Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

rocky логотип

RLSA-2026:1617

Опубликовано: 08 фев. 2026
Источник: rocky
Оценка: Moderate

Описание

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • kernel: net/sched: mqprio: fix stack out-of-bounds write in tc entry parsing (CVE-2025-38568)

  • kernel: ASoC: Intel: bytcr_rt5640: Fix invalid quirk input mapping (CVE-2025-40154)

  • kernel: devlink: rate: Unset parent pointer in devl_rate_nodes_destroy (CVE-2025-40251)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Затронутые продукты

  • Rocky Linux 9

НаименованиеАрхитектураРелизRPM
kernelx86_64611.27.1.el9_7kernel-5.14.0-611.27.1.el9_7.x86_64.rpm
kernel-abi-stablelistsnoarch611.27.1.el9_7kernel-abi-stablelists-5.14.0-611.27.1.el9_7.noarch.rpm
kernel-corex86_64611.27.1.el9_7kernel-core-5.14.0-611.27.1.el9_7.x86_64.rpm
kernel-debugx86_64611.27.1.el9_7kernel-debug-5.14.0-611.27.1.el9_7.x86_64.rpm
kernel-debug-corex86_64611.27.1.el9_7kernel-debug-core-5.14.0-611.27.1.el9_7.x86_64.rpm
kernel-debuginfo-common-x86_64x86_64611.27.1.el9_7kernel-debuginfo-common-x86_64-5.14.0-611.27.1.el9_7.x86_64.rpm
kernel-debug-modulesx86_64611.27.1.el9_7kernel-debug-modules-5.14.0-611.27.1.el9_7.x86_64.rpm
kernel-debug-modules-corex86_64611.27.1.el9_7kernel-debug-modules-core-5.14.0-611.27.1.el9_7.x86_64.rpm
kernel-debug-modules-extrax86_64611.27.1.el9_7kernel-debug-modules-extra-5.14.0-611.27.1.el9_7.x86_64.rpm
kernel-debug-uki-virtx86_64611.27.1.el9_7kernel-debug-uki-virt-5.14.0-611.27.1.el9_7.x86_64.rpm

Показывать по

Связанные CVE

CVE-2025-38568
CVE-2025-40154
CVE-2025-40251

Ссылки на источники

Исправления

Связанные уязвимости

oracle-oval логотип

ELSA-2026-1617

oracle-oval
около 2 месяцев назад

ELSA-2026-1617: kernel security update (MODERATE)

rocky логотип

RLSA-2026:1690

rocky
около 2 месяцев назад

Important: kernel security update

oracle-oval логотип

ELSA-2026-1690

oracle-oval
около 2 месяцев назад

ELSA-2026-1690: kernel security update (IMPORTANT)

ubuntu логотип

CVE-2025-38568

CVSS3: 7.8
ubuntu
7 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: net/sched: mqprio: fix stack out-of-bounds write in tc entry parsing TCA_MQPRIO_TC_ENTRY_INDEX is validated using NLA_POLICY_MAX(NLA_U32, TC_QOPT_MAX_QUEUE), which allows the value TC_QOPT_MAX_QUEUE (16). This leads to a 4-byte out-of-bounds stack write in the fp[] array, which only has room for 16 elements (0–15). Fix this by changing the policy to allow only up to TC_QOPT_MAX_QUEUE - 1.

redhat логотип

CVE-2025-38568

CVSS3: 4.7
redhat
7 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: net/sched: mqprio: fix stack out-of-bounds write in tc entry parsing TCA_MQPRIO_TC_ENTRY_INDEX is validated using NLA_POLICY_MAX(NLA_U32, TC_QOPT_MAX_QUEUE), which allows the value TC_QOPT_MAX_QUEUE (16). This leads to a 4-byte out-of-bounds stack write in the fp[] array, which only has room for 16 elements (0–15). Fix this by changing the policy to allow only up to TC_QOPT_MAX_QUEUE - 1.