Red Hat Product Errata RHSA-2025:15009 - Security Advisory
Issued:
2025-09-02
Updated:
2025-09-02

RHSA-2025:15009 - Security Advisory

Synopsis

Moderate: kernel-rt security update

Type/Severity

Security Advisory: Moderate

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kernel-rt is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

  • kernel: RDMA/iwcm: Fix use-after-free of work objects after cm_id destruction (CVE-2025-38211)
  • kernel: tipc: Fix use-after-free in tipc_conn_close() (CVE-2025-38464)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux for Real Time 8 x86_64
  • Red Hat Enterprise Linux for Real Time for NFV 8 x86_64

Fixes

  • BZ - 2376406 - CVE-2025-38211 kernel: RDMA/iwcm: Fix use-after-free of work objects after cm_id destruction
  • BZ - 2383509 - CVE-2025-38464 kernel: tipc: Fix use-after-free in tipc_conn_close()

Red Hat Enterprise Linux for Real Time 8

SRPM
kernel-rt-4.18.0-553.72.1.rt7.413.el8_10.src.rpm SHA-256: 8b27583738f2008ce9f0897f075feff75d5dc9b891998dc961281ce77a66fcdb
x86_64
kernel-rt-4.18.0-553.72.1.rt7.413.el8_10.x86_64.rpm SHA-256: 05eece0d962476e25e4e8123f87c584d098acda219e461101cb9584209963143
kernel-rt-core-4.18.0-553.72.1.rt7.413.el8_10.x86_64.rpm SHA-256: 4836a6a4e2b08a9a10e46b7f8de5819492c4dedfa97e54ce5a39cc110a509a85
kernel-rt-debug-4.18.0-553.72.1.rt7.413.el8_10.x86_64.rpm SHA-256: 5c00a6a0a19e58577c6db82b966af42e1c094a07e098746763906a4fa8872d74
kernel-rt-debug-core-4.18.0-553.72.1.rt7.413.el8_10.x86_64.rpm SHA-256: cbe4ab52590e5f9a69ff6023d218b6d3d9008f64bb1d82de2e650458ef111cdc
kernel-rt-debug-debuginfo-4.18.0-553.72.1.rt7.413.el8_10.x86_64.rpm SHA-256: de93f35a7c4190949156318d867b8e9c26276a5478ca4b3bde6fe35a1517505d
kernel-rt-debug-devel-4.18.0-553.72.1.rt7.413.el8_10.x86_64.rpm SHA-256: ea2f4a531d48752cdbc85d062fdd4ff0cb9c219f74ad5b6dcf7dd1aab02aa140
kernel-rt-debug-modules-4.18.0-553.72.1.rt7.413.el8_10.x86_64.rpm SHA-256: dc4bcf07687352a7c6a46782e89c8f300096562df91bcd7f5f81258b475a8f33
kernel-rt-debug-modules-extra-4.18.0-553.72.1.rt7.413.el8_10.x86_64.rpm SHA-256: 559b744fc39457cfa9d79e945ab5e85bcf730610143818dd6b8e9c1d1ae93895
kernel-rt-debuginfo-4.18.0-553.72.1.rt7.413.el8_10.x86_64.rpm SHA-256: 4e78e4e469f0685a274f920977f76953d693a22ad624b5a3810a1eb571db7a84
kernel-rt-debuginfo-common-x86_64-4.18.0-553.72.1.rt7.413.el8_10.x86_64.rpm SHA-256: 32f074310c772b6f675cb38b8eb898c6ced82cc8e7849d7497106fce3bbf7a1d
kernel-rt-devel-4.18.0-553.72.1.rt7.413.el8_10.x86_64.rpm SHA-256: a952fe6433f050b4c0d742375d618cf68cb9bc7833fe2c575b467dbc4660e75a
kernel-rt-modules-4.18.0-553.72.1.rt7.413.el8_10.x86_64.rpm SHA-256: 17e56bc1efb6a66fead3fbfbbfaa80de6a895a03485b1598dbce00620cef70c2
kernel-rt-modules-extra-4.18.0-553.72.1.rt7.413.el8_10.x86_64.rpm SHA-256: 71cc1d1be404a8fd8ddcbb6f17fc82a07cde9751c4c40cc6add1082c7c5307bb

Red Hat Enterprise Linux for Real Time for NFV 8

SRPM
kernel-rt-4.18.0-553.72.1.rt7.413.el8_10.src.rpm SHA-256: 8b27583738f2008ce9f0897f075feff75d5dc9b891998dc961281ce77a66fcdb
x86_64
kernel-rt-4.18.0-553.72.1.rt7.413.el8_10.x86_64.rpm SHA-256: 05eece0d962476e25e4e8123f87c584d098acda219e461101cb9584209963143
kernel-rt-core-4.18.0-553.72.1.rt7.413.el8_10.x86_64.rpm SHA-256: 4836a6a4e2b08a9a10e46b7f8de5819492c4dedfa97e54ce5a39cc110a509a85
kernel-rt-debug-4.18.0-553.72.1.rt7.413.el8_10.x86_64.rpm SHA-256: 5c00a6a0a19e58577c6db82b966af42e1c094a07e098746763906a4fa8872d74
kernel-rt-debug-core-4.18.0-553.72.1.rt7.413.el8_10.x86_64.rpm SHA-256: cbe4ab52590e5f9a69ff6023d218b6d3d9008f64bb1d82de2e650458ef111cdc
kernel-rt-debug-debuginfo-4.18.0-553.72.1.rt7.413.el8_10.x86_64.rpm SHA-256: de93f35a7c4190949156318d867b8e9c26276a5478ca4b3bde6fe35a1517505d
kernel-rt-debug-devel-4.18.0-553.72.1.rt7.413.el8_10.x86_64.rpm SHA-256: ea2f4a531d48752cdbc85d062fdd4ff0cb9c219f74ad5b6dcf7dd1aab02aa140
kernel-rt-debug-kvm-4.18.0-553.72.1.rt7.413.el8_10.x86_64.rpm SHA-256: 497737a068321e17b43143214ba1239080e9041b452ac5b19934de4e5698ad63
kernel-rt-debug-modules-4.18.0-553.72.1.rt7.413.el8_10.x86_64.rpm SHA-256: dc4bcf07687352a7c6a46782e89c8f300096562df91bcd7f5f81258b475a8f33
kernel-rt-debug-modules-extra-4.18.0-553.72.1.rt7.413.el8_10.x86_64.rpm SHA-256: 559b744fc39457cfa9d79e945ab5e85bcf730610143818dd6b8e9c1d1ae93895
kernel-rt-debuginfo-4.18.0-553.72.1.rt7.413.el8_10.x86_64.rpm SHA-256: 4e78e4e469f0685a274f920977f76953d693a22ad624b5a3810a1eb571db7a84
kernel-rt-debuginfo-common-x86_64-4.18.0-553.72.1.rt7.413.el8_10.x86_64.rpm SHA-256: 32f074310c772b6f675cb38b8eb898c6ced82cc8e7849d7497106fce3bbf7a1d
kernel-rt-devel-4.18.0-553.72.1.rt7.413.el8_10.x86_64.rpm SHA-256: a952fe6433f050b4c0d742375d618cf68cb9bc7833fe2c575b467dbc4660e75a
kernel-rt-kvm-4.18.0-553.72.1.rt7.413.el8_10.x86_64.rpm SHA-256: c62d721ed4e2a707f4ea07bbaa0a66ecf822c72db9d84e0907b7f5f52b30a5e6
kernel-rt-modules-4.18.0-553.72.1.rt7.413.el8_10.x86_64.rpm SHA-256: 17e56bc1efb6a66fead3fbfbbfaa80de6a895a03485b1598dbce00620cef70c2
kernel-rt-modules-extra-4.18.0-553.72.1.rt7.413.el8_10.x86_64.rpm SHA-256: 71cc1d1be404a8fd8ddcbb6f17fc82a07cde9751c4c40cc6add1082c7c5307bb

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.