Red Hat Product Errata RHSA-2025:3894 - Security Advisory
Issued:
2025-04-15
Updated:
2025-04-15

RHSA-2025:3894 - Security Advisory

Synopsis

Moderate: kernel-rt security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kernel-rt is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

  • kernel: xen: Xen hypercall page unsafe against speculative attacks (Xen Security Advisory 466) (CVE-2024-53241)
  • kernel: ALSA: usb-audio: Fix out of bounds reads when finding clock sources (CVE-2024-53150)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux for Real Time 8 x86_64
  • Red Hat Enterprise Linux for Real Time for NFV 8 x86_64

Fixes

  • BZ - 2331326 - CVE-2024-53241 kernel: xen: Xen hypercall page unsafe against speculative attacks (Xen Security Advisory 466)
  • BZ - 2333971 - CVE-2024-53150 kernel: ALSA: usb-audio: Fix out of bounds reads when finding clock sources

Red Hat Enterprise Linux for Real Time 8

SRPM
kernel-rt-4.18.0-553.50.1.rt7.391.el8_10.src.rpm SHA-256: 5248b61d1cbda72256520bb7cdbf37314ea69d8d225645c596fe2e60ba43c348
x86_64
kernel-rt-4.18.0-553.50.1.rt7.391.el8_10.x86_64.rpm SHA-256: 408b9bac2ad24adc3f21951d3dbf0f1409559faa4b5f9972a98665e9a5faabc2
kernel-rt-core-4.18.0-553.50.1.rt7.391.el8_10.x86_64.rpm SHA-256: 56ce16b3cc3c3e6c7217adf300df613777ef4930ca5a57ef020acced861fd5ea
kernel-rt-debug-4.18.0-553.50.1.rt7.391.el8_10.x86_64.rpm SHA-256: ef885859548986367fc3009cdb2bdc13fde27646e2908e72093a7eef48ce6884
kernel-rt-debug-core-4.18.0-553.50.1.rt7.391.el8_10.x86_64.rpm SHA-256: d2a1c195d8b294f7def824258d42fb6ce9f7ac801c38d9bb982b15981169709e
kernel-rt-debug-debuginfo-4.18.0-553.50.1.rt7.391.el8_10.x86_64.rpm SHA-256: 8e355ed74a5719dee810f2088cb3cead7600f64c338187c77050cfac6a62774b
kernel-rt-debug-devel-4.18.0-553.50.1.rt7.391.el8_10.x86_64.rpm SHA-256: efd81197264c266ef56913302127cddbb00c646aba94ca71c62e820423483c91
kernel-rt-debug-modules-4.18.0-553.50.1.rt7.391.el8_10.x86_64.rpm SHA-256: 6229dcd3f92d1a777c82abf44ee03b8b1838afd40c2cee21d0b3baa4f1e6835f
kernel-rt-debug-modules-extra-4.18.0-553.50.1.rt7.391.el8_10.x86_64.rpm SHA-256: 7541845217e8e737585cf6067231c1a282ee8a024efd7b14694f0f8042db50a0
kernel-rt-debuginfo-4.18.0-553.50.1.rt7.391.el8_10.x86_64.rpm SHA-256: 958ad0ece3b87a34e3f0f135d7ab7eb8302cf99b2790e94bdf2e651ed12ef718
kernel-rt-debuginfo-common-x86_64-4.18.0-553.50.1.rt7.391.el8_10.x86_64.rpm SHA-256: ebf5aa007d86ae6cfe22b85c28a42d4c582e24a038ae3421ed3a27cfe61d577f
kernel-rt-devel-4.18.0-553.50.1.rt7.391.el8_10.x86_64.rpm SHA-256: 0e6381b60219f88b4ede0d9a548bd49a63b17c38b9baa880d4c1614b45353372
kernel-rt-modules-4.18.0-553.50.1.rt7.391.el8_10.x86_64.rpm SHA-256: c454a9c3f3a69e4f116b38c17684bf26f7656d46b95735133f6ad4382874acb2
kernel-rt-modules-extra-4.18.0-553.50.1.rt7.391.el8_10.x86_64.rpm SHA-256: 7e33ac0c70ac30ac628123a7c2074ae04cefc873f1ba642e17f964508e06d833

Red Hat Enterprise Linux for Real Time for NFV 8

SRPM
kernel-rt-4.18.0-553.50.1.rt7.391.el8_10.src.rpm SHA-256: 5248b61d1cbda72256520bb7cdbf37314ea69d8d225645c596fe2e60ba43c348
x86_64
kernel-rt-4.18.0-553.50.1.rt7.391.el8_10.x86_64.rpm SHA-256: 408b9bac2ad24adc3f21951d3dbf0f1409559faa4b5f9972a98665e9a5faabc2
kernel-rt-core-4.18.0-553.50.1.rt7.391.el8_10.x86_64.rpm SHA-256: 56ce16b3cc3c3e6c7217adf300df613777ef4930ca5a57ef020acced861fd5ea
kernel-rt-debug-4.18.0-553.50.1.rt7.391.el8_10.x86_64.rpm SHA-256: ef885859548986367fc3009cdb2bdc13fde27646e2908e72093a7eef48ce6884
kernel-rt-debug-core-4.18.0-553.50.1.rt7.391.el8_10.x86_64.rpm SHA-256: d2a1c195d8b294f7def824258d42fb6ce9f7ac801c38d9bb982b15981169709e
kernel-rt-debug-debuginfo-4.18.0-553.50.1.rt7.391.el8_10.x86_64.rpm SHA-256: 8e355ed74a5719dee810f2088cb3cead7600f64c338187c77050cfac6a62774b
kernel-rt-debug-devel-4.18.0-553.50.1.rt7.391.el8_10.x86_64.rpm SHA-256: efd81197264c266ef56913302127cddbb00c646aba94ca71c62e820423483c91
kernel-rt-debug-kvm-4.18.0-553.50.1.rt7.391.el8_10.x86_64.rpm SHA-256: 01e502198c1e0245e2491a91d8d2ff8add8bdc72712611cf5a2ae10d291ddfa0
kernel-rt-debug-modules-4.18.0-553.50.1.rt7.391.el8_10.x86_64.rpm SHA-256: 6229dcd3f92d1a777c82abf44ee03b8b1838afd40c2cee21d0b3baa4f1e6835f
kernel-rt-debug-modules-extra-4.18.0-553.50.1.rt7.391.el8_10.x86_64.rpm SHA-256: 7541845217e8e737585cf6067231c1a282ee8a024efd7b14694f0f8042db50a0
kernel-rt-debuginfo-4.18.0-553.50.1.rt7.391.el8_10.x86_64.rpm SHA-256: 958ad0ece3b87a34e3f0f135d7ab7eb8302cf99b2790e94bdf2e651ed12ef718
kernel-rt-debuginfo-common-x86_64-4.18.0-553.50.1.rt7.391.el8_10.x86_64.rpm SHA-256: ebf5aa007d86ae6cfe22b85c28a42d4c582e24a038ae3421ed3a27cfe61d577f
kernel-rt-devel-4.18.0-553.50.1.rt7.391.el8_10.x86_64.rpm SHA-256: 0e6381b60219f88b4ede0d9a548bd49a63b17c38b9baa880d4c1614b45353372
kernel-rt-kvm-4.18.0-553.50.1.rt7.391.el8_10.x86_64.rpm SHA-256: 9c160b6465a801758a2c82331c69aabb609095426382cf658d94ef08afa62a0c
kernel-rt-modules-4.18.0-553.50.1.rt7.391.el8_10.x86_64.rpm SHA-256: c454a9c3f3a69e4f116b38c17684bf26f7656d46b95735133f6ad4382874acb2
kernel-rt-modules-extra-4.18.0-553.50.1.rt7.391.el8_10.x86_64.rpm SHA-256: 7e33ac0c70ac30ac628123a7c2074ae04cefc873f1ba642e17f964508e06d833

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.