu Feb 10 12:59:06 2022] Call Trace: [Thu Feb 10 12:59:06 2022] <IRQ> [Thu Feb 10 12:59:06 2022] dump_stack_lvl+0x5d/0x78 [Thu Feb 10 12:59:06 2022] print_address_desc...

redhat логотип

CVE-2022-48919

CVSS3: 7
redhat
12 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: cifs: fix double free race when mount fails in cifs_get_root() When cifs_get_root() fails during cifs_smb3_do_mount() we call deactivate_locked_super() which eventually will call delayed_free() which will free the context. In this situation we should not proceed to enter the out: section in cifs_smb3_do_mount() and free the same resources a second time. [Thu Feb 10 12:59:06 2022] BUG: KASAN: use-after-free in rcu_cblist_dequeue+0x32/0x60 [Thu Feb 10 12:59:06 2022] Read of size 8 at addr ffff888364f4d110 by task swapper/1/0 [Thu Feb 10 12:59:06 2022] CPU: 1 PID: 0 Comm: swapper/1 Tainted: G OE 5.17.0-rc3+ #4 [Thu Feb 10 12:59:06 2022] Hardware name: Microsoft Corporation Virtual Machine/Virtual Machine, BIOS Hyper-V UEFI Release v4.0 12/17/2019 [Thu Feb 10 12:59:06 2022] Call Trace: [Thu Feb 10 12:59:06 2022] <IRQ> [Thu Feb 10 12:59:06 2022] dump_stack_lvl+0x5d/0x78 [Thu Feb 10 12:59:06 2022] print_a...

nvd логотип

CVE-2022-48919

CVSS3: 7.8
nvd
12 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: cifs: fix double free race when mount fails in cifs_get_root() When cifs_get_root() fails during cifs_smb3_do_mount() we call deactivate_locked_super() which eventually will call delayed_free() which will free the context. In this situation we should not proceed to enter the out: section in cifs_smb3_do_mount() and free the same resources a second time. [Thu Feb 10 12:59:06 2022] BUG: KASAN: use-after-free in rcu_cblist_dequeue+0x32/0x60 [Thu Feb 10 12:59:06 2022] Read of size 8 at addr ffff888364f4d110 by task swapper/1/0 [Thu Feb 10 12:59:06 2022] CPU: 1 PID: 0 Comm: swapper/1 Tainted: G OE 5.17.0-rc3+ #4 [Thu Feb 10 12:59:06 2022] Hardware name: Microsoft Corporation Virtual Machine/Virtual Machine, BIOS Hyper-V UEFI Release v4.0 12/17/2019 [Thu Feb 10 12:59:06 2022] Call Trace: [Thu Feb 10 12:59:06 2022] <IRQ> [Thu Feb 10 12:59:06 2022] dump_stack_lvl+0x5d/0x78 [Thu Feb 10 12:59:06 2022] print_

debian логотип

CVE-2022-48919

CVSS3: 7.8
debian
12 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: c ...