Issued:: 2025-11-12
Updated:: 2025-11-12

RHSA-2025:21082 - Security Advisory

Overview
Updated Packages

Synopsis

Moderate: kernel-rt security update

Type/Severity

Security Advisory: Moderate

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kernel-rt is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

kernel: HID: core: fix shift-out-of-bounds in hid_report_raw_event (CVE-2022-48978)
kernel: nfsd: don't ignore the return code of svc_proc_register() (CVE-2025-22026)
kernel: net_sched: hfsc: Fix a UAF vulnerability in class handling (CVE-2025-37797)
kernel: HID: core: Harden s32ton() against conversion to 0 bits (CVE-2025-38556)
kernel: ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control (CVE-2025-39751)
kernel: crypto: seqiv - Handle EBUSY correctly (CVE-2023-53373)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

Red Hat Enterprise Linux for Real Time for x86_64 - Extended Life Cycle Support 7 x86_64

Fixes

BZ - 2320665 - CVE-2022-48978 kernel: HID: core: fix shift-out-of-bounds in hid_report_raw_event
BZ - 2360224 - CVE-2025-22026 kernel: nfsd: don't ignore the return code of svc_proc_register()
BZ - 2363672 - CVE-2025-37797 kernel: net_sched: hfsc: Fix a UAF vulnerability in class handling
BZ - 2389456 - CVE-2025-38556 kernel: HID: core: Harden s32ton() against conversion to 0 bits
BZ - 2394624 - CVE-2025-39751 kernel: ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control
BZ - 2396379 - CVE-2023-53373 kernel: crypto: seqiv - Handle EBUSY correctly

CVEs

References

https://access.redhat.com/security/updates/classification/#moderate

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for Real Time for x86_64 - Extended Life Cycle Support 7

SRPM
kernel-rt-3.10.0-1160.142.1.rt56.1294.el7.src.rpm	SHA-256: 4fcc942685c510c4607364512e120116e7727fb072a28ebbc9436579b6fc5385
x86_64
kernel-rt-3.10.0-1160.142.1.rt56.1294.el7.x86_64.rpm	SHA-256: 7580ca8b009d3656b6a702aa1c0f7438667abfc113f7b5b723b772c751079081
kernel-rt-debug-3.10.0-1160.142.1.rt56.1294.el7.x86_64.rpm	SHA-256: 5e59f7ce188dc54f2e4c2ebcc77a6185d29149f8a9194d9cddb7df64531a5354
kernel-rt-debug-debuginfo-3.10.0-1160.142.1.rt56.1294.el7.x86_64.rpm	SHA-256: 590ae9e4a53d7071979539c1e9414ca9dc904e4c21cb044f68d45589ed128c00
kernel-rt-debug-devel-3.10.0-1160.142.1.rt56.1294.el7.x86_64.rpm	SHA-256: c8bdb6caba6d22cc586d01dc323f90dce7469d487b2a76eee80f7db6a6ddf4e1
kernel-rt-debuginfo-3.10.0-1160.142.1.rt56.1294.el7.x86_64.rpm	SHA-256: 09b4c4b02a0eeb692db28de1b75fb4356690b43d46b32535ba63d26d0cb2c2d1
kernel-rt-debuginfo-common-x86_64-3.10.0-1160.142.1.rt56.1294.el7.x86_64.rpm	SHA-256: ceb24b50fa7c1a6f567105a3f268ada14189717db8451353b4f6cb4762717d42
kernel-rt-devel-3.10.0-1160.142.1.rt56.1294.el7.x86_64.rpm	SHA-256: 7df0ef47d848aea9e1add85372218bab0880db755825d4f61b76d31a16ef7a76
kernel-rt-doc-3.10.0-1160.142.1.rt56.1294.el7.noarch.rpm	SHA-256: 02f272e43bfd337584ee09264f2e3ab07de5a9f85e511e53054bdccc53f9a0ca
kernel-rt-trace-3.10.0-1160.142.1.rt56.1294.el7.x86_64.rpm	SHA-256: b04b65e0cffce547ee7963443e27745e1fcd7bfd39265e1a697d0807c39a8cd2
kernel-rt-trace-debuginfo-3.10.0-1160.142.1.rt56.1294.el7.x86_64.rpm	SHA-256: a18e4df1f8325ce1660edb2636494e1eae55c7752a00946b0bb80ceef509e96f
kernel-rt-trace-devel-3.10.0-1160.142.1.rt56.1294.el7.x86_64.rpm	SHA-256: a0673395f493a1ff4bc21a9a526016d60d6fdb68d551245deddba5333d96f676

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation