Red Hat Product Errata RHSA-2025:9581 - Security Advisory
Issued:
2025-06-25
Updated:
2025-06-25

RHSA-2025:9581 - Security Advisory

Synopsis

Moderate: kernel-rt security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kernel-rt is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

  • kernel: cifs: fix double free race when mount fails in cifs_get_root() (CVE-2022-48919)
  • kernel: security/keys: fix slab-out-of-bounds in key_task_permission (CVE-2024-50301)
  • kernel: idpf: fix idpf_vc_core_init error path (CVE-2024-53064)
  • kernel: ndisc: use RCU protection in ndisc_alloc_skb() (CVE-2025-21764)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux for Real Time 8 x86_64
  • Red Hat Enterprise Linux for Real Time for NFV 8 x86_64

Fixes

  • BZ - 2327188 - CVE-2024-50301 kernel: security/keys: fix slab-out-of-bounds in key_task_permission
  • BZ - 2327347 - CVE-2024-53064 kernel: idpf: fix idpf_vc_core_init error path
  • BZ - 2348575 - CVE-2025-21764 kernel: ndisc: use RCU protection in ndisc_alloc_skb()

Red Hat Enterprise Linux for Real Time 8

SRPM
kernel-rt-4.18.0-553.58.1.rt7.399.el8_10.src.rpm SHA-256: 3751d145bda89de15d783c13e8bd018cdb6048b366a2e97f924317c7cd4c134b
x86_64
kernel-rt-4.18.0-553.58.1.rt7.399.el8_10.x86_64.rpm SHA-256: 38d4d704510b70993dffadb0f3dc5e3c4106b261dcf8f357a89387fc255ae0f3
kernel-rt-core-4.18.0-553.58.1.rt7.399.el8_10.x86_64.rpm SHA-256: f5212f5e8b0aa6cafe1e3317744c40c9b9c2ba97e72d3a34d3bc908a6737b9d3
kernel-rt-debug-4.18.0-553.58.1.rt7.399.el8_10.x86_64.rpm SHA-256: 8c2ed1152ba58012bca3e411b5eeb94bb50c9988657c710d3c73294987eda0ce
kernel-rt-debug-core-4.18.0-553.58.1.rt7.399.el8_10.x86_64.rpm SHA-256: 8668f71529659366e9ae7b7dc649f401563b33c551bc2ba9615acaf30884e47f
kernel-rt-debug-debuginfo-4.18.0-553.58.1.rt7.399.el8_10.x86_64.rpm SHA-256: eca11203b2dbb805b7bc039e449bed6c11e8e262a130b9332d7f0c9016316f7e
kernel-rt-debug-devel-4.18.0-553.58.1.rt7.399.el8_10.x86_64.rpm SHA-256: aa833dd65659f672b507c1e254157f76b5a1344f7cc7c38a8749d90e5ccfdafc
kernel-rt-debug-modules-4.18.0-553.58.1.rt7.399.el8_10.x86_64.rpm SHA-256: 004284a250c88733dd0462e26905fc929ffc0707cbc83ad6eb40c9977f4358dd
kernel-rt-debug-modules-extra-4.18.0-553.58.1.rt7.399.el8_10.x86_64.rpm SHA-256: 6c7ffa58b15e17603898d245745030226e8c16222f41021a7547b46282f268ed
kernel-rt-debuginfo-4.18.0-553.58.1.rt7.399.el8_10.x86_64.rpm SHA-256: b64bfe4316d30bbb90fcb43aea6413407cec84dc22e93f20a90c16b038b81084
kernel-rt-debuginfo-common-x86_64-4.18.0-553.58.1.rt7.399.el8_10.x86_64.rpm SHA-256: 52b367c7945cad8cca4704b8e242aeb7bf6729e01e39a0aa1b6fab18e85da13a
kernel-rt-devel-4.18.0-553.58.1.rt7.399.el8_10.x86_64.rpm SHA-256: 10118786381a02c3410bb704706299efbc19ec5dfee82443928a0db4715a0087
kernel-rt-modules-4.18.0-553.58.1.rt7.399.el8_10.x86_64.rpm SHA-256: 0b4b3d628c19f5fabd18d928105eb731fc71f8ef020763987df4c373cfa29bb7
kernel-rt-modules-extra-4.18.0-553.58.1.rt7.399.el8_10.x86_64.rpm SHA-256: b1c7a30f77d6284a77326c850a4967361bec86855f1c33d2d1cc2c87c3aaf48a

Red Hat Enterprise Linux for Real Time for NFV 8

SRPM
kernel-rt-4.18.0-553.58.1.rt7.399.el8_10.src.rpm SHA-256: 3751d145bda89de15d783c13e8bd018cdb6048b366a2e97f924317c7cd4c134b
x86_64
kernel-rt-4.18.0-553.58.1.rt7.399.el8_10.x86_64.rpm SHA-256: 38d4d704510b70993dffadb0f3dc5e3c4106b261dcf8f357a89387fc255ae0f3
kernel-rt-core-4.18.0-553.58.1.rt7.399.el8_10.x86_64.rpm SHA-256: f5212f5e8b0aa6cafe1e3317744c40c9b9c2ba97e72d3a34d3bc908a6737b9d3
kernel-rt-debug-4.18.0-553.58.1.rt7.399.el8_10.x86_64.rpm SHA-256: 8c2ed1152ba58012bca3e411b5eeb94bb50c9988657c710d3c73294987eda0ce
kernel-rt-debug-core-4.18.0-553.58.1.rt7.399.el8_10.x86_64.rpm SHA-256: 8668f71529659366e9ae7b7dc649f401563b33c551bc2ba9615acaf30884e47f
kernel-rt-debug-debuginfo-4.18.0-553.58.1.rt7.399.el8_10.x86_64.rpm SHA-256: eca11203b2dbb805b7bc039e449bed6c11e8e262a130b9332d7f0c9016316f7e
kernel-rt-debug-devel-4.18.0-553.58.1.rt7.399.el8_10.x86_64.rpm SHA-256: aa833dd65659f672b507c1e254157f76b5a1344f7cc7c38a8749d90e5ccfdafc
kernel-rt-debug-kvm-4.18.0-553.58.1.rt7.399.el8_10.x86_64.rpm SHA-256: e580695817ab5513656ea736f700990f55e936f2670ef8d0cb193aaac9cc1d39
kernel-rt-debug-modules-4.18.0-553.58.1.rt7.399.el8_10.x86_64.rpm SHA-256: 004284a250c88733dd0462e26905fc929ffc0707cbc83ad6eb40c9977f4358dd
kernel-rt-debug-modules-extra-4.18.0-553.58.1.rt7.399.el8_10.x86_64.rpm SHA-256: 6c7ffa58b15e17603898d245745030226e8c16222f41021a7547b46282f268ed
kernel-rt-debuginfo-4.18.0-553.58.1.rt7.399.el8_10.x86_64.rpm SHA-256: b64bfe4316d30bbb90fcb43aea6413407cec84dc22e93f20a90c16b038b81084
kernel-rt-debuginfo-common-x86_64-4.18.0-553.58.1.rt7.399.el8_10.x86_64.rpm SHA-256: 52b367c7945cad8cca4704b8e242aeb7bf6729e01e39a0aa1b6fab18e85da13a
kernel-rt-devel-4.18.0-553.58.1.rt7.399.el8_10.x86_64.rpm SHA-256: 10118786381a02c3410bb704706299efbc19ec5dfee82443928a0db4715a0087
kernel-rt-kvm-4.18.0-553.58.1.rt7.399.el8_10.x86_64.rpm SHA-256: 9748757bb349c761399e2d518902d61a5d2e94afda9f5c24682974fafe4acfe8
kernel-rt-modules-4.18.0-553.58.1.rt7.399.el8_10.x86_64.rpm SHA-256: 0b4b3d628c19f5fabd18d928105eb731fc71f8ef020763987df4c373cfa29bb7
kernel-rt-modules-extra-4.18.0-553.58.1.rt7.399.el8_10.x86_64.rpm SHA-256: b1c7a30f77d6284a77326c850a4967361bec86855f1c33d2d1cc2c87c3aaf48a

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.