Threats Tagged 'cve-2025-38079'

A Red Hat security advisory addresses multiple vulnerabilities in the Linux kernel packages for Red Hat Enterprise Linux 10. The update fixes issues including a CPU microcode termination problem (CVE-2024-56721), double free in crypto hash processing, race conditions in huge page table management, and out-of-bounds memory access in WiFi drivers. These vulnerabilities have been rated with moderate security impact. The advisory requires applying the kernel update and rebooting the system for the fixes to take effect.

This advisory addresses two security vulnerabilities in the Linux kernel packages used by Red Hat Enterprise Linux 9. The first vulnerability (CVE-2025-38079) is a double free issue in the crypto algorithm interface hash_accept function. The second vulnerability (CVE-2025-38292) involves invalid memory access in the ath12k WiFi driver. Both issues have been rated with moderate severity by Red Hat Product Security. Updates fixing these vulnerabilities are available and require a system reboot to take effect.

A moderate severity vulnerability (CVE-2025-38079) in the Linux kernel's crypto subsystem was addressed by Red Hat. The issue involves a double free flaw in the algif_hash component's hash_accept function. This vulnerability affects Red Hat Enterprise Linux 7 Extended Lifecycle Support kernel packages. A security update has been issued by Red Hat to fix this flaw, and applying the update requires a system reboot.