红帽产品勘误 RHSA-2025:16920 - Security Advisory
发布:
2025-09-29
已更新:
2025-09-29

RHSA-2025:16920 - Security Advisory

概述

Moderate: kernel-rt security update

类型/严重性

Security Advisory: Moderate

Red Hat Lightspeed patch analysis

识别并修复受此公告影响的系统。

查看受影响的系统

标题

An update for kernel-rt is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

描述

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

  • kernel: nfsd: don't ignore the return code of svc_proc_register() (CVE-2025-22026)
  • kernel: net_sched: hfsc: Fix a UAF vulnerability in class handling (CVE-2025-37797)
  • kernel: firmware: arm_scpi: Ensure scpi_info is not assigned if the probe fails (CVE-2022-50087)
  • kernel: sctp: linearize cloned gso packets in sctp_rcv (CVE-2025-38718)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

解决方案

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

受影响的产品

  • Red Hat Enterprise Linux for Real Time 8 x86_64
  • Red Hat Enterprise Linux for Real Time for NFV 8 x86_64

修复

  • BZ - 2360224 - CVE-2025-22026 kernel: nfsd: don't ignore the return code of svc_proc_register()
  • BZ - 2363672 - CVE-2025-37797 kernel: net_sched: hfsc: Fix a UAF vulnerability in class handling
  • BZ - 2373539 - CVE-2022-50087 kernel: firmware: arm_scpi: Ensure scpi_info is not assigned if the probe fails
  • BZ - 2393166 - CVE-2025-38718 kernel: sctp: linearize cloned gso packets in sctp_rcv

Red Hat Enterprise Linux for Real Time 8

SRPM
kernel-rt-4.18.0-553.77.1.rt7.418.el8_10.src.rpm SHA-256: 4e7e97cdf1fd485f0439f6356b43c4684cb384957df365c4fdffef57770a4fac
x86_64
kernel-rt-4.18.0-553.77.1.rt7.418.el8_10.x86_64.rpm SHA-256: 1abafa1c815462b22ba3437413b2aeead487d415240b781b83db67631c146905
kernel-rt-core-4.18.0-553.77.1.rt7.418.el8_10.x86_64.rpm SHA-256: 97e1a09747fb8963ca339513db7064bca59b25ad4e5f79141472f5d3fae06107
kernel-rt-debug-4.18.0-553.77.1.rt7.418.el8_10.x86_64.rpm SHA-256: 3a64b93afc4f5b7598ffdb1b54e1dda97a6922923e3f86c35efe529d7fe180dd
kernel-rt-debug-core-4.18.0-553.77.1.rt7.418.el8_10.x86_64.rpm SHA-256: 319105b9e441c0d3b546fa92959f7ad00ebb1cb96cff1ddbca6e8ab8983f0d84
kernel-rt-debug-debuginfo-4.18.0-553.77.1.rt7.418.el8_10.x86_64.rpm SHA-256: 110da0cab33d9719cc9ba38e137a40a1f9a930ec1b6669009101fbb6729f0e5c
kernel-rt-debug-devel-4.18.0-553.77.1.rt7.418.el8_10.x86_64.rpm SHA-256: f35454761c6b843ffa28103aaef4e509d2d26f513a7c80201504e059a7e8db2c
kernel-rt-debug-modules-4.18.0-553.77.1.rt7.418.el8_10.x86_64.rpm SHA-256: 00c107f4f0996a6ab574b1978b47e366ca61f036e28f912246f2840be20e98f7
kernel-rt-debug-modules-extra-4.18.0-553.77.1.rt7.418.el8_10.x86_64.rpm SHA-256: f108c521812e71a098e3a0063fa0206f59beab05d9af3d75b77fefbac18ac972
kernel-rt-debuginfo-4.18.0-553.77.1.rt7.418.el8_10.x86_64.rpm SHA-256: e99692bb308b4b8126754560fdcb4dddc9d65a3a6b89b8edf64ab2597c0efd63
kernel-rt-debuginfo-common-x86_64-4.18.0-553.77.1.rt7.418.el8_10.x86_64.rpm SHA-256: 111d0978f2097a1460dffedd09d15c204955ad1ddb4f5508a9f9c8299430eb85
kernel-rt-devel-4.18.0-553.77.1.rt7.418.el8_10.x86_64.rpm SHA-256: 47b7b84a7196d6029083d24e73218a1981c6d903618bf6acdedb0c921c44af36
kernel-rt-modules-4.18.0-553.77.1.rt7.418.el8_10.x86_64.rpm SHA-256: ba851c5e1db7d6791903a6ba9ac5fe07874fa46017e8efd0e28e54ff5e9d2db0
kernel-rt-modules-extra-4.18.0-553.77.1.rt7.418.el8_10.x86_64.rpm SHA-256: 8b14d90bd3c963e51ea92f6750f7aad513c82ec748a0fc0babc73868a234b26f

Red Hat Enterprise Linux for Real Time for NFV 8

SRPM
kernel-rt-4.18.0-553.77.1.rt7.418.el8_10.src.rpm SHA-256: 4e7e97cdf1fd485f0439f6356b43c4684cb384957df365c4fdffef57770a4fac
x86_64
kernel-rt-4.18.0-553.77.1.rt7.418.el8_10.x86_64.rpm SHA-256: 1abafa1c815462b22ba3437413b2aeead487d415240b781b83db67631c146905
kernel-rt-core-4.18.0-553.77.1.rt7.418.el8_10.x86_64.rpm SHA-256: 97e1a09747fb8963ca339513db7064bca59b25ad4e5f79141472f5d3fae06107
kernel-rt-debug-4.18.0-553.77.1.rt7.418.el8_10.x86_64.rpm SHA-256: 3a64b93afc4f5b7598ffdb1b54e1dda97a6922923e3f86c35efe529d7fe180dd
kernel-rt-debug-core-4.18.0-553.77.1.rt7.418.el8_10.x86_64.rpm SHA-256: 319105b9e441c0d3b546fa92959f7ad00ebb1cb96cff1ddbca6e8ab8983f0d84
kernel-rt-debug-debuginfo-4.18.0-553.77.1.rt7.418.el8_10.x86_64.rpm SHA-256: 110da0cab33d9719cc9ba38e137a40a1f9a930ec1b6669009101fbb6729f0e5c
kernel-rt-debug-devel-4.18.0-553.77.1.rt7.418.el8_10.x86_64.rpm SHA-256: f35454761c6b843ffa28103aaef4e509d2d26f513a7c80201504e059a7e8db2c
kernel-rt-debug-kvm-4.18.0-553.77.1.rt7.418.el8_10.x86_64.rpm SHA-256: 08e506d1121b5f624f5c6d8a6575ab695aba672d8f6b54cfe4836ac022ea0dd0
kernel-rt-debug-modules-4.18.0-553.77.1.rt7.418.el8_10.x86_64.rpm SHA-256: 00c107f4f0996a6ab574b1978b47e366ca61f036e28f912246f2840be20e98f7
kernel-rt-debug-modules-extra-4.18.0-553.77.1.rt7.418.el8_10.x86_64.rpm SHA-256: f108c521812e71a098e3a0063fa0206f59beab05d9af3d75b77fefbac18ac972
kernel-rt-debuginfo-4.18.0-553.77.1.rt7.418.el8_10.x86_64.rpm SHA-256: e99692bb308b4b8126754560fdcb4dddc9d65a3a6b89b8edf64ab2597c0efd63
kernel-rt-debuginfo-common-x86_64-4.18.0-553.77.1.rt7.418.el8_10.x86_64.rpm SHA-256: 111d0978f2097a1460dffedd09d15c204955ad1ddb4f5508a9f9c8299430eb85
kernel-rt-devel-4.18.0-553.77.1.rt7.418.el8_10.x86_64.rpm SHA-256: 47b7b84a7196d6029083d24e73218a1981c6d903618bf6acdedb0c921c44af36
kernel-rt-kvm-4.18.0-553.77.1.rt7.418.el8_10.x86_64.rpm SHA-256: c08d577063e117da1bf3eaab5cea9cc95184e248a327fbc6ab75e3bd9aae86af
kernel-rt-modules-4.18.0-553.77.1.rt7.418.el8_10.x86_64.rpm SHA-256: ba851c5e1db7d6791903a6ba9ac5fe07874fa46017e8efd0e28e54ff5e9d2db0
kernel-rt-modules-extra-4.18.0-553.77.1.rt7.418.el8_10.x86_64.rpm SHA-256: 8b14d90bd3c963e51ea92f6750f7aad513c82ec748a0fc0babc73868a234b26f

Red Hat 安全团队联络方式为 secalert@redhat.com。 更多联络细节请参考 https://access.redhat.com/security/team/contact/