Skip to main content
Press slash or control plus K to focus the search. Use the arrow keys to navigate results and press enter to open a threat.
Reconnecting to live updates…
EPSS 0.4%top 71%

Red Hat Security Advisory: kernel security update

0
Medium
Published: 11/11/2025 (11/11/2025, 08:21:57 UTC)
Source: GCVE Database
Vendor/Project: Red Hat Product Security
Product: Red Hat

Description

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: xen: Xen hypercall page unsafe against speculative attacks (Xen Security Advisory 466) (CVE-2024-53241) * kernel: exfat: fix out-of-bounds access of directory entries (CVE-2024-53147) * kernel: zram: fix NULL pointer in comp_algorithm_show() (CVE-2024-53222) * kernel: nfsd: release svc_expkey/svc_export with rcu_work (CVE-2024-53216) * kernel: acpi: nfit: vmalloc-out-of-bounds Read in acpi_nfit_ctl (CVE-2024-56662) * kernel: bpf: Fix UAF via mismatching bpf_prog/attachment RCU flavors (CVE-2024-56675) * kernel: crypto: pcrypt - Call crypto layer directly when padata_do_parallel() return -EBUSY (CVE-2024-56690) * kernel: igb: Fix potential invalid memory access in igb_init_module() (CVE-2024-52332) * kernel: af_packet: fix vlan_get_protocol_dgram() vs MSG_PEEK (CVE-2024-57901) * kernel: af_packet: fix vlan_get_tci() vs MSG_PEEK (CVE-2024-57902) * kernel: io_uring/sqpoll: zero sqd->thread on tctx errors (CVE-2025-21633) * kernel: ipvlan: Fix use-after-free in ipvlan_get_iflink(). (CVE-2025-21652) * kernel: sched: sch_cake: add bounds checks to host bulk flow fairness counts (CVE-2025-21647) * kernel: io_uring/eventfd: ensure io_eventfd_signal() defers another RCU period (CVE-2025-21655) * kernel: netfs: Fix the (non-)cancellation of copy when cache is temporarily disabled (CVE-2024-57941) * kernel: netfs: Fix ceph copy to cache on write-begin (CVE-2024-57942) * kernel: zram: fix potential UAF of zram table (CVE-2025-21671) * kernel: pktgen: Avoid out-of-bounds access in get_imix_entries (CVE-2025-21680) * kernel: mm: zswap: properly synchronize freeing resources during CPU hotunplug (CVE-2025-21693) * kernel: cachestat: fix page cache statistics permission checking (CVE-2025-21691) * kernel: mm: clear uffd-wp PTE/PMD state on mremap() (CVE-2025-21696) * kernel: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (CVE-2025-21702) * kernel: RDMA/mlx5: Fix a race for an ODP MR which leads to CQE with error (CVE-2025-21732) * kernel: NFSD: fix hang in nfsd4_shutdown_callback (CVE-2025-21795) * kernel: NFS: Fix potential buffer overflowin nfs_sysfs_link_rpc_client() (CVE-2024-54456) * kernel: Bluetooth: btrtl: check for NULL in btrtl_setup_realtek() (CVE-2024-57987) * kernel: wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy() (CVE-2024-58014) * kernel: Bluetooth: btbcm: Fix NULL deref in btbcm_get_board_name() (CVE-2024-57988) * kernel: drm/xe/tracing: Fix a potential TP_printk UAF (CVE-2024-49570) * kernel: media: intel/ipu6: remove cpu latency qos request on error (CVE-2024-58004) * kernel: usbnet: ipheth: use static NDP16 location in URB (CVE-2025-21742) * kernel: usbnet: ipheth: fix possible overflow in DPE length check (CVE-2025-21743) * kernel: wifi: mt76: mt7925: fix NULL deref check in mt7925_change_vif_links (CVE-2024-57989) * kernel: wifi: ath12k: Fix for out-of bound access error (CVE-2024-58015) * kernel: wifi: ath12k: fix read pointer after free in ath12k_mac_assign_vif_to_vdev() (CVE-2024-57995) * kernel: nfsd: clear acl_access/acl_default after releasing them (CVE-2025-21796) * kernel: workqueue: Put the pwq after detaching the rescuer from the pool (CVE-2025-21786) * kernel: tpm: Change to kvalloc() in eventlog/acpi.c (CVE-2024-58005) * kernel: Bluetooth: MGMT: Fix slab-use-after-free Read in mgmt_remove_adv_monitor_sync (CVE-2024-58013) * kernel: ring-buffer: Validate the persistent meta data subbuf array (CVE-2025-21777) * kernel: ata: libata-sff: Ensure that we cannot write outside the allocated buffer (CVE-2025-21738) * kernel: HID: core: Fix assumption that Resolution Multipliers must be in Logical Collections (CVE-2024-57986) * kernel: padata: avoid UAF for reorder_work (CVE-2025-21726) * kernel: vrf: use RCU protection in l3mdev_l3_out() (CVE-2025-21791) * kernel: HID: multitouch: Add NULL check in mt_input_configured (CVE-2024-58020) * kernel: i3c: dw: Fix use-after-free in dw_i3c_master driver due to race condition (CVE-2024-57984) * kernel: openvswitch: use RCU protection in ovs_vport_cmd_fill_info() (CVE-2025-21761) * kernel: sched_ext: Fix incorrect autogroup migration detection (CVE-2025-21771) * kernel: usb: xhci: Fix NULL pointer dereference on certain command aborts (CVE-2024-57981) * kernel: memcg: fix soft lockup in the OOM process (CVE-2024-57977) * kernel: vxlan: check vxlan_vnigroup_init() return value (CVE-2025-21790) * kernel: usbnet: ipheth: fix DPE OoB read (CVE-2025-21741) * kernel: arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array (CVE-2025-21785) * kernel: ipv6: use RCU protection in ip6_default_advmss() (CVE-2025-21765) * kernel: PCI: dwc: ep: Prevent changing BAR size/flags in pci_epc_set_bar() (CVE-2024-58006) * kernel: ASoC: SOF: Intel: hda-dai: Ensure DAI widget is valid during params (CVE-2024-58012) * kernel: wifi: brcmfmac: Check the return value of of_pro

Affected software

Affected versions
Red HatRed Hat Enterprise LinuxRed Hat Enterprise Linux AppStream (v. 10)Red Hat Enterprise Linux BaseOS (v. 10)Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)

AI-Powered Analysis

Machine-generated threat intelligence

AILast updated: 06/25/2026, 22:23:50 UTC

Technical Analysis

The advisory covers a comprehensive kernel security update for Red Hat Enterprise Linux 10, resolving numerous vulnerabilities identified by distinct CVEs. These include speculative execution issues in Xen hypercall pages (CVE-2024-53241), out-of-bounds and use-after-free errors in filesystem and networking components (e.g., exfat, zram, ipvlan), NULL pointer dereferences in various drivers (Bluetooth, USB, WiFi), race conditions, buffer overflows, and information leaks in AMD processors. The update addresses these flaws by applying fixes that prevent unsafe memory accesses, improve synchronization, and correct error handling in kernel subsystems. The vendor rates the update as having a moderate security impact and recommends applying the update to affected systems.

Potential Impact

The vulnerabilities collectively could lead to memory corruption, use-after-free conditions, out-of-bounds reads or writes, NULL pointer dereferences, race conditions, and information leaks within the kernel. These issues may affect system stability, confidentiality, and integrity depending on the specific flaw and subsystem impacted. The advisory does not report known exploits in the wild. The overall security impact is rated moderate by Red Hat Product Security.

Mitigation Recommendations

An official security update for the Linux kernel packages in Red Hat Enterprise Linux 10 is available from Red Hat. Users should apply this update promptly to remediate the listed vulnerabilities. No additional mitigation steps are indicated beyond applying the vendor-provided patches. Patch status is confirmed by the vendor advisory.

Pro Console: star threats, build custom feeds, automate alerts via Slack, email & webhooks.Upgrade to Pro

Technical Details

Gcve Source
db.gcve.eu
Csaf Category
csaf_security_advisory
Csaf Version
2.0
Publisher
Red Hat Product Security
Advisory Id
RHSA-2025:20095
Cve Count
122
Additional Cves
["CVE-2024-36350","CVE-2024-36357","CVE-2024-49570","CVE-2024-52332","CVE-2024-53147","CVE-2024-53216","CVE-2024-53222","CVE-2024-53241","CVE-2024-54456","CVE-2024-56662","CVE-2024-56675","CVE-2024-56690","CVE-2024-57901","CVE-2024-57902","CVE-2024-57941","CVE-2024-57942","CVE-2024-57977","CVE-2024-57981","CVE-2024-57984","CVE-2024-57986","CVE-2024-57987","CVE-2024-57988","CVE-2024-57989","CVE-2024-57995","CVE-2024-58004","CVE-2024-58005","CVE-2024-58006","CVE-2024-58012","CVE-2024-58013","CVE-2024-58014","CVE-2024-58015","CVE-2024-58020","CVE-2024-58057","CVE-2024-58061","CVE-2024-58069","CVE-2024-58072","CVE-2024-58075","CVE-2024-58077","CVE-2024-58088","CVE-2025-21633","CVE-2025-21647","CVE-2025-21652","CVE-2025-21655","CVE-2025-21671","CVE-2025-21680","CVE-2025-21691","CVE-2025-21693","CVE-2025-21696","CVE-2025-21702","CVE-2025-21726","CVE-2025-21727","CVE-2025-21732","CVE-2025-21738","CVE-2025-21741","CVE-2025-21742","CVE-2025-21743","CVE-2025-21750","CVE-2025-21761","CVE-2025-21765","CVE-2025-21771","CVE-2025-21777","CVE-2025-21785","CVE-2025-21786","CVE-2025-21790","CVE-2025-21791","CVE-2025-21795","CVE-2025-21796","CVE-2025-21826","CVE-2025-21828","CVE-2025-21837","CVE-2025-21844","CVE-2025-21846","CVE-2025-21847","CVE-2025-21851","CVE-2025-21853","CVE-2025-21855","CVE-2025-21857","CVE-2025-21861","CVE-2025-21863","CVE-2025-21864","CVE-2025-21902","CVE-2025-21931","CVE-2025-21954","CVE-2025-21976","CVE-2025-22025","CVE-2025-22056","CVE-2025-22086","CVE-2025-22089","CVE-2025-22092","CVE-2025-22105","CVE-2025-22111","CVE-2025-22116","CVE-2025-22119","CVE-2025-22122","CVE-2025-23129","CVE-2025-37749","CVE-2025-37821","CVE-2025-37849","CVE-2025-37994","CVE-2025-38012","CVE-2025-38013","CVE-2025-38067","CVE-2025-38116","CVE-2025-38148","CVE-2025-38200","CVE-2025-38220","CVE-2025-38234","CVE-2025-38288","CVE-2025-38322","CVE-2025-38329","CVE-2025-38330","CVE-2025-38332","CVE-2025-38369","CVE-2025-38400","CVE-2025-38412","CVE-2025-38438","CVE-2025-38468","CVE-2025-38683","CVE-2025-71201","CVE-2026-23146","CVE-2026-23205"]
Cvss Version
null

Threat ID: 6a3da1de4853345fc182a956

Added to database: 06/25/2026, 21:47:10 UTC

Last enriched: 06/25/2026, 22:23:50 UTC

Last updated: 07/02/2026, 21:10:22 UTC

Views: 14

Community Reviews

0 reviews

Crowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.

Sort by
Loading community insights…

Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.

Need more coverage?

Upgrade to Pro Console for AI refresh and higher limits.

For incident response and remediation, OffSeq services can help resolve threats faster.

Latest Threats

Breach by OffSeqOFFSEQFRIENDS — 25% OFF

Check if your credentials are on the dark web

Instant breach scanning across billions of leaked records. Free tier available.

Scan now
OffSeq TrainingCredly Certified

Lead Pen Test Professional

Technical5-day eLearningPECB Accredited
View courses