Red Hat Product Errata RHSA-2025:17398 - Security Advisory
Issued:
2025-10-06
Updated:
2025-10-06

RHSA-2025:17398 - Security Advisory

Synopsis

Moderate: kernel-rt security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kernel-rt is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

  • kernel: smb: client: fix use-after-free in cifs_oplock_break (CVE-2025-38527)
  • kernel: NFS: Fix filehandle bounds checking in nfs_fh_to_dentry() (CVE-2025-39730)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux for Real Time 8 x86_64
  • Red Hat Enterprise Linux for Real Time for NFV 8 x86_64

Fixes

  • BZ - 2388928 - CVE-2025-38527 kernel: smb: client: fix use-after-free in cifs_oplock_break
  • BZ - 2393731 - CVE-2025-39730 kernel: NFS: Fix filehandle bounds checking in nfs_fh_to_dentry()

Red Hat Enterprise Linux for Real Time 8

SRPM
kernel-rt-4.18.0-553.78.1.rt7.419.el8_10.src.rpm SHA-256: 9767ee05b4f541315097d04de5bf5d6b42e186cb2e14488263ffedcf75862513
x86_64
kernel-rt-4.18.0-553.78.1.rt7.419.el8_10.x86_64.rpm SHA-256: 4bd9cb35a16c16a40f37692554c2a3fcb02aaf52213255ff3f43495fdd62110a
kernel-rt-core-4.18.0-553.78.1.rt7.419.el8_10.x86_64.rpm SHA-256: 5229f3dc65886a14a53ba1ff7715da457b00559ee61a4d5e932098bd13ae525e
kernel-rt-debug-4.18.0-553.78.1.rt7.419.el8_10.x86_64.rpm SHA-256: a4a33b182c29b2d533db92763b5e2983cc9a0dd6969e2bece9d29d4156a38ecd
kernel-rt-debug-core-4.18.0-553.78.1.rt7.419.el8_10.x86_64.rpm SHA-256: 014bd61f00effe9e7669d9e278279acc7d760576326e9f49d745462b67fcde62
kernel-rt-debug-debuginfo-4.18.0-553.78.1.rt7.419.el8_10.x86_64.rpm SHA-256: 413fc288edfad0e95355a5779ebf646a7f736974316af3180101c4c6712b55d2
kernel-rt-debug-devel-4.18.0-553.78.1.rt7.419.el8_10.x86_64.rpm SHA-256: c70d0002c0d10fc53d73d5771d1f0631c730a158687abc2332bb2e22306f53f7
kernel-rt-debug-modules-4.18.0-553.78.1.rt7.419.el8_10.x86_64.rpm SHA-256: 7b08e1159c91be28970964ec473428e2701b6d70de825d340c71c57665b9210b
kernel-rt-debug-modules-extra-4.18.0-553.78.1.rt7.419.el8_10.x86_64.rpm SHA-256: daf55a484033dde76d3042659a7d2a762a85cb09b860b8a58ea9f85977aad70a
kernel-rt-debuginfo-4.18.0-553.78.1.rt7.419.el8_10.x86_64.rpm SHA-256: 9178db75c4a258e9ee0b3268e379f2d8af1e8f37f01120ae9c3a9d81a3c08886
kernel-rt-debuginfo-common-x86_64-4.18.0-553.78.1.rt7.419.el8_10.x86_64.rpm SHA-256: cc7beb94d4ac256acc640d54ae04c3bac12bf7046e339a74dcba04ed73e152c7
kernel-rt-devel-4.18.0-553.78.1.rt7.419.el8_10.x86_64.rpm SHA-256: 36a6fa3b94d20c04659ec4cc3b9dd88cc6318a0086851e9fa4b7ce72e6e950c4
kernel-rt-modules-4.18.0-553.78.1.rt7.419.el8_10.x86_64.rpm SHA-256: 254b435e5e5bc2949250de3c837c279b881d52c49301e75a976a968edb21f724
kernel-rt-modules-extra-4.18.0-553.78.1.rt7.419.el8_10.x86_64.rpm SHA-256: dcc2cc76cedf339b73b7ccf19b0bad6bbc0ccf85d4a6f7ba689a0b1c6e5d427d

Red Hat Enterprise Linux for Real Time for NFV 8

SRPM
kernel-rt-4.18.0-553.78.1.rt7.419.el8_10.src.rpm SHA-256: 9767ee05b4f541315097d04de5bf5d6b42e186cb2e14488263ffedcf75862513
x86_64
kernel-rt-4.18.0-553.78.1.rt7.419.el8_10.x86_64.rpm SHA-256: 4bd9cb35a16c16a40f37692554c2a3fcb02aaf52213255ff3f43495fdd62110a
kernel-rt-core-4.18.0-553.78.1.rt7.419.el8_10.x86_64.rpm SHA-256: 5229f3dc65886a14a53ba1ff7715da457b00559ee61a4d5e932098bd13ae525e
kernel-rt-debug-4.18.0-553.78.1.rt7.419.el8_10.x86_64.rpm SHA-256: a4a33b182c29b2d533db92763b5e2983cc9a0dd6969e2bece9d29d4156a38ecd
kernel-rt-debug-core-4.18.0-553.78.1.rt7.419.el8_10.x86_64.rpm SHA-256: 014bd61f00effe9e7669d9e278279acc7d760576326e9f49d745462b67fcde62
kernel-rt-debug-debuginfo-4.18.0-553.78.1.rt7.419.el8_10.x86_64.rpm SHA-256: 413fc288edfad0e95355a5779ebf646a7f736974316af3180101c4c6712b55d2
kernel-rt-debug-devel-4.18.0-553.78.1.rt7.419.el8_10.x86_64.rpm SHA-256: c70d0002c0d10fc53d73d5771d1f0631c730a158687abc2332bb2e22306f53f7
kernel-rt-debug-kvm-4.18.0-553.78.1.rt7.419.el8_10.x86_64.rpm SHA-256: c821df484755edf81abda237229176f80b00a9e873547f2ef535e4d573359157
kernel-rt-debug-modules-4.18.0-553.78.1.rt7.419.el8_10.x86_64.rpm SHA-256: 7b08e1159c91be28970964ec473428e2701b6d70de825d340c71c57665b9210b
kernel-rt-debug-modules-extra-4.18.0-553.78.1.rt7.419.el8_10.x86_64.rpm SHA-256: daf55a484033dde76d3042659a7d2a762a85cb09b860b8a58ea9f85977aad70a
kernel-rt-debuginfo-4.18.0-553.78.1.rt7.419.el8_10.x86_64.rpm SHA-256: 9178db75c4a258e9ee0b3268e379f2d8af1e8f37f01120ae9c3a9d81a3c08886
kernel-rt-debuginfo-common-x86_64-4.18.0-553.78.1.rt7.419.el8_10.x86_64.rpm SHA-256: cc7beb94d4ac256acc640d54ae04c3bac12bf7046e339a74dcba04ed73e152c7
kernel-rt-devel-4.18.0-553.78.1.rt7.419.el8_10.x86_64.rpm SHA-256: 36a6fa3b94d20c04659ec4cc3b9dd88cc6318a0086851e9fa4b7ce72e6e950c4
kernel-rt-kvm-4.18.0-553.78.1.rt7.419.el8_10.x86_64.rpm SHA-256: 246f28cb5136eb795dffdf517fe214dbafbd37aeaa8809da965b3b5e6269d369
kernel-rt-modules-4.18.0-553.78.1.rt7.419.el8_10.x86_64.rpm SHA-256: 254b435e5e5bc2949250de3c837c279b881d52c49301e75a976a968edb21f724
kernel-rt-modules-extra-4.18.0-553.78.1.rt7.419.el8_10.x86_64.rpm SHA-256: dcc2cc76cedf339b73b7ccf19b0bad6bbc0ccf85d4a6f7ba689a0b1c6e5d427d

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.