Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

rocky логотип

RLSA-2026:3488

Опубликовано: 05 мар. 2026
Источник: rocky
Оценка: Moderate

Описание

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • kernel: smc: Use __sk_dst_get() and dst_dev_rcu() in smc_clc_prfx_match() (CVE-2025-40168)

  • kernel: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (CVE-2025-71085)

  • kernel: Linux kernel: Denial of Service due to a deadlock in hugetlb folio migration (CVE-2026-23097)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Затронутые продукты

  • Rocky Linux 9

НаименованиеАрхитектураРелизRPM
kernelx86_64611.36.1.el9_7kernel-5.14.0-611.36.1.el9_7.x86_64.rpm
kernel-abi-stablelistsnoarch611.36.1.el9_7kernel-abi-stablelists-5.14.0-611.36.1.el9_7.noarch.rpm
kernel-corex86_64611.36.1.el9_7kernel-core-5.14.0-611.36.1.el9_7.x86_64.rpm
kernel-debugx86_64611.36.1.el9_7kernel-debug-5.14.0-611.36.1.el9_7.x86_64.rpm
kernel-debug-corex86_64611.36.1.el9_7kernel-debug-core-5.14.0-611.36.1.el9_7.x86_64.rpm
kernel-debuginfo-common-x86_64x86_64611.36.1.el9_7kernel-debuginfo-common-x86_64-5.14.0-611.36.1.el9_7.x86_64.rpm
kernel-debug-modulesx86_64611.36.1.el9_7kernel-debug-modules-5.14.0-611.36.1.el9_7.x86_64.rpm
kernel-debug-modules-corex86_64611.36.1.el9_7kernel-debug-modules-core-5.14.0-611.36.1.el9_7.x86_64.rpm
kernel-debug-modules-extrax86_64611.36.1.el9_7kernel-debug-modules-extra-5.14.0-611.36.1.el9_7.x86_64.rpm
kernel-debug-uki-virtx86_64611.36.1.el9_7kernel-debug-uki-virt-5.14.0-611.36.1.el9_7.x86_64.rpm

Показывать по

Связанные CVE

CVE-2025-40168
CVE-2025-71085
CVE-2026-23097

Ссылки на источники

Исправления

Связанные уязвимости

oracle-oval логотип

ELSA-2026-3488

oracle-oval
24 дня назад

ELSA-2026-3488: kernel security update (MODERATE)

ubuntu логотип

CVE-2025-40168

ubuntu
4 месяца назад

In the Linux kernel, the following vulnerability has been resolved: smc: Use __sk_dst_get() and dst_dev_rcu() in smc_clc_prfx_match(). smc_clc_prfx_match() is called from smc_listen_work() and not under RCU nor RTNL. Using sk_dst_get(sk)->dev could trigger UAF. Let's use __sk_dst_get() and dst_dev_rcu(). Note that the returned value of smc_clc_prfx_match() is not used in the caller.

redhat логотип

CVE-2025-40168

CVSS3: 7
redhat
4 месяца назад

In the Linux kernel, the following vulnerability has been resolved: smc: Use __sk_dst_get() and dst_dev_rcu() in smc_clc_prfx_match(). smc_clc_prfx_match() is called from smc_listen_work() and not under RCU nor RTNL. Using sk_dst_get(sk)->dev could trigger UAF. Let's use __sk_dst_get() and dst_dev_rcu(). Note that the returned value of smc_clc_prfx_match() is not used in the caller.

nvd логотип

CVE-2025-40168

nvd
4 месяца назад

In the Linux kernel, the following vulnerability has been resolved: smc: Use __sk_dst_get() and dst_dev_rcu() in smc_clc_prfx_match(). smc_clc_prfx_match() is called from smc_listen_work() and not under RCU nor RTNL. Using sk_dst_get(sk)->dev could trigger UAF. Let's use __sk_dst_get() and dst_dev_rcu(). Note that the returned value of smc_clc_prfx_match() is not used in the caller.

msrc логотип

CVE-2025-40168

msrc
4 месяца назад

smc: Use __sk_dst_get() and dst_dev_rcu() in smc_clc_prfx_match().