Threats Tagged 'cve-2025-38159'

A Red Hat security advisory addresses multiple vulnerabilities in the Linux kernel packages for Red Hat Enterprise Linux 10. The update fixes issues including a CPU microcode termination problem (CVE-2024-56721), double free in crypto hash processing, race conditions in huge page table management, and out-of-bounds memory access in WiFi drivers. These vulnerabilities have been rated with moderate security impact. The advisory requires applying the kernel update and rebooting the system for the fixes to take effect.

Multiple security vulnerabilities have been identified and fixed in the Red Hat kernel-rt packages, which provide the Real Time Linux Kernel for systems requiring high determinism. The issues include a race condition in huge page management (CVE-2025-38085), an out-of-bounds read in the wifi driver (CVE-2025-38159), and use-after-free bugs in Bluetooth and TIPC subsystems (CVE-2025-38250 and CVE-2025-38464). These vulnerabilities have been addressed in a security update for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. The update must be applied and the system rebooted to mitigate the risks. The overall security impact is rated as moderate by Red Hat Product Security.

A moderate severity security advisory from Red Hat addresses multiple vulnerabilities in the Linux kernel packages. The issues include a race condition in huge_pmd_unshare(), a buffer size miscalculation in the rtw88 wifi driver, and use-after-free vulnerabilities in Bluetooth hci_core and tipc components. These flaws could lead to memory corruption or information disclosure. The advisory covers Red Hat Enterprise Linux 9.2 and related variants. A kernel update is available and must be applied with a system reboot to mitigate these vulnerabilities.

This Red Hat security advisory addresses multiple vulnerabilities in the Linux kernel packages for Red Hat Enterprise Linux 8.6. The issues include race conditions, buffer overflows, use-after-free, and improper memory handling in various kernel subsystems such as huge pages, WiFi drivers, SCSI, POSIX CPU timers, and TIPC. The update fixes these vulnerabilities to improve system security. A system reboot is required to apply the update.

Red Hat has issued a security advisory for multiple vulnerabilities in the Linux kernel packages included in Red Hat Enterprise Linux 9.4 Extended Update Support. The update addresses ten distinct security issues including use-after-free, double free, race conditions, buffer overflows, and speculation side-channel fixes across various kernel subsystems such as networking, Bluetooth, SCSI, and WiFi. The advisory rates the update as important and requires a system reboot after applying the update. Detailed CVE references are provided for each fixed vulnerability.