Red Hat Product Errata RHSA-2025:14599 - Security Advisory
Issued:
2025-08-26
Updated:
2025-08-26

RHSA-2025:14599 - Security Advisory

Synopsis

Important: kpatch-patch-5_14_0-284_104_1, kpatch-patch-5_14_0-284_117_1, kpatch-patch-5_14_0-284_52_1, kpatch-patch-5_14_0-284_79_1, and kpatch-patch-5_14_0-284_92_1 security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for multiple packages is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

This is a kernel live patch module which can be loaded by the kpatch command line utility to modify the code of a running kernel. This patch module is targeted for kernel-5.14.0-284.52.1.el9_2.

Security Fix(es):

  • kernel: tls: always refresh the queue when reading sock (CVE-2025-38471)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux Server - AUS 9.2 x86_64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2 x86_64

Fixes

  • BZ - 2383893 - CVE-2025-38471 kernel: tls: always refresh the queue when reading sock

Red Hat Enterprise Linux Server - AUS 9.2

SRPM
kpatch-patch-5_14_0-284_104_1-1-6.el9_2.src.rpm SHA-256: 9da7fb29036ae9aa68f9141f590c639c658878fe7964577290dcc8d87edb0854
kpatch-patch-5_14_0-284_117_1-1-3.el9_2.src.rpm SHA-256: 275538f871bb5dc5fb91f220544806f2549796e97e6b821874b99e326f00a1fd
kpatch-patch-5_14_0-284_52_1-1-14.el9_2.src.rpm SHA-256: ec05e09764cc252237e1ab7425fe742ccede652a15077cc1f28e1b42e5018986
kpatch-patch-5_14_0-284_79_1-1-10.el9_2.src.rpm SHA-256: 9fd7fb4753bcee184105fedce76c61c4d3d6ad5adc7716a126f966936f546838
kpatch-patch-5_14_0-284_92_1-1-8.el9_2.src.rpm SHA-256: 99f2b72a3126dc9cd9113650a209a5edcd93467eab15ed748f0e68734b7c0067
x86_64
kpatch-patch-5_14_0-284_104_1-1-6.el9_2.x86_64.rpm SHA-256: f9bd0294d7d834c873e1d6665ec4fd44863d70a14f09925499d079fd27efdc66
kpatch-patch-5_14_0-284_104_1-debuginfo-1-6.el9_2.x86_64.rpm SHA-256: d16b7dbc9a4a3de75f99e87016d8a4eb370439bb1c2ece4d2660a5a74d2b21d9
kpatch-patch-5_14_0-284_104_1-debugsource-1-6.el9_2.x86_64.rpm SHA-256: e116d897ba54b27e936d2fce5cb848ff4803e5062b0fec3ef2606ede7f298f7a
kpatch-patch-5_14_0-284_117_1-1-3.el9_2.x86_64.rpm SHA-256: a4fed8737178695a67280750af09a11553430e7a423dc3af217d4d95020d5166
kpatch-patch-5_14_0-284_117_1-debuginfo-1-3.el9_2.x86_64.rpm SHA-256: cde5cf479d6bb19316631a7b2dd3476101a9d0d44121446f2b6c3b7078953a59
kpatch-patch-5_14_0-284_117_1-debugsource-1-3.el9_2.x86_64.rpm SHA-256: 64638ac8d26de1e1e003ab3e79e449c37020b057997596ee126d2b44c892117c
kpatch-patch-5_14_0-284_52_1-1-14.el9_2.x86_64.rpm SHA-256: 5e69ee4befadcb3fac7a59036ade3f77dab50b4f90d0d60a1ebd43ca16679916
kpatch-patch-5_14_0-284_52_1-debuginfo-1-14.el9_2.x86_64.rpm SHA-256: 9b3df56a158a7ee872a077d55138b2ade7d64d23e6cce452a87d4f63148e0c65
kpatch-patch-5_14_0-284_52_1-debugsource-1-14.el9_2.x86_64.rpm SHA-256: 62f8ed7aabccde6f5763e0dc3a3060b619a1399f55b7f9f95233e6de80b8791d
kpatch-patch-5_14_0-284_79_1-1-10.el9_2.x86_64.rpm SHA-256: 970255fed53ab7f1c358e849639e0545204d57e30db822271fc2ce5bb9c54103
kpatch-patch-5_14_0-284_79_1-debuginfo-1-10.el9_2.x86_64.rpm SHA-256: 1ed52429252448ceac3a969cfac27e3d7b7a030f78237a31556896f2d6f620c8
kpatch-patch-5_14_0-284_79_1-debugsource-1-10.el9_2.x86_64.rpm SHA-256: a91ec8ad018b33eb4d122c6f2ba2e546b96ff8465f5171197ccb1a33c7422f07
kpatch-patch-5_14_0-284_92_1-1-8.el9_2.x86_64.rpm SHA-256: 9befcd1250598a3eee36043baab0e8bf555fd1d494310b05eec926875089c3b0
kpatch-patch-5_14_0-284_92_1-debuginfo-1-8.el9_2.x86_64.rpm SHA-256: 62ee26ab4a2682680e2c692b262bb922a33f44eceafcb510f015908bd0def38b
kpatch-patch-5_14_0-284_92_1-debugsource-1-8.el9_2.x86_64.rpm SHA-256: f5a7d9de4175928ee7ef778dd4c9b1f95642a3902c933ac6bd489dcc6618cfc9

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2

SRPM
kpatch-patch-5_14_0-284_104_1-1-6.el9_2.src.rpm SHA-256: 9da7fb29036ae9aa68f9141f590c639c658878fe7964577290dcc8d87edb0854
kpatch-patch-5_14_0-284_117_1-1-3.el9_2.src.rpm SHA-256: 275538f871bb5dc5fb91f220544806f2549796e97e6b821874b99e326f00a1fd
kpatch-patch-5_14_0-284_52_1-1-14.el9_2.src.rpm SHA-256: ec05e09764cc252237e1ab7425fe742ccede652a15077cc1f28e1b42e5018986
kpatch-patch-5_14_0-284_79_1-1-10.el9_2.src.rpm SHA-256: 9fd7fb4753bcee184105fedce76c61c4d3d6ad5adc7716a126f966936f546838
kpatch-patch-5_14_0-284_92_1-1-8.el9_2.src.rpm SHA-256: 99f2b72a3126dc9cd9113650a209a5edcd93467eab15ed748f0e68734b7c0067
ppc64le
kpatch-patch-5_14_0-284_104_1-1-6.el9_2.ppc64le.rpm SHA-256: acac054429ffaa3643c5fae7d6a30936d53146d10bf9db939d14ea15bb00643e
kpatch-patch-5_14_0-284_104_1-debuginfo-1-6.el9_2.ppc64le.rpm SHA-256: 857b7ad8d6fc37d4c574c97c608f30fee177955ae7665a3e255688a81ee99dfb
kpatch-patch-5_14_0-284_104_1-debugsource-1-6.el9_2.ppc64le.rpm SHA-256: f90005631be75297bb074e7ded34d82b86cd5de2cedce290f8358af6a3928536
kpatch-patch-5_14_0-284_117_1-1-3.el9_2.ppc64le.rpm SHA-256: ef9748b51b5ffa8371cc287bd656275ae2a4c9cc6cb2ae91434d0133775e054a
kpatch-patch-5_14_0-284_117_1-debuginfo-1-3.el9_2.ppc64le.rpm SHA-256: b24848dd8d8556f9cfa3ef428f76bd3e7578e0e6e010baf1f7aa11034ca6a1fb
kpatch-patch-5_14_0-284_117_1-debugsource-1-3.el9_2.ppc64le.rpm SHA-256: 6576a1e038a92f2b951b7d505bc8f36d8054b8ada45fe4215faa62919ad01a19
kpatch-patch-5_14_0-284_52_1-1-14.el9_2.ppc64le.rpm SHA-256: cb7a8ff7cfb44fdff4602d74f342820e1b8a39e6179f4405cbaab1663017afc5
kpatch-patch-5_14_0-284_52_1-debuginfo-1-14.el9_2.ppc64le.rpm SHA-256: 4af475e054e5e7e622b65863dca9fe959346efa3327161f1092b504c9cb39644
kpatch-patch-5_14_0-284_52_1-debugsource-1-14.el9_2.ppc64le.rpm SHA-256: 7bb9fca743684117f92cbc2163953fac5006373fde2120eb56249baf58a7dd49
kpatch-patch-5_14_0-284_79_1-1-10.el9_2.ppc64le.rpm SHA-256: 1da946f13013510c0074dd81f2bd9a24c164342ba35a3ea0f6e1183284b56879
kpatch-patch-5_14_0-284_79_1-debuginfo-1-10.el9_2.ppc64le.rpm SHA-256: c1f2dd5381e3f7d803a65c559911ad1eef2f3261ff7ae42c80d6dd423186c678
kpatch-patch-5_14_0-284_79_1-debugsource-1-10.el9_2.ppc64le.rpm SHA-256: a9819044d8a26c9fbc0b8895b4031250566cb1633cb7a7a415b9331c2934ffd9
kpatch-patch-5_14_0-284_92_1-1-8.el9_2.ppc64le.rpm SHA-256: 13a85ea52b268bf325c920a0ffd86c8d763bcd93429b98891db99bf94f534ff0
kpatch-patch-5_14_0-284_92_1-debuginfo-1-8.el9_2.ppc64le.rpm SHA-256: 98a83813981292aa97fa698dfdf4364ccd814ab041cb8bfe98bafd1f47f27a42
kpatch-patch-5_14_0-284_92_1-debugsource-1-8.el9_2.ppc64le.rpm SHA-256: 833590757fc3cb2dcddbfe4e1eb7f935851b18fdcfe5adbab89a7eef1e150470

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2

SRPM
kpatch-patch-5_14_0-284_104_1-1-6.el9_2.src.rpm SHA-256: 9da7fb29036ae9aa68f9141f590c639c658878fe7964577290dcc8d87edb0854
kpatch-patch-5_14_0-284_117_1-1-3.el9_2.src.rpm SHA-256: 275538f871bb5dc5fb91f220544806f2549796e97e6b821874b99e326f00a1fd
kpatch-patch-5_14_0-284_52_1-1-14.el9_2.src.rpm SHA-256: ec05e09764cc252237e1ab7425fe742ccede652a15077cc1f28e1b42e5018986
kpatch-patch-5_14_0-284_79_1-1-10.el9_2.src.rpm SHA-256: 9fd7fb4753bcee184105fedce76c61c4d3d6ad5adc7716a126f966936f546838
kpatch-patch-5_14_0-284_92_1-1-8.el9_2.src.rpm SHA-256: 99f2b72a3126dc9cd9113650a209a5edcd93467eab15ed748f0e68734b7c0067
x86_64
kpatch-patch-5_14_0-284_104_1-1-6.el9_2.x86_64.rpm SHA-256: f9bd0294d7d834c873e1d6665ec4fd44863d70a14f09925499d079fd27efdc66
kpatch-patch-5_14_0-284_104_1-debuginfo-1-6.el9_2.x86_64.rpm SHA-256: d16b7dbc9a4a3de75f99e87016d8a4eb370439bb1c2ece4d2660a5a74d2b21d9
kpatch-patch-5_14_0-284_104_1-debugsource-1-6.el9_2.x86_64.rpm SHA-256: e116d897ba54b27e936d2fce5cb848ff4803e5062b0fec3ef2606ede7f298f7a
kpatch-patch-5_14_0-284_117_1-1-3.el9_2.x86_64.rpm SHA-256: a4fed8737178695a67280750af09a11553430e7a423dc3af217d4d95020d5166
kpatch-patch-5_14_0-284_117_1-debuginfo-1-3.el9_2.x86_64.rpm SHA-256: cde5cf479d6bb19316631a7b2dd3476101a9d0d44121446f2b6c3b7078953a59
kpatch-patch-5_14_0-284_117_1-debugsource-1-3.el9_2.x86_64.rpm SHA-256: 64638ac8d26de1e1e003ab3e79e449c37020b057997596ee126d2b44c892117c
kpatch-patch-5_14_0-284_52_1-1-14.el9_2.x86_64.rpm SHA-256: 5e69ee4befadcb3fac7a59036ade3f77dab50b4f90d0d60a1ebd43ca16679916
kpatch-patch-5_14_0-284_52_1-debuginfo-1-14.el9_2.x86_64.rpm SHA-256: 9b3df56a158a7ee872a077d55138b2ade7d64d23e6cce452a87d4f63148e0c65
kpatch-patch-5_14_0-284_52_1-debugsource-1-14.el9_2.x86_64.rpm SHA-256: 62f8ed7aabccde6f5763e0dc3a3060b619a1399f55b7f9f95233e6de80b8791d
kpatch-patch-5_14_0-284_79_1-1-10.el9_2.x86_64.rpm SHA-256: 970255fed53ab7f1c358e849639e0545204d57e30db822271fc2ce5bb9c54103
kpatch-patch-5_14_0-284_79_1-debuginfo-1-10.el9_2.x86_64.rpm SHA-256: 1ed52429252448ceac3a969cfac27e3d7b7a030f78237a31556896f2d6f620c8
kpatch-patch-5_14_0-284_79_1-debugsource-1-10.el9_2.x86_64.rpm SHA-256: a91ec8ad018b33eb4d122c6f2ba2e546b96ff8465f5171197ccb1a33c7422f07
kpatch-patch-5_14_0-284_92_1-1-8.el9_2.x86_64.rpm SHA-256: 9befcd1250598a3eee36043baab0e8bf555fd1d494310b05eec926875089c3b0
kpatch-patch-5_14_0-284_92_1-debuginfo-1-8.el9_2.x86_64.rpm SHA-256: 62ee26ab4a2682680e2c692b262bb922a33f44eceafcb510f015908bd0def38b
kpatch-patch-5_14_0-284_92_1-debugsource-1-8.el9_2.x86_64.rpm SHA-256: f5a7d9de4175928ee7ef778dd4c9b1f95642a3902c933ac6bd489dcc6618cfc9

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.