Red Hat Product Errata RHSA-2025:4499 - Security Advisory
Issued:
2025-05-06
Updated:
2025-05-06

RHSA-2025:4499 - Security Advisory

Synopsis

Important: kpatch-patch-5_14_0-503_15_1 and kpatch-patch-5_14_0-503_26_1 security update

Type/Severity

Security Advisory: Important

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kpatch-patch-5_14_0-503_15_1 and kpatch-patch-5_14_0-503_26_1 is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

This is a kernel live patch module which can be loaded by the kpatch command line utility to modify the code of a running kernel. This patch module is targeted for kernel-5.14.0-503.15.1.el9_5.

Security Fix(es):

  • kernel: nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu() (CVE-2025-21927)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux for x86_64 9 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6 x86_64
  • Red Hat Enterprise Linux Server - AUS 9.6 x86_64
  • Red Hat Enterprise Linux for Power, little endian 9 ppc64le
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6 ppc64le
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6 x86_64

Fixes

  • BZ - 2356593 - CVE-2025-21927 kernel: nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu()

Red Hat Enterprise Linux for x86_64 9

SRPM
kpatch-patch-5_14_0-503_15_1-1-4.el9_5.src.rpm SHA-256: 93cefc55350421bfb7ca91a5e8b7c63297ead3e10ca60936f43c8b42af7f61ac
kpatch-patch-5_14_0-503_26_1-1-3.el9_5.src.rpm SHA-256: a388b18c826afc1f26060e3726e38db027e3548ec8b6bd8f09794a4a31ca88a5
x86_64
kpatch-patch-5_14_0-503_15_1-1-4.el9_5.x86_64.rpm SHA-256: 676ecb8e019362ef09166c4b0b1ec4dac675ee87c82639584365a7b3228a7f62
kpatch-patch-5_14_0-503_15_1-debuginfo-1-4.el9_5.x86_64.rpm SHA-256: f9009a15db89f77dc7f19ce7198c9b548ba3df12a14bd6389fecb302d982d5df
kpatch-patch-5_14_0-503_15_1-debugsource-1-4.el9_5.x86_64.rpm SHA-256: d2d27b3c77a7fff97534233edea80da9eddc2478e46c5db882fc3eb484717619
kpatch-patch-5_14_0-503_26_1-1-3.el9_5.x86_64.rpm SHA-256: a6bee9735cfb142c24577969cd6a1674504c7d0cca519acaa7d5f970b3d6e74b
kpatch-patch-5_14_0-503_26_1-debuginfo-1-3.el9_5.x86_64.rpm SHA-256: 0ed02a4a529a8630f059ba0c0038fe7c7320b615cd37ef2f3308db6d9d2d6d1b
kpatch-patch-5_14_0-503_26_1-debugsource-1-3.el9_5.x86_64.rpm SHA-256: 72bc1cd6ba9d05cf9fe36010efe8376b5826e0c41169932db298a81e7170a125

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6

SRPM
kpatch-patch-5_14_0-503_15_1-1-4.el9_5.src.rpm SHA-256: 93cefc55350421bfb7ca91a5e8b7c63297ead3e10ca60936f43c8b42af7f61ac
kpatch-patch-5_14_0-503_26_1-1-3.el9_5.src.rpm SHA-256: a388b18c826afc1f26060e3726e38db027e3548ec8b6bd8f09794a4a31ca88a5
x86_64
kpatch-patch-5_14_0-503_15_1-1-4.el9_5.x86_64.rpm SHA-256: 676ecb8e019362ef09166c4b0b1ec4dac675ee87c82639584365a7b3228a7f62
kpatch-patch-5_14_0-503_15_1-debuginfo-1-4.el9_5.x86_64.rpm SHA-256: f9009a15db89f77dc7f19ce7198c9b548ba3df12a14bd6389fecb302d982d5df
kpatch-patch-5_14_0-503_15_1-debugsource-1-4.el9_5.x86_64.rpm SHA-256: d2d27b3c77a7fff97534233edea80da9eddc2478e46c5db882fc3eb484717619
kpatch-patch-5_14_0-503_26_1-1-3.el9_5.x86_64.rpm SHA-256: a6bee9735cfb142c24577969cd6a1674504c7d0cca519acaa7d5f970b3d6e74b
kpatch-patch-5_14_0-503_26_1-debuginfo-1-3.el9_5.x86_64.rpm SHA-256: 0ed02a4a529a8630f059ba0c0038fe7c7320b615cd37ef2f3308db6d9d2d6d1b
kpatch-patch-5_14_0-503_26_1-debugsource-1-3.el9_5.x86_64.rpm SHA-256: 72bc1cd6ba9d05cf9fe36010efe8376b5826e0c41169932db298a81e7170a125

Red Hat Enterprise Linux Server - AUS 9.6

SRPM
kpatch-patch-5_14_0-503_15_1-1-4.el9_5.src.rpm SHA-256: 93cefc55350421bfb7ca91a5e8b7c63297ead3e10ca60936f43c8b42af7f61ac
kpatch-patch-5_14_0-503_26_1-1-3.el9_5.src.rpm SHA-256: a388b18c826afc1f26060e3726e38db027e3548ec8b6bd8f09794a4a31ca88a5
x86_64
kpatch-patch-5_14_0-503_15_1-1-4.el9_5.x86_64.rpm SHA-256: 676ecb8e019362ef09166c4b0b1ec4dac675ee87c82639584365a7b3228a7f62
kpatch-patch-5_14_0-503_15_1-debuginfo-1-4.el9_5.x86_64.rpm SHA-256: f9009a15db89f77dc7f19ce7198c9b548ba3df12a14bd6389fecb302d982d5df
kpatch-patch-5_14_0-503_15_1-debugsource-1-4.el9_5.x86_64.rpm SHA-256: d2d27b3c77a7fff97534233edea80da9eddc2478e46c5db882fc3eb484717619
kpatch-patch-5_14_0-503_26_1-1-3.el9_5.x86_64.rpm SHA-256: a6bee9735cfb142c24577969cd6a1674504c7d0cca519acaa7d5f970b3d6e74b
kpatch-patch-5_14_0-503_26_1-debuginfo-1-3.el9_5.x86_64.rpm SHA-256: 0ed02a4a529a8630f059ba0c0038fe7c7320b615cd37ef2f3308db6d9d2d6d1b
kpatch-patch-5_14_0-503_26_1-debugsource-1-3.el9_5.x86_64.rpm SHA-256: 72bc1cd6ba9d05cf9fe36010efe8376b5826e0c41169932db298a81e7170a125

Red Hat Enterprise Linux for Power, little endian 9

SRPM
kpatch-patch-5_14_0-503_15_1-1-4.el9_5.src.rpm SHA-256: 93cefc55350421bfb7ca91a5e8b7c63297ead3e10ca60936f43c8b42af7f61ac
kpatch-patch-5_14_0-503_26_1-1-3.el9_5.src.rpm SHA-256: a388b18c826afc1f26060e3726e38db027e3548ec8b6bd8f09794a4a31ca88a5
ppc64le
kpatch-patch-5_14_0-503_15_1-1-4.el9_5.ppc64le.rpm SHA-256: 24cd65bcd2c1075bb6a36c226a2c5040061828ad2f441a5383df99cfe90794a0
kpatch-patch-5_14_0-503_15_1-debuginfo-1-4.el9_5.ppc64le.rpm SHA-256: 36f3515ef2b489c7074dc311761187f5e212bfe680e0787fbc274817bb066de3
kpatch-patch-5_14_0-503_15_1-debugsource-1-4.el9_5.ppc64le.rpm SHA-256: f69d816c4224d4e4c9f3e2a49461859b152bffb17b1e6c23d446030fdc825bc0
kpatch-patch-5_14_0-503_26_1-1-3.el9_5.ppc64le.rpm SHA-256: b99b3104196372dd450b771bdc4d9d811224232a84ff974f6d747450d2f08ebf
kpatch-patch-5_14_0-503_26_1-debuginfo-1-3.el9_5.ppc64le.rpm SHA-256: 0666cbdfdb67bda777aad24c8cf3909b86bf0cd386020822d6bfb9ac21107e45
kpatch-patch-5_14_0-503_26_1-debugsource-1-3.el9_5.ppc64le.rpm SHA-256: ec2eed2a7330e7b739cdc70f30458ee74400a759614c39a731365401d0e41f44

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6

SRPM
kpatch-patch-5_14_0-503_15_1-1-4.el9_5.src.rpm SHA-256: 93cefc55350421bfb7ca91a5e8b7c63297ead3e10ca60936f43c8b42af7f61ac
kpatch-patch-5_14_0-503_26_1-1-3.el9_5.src.rpm SHA-256: a388b18c826afc1f26060e3726e38db027e3548ec8b6bd8f09794a4a31ca88a5
ppc64le
kpatch-patch-5_14_0-503_15_1-1-4.el9_5.ppc64le.rpm SHA-256: 24cd65bcd2c1075bb6a36c226a2c5040061828ad2f441a5383df99cfe90794a0
kpatch-patch-5_14_0-503_15_1-debuginfo-1-4.el9_5.ppc64le.rpm SHA-256: 36f3515ef2b489c7074dc311761187f5e212bfe680e0787fbc274817bb066de3
kpatch-patch-5_14_0-503_15_1-debugsource-1-4.el9_5.ppc64le.rpm SHA-256: f69d816c4224d4e4c9f3e2a49461859b152bffb17b1e6c23d446030fdc825bc0
kpatch-patch-5_14_0-503_26_1-1-3.el9_5.ppc64le.rpm SHA-256: b99b3104196372dd450b771bdc4d9d811224232a84ff974f6d747450d2f08ebf
kpatch-patch-5_14_0-503_26_1-debuginfo-1-3.el9_5.ppc64le.rpm SHA-256: 0666cbdfdb67bda777aad24c8cf3909b86bf0cd386020822d6bfb9ac21107e45
kpatch-patch-5_14_0-503_26_1-debugsource-1-3.el9_5.ppc64le.rpm SHA-256: ec2eed2a7330e7b739cdc70f30458ee74400a759614c39a731365401d0e41f44

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6

SRPM
kpatch-patch-5_14_0-503_15_1-1-4.el9_5.src.rpm SHA-256: 93cefc55350421bfb7ca91a5e8b7c63297ead3e10ca60936f43c8b42af7f61ac
kpatch-patch-5_14_0-503_26_1-1-3.el9_5.src.rpm SHA-256: a388b18c826afc1f26060e3726e38db027e3548ec8b6bd8f09794a4a31ca88a5
ppc64le
kpatch-patch-5_14_0-503_15_1-1-4.el9_5.ppc64le.rpm SHA-256: 24cd65bcd2c1075bb6a36c226a2c5040061828ad2f441a5383df99cfe90794a0
kpatch-patch-5_14_0-503_15_1-debuginfo-1-4.el9_5.ppc64le.rpm SHA-256: 36f3515ef2b489c7074dc311761187f5e212bfe680e0787fbc274817bb066de3
kpatch-patch-5_14_0-503_15_1-debugsource-1-4.el9_5.ppc64le.rpm SHA-256: f69d816c4224d4e4c9f3e2a49461859b152bffb17b1e6c23d446030fdc825bc0
kpatch-patch-5_14_0-503_26_1-1-3.el9_5.ppc64le.rpm SHA-256: b99b3104196372dd450b771bdc4d9d811224232a84ff974f6d747450d2f08ebf
kpatch-patch-5_14_0-503_26_1-debuginfo-1-3.el9_5.ppc64le.rpm SHA-256: 0666cbdfdb67bda777aad24c8cf3909b86bf0cd386020822d6bfb9ac21107e45
kpatch-patch-5_14_0-503_26_1-debugsource-1-3.el9_5.ppc64le.rpm SHA-256: ec2eed2a7330e7b739cdc70f30458ee74400a759614c39a731365401d0e41f44

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6

SRPM
kpatch-patch-5_14_0-503_15_1-1-4.el9_5.src.rpm SHA-256: 93cefc55350421bfb7ca91a5e8b7c63297ead3e10ca60936f43c8b42af7f61ac
kpatch-patch-5_14_0-503_26_1-1-3.el9_5.src.rpm SHA-256: a388b18c826afc1f26060e3726e38db027e3548ec8b6bd8f09794a4a31ca88a5
x86_64
kpatch-patch-5_14_0-503_15_1-1-4.el9_5.x86_64.rpm SHA-256: 676ecb8e019362ef09166c4b0b1ec4dac675ee87c82639584365a7b3228a7f62
kpatch-patch-5_14_0-503_15_1-debuginfo-1-4.el9_5.x86_64.rpm SHA-256: f9009a15db89f77dc7f19ce7198c9b548ba3df12a14bd6389fecb302d982d5df
kpatch-patch-5_14_0-503_15_1-debugsource-1-4.el9_5.x86_64.rpm SHA-256: d2d27b3c77a7fff97534233edea80da9eddc2478e46c5db882fc3eb484717619
kpatch-patch-5_14_0-503_26_1-1-3.el9_5.x86_64.rpm SHA-256: a6bee9735cfb142c24577969cd6a1674504c7d0cca519acaa7d5f970b3d6e74b
kpatch-patch-5_14_0-503_26_1-debuginfo-1-3.el9_5.x86_64.rpm SHA-256: 0ed02a4a529a8630f059ba0c0038fe7c7320b615cd37ef2f3308db6d9d2d6d1b
kpatch-patch-5_14_0-503_26_1-debugsource-1-3.el9_5.x86_64.rpm SHA-256: 72bc1cd6ba9d05cf9fe36010efe8376b5826e0c41169932db298a81e7170a125

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.