Red Hat Product Errata RHSA-2025:21136 - Security Advisory
Issued:
2025-11-12
Updated:
2025-11-12

RHSA-2025:21136 - Security Advisory

Synopsis

Moderate: kernel-rt security update

Type/Severity

Security Advisory: Moderate

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kernel-rt is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

  • kernel: ALSA: usb-audio: ALSA USB Audio Out-of-Bounds Bug (CVE-2022-48701)
  • kernel: ipv6: mcast: Delay put pmc->idev in mld_del_delrec() (CVE-2025-38550)
  • kernel: sctp: linearize cloned gso packets in sctp_rcv (CVE-2025-38718)
  • kernel: NFS: Fix a race when updating an existing write (CVE-2025-39697)
  • kernel: ipv6: sr: Fix MAC comparison to be constant-time (CVE-2025-39702)
  • kernel: NFS: Fix filehandle bounds checking in nfs_fh_to_dentry() (CVE-2025-39730)
  • kernel: wifi: mac80211: check S1G action frame size (CVE-2023-53257)
  • kernel: wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies() (CVE-2023-53213)
  • kernel: wifi: ath9k: don't allow to overwrite ENDPOINT0 attributes (CVE-2023-53185)
  • kernel: mt76: mt7921: fix kernel panic by accessing unallocated eeprom.data (CVE-2023-53232)
  • kernel: mm: fix zswap writeback race condition (CVE-2023-53178)
  • kernel: wifi: mwifiex: Fix OOB and integer underflow when rx packets (CVE-2023-53226)
  • kernel: Bluetooth: L2CAP: Fix use-after-free (CVE-2023-53305)
  • kernel: pstore/ram: Check start of empty przs during init (CVE-2023-53331)
  • kernel: fs: fix UAF/GPF bug in nilfs_mdt_destroy (CVE-2022-50367)
  • kernel: net: sched: sfb: fix null pointer access issue when sfb_init() fails (CVE-2022-50356)
  • kernel: skbuff: skb_segment, Call zero copy functions before using skbuff frags (CVE-2023-53354)
  • kernel: mm: kmem: fix a NULL pointer dereference in obj_stock_flush_required() (CVE-2023-53401)
  • kernel: Bluetooth: Fix potential use-after-free when clear keys (CVE-2023-53386)
  • kernel: Bluetooth: L2CAP: Fix user-after-free (CVE-2022-50386)
  • kernel: wifi: brcmfmac: fix use-after-free bug in brcmf_netdev_start_xmit() (CVE-2022-50408)
  • kernel: iomap: iomap: fix memory corruption when recording errors during writeback (CVE-2022-50406)
  • kernel: crypto: xts - Handle EBUSY correctly (CVE-2023-53494)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0 x86_64

Fixes

  • BZ - 2278950 - CVE-2022-48701 kernel: ALSA: usb-audio: ALSA USB Audio Out-of-Bounds Bug
  • BZ - 2388941 - CVE-2025-38550 kernel: ipv6: mcast: Delay put pmc->idev in mld_del_delrec()
  • BZ - 2393166 - CVE-2025-38718 kernel: sctp: linearize cloned gso packets in sctp_rcv
  • BZ - 2393481 - CVE-2025-39697 kernel: NFS: Fix a race when updating an existing write
  • BZ - 2393533 - CVE-2025-39702 kernel: ipv6: sr: Fix MAC comparison to be constant-time
  • BZ - 2393731 - CVE-2025-39730 kernel: NFS: Fix filehandle bounds checking in nfs_fh_to_dentry()
  • BZ - 2395253 - CVE-2023-53257 kernel: wifi: mac80211: check S1G action frame size
  • BZ - 2395267 - CVE-2023-53213 kernel: wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies()
  • BZ - 2395297 - CVE-2023-53185 kernel: wifi: ath9k: don't allow to overwrite ENDPOINT0 attributes
  • BZ - 2395322 - CVE-2023-53232 kernel: mt76: mt7921: fix kernel panic by accessing unallocated eeprom.data
  • BZ - 2395358 - CVE-2023-53178 kernel: mm: fix zswap writeback race condition
  • BZ - 2395420 - CVE-2023-53226 kernel: wifi: mwifiex: Fix OOB and integer underflow when rx packets
  • BZ - 2395858 - CVE-2023-53305 kernel: Bluetooth: L2CAP: Fix use-after-free
  • BZ - 2395880 - CVE-2023-53331 kernel: pstore/ram: Check start of empty przs during init
  • BZ - 2396114 - CVE-2022-50367 kernel: fs: fix UAF/GPF bug in nilfs_mdt_destroy
  • BZ - 2396152 - CVE-2022-50356 kernel: net: sched: sfb: fix null pointer access issue when sfb_init() fails
  • BZ - 2396158 - CVE-2023-53354 kernel: skbuff: skb_segment, Call zero copy functions before using skbuff frags
  • BZ - 2396417 - CVE-2023-53401 kernel: mm: kmem: fix a NULL pointer dereference in obj_stock_flush_required()
  • BZ - 2396419 - CVE-2023-53386 kernel: Bluetooth: Fix potential use-after-free when clear keys
  • BZ - 2396431 - CVE-2022-50386 kernel: Bluetooth: L2CAP: Fix user-after-free
  • BZ - 2396506 - CVE-2022-50408 kernel: wifi: brcmfmac: fix use-after-free bug in brcmf_netdev_start_xmit()
  • BZ - 2396538 - CVE-2022-50406 kernel: iomap: iomap: fix memory corruption when recording errors during writeback
  • BZ - 2400777 - CVE-2023-53494 kernel: crypto: xts - Handle EBUSY correctly

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0

SRPM
kernel-rt-5.14.0-70.153.1.rt21.225.el9_0.src.rpm SHA-256: a871955c9a01fd5bf81bf48a1a32631db48d02b9e5a56214e8efdd1d66e9c24c
x86_64
kernel-rt-5.14.0-70.153.1.rt21.225.el9_0.x86_64.rpm SHA-256: 7aeea0ad38b4de8c6f7737bd1160bb96ff965e68dd6b81986a4f35a1ef287b62
kernel-rt-5.14.0-70.153.1.rt21.225.el9_0.x86_64.rpm SHA-256: 7aeea0ad38b4de8c6f7737bd1160bb96ff965e68dd6b81986a4f35a1ef287b62
kernel-rt-core-5.14.0-70.153.1.rt21.225.el9_0.x86_64.rpm SHA-256: e905e944eec3228ce3a5ed60fbf40d688635b2123415264ef8be908dc91fdb2f
kernel-rt-core-5.14.0-70.153.1.rt21.225.el9_0.x86_64.rpm SHA-256: e905e944eec3228ce3a5ed60fbf40d688635b2123415264ef8be908dc91fdb2f
kernel-rt-debug-5.14.0-70.153.1.rt21.225.el9_0.x86_64.rpm SHA-256: bc5248cdaba2d9fe3f714cf4132ef8ae16c232b52b4083128f00bc2601dde4ed
kernel-rt-debug-5.14.0-70.153.1.rt21.225.el9_0.x86_64.rpm SHA-256: bc5248cdaba2d9fe3f714cf4132ef8ae16c232b52b4083128f00bc2601dde4ed
kernel-rt-debug-core-5.14.0-70.153.1.rt21.225.el9_0.x86_64.rpm SHA-256: 60045cdc16f465c9aabffd4ed47ced8e1456ef0444b375081c77716cc2192bb1
kernel-rt-debug-core-5.14.0-70.153.1.rt21.225.el9_0.x86_64.rpm SHA-256: 60045cdc16f465c9aabffd4ed47ced8e1456ef0444b375081c77716cc2192bb1
kernel-rt-debug-debuginfo-5.14.0-70.153.1.rt21.225.el9_0.x86_64.rpm SHA-256: aa9d9ba4f9726886cc04f1d47b695d671121b020031c236c8e05205a0167985b
kernel-rt-debug-debuginfo-5.14.0-70.153.1.rt21.225.el9_0.x86_64.rpm SHA-256: aa9d9ba4f9726886cc04f1d47b695d671121b020031c236c8e05205a0167985b
kernel-rt-debug-devel-5.14.0-70.153.1.rt21.225.el9_0.x86_64.rpm SHA-256: 6c0932eeeb0103f899be68a3594b29d1dc2982adb1dd3cdc8f744e18ad1fe877
kernel-rt-debug-devel-5.14.0-70.153.1.rt21.225.el9_0.x86_64.rpm SHA-256: 6c0932eeeb0103f899be68a3594b29d1dc2982adb1dd3cdc8f744e18ad1fe877
kernel-rt-debug-kvm-5.14.0-70.153.1.rt21.225.el9_0.x86_64.rpm SHA-256: 97aca0b61ad5a405f690d6147d789e2811da61af96869353dd00ab14d6dfa403
kernel-rt-debug-modules-5.14.0-70.153.1.rt21.225.el9_0.x86_64.rpm SHA-256: aeaaf1e3ad9ec3160e1f38577a675618e6261849865235b719612b5becd111f0
kernel-rt-debug-modules-5.14.0-70.153.1.rt21.225.el9_0.x86_64.rpm SHA-256: aeaaf1e3ad9ec3160e1f38577a675618e6261849865235b719612b5becd111f0
kernel-rt-debug-modules-extra-5.14.0-70.153.1.rt21.225.el9_0.x86_64.rpm SHA-256: 08ade1aab589ce24a9ac254eaad85d78b714c868aa19b2fc296362dbe67ae6fc
kernel-rt-debug-modules-extra-5.14.0-70.153.1.rt21.225.el9_0.x86_64.rpm SHA-256: 08ade1aab589ce24a9ac254eaad85d78b714c868aa19b2fc296362dbe67ae6fc
kernel-rt-debuginfo-5.14.0-70.153.1.rt21.225.el9_0.x86_64.rpm SHA-256: 01d088f9c58f1b71fffedee3f3f66fc1c76cce538efc3ec72982506fdc0fb875
kernel-rt-debuginfo-5.14.0-70.153.1.rt21.225.el9_0.x86_64.rpm SHA-256: 01d088f9c58f1b71fffedee3f3f66fc1c76cce538efc3ec72982506fdc0fb875
kernel-rt-debuginfo-common-x86_64-5.14.0-70.153.1.rt21.225.el9_0.x86_64.rpm SHA-256: 45954b9deafa5128fe13f45792c1d9768cb189f28c825eb385d5e1cebcb61bf4
kernel-rt-debuginfo-common-x86_64-5.14.0-70.153.1.rt21.225.el9_0.x86_64.rpm SHA-256: 45954b9deafa5128fe13f45792c1d9768cb189f28c825eb385d5e1cebcb61bf4
kernel-rt-devel-5.14.0-70.153.1.rt21.225.el9_0.x86_64.rpm SHA-256: 41439406ad23b058885f8ff8b98447303afcd55b8b496ae426ea09ce139fe1c1
kernel-rt-devel-5.14.0-70.153.1.rt21.225.el9_0.x86_64.rpm SHA-256: 41439406ad23b058885f8ff8b98447303afcd55b8b496ae426ea09ce139fe1c1
kernel-rt-kvm-5.14.0-70.153.1.rt21.225.el9_0.x86_64.rpm SHA-256: 99b314af566fd39b5a23457ff72b4d38cf0816d86d45845655aa47f226a95f32
kernel-rt-modules-5.14.0-70.153.1.rt21.225.el9_0.x86_64.rpm SHA-256: f1dd055e2473344be9450890a35edc66ccefa5f73dac4aa6730256833643b4db
kernel-rt-modules-5.14.0-70.153.1.rt21.225.el9_0.x86_64.rpm SHA-256: f1dd055e2473344be9450890a35edc66ccefa5f73dac4aa6730256833643b4db
kernel-rt-modules-extra-5.14.0-70.153.1.rt21.225.el9_0.x86_64.rpm SHA-256: ee384ce27a9fc5e3ae22b6f2dc3c8581d952e709d23672cb7c5e8213b7709daf
kernel-rt-modules-extra-5.14.0-70.153.1.rt21.225.el9_0.x86_64.rpm SHA-256: ee384ce27a9fc5e3ae22b6f2dc3c8581d952e709d23672cb7c5e8213b7709daf

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.