Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

rocky логотип

RLSA-2026:0444

Опубликовано: 17 янв. 2026
Источник: rocky
Оценка: Important

Описание

Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • kernel: media: rc: fix races with imon_disconnect() (CVE-2025-39993)

  • kernel: sctp: avoid NULL dereference when chunk data buffer is missing (CVE-2025-40240)

  • kernel: libceph: fix potential use-after-free in have_mon_and_osd_map() (CVE-2025-68285)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Затронутые продукты

  • Rocky Linux 8

НаименованиеАрхитектураРелизRPM
bpftoolx86_64553.92.1.el8_10bpftool-4.18.0-553.92.1.el8_10.x86_64.rpm
kernelx86_64553.92.1.el8_10kernel-4.18.0-553.92.1.el8_10.x86_64.rpm
kernel-abi-stablelistsnoarch553.92.1.el8_10kernel-abi-stablelists-4.18.0-553.92.1.el8_10.noarch.rpm
kernel-abi-stablelistsnoarch553.92.1.el8_10kernel-abi-stablelists-4.18.0-553.92.1.el8_10.noarch.rpm
kernel-corex86_64553.92.1.el8_10kernel-core-4.18.0-553.92.1.el8_10.x86_64.rpm
kernel-debugx86_64553.92.1.el8_10kernel-debug-4.18.0-553.92.1.el8_10.x86_64.rpm
kernel-debug-corex86_64553.92.1.el8_10kernel-debug-core-4.18.0-553.92.1.el8_10.x86_64.rpm
kernel-debug-develx86_64553.92.1.el8_10kernel-debug-devel-4.18.0-553.92.1.el8_10.x86_64.rpm
kernel-debuginfo-common-x86_64x86_64553.92.1.el8_10kernel-debuginfo-common-x86_64-4.18.0-553.92.1.el8_10.x86_64.rpm
kernel-debug-modulesx86_64553.92.1.el8_10kernel-debug-modules-4.18.0-553.92.1.el8_10.x86_64.rpm

Показывать по

Связанные CVE

CVE-2025-39993
CVE-2025-40240
CVE-2025-68285

Ссылки на источники

Исправления

Связанные уязвимости

oracle-oval логотип

ELSA-2026-0444

oracle-oval
24 дня назад

ELSA-2026-0444: kernel security update (IMPORTANT)

ubuntu логотип

CVE-2025-39993

ubuntu
4 месяца назад

In the Linux kernel, the following vulnerability has been resolved: media: rc: fix races with imon_disconnect() Syzbot reports a KASAN issue as below: BUG: KASAN: use-after-free in __create_pipe include/linux/usb.h:1945 [inline] BUG: KASAN: use-after-free in send_packet+0xa2d/0xbc0 drivers/media/rc/imon.c:627 Read of size 4 at addr ffff8880256fb000 by task syz-executor314/4465 CPU: 2 PID: 4465 Comm: syz-executor314 Not tainted 6.0.0-rc1-syzkaller #0 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014 Call Trace: <TASK> __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0xcd/0x134 lib/dump_stack.c:106 print_address_description mm/kasan/report.c:317 [inline] print_report.cold+0x2ba/0x6e9 mm/kasan/report.c:433 kasan_report+0xb1/0x1e0 mm/kasan/report.c:495 __create_pipe include/linux/usb.h:1945 [inline] send_packet+0xa2d/0xbc0 drivers/media/rc/imon.c:627 vfd_write+0x2d9/0x550 drivers/media/rc/imon.c:991 vfs_write+0x2d7/0xdd0 fs/read_write.c:576 ksys_write+...

nvd логотип

CVE-2025-39993

nvd
4 месяца назад

In the Linux kernel, the following vulnerability has been resolved: media: rc: fix races with imon_disconnect() Syzbot reports a KASAN issue as below: BUG: KASAN: use-after-free in __create_pipe include/linux/usb.h:1945 [inline] BUG: KASAN: use-after-free in send_packet+0xa2d/0xbc0 drivers/media/rc/imon.c:627 Read of size 4 at addr ffff8880256fb000 by task syz-executor314/4465 CPU: 2 PID: 4465 Comm: syz-executor314 Not tainted 6.0.0-rc1-syzkaller #0 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014 Call Trace: <TASK> __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0xcd/0x134 lib/dump_stack.c:106 print_address_description mm/kasan/report.c:317 [inline] print_report.cold+0x2ba/0x6e9 mm/kasan/report.c:433 kasan_report+0xb1/0x1e0 mm/kasan/report.c:495 __create_pipe include/linux/usb.h:1945 [inline] send_packet+0xa2d/0xbc0 drivers/media/rc/imon.c:627 vfd_write+0x2d9/0x550 drivers/media/rc/imon.c:991 vfs_write+0x2d7/0xdd0 fs/read_write.c:576 ksys_write

msrc логотип

CVE-2025-39993

msrc
4 месяца назад

media: rc: fix races with imon_disconnect()

debian логотип

CVE-2025-39993

debian
4 месяца назад

In the Linux kernel, the following vulnerability has been resolved: m ...