Issued:: 2025-09-30
Updated:: 2025-09-30

RHSA-2025:17109 - Security Advisory

Overview
Updated Packages

Synopsis

Moderate: kernel-rt security update

Type/Severity

Security Advisory: Moderate

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kernel-rt is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

kernel: ALSA: usb-audio: ALSA USB Audio Out-of-Bounds Bug (CVE-2022-48701)
kernel: net: usb: smsc75xx: Limit packet length to skb->len (CVE-2023-53125)
kernel: ALSA: bcd2000: Fix a UAF bug on the error path of probing (CVE-2022-50229)
kernel: md-raid10: fix KASAN warning (CVE-2022-50211)
kernel: i40e: fix MMIO write access to an invalid page in i40e_clear_hw (CVE-2025-38200)
kernel: net/sched: sch_qfq: Fix race condition on qfq_aggregate (CVE-2025-38477)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

Red Hat Enterprise Linux for Real Time for x86_64 - Extended Life Cycle Support 7 x86_64

Fixes

BZ - 2278950 - CVE-2022-48701 kernel: ALSA: usb-audio: ALSA USB Audio Out-of-Bounds Bug
BZ - 2363686 - CVE-2023-53125 kernel: net: usb: smsc75xx: Limit packet length to skb->len
BZ - 2373460 - CVE-2022-50229 kernel: ALSA: bcd2000: Fix a UAF bug on the error path of probing
BZ - 2373662 - CVE-2022-50211 kernel: md-raid10: fix KASAN warning
BZ - 2376392 - CVE-2025-38200 kernel: i40e: fix MMIO write access to an invalid page in i40e_clear_hw
BZ - 2383922 - CVE-2025-38477 kernel: net/sched: sch_qfq: Fix race condition on qfq_aggregate

CVEs

References

https://access.redhat.com/security/updates/classification/#moderate

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for Real Time for x86_64 - Extended Life Cycle Support 7

SRPM
kernel-rt-3.10.0-1160.140.1.rt56.1292.el7.src.rpm	SHA-256: d4ad7a90c0e162bc12ed9e562789baec971708eee227a0168f7e2ae688cd7dfd
x86_64
kernel-rt-3.10.0-1160.140.1.rt56.1292.el7.x86_64.rpm	SHA-256: 1f882e622f5f67469ce1e13de3d08242b55a3f2d247d2a5e32ca6662133e2032
kernel-rt-debug-3.10.0-1160.140.1.rt56.1292.el7.x86_64.rpm	SHA-256: 70a4ac560dd7cf6a20a256d84b2bdfff8693431f5199a3f3aa42ebacc1c4e644
kernel-rt-debug-debuginfo-3.10.0-1160.140.1.rt56.1292.el7.x86_64.rpm	SHA-256: 746807ffeefcd3583503170c972344e6ea8892d89667e39bd420ee99e3863399
kernel-rt-debug-devel-3.10.0-1160.140.1.rt56.1292.el7.x86_64.rpm	SHA-256: eee40a29d23b17d4cb459924d892f218524946ecab98d6505bf3ad7c7115db53
kernel-rt-debuginfo-3.10.0-1160.140.1.rt56.1292.el7.x86_64.rpm	SHA-256: 7a5642b1da829654452b1563a910b983cc6162f2be1a81b42f6816b4f7b0efc1
kernel-rt-debuginfo-common-x86_64-3.10.0-1160.140.1.rt56.1292.el7.x86_64.rpm	SHA-256: a05680c83607dc8ba3f6202d02cac4463c495499aba318efd0a2bada2916410e
kernel-rt-devel-3.10.0-1160.140.1.rt56.1292.el7.x86_64.rpm	SHA-256: 76436d719effb1913cd527d0547d94da7af6db5b417c60eb578e805d3544214d
kernel-rt-doc-3.10.0-1160.140.1.rt56.1292.el7.noarch.rpm	SHA-256: dafe6e09fa98987cb156cea40fe3b7a06f7809f70d0c04da9ceb82d29d782068
kernel-rt-trace-3.10.0-1160.140.1.rt56.1292.el7.x86_64.rpm	SHA-256: 747f7ed20a33fb804b217bceb740865ade07f3eaa651f030f75fd991be904d4d
kernel-rt-trace-debuginfo-3.10.0-1160.140.1.rt56.1292.el7.x86_64.rpm	SHA-256: d9540c79ee898fc1d761acecac2006c6cb6867d5ed0c9cf72ea11f145f4d2ea3
kernel-rt-trace-devel-3.10.0-1160.140.1.rt56.1292.el7.x86_64.rpm	SHA-256: bfcd89922801c36c636cb57c89648cbecd9622f539136d3fb8accb5a06642a38

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation