CVE-2025-37848
Severity: moderate
Released on: 09/05/2025
Advisory:
Bugzilla: 2365236
Bugzilla Description:
kernel: accel/ivpu: Fix PM related deadlocks in MS IOCTLs
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37859
Severity: moderate
Released on: 09/05/2025
Advisory:
Bugzilla: 2365237
Bugzilla Description:
kernel: page_pool: avoid infinite loop to schedule delayed worker
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37842
Severity: moderate
Released on: 09/05/2025
Advisory:
Bugzilla: 2365238
Bugzilla Description:
kernel: spi: fsl-qspi: use devm function instead of driver remove
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37843
Severity: moderate
Released on: 09/05/2025
Advisory:
Bugzilla: 2365240
Bugzilla Description:
kernel: PCI: pciehp: Avoid unnecessary device replacement check
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37879
Severity: moderate
Released on: 09/05/2025
Advisory:
Bugzilla: 2365241
Bugzilla Description:
kernel: 9p/net: fix improper handling of bogus negative read/write replies
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37856
Severity: moderate
Released on: 09/05/2025
Advisory:
Bugzilla: 2365242
Bugzilla Description:
kernel: btrfs: harden block_group::bg_list against list_del() races
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37850
Severity: moderate
Released on: 09/05/2025
Advisory:
Bugzilla: 2365243
Bugzilla Description:
kernel: pwm: mediatek: Prevent divide-by-zero in pwm_mediatek_config()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37880
Severity: moderate
Released on: 09/05/2025
Advisory:
Bugzilla: 2365244
Bugzilla Description:
kernel: um: work around sched_yield not yielding in time-travel mode
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37839
Severity: moderate
Released on: 09/05/2025
Advisory:
Bugzilla: 2365245
Bugzilla Description:
kernel: jbd2: remove wrong sb->s_sequence check
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37869
Severity: moderate
Released on: 09/05/2025
Advisory:
Bugzilla: 2365246
Bugzilla Description:
kernel: drm/xe: Use local fence in error path of xe_migrate_clear
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37867
Severity: moderate
Released on: 09/05/2025
Advisory:
Bugzilla: 2365247
Bugzilla Description:
kernel: RDMA/core: Silence oversized kvmalloc() warning
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37837
Severity: moderate
Released on: 09/05/2025
Advisory:
Bugzilla: 2365248
Bugzilla Description:
kernel: iommu/tegra241-cmdqv: Fix warnings due to dmam_free_coherent()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37864
Severity: moderate
Released on: 09/05/2025
Advisory:
Bugzilla: 2365249
Bugzilla Description:
kernel: net: dsa: clean up FDB, MDB, VLAN entries on unbind
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37882
Severity: moderate
Released on: 09/05/2025
Advisory:
Bugzilla: 2365250
Bugzilla Description:
kernel: usb: xhci: Fix isochronous Ring Underrun/Overrun event handling
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37852
Severity: moderate
Released on: 09/05/2025
Advisory:
Bugzilla: 2365251
Bugzilla Description:
kernel: drm/amdgpu: handle amdgpu_cgs_create_device() errors in amd_powerplay_create()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37855
Severity: moderate
Released on: 09/05/2025
Advisory:
Bugzilla: 2365252
Bugzilla Description:
kernel: drm/amd/display: Guard Possible Null Pointer Dereference
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37835
Severity: moderate
Released on: 09/05/2025
Advisory:
Bugzilla: 2365253
Bugzilla Description:
kernel: smb: client: Fix netns refcount imbalance causing leaks and use-after-free
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37887
Severity: moderate
Released on: 09/05/2025
Advisory:
Bugzilla: 2365254
Bugzilla Description:
kernel: pds_core: handle unsupported PDS_CORE_CMD_FW_CONTROL result
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37888
Severity: moderate
Released on: 09/05/2025
Advisory:
Bugzilla: 2365255
Bugzilla Description:
kernel: net/mlx5: Fix null-ptr-deref in mlx5_create_{inner_,}ttc_table()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37861
Severity: moderate
Released on: 09/05/2025
Advisory:
Bugzilla: 2365256
Bugzilla Description:
kernel: scsi: mpi3mr: Synchronous access b/w reset and tm thread for reply queue
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37881
Severity: moderate
Released on: 09/05/2025
Advisory:
Bugzilla: 2365257
Bugzilla Description:
kernel: usb: gadget: aspeed: Add NULL pointer check in ast_vhub_init_dev()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37836
Severity: moderate
Released on: 09/05/2025
Advisory:
Bugzilla: 2365258
Bugzilla Description:
kernel: PCI: Fix reference leak in pci_register_host_bridge()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37870
Severity: moderate
Released on: 09/05/2025
Advisory:
Bugzilla: 2365260
Bugzilla Description:
kernel: drm/amd/display: prevent hang on link training fail
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37853
Severity: moderate
Released on: 09/05/2025
Advisory:
Bugzilla: 2365261
Bugzilla Description:
kernel: drm/amdkfd: debugfs hang_hws skip GPU with MES
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37840
Severity: moderate
Released on: 09/05/2025
Advisory:
Bugzilla: 2365262
Bugzilla Description:
kernel: mtd: rawnand: brcmnand: fix PM resume warning
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37884
Severity: moderate
Released on: 09/05/2025
Advisory:
Bugzilla: 2365263
Bugzilla Description:
kernel: bpf: Fix deadlock between rcu_tasks_trace and event_mutex.
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37857
Severity: moderate
Released on: 09/05/2025
Advisory:
Bugzilla: 2365264
Bugzilla Description:
kernel: scsi: st: Fix array overflow in st_setup()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37877
Severity: moderate
Released on: 09/05/2025
Advisory:
Bugzilla: 2365265
Bugzilla Description:
kernel: iommu: Clear iommu-dma ops on cleanup
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37858
Severity: moderate
Released on: 09/05/2025
Advisory:
Bugzilla: 2365266
Bugzilla Description:
kernel: fs/jfs: Prevent integer overflow in AG size calculation
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37875
Severity: moderate
Released on: 09/05/2025
Advisory:
Bugzilla: 2365267
Bugzilla Description:
kernel: igc: fix PTM cycle trigger logic
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37865
Severity: moderate
Released on: 09/05/2025
Advisory:
Bugzilla: 2365268
Bugzilla Description:
kernel: net: dsa: mv88e6xxx: fix -ENOENT when deleting VLANs and MST is unsupported
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37876
Severity: moderate
Released on: 09/05/2025
Advisory:
Bugzilla: 2365269
Bugzilla Description:
kernel: netfs: Only create /proc/fs/netfs with CONFIG_PROC_FS
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37873
Severity: moderate
Released on: 09/05/2025
Advisory:
Bugzilla: 2365270
Bugzilla Description:
kernel: eth: bnxt: fix missing ring index trim on error path
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37849
Severity: moderate
Released on: 09/05/2025
Advisory:
Bugzilla: 2365271
Bugzilla Description:
kernel: KVM: arm64: Tear down vGIC on failed vCPU creation
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37841
Severity: moderate
Released on: 09/05/2025
Advisory:
Bugzilla: 2365272
Bugzilla Description:
kernel: pm: cpupower: bench: Prevent NULL dereference on malloc failure
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37874
Severity: moderate
Released on: 09/05/2025
Advisory:
Bugzilla: 2365273
Bugzilla Description:
kernel: net: ngbe: fix memory leak in ngbe_probe() error path
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37886
Severity: moderate
Released on: 09/05/2025
Advisory:
Bugzilla: 2365274
Bugzilla Description:
kernel: pds_core: make wait_context part of q_info
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37851
Severity: moderate
Released on: 09/05/2025
Advisory:
Bugzilla: 2365275
Bugzilla Description:
kernel: fbdev: omapfb: Add 'plane' value check
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37854
Severity: moderate
Released on: 09/05/2025
Advisory:
Bugzilla: 2365276
Bugzilla Description:
kernel: drm/amdkfd: Fix mode1 reset crash issue
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37862
Severity: moderate
Released on: 09/05/2025
Advisory:
Bugzilla: 2365277
Bugzilla Description:
kernel: HID: pidff: Fix null pointer dereference in pidff_find_fields
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37871
Severity: moderate
Released on: 09/05/2025
Advisory:
Bugzilla: 2365278
Bugzilla Description:
kernel: nfsd: decrease sc_count directly if fail to queue dl_recall
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37885
Severity: moderate
Released on: 09/05/2025
Advisory:
Bugzilla: 2365279
Bugzilla Description:
kernel: KVM: x86: Reset IRTE to host control if *new* route isn't postable
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37883
Severity: moderate
Released on: 09/05/2025
Advisory:
Bugzilla: 2365280
Bugzilla Description:
kernel: s390/sclp: Add check for get_zeroed_page()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37845
Severity: moderate
Released on: 09/05/2025
Advisory:
Bugzilla: 2365281
Bugzilla Description:
kernel: tracing: fprobe events: Fix possible UAF on modules
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37847
Severity: moderate
Released on: 09/05/2025
Advisory:
Bugzilla: 2365282
Bugzilla Description:
kernel: accel/ivpu: Fix deadlock in ivpu_ms_cleanup()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37868
Severity: moderate
Released on: 09/05/2025
Advisory:
Bugzilla: 2365283
Bugzilla Description:
kernel: drm/xe/userptr: fix notifier vs folio deadlock
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37872
Severity: moderate
Released on: 09/05/2025
Advisory:
Bugzilla: 2365284
Bugzilla Description:
kernel: net: txgbe: fix memory leak in txgbe_probe() error path
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37844
Severity: moderate
Released on: 09/05/2025
Advisory:
Bugzilla: 2365285
Bugzilla Description:
kernel: cifs: avoid NULL pointer dereference in dbg call
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37866
Severity: moderate
Released on: 09/05/2025
Advisory:
Bugzilla: 2365286
Bugzilla Description:
kernel: mlxbf-bootctl: use sysfs_emit_at() in secure_boot_fuse_state_show()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37846
Severity: moderate
Released on: 09/05/2025
Advisory:
Bugzilla: 2365287
Bugzilla Description:
kernel: arm64: mops: Do not dereference src reg for a set operation
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37878
Severity: moderate
Released on: 09/05/2025
Advisory:
Bugzilla: 2365288
Bugzilla Description:
kernel: perf/core: Fix WARN_ON(!ctx) in __free_event() for partial init
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37863
Severity: moderate
Released on: 09/05/2025
Advisory:
Bugzilla: 2365289
Bugzilla Description:
kernel: ovl: don't allow datadir only
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-4382
Severity: moderate
Released on: 08/05/2025
Advisory:
Bugzilla: 2364416
Bugzilla Description:
grub2: grub allow access to encrypted device through CLI once root device is unlocked via TPM
CVSS Score:
CVSSv3 Score: 5.9
Vector:
CWE: CWE-306
Affected Packages:
Package States: Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2025-46336
Severity: moderate
Released on: 08/05/2025
Advisory:
Bugzilla: 2365151
Bugzilla Description:
rack: Rack::Session Session Persistence Vulnerability
CVSS Score:
CVSSv3 Score: 4.2
Vector:
CWE: (CWE-362|CWE-367|CWE-613)
Affected Packages:
Package States: Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,
Full Details
CVE document
CVE-2025-1948
Severity: important
Released on: 08/05/2025
Advisory:
Bugzilla: 2365137
Bugzilla Description:
jetty-http2-common: Jetty HTTP/2 Header List Size Vulnerability
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-400
Affected Packages:
Package States: OpenShift Developer Tools and Services,Red Hat build of Apache Camel for Spring Boot 4,
Full Details
CVE document
CVE-2025-4207
Severity: moderate
Released on: 08/05/2025
Advisory:
Bugzilla: 2365111
Bugzilla Description:
postgresql: PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation
CVSS Score:
CVSSv3 Score: 5.9
Vector:
CWE: CWE-126
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-44021
Severity: moderate
Released on: 08/05/2025
Advisory:
Bugzilla: 2364264
Bugzilla Description:
openstack-ironic: unsafe image file:// paths
CVSS Score:
CVSSv3 Score: 5.4
Vector:
CWE: CWE-427
Affected Packages:
Package States: Red Hat OpenShift Container Platform 4,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 18.0,
Full Details
CVE document
CVE-2025-32873
Severity: moderate
Released on: 08/05/2025
Advisory:
Bugzilla: 2364980
Bugzilla Description:
django: Django StripTags Denial of Service
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-770
Affected Packages:
Package States: Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Certification for Red Hat Enterprise Linux 7,Red Hat Discovery,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 18.0,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Update Infrastructure 4 for Cloud Providers,
Full Details
CVE document
CVE-2025-37830
Severity: moderate
Released on: 08/05/2025
Advisory:
Bugzilla: 2365004
Bugzilla Description:
kernel: cpufreq: scmi: Fix null-ptr-deref in scmi_cpufreq_get_rate()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37824
Severity: moderate
Released on: 08/05/2025
Advisory:
Bugzilla: 2365005
Bugzilla Description:
kernel: tipc: fix NULL pointer dereference in tipc_mon_reinit_self()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37812
Severity: moderate
Released on: 08/05/2025
Advisory:
Bugzilla: 2365006
Bugzilla Description:
kernel: usb: cdns3: Fix deadlock when using NCM gadget
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37821
Severity: low
Released on: 08/05/2025
Advisory:
Bugzilla: 2365007
Bugzilla Description:
kernel: sched/eevdf: Fix se->slice being set to U64_MAX and resulting crash
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37805
Severity: moderate
Released on: 08/05/2025
Advisory:
Bugzilla: 2365008
Bugzilla Description:
kernel: sound/virtio: Fix cancel_sync warnings on uninitialized work_structs
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37814
Severity: moderate
Released on: 08/05/2025
Advisory:
Bugzilla: 2365009
Bugzilla Description:
kernel: tty: Require CAP_SYS_ADMIN for all usages of TIOCL_SELMOUSEREPORT
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37811
Severity: moderate
Released on: 08/05/2025
Advisory:
Bugzilla: 2365010
Bugzilla Description:
kernel: usb: chipidea: ci_hdrc_imx: fix usbmisc handling
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37825
Severity: low
Released on: 08/05/2025
Advisory:
Bugzilla: 2365011
Bugzilla Description:
kernel: nvmet: fix out-of-bounds access in nvmet_enable_port
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37813
Severity: moderate
Released on: 08/05/2025
Advisory:
Bugzilla: 2365012
Bugzilla Description:
kernel: usb: xhci: Fix invalid pointer dereference in Etron workaround
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37803
Severity: moderate
Released on: 08/05/2025
Advisory:
Bugzilla: 2365013
Bugzilla Description:
kernel: udmabuf: fix a buf size overflow issue during udmabuf creation
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37808
Severity: moderate
Released on: 08/05/2025
Advisory:
Bugzilla: 2365014
Bugzilla Description:
kernel: crypto: null - Use spin lock instead of mutex
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37800
Severity: moderate
Released on: 08/05/2025
Advisory:
Bugzilla: 2365015
Bugzilla Description:
kernel: driver core: fix potential NULL pointer dereference in dev_uevent()
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37815
Severity: moderate
Released on: 08/05/2025
Advisory:
Bugzilla: 2365017
Bugzilla Description:
kernel: misc: microchip: pci1xxxx: Fix Kernel panic during IRQ handler registration
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37834
Severity: moderate
Released on: 08/05/2025
Advisory:
Bugzilla: 2365018
Bugzilla Description:
kernel: mm/vmscan: don't try to reclaim hwpoison folio
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37833
Severity: moderate
Released on: 08/05/2025
Advisory:
Bugzilla: 2365019
Bugzilla Description:
kernel: net/niu: Niu requires MSIX ENTRY_DATA fields touch before entry reads
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37827
Severity: low
Released on: 08/05/2025
Advisory:
Bugzilla: 2365020
Bugzilla Description:
kernel: btrfs: zoned: return EIO on RAID1 block group write pointer mismatch
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37807
Severity: moderate
Released on: 08/05/2025
Advisory:
Bugzilla: 2365021
Bugzilla Description:
kernel: bpf: Fix kmemleak warning for percpu hashmap
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37818
Severity: moderate
Released on: 08/05/2025
Advisory:
Bugzilla: 2365022
Bugzilla Description:
kernel: LoongArch: Return NULL from huge_pte_offset() for invalid PMD
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37820
Severity: moderate
Released on: 08/05/2025
Advisory:
Bugzilla: 2365023
Bugzilla Description:
kernel: xen-netfront: handle NULL returned by xdp_convert_buff_to_frame()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37823
Severity: moderate
Released on: 08/05/2025
Advisory:
Bugzilla: 2365024
Bugzilla Description:
kernel: net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37832
Severity: moderate
Released on: 08/05/2025
Advisory:
Bugzilla: 2365025
Bugzilla Description:
kernel: cpufreq: sun50i: prevent out-of-bounds access
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37831
Severity: moderate
Released on: 08/05/2025
Advisory:
Bugzilla: 2365026
Bugzilla Description:
kernel: cpufreq: apple-soc: Fix null-ptr-deref in apple_soc_cpufreq_get_rate()
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37822
Severity: low
Released on: 08/05/2025
Advisory:
Bugzilla: 2365027
Bugzilla Description:
kernel: riscv: uprobes: Add missing fence.i after building the XOL buffer
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37810
Severity: moderate
Released on: 08/05/2025
Advisory:
Bugzilla: 2365028
Bugzilla Description:
kernel: usb: dwc3: gadget: check that event count does not exceed event buffer length
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37826
Severity: moderate
Released on: 08/05/2025
Advisory:
Bugzilla: 2365029
Bugzilla Description:
kernel: scsi: ufs: core: Add NULL check in ufshcd_mcq_compl_pending_transfer()
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37828
Severity: moderate
Released on: 08/05/2025
Advisory:
Bugzilla: 2365030
Bugzilla Description:
kernel: scsi: ufs: mcq: Add NULL check in ufshcd_mcq_abort()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37829
Severity: moderate
Released on: 08/05/2025
Advisory:
Bugzilla: 2365031
Bugzilla Description:
kernel: cpufreq: scpi: Fix null-ptr-deref in scpi_cpufreq_get_rate()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37819
Severity: moderate
Released on: 08/05/2025
Advisory:
Bugzilla: 2365032
Bugzilla Description:
kernel: irqchip/gic-v2m: Prevent use after free of gicv2m_get_fwnode()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37804
Severity: moderate
Released on: 08/05/2025
Advisory:
Bugzilla: 2365033
Bugzilla Description:
kernel: io_uring: always do atomic put from iowq
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37806
Severity: moderate
Released on: 08/05/2025
Advisory:
Bugzilla: 2365034
Bugzilla Description:
kernel: fs/ntfs3: Keep write operations atomic
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37801
Severity: moderate
Released on: 08/05/2025
Advisory:
Bugzilla: 2365035
Bugzilla Description:
kernel: spi: spi-imx: Add check for spi_imx_setupxfer()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37802
Severity: moderate
Released on: 08/05/2025
Advisory:
Bugzilla: 2365036
Bugzilla Description:
kernel: ksmbd: fix WARNING "do not call blocking ops when !TASK_RUNNING"
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37816
Severity: moderate
Released on: 08/05/2025
Advisory:
Bugzilla: 2365037
Bugzilla Description:
kernel: mei: vsc: Fix fortify-panic caused by invalid counted_by() use
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37809
Severity: moderate
Released on: 08/05/2025
Advisory:
Bugzilla: 2365038
Bugzilla Description:
kernel: usb: typec: class: Fix NULL pointer access
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-46727
Severity: important
Released on: 07/05/2025
Advisory:
Bugzilla: 2364966
Bugzilla Description:
rubygem-rack: Unbounded-Parameter DoS in Rack::QueryParser
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: (CWE-400|CWE-770)
Affected Packages:
Package States: Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,
Full Details
CVE document
CVE-2025-32441
Severity: moderate
Released on: 07/05/2025
Advisory:
Bugzilla: 2364965
Bugzilla Description:
rack: Rack Session Reuse Vulnerability
CVSS Score:
CVSSv3 Score: 4.2
Vector:
CWE: (CWE-362|CWE-367|CWE-613)
Affected Packages:
Package States: Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,
Full Details
CVE document
CVE-2025-46551
Severity: moderate
Released on: 07/05/2025
Advisory:
Bugzilla: 2364868
Bugzilla Description:
jruby-openssl: jruby: JRuby-OpenSSL has hostname verification disabled by default
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-295
Affected Packages:
Package States: Red Hat AMQ Broker 7,Red Hat build of Apache Camel for Spring Boot 4,Red Hat build of OptaPlanner 8,Red Hat build of OptaPlanner 8,Red Hat build of Quarkus,Red Hat build of Quarkus,Red Hat Data Grid 8,Red Hat Fuse 7,Red Hat Fuse 7,Red Hat Integration Camel K 1,Red Hat Integration Camel K 1,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat Process Automation 7,Red Hat Process Automation 7,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,streams for Apache Kafka,streams for Apache Kafka,
Full Details
CVE document
CVE-2025-27533
Severity: moderate
Released on: 07/05/2025
Advisory:
Bugzilla: 2364684
Bugzilla Description:
ActiveMQ: ActiveMQ: Unvalidated Buffer Size Allocation
CVSS Score:
CVSSv3 Score: 4.9
Vector:
CWE: CWE-789
Affected Packages:
Package States: A-MQ Clients 2,Red Hat AMQ Broker 7,Red Hat build of Quarkus,Red Hat Data Grid 8,Red Hat Fuse 7,Red Hat Integration Camel K 1,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,streams for Apache Kafka,
Full Details
CVE document
CVE-2020-36791
Severity: moderate
Released on: 07/05/2025
Advisory:
Bugzilla: 2364708
Bugzilla Description:
kernel: net_sched: keep alloc_hash updated after hash allocation
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-46762
Severity: moderate
Released on: 06/05/2025
Advisory:
Bugzilla: 2364386
Bugzilla Description:
org.apache.parquet/parquet-avro: Apache Parquet Java: Potential malicious code execution from trusted packages in the parquet-avro module when reading an Avro schema from a Parquet file metadata
CVSS Score:
CVSSv3 Score: 6.4
Vector:
CWE: CWE-73
Affected Packages:
Package States: Red Hat build of Apache Camel for Spring Boot 4,
Full Details
CVE document
CVE-2025-4373
Severity: moderate
Released on: 06/05/2025
Advisory:
Bugzilla: 2364265
Bugzilla Description:
glib: Buffer Underflow on GLib through glib/gstring.c via function g_string_insert_unichar
CVSS Score:
CVSSv3 Score: 4.8
Vector:
CWE: CWE-124
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-4374
Severity: moderate
Released on: 06/05/2025
Advisory:
Bugzilla: 2364267
Bugzilla Description:
quay: Incorrect Privilege Assignment
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-266
Affected Packages:
Package States: Red Hat Quay 3,
Full Details
CVE document
CVE-2025-47268
Severity: moderate
Released on: 05/05/2025
Advisory:
Bugzilla: 2364090
Bugzilla Description:
iputils: Signed Integer Overflow in Timestamp Multiplication in iputils ping
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-190
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2024-58098
Severity: moderate
Released on: 05/05/2025
Advisory:
Bugzilla: 2364096
Bugzilla Description:
kernel: bpf: track changes_pkt_data property for global functions
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-58100
Severity: moderate
Released on: 05/05/2025
Advisory:
Bugzilla: 2364097
Bugzilla Description:
kernel: bpf: check changes_pkt_data property for extension programs
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-58237
Severity: moderate
Released on: 05/05/2025
Advisory:
Bugzilla: 2364098
Bugzilla Description:
kernel: bpf: consider that tail calls invalidate packet pointers
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37799
Severity: moderate
Released on: 03/05/2025
Advisory:
Bugzilla: 2363876
Bugzilla Description:
kernel: vmxnet3: Fix malformed packet sizing in vmxnet3_process_xdp
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-3879
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363797
Bugzilla Description:
vault: Vault’s Azure Authentication Method bound_location Restriction Could be Bypassed on Login
CVSS Score:
CVSSv3 Score: 6.6
Vector:
CWE: CWE-863
Affected Packages:
Package States: Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,
Full Details
CVE document
CVE-2025-4166
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363669
Bugzilla Description:
vault: Vault May Include Sensitive Data in Error Logs When Using the KV v2 Plugin
CVSS Score:
CVSSv3 Score: 4.5
Vector:
CWE: CWE-209
Affected Packages:
Package States: Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,
Full Details
CVE document
CVE-2025-37798
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363671
Bugzilla Description:
kernel: codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37797
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363672
Bugzilla Description:
kernel: net_sched: hfsc: Fix a UAF vulnerability in class handling
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53133
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363678
Bugzilla Description:
kernel: bpf, sockmap: Fix an infinite loop error when len is 0 in tcp_bpf_recvmsg_parser()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53074
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363679
Bugzilla Description:
kernel: drm/amdgpu: fix ttm_bo calltrace warning in psp_hw_fini
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53087
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363680
Bugzilla Description:
kernel: drm/i915/active: Fix misuse of non-idle barriers as fence trackers
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53120
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363681
Bugzilla Description:
kernel: scsi: mpi3mr: Fix config page DMA memory leak
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53076
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363682
Bugzilla Description:
kernel: bpf: Adjust insufficient default bpf_jit_limit
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53113
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363683
Bugzilla Description:
kernel: wifi: nl80211: fix NULL-ptr deref in offchan check
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49932
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363684
Bugzilla Description:
kernel: KVM: VMX: Do _all_ initialization before exposing /dev/kvm to userspace
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53070
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363685
Bugzilla Description:
kernel: ACPI: PPTT: Fix to avoid sleep in the atomic context when PPTT is absent
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53125
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363686
Bugzilla Description:
kernel: net: usb: smsc75xx: Limit packet length to skb->len
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53068
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363687
Bugzilla Description:
kernel: net: usb: lan78xx: Limit packet length to skb->len
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53051
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363688
Bugzilla Description:
kernel: dm crypt: add cond_resched() to dmcrypt_write()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53047
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363689
Bugzilla Description:
kernel: tee: amdtee: fix race condition in amdtee_open_session
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53121
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363691
Bugzilla Description:
kernel: tcp: tcp_make_synack() can be called from process context
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53085
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363692
Bugzilla Description:
kernel: drm/edid: fix info leak when failing to get panel id
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53122
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363693
Bugzilla Description:
kernel: RISC-V: fix taking the text_mutex twice during sifive errata patching
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53117
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363694
Bugzilla Description:
kernel: fs: prevent out-of-bounds array speculation when closing a file descriptor
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53052
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363695
Bugzilla Description:
kernel: cifs: fix use-after-free bug in refresh_cache_worker()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53137
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363696
Bugzilla Description:
kernel: ext4: Fix possible corruption when moving a directory
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53058
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363697
Bugzilla Description:
kernel: net/mlx5: E-Switch, Fix an Oops in error handling code
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53114
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363698
Bugzilla Description:
kernel: i40e: Fix kernel crash during reboot when adapter is in recovery mode
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53073
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363699
Bugzilla Description:
kernel: perf/x86/amd/core: Always clear status for idx
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53046
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363700
Bugzilla Description:
kernel: Bluetooth: Fix race condition in hci_cmd_sync_clear
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53059
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363701
Bugzilla Description:
kernel: platform/chrome: cros_ec_chardev: fix kernel data leak from ioctl
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53081
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363702
Bugzilla Description:
kernel: ocfs2: fix data corruption after failed write
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53126
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363703
Bugzilla Description:
kernel: scsi: mpi3mr: Fix sas_hba.phy memory leak in mpi3mr_remove()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53065
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363704
Bugzilla Description:
kernel: perf/core: Fix perf_output_begin parameter is incorrectly invoked in perf_event_bpf_output
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53134
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363705
Bugzilla Description:
kernel: bnxt_en: Avoid order-5 memory allocation for TPA data
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53035
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363706
Bugzilla Description:
kernel: nilfs2: fix kernel-infoleak in nilfs_ioctl_wrap_copy()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53078
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363707
Bugzilla Description:
kernel: scsi: scsi_dh_alua: Fix memleak for 'qdata' in alua_activate()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53062
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363708
Bugzilla Description:
kernel: net: usb: smsc95xx: Limit packet length to skb->len
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53083
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363709
Bugzilla Description:
kernel: nfsd: don't replace page in rq_pages if it's a continuation of last page
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53143
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363710
Bugzilla Description:
kernel: ext4: fix another off-by-one fsmap error on 1k block filesystems
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53106
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363712
Bugzilla Description:
kernel: nfc: st-nci: Fix use after free bug in ndlc_remove due to race condition
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53124
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363714
Bugzilla Description:
kernel: scsi: mpt3sas: Fix NULL pointer access in mpt3sas_transport_port_add()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53082
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363715
Bugzilla Description:
kernel: vp_vdpa: fix the crash in hot unplug with vp_vdpa
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53115
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363716
Bugzilla Description:
kernel: scsi: mpi3mr: Fix memory leaks in mpi3mr_init_ioc()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53066
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363718
Bugzilla Description:
kernel: qed/qed_sriov: guard against NULL derefs from qed_iov_get_vf_info
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53102
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363719
Bugzilla Description:
kernel: ice: xsk: disable txq irq before flushing hw
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53107
Severity: important
Released on: 02/05/2025
Advisory: RHSA-2023:6583,
Bugzilla: 2363720
Bugzilla Description:
kernel: veth: Fix use after free in XDP_REDIRECT
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE:
Affected Packages: kernel-0:5.14.0-362.8.1.el9_3,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53097
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363721
Bugzilla Description:
kernel: powerpc/iommu: fix memory leak with using debugfs_lookup()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49933
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363722
Bugzilla Description:
kernel: KVM: VMX: Reset eVMCS controls in VP assist page during hardware disabling
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53049
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363723
Bugzilla Description:
kernel: usb: ucsi: Fix NULL pointer deref in ucsi_connector_change()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53119
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363724
Bugzilla Description:
kernel: nfc: pn533: initialize struct pn533_out_arg properly
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53092
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363725
Bugzilla Description:
kernel: interconnect: exynos: fix node leak in probe PM QoS error path
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53136
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363726
Bugzilla Description:
kernel: af_unix: fix struct pid leaks in OOB support
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53131
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363727
Bugzilla Description:
kernel: SUNRPC: Fix a server shutdown leak
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53103
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363728
Bugzilla Description:
kernel: bonding: restore bond's IFF_SLAVE flag if a non-eth dev enslave fails
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53056
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363729
Bugzilla Description:
kernel: scsi: qla2xxx: Synchronize the IOCB count to be in order
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53055
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363730
Bugzilla Description:
kernel: fscrypt: destroy keyring after security_sb_delete()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53135
Severity: low
Released on: 02/05/2025
Advisory:
Bugzilla: 2363731
Bugzilla Description:
kernel: riscv: Use READ_ONCE_NOCHECK in imprecise unwinding stack mode
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53079
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363732
Bugzilla Description:
kernel: net/mlx5: Fix steering rules cleanup
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53139
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363733
Bugzilla Description:
kernel: nfc: fdp: add null check of devm_kmalloc_array in fdp_nci_i2c_read_device_properties
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53057
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363734
Bugzilla Description:
kernel: Bluetooth: HCI: Fix global-out-of-bounds
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53044
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363735
Bugzilla Description:
kernel: dm stats: check for and propagate alloc_percpu failure
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53089
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363736
Bugzilla Description:
kernel: ext4: fix task hung in ext4_xattr_delete_inode
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53132
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363737
Bugzilla Description:
kernel: scsi: mpi3mr: Fix mpi3mr_hba_port memory leak in mpi3mr_remove()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53130
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363738
Bugzilla Description:
kernel: block: fix wrong mode for blkdev_put() from disk_scan_partitions()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53036
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363739
Bugzilla Description:
kernel: drm/amdgpu: Fix call trace warning and hang when removing amdgpu device
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53086
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363740
Bugzilla Description:
kernel: wifi: mt76: connac: do not check WED status for non-mmio devices
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53144
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363741
Bugzilla Description:
kernel: erofs: fix wrong kunmap when using LZMA on HIGHMEM platforms
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53118
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363742
Bugzilla Description:
kernel: scsi: core: Fix a procfs host directory removal regression
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53109
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363743
Bugzilla Description:
kernel: net: tunnels: annotate lockless accesses to dev->needed_headroom
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53039
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363745
Bugzilla Description:
kernel: HID: intel-ish-hid: ipc: Fix potential use-after-free in work function
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53041
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363746
Bugzilla Description:
kernel: scsi: qla2xxx: Perform lockless command completion in abort path
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53037
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363747
Bugzilla Description:
kernel: scsi: mpi3mr: Bad drive in topology results kernel crash
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53060
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363748
Bugzilla Description:
kernel: igb: revert rtnl_lock() that causes deadlock
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53072
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363749
Bugzilla Description:
kernel: mptcp: use the workqueue to destroy unaccepted sockets
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53080
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363750
Bugzilla Description:
kernel: xsk: Add missing overflow check in xdp_umem_reg
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53050
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363751
Bugzilla Description:
kernel: thunderbolt: Fix memory leak in margining
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53077
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363752
Bugzilla Description:
kernel: drm/amd/display: fix shift-out-of-bounds in CalculateVMAndRowBytes
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53091
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363753
Bugzilla Description:
kernel: ext4: update s_journal_inum if it changes after journal replay
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53064
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363754
Bugzilla Description:
kernel: iavf: fix hang on reboot with ice
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53038
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363756
Bugzilla Description:
kernel: scsi: lpfc: Check kzalloc() in lpfc_sli4_cgn_params_read()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53067
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363757
Bugzilla Description:
kernel: LoongArch: Only call get_timer_irq() once in constant_clockevent_init()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53048
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363758
Bugzilla Description:
kernel: usb: typec: tcpm: fix warning when handle discover_identity message
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53101
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363759
Bugzilla Description:
kernel: ext4: zero i_disksize when initializing the bootloader inode
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53090
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363760
Bugzilla Description:
kernel: drm/amdkfd: Fix an illegal memory access
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53142
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363761
Bugzilla Description:
kernel: ice: copy last block omitted in ice_get_module_eeprom()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53099
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363762
Bugzilla Description:
kernel: firmware: xilinx: don't make a sleepable memory allocation from an atomic context
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53116
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363763
Bugzilla Description:
kernel: nvmet: avoid potential UAF in nvmet_req_complete()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53096
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363764
Bugzilla Description:
kernel: interconnect: fix mem leak when freeing nodes
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53054
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363765
Bugzilla Description:
kernel: usb: dwc2: fix a devres leak in hw_enable upon suspend resume
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53088
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363766
Bugzilla Description:
kernel: mptcp: fix UaF in listener shutdown
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53140
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363767
Bugzilla Description:
kernel: scsi: core: Remove the /proc/scsi/${proc_name} directory earlier
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53094
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363768
Bugzilla Description:
kernel: tty: serial: fsl_lpuart: fix race on RX DMA shutdown
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53108
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363769
Bugzilla Description:
kernel: net/iucv: Fix size of interrupt data
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53127
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363770
Bugzilla Description:
kernel: scsi: mpi3mr: Fix expander node leak in mpi3mr_remove()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53093
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363771
Bugzilla Description:
kernel: tracing: Do not let histogram values have some modifiers
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53123
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363773
Bugzilla Description:
kernel: PCI: s390: Fix use-after-free of PCI resources with per-function hotplug
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53071
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363775
Bugzilla Description:
kernel: wifi: mt76: do not run mt76_unregister_device() on unregistered hw
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53105
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363776
Bugzilla Description:
kernel: net/mlx5e: Fix cleanup null-ptr deref on encap lock
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53069
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363778
Bugzilla Description:
kernel: octeontx2-vf: Add missing free for alloc_percpu
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53098
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363779
Bugzilla Description:
kernel: media: rc: gpio-ir-recv: add remove function
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53053
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363780
Bugzilla Description:
kernel: erspan: do not use skb_mac_header() in ndo_start_xmit()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53110
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363781
Bugzilla Description:
kernel: net/smc: fix NULL sndbuf_desc in smc_cdc_tx_handler()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53040
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363782
Bugzilla Description:
kernel: ca8210: fix mac_len negative array access
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53129
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363783
Bugzilla Description:
kernel: ext4: Fix deadlock during directory rename
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53084
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363784
Bugzilla Description:
kernel: drm/shmem-helper: Remove another errant put in error path
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53100
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363785
Bugzilla Description:
kernel: ext4: fix WARNING in ext4_update_inline_data
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53128
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363786
Bugzilla Description:
kernel: scsi: mpi3mr: Fix throttle_groups memory leak
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53063
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363787
Bugzilla Description:
kernel: Bluetooth: btsdio: fix use after free bug in btsdio_remove due to unfinished work
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53112
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363788
Bugzilla Description:
kernel: drm/i915/sseu: fix max_subslices array-index-out-of-bounds access
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53104
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363789
Bugzilla Description:
kernel: net: usb: smsc75xx: Move packet length check to prevent kernel panic in skb_pull
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53075
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363790
Bugzilla Description:
kernel: ftrace: Fix invalid address access in lookup_rec() when index is 0
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53111
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363791
Bugzilla Description:
kernel: loop: Fix use-after-free issues
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53095
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363792
Bugzilla Description:
kernel: drm/ttm: Fix a NULL pointer dereference
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53042
Severity: moderate
Released on: 02/05/2025
Advisory:
Bugzilla: 2363793
Bugzilla Description:
kernel: drm/amd/display: Do not set DRR on pipe Commit
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-46569
Severity: important
Released on: 01/05/2025
Advisory:
Bugzilla: 2363571
Bugzilla Description:
github.com/open-policy-agent/opa/server: github.com/open-policy-agent/opa/v1/server: OPA server Data API HTTP path injection of Rego
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: (CWE-863|CWE-94)
Affected Packages:
Package States: Migration Toolkit for Virtualization,
Full Details
CVE document
CVE-2025-46565
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363544
Bugzilla Description:
vite: Path Traversal in Vite Dev Server Allows Access to Restricted Files
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-22
Affected Packages:
Package States: Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,
Full Details
CVE document
CVE-2024-52979
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363312
Bugzilla Description:
elasticsearch: Elasticsearch Uncontrolled Resource Consumption vulnerability
CVSS Score:
CVSSv3 Score: 4.3
Vector:
CWE: CWE-400
Affected Packages:
Package States: Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Red Hat Quay 3,
Full Details
CVE document
CVE-2025-37745
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363263
Bugzilla Description:
kernel: PM: hibernate: Avoid deadlock in hibernate_compressor_param_set()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-23155
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363266
Bugzilla Description:
kernel: net: stmmac: Fix accessing freed irq affinity_hint
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-23160
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363267
Bugzilla Description:
kernel: media: mediatek: vcodec: Fix a resource leak related to the scp device in FW initialization
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-23150
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363268
Bugzilla Description:
kernel: ext4: fix off-by-one error in do_split
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37787
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363269
Bugzilla Description:
kernel: net: dsa: mv88e6xxx: avoid unregistering devlink regions which were never registered
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37791
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363270
Bugzilla Description:
kernel: ethtool: cmis_cdb: use correct rpl size in ethtool_cmis_module_poll()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37782
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363271
Bugzilla Description:
kernel: hfs/hfsplus: fix slab-out-of-bounds in hfs_bnode_read_key
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-23139
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363272
Bugzilla Description:
kernel: Bluetooth: hci_uart: Fix another race during initialization
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37772
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363273
Bugzilla Description:
kernel: RDMA/cma: Fix workqueue crash in cma_netevent_work_handler
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37781
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363274
Bugzilla Description:
kernel: i2c: cros-ec-tunnel: defer probe if parent EC is not present
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-23146
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363275
Bugzilla Description:
kernel: mfd: ene-kb3930: Fix a potential NULL pointer dereference
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37755
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363276
Bugzilla Description:
kernel: net: libwx: handle page_pool_dev_alloc_pages error
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-23161
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363277
Bugzilla Description:
kernel: PCI: vmd: Make vmd_dev::cfg_lock a raw_spinlock_t type
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37759
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363278
Bugzilla Description:
kernel: ublk: fix handling recovery & reissue in ublk_abort_queue()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-23144
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363279
Bugzilla Description:
kernel: backlight: led_bl: Hold led_access lock when calling led_sysfs_disable()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37739
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363281
Bugzilla Description:
kernel: f2fs: fix to avoid out-of-bounds access in f2fs_truncate_inode_blocks()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37746
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363282
Bugzilla Description:
kernel: perf/dwc_pcie: fix duplicate pci_dev devices
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37758
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363283
Bugzilla Description:
kernel: ata: pata_pxa: Fix potential NULL pointer dereference in pxa_ata_probe()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37760
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363284
Bugzilla Description:
kernel: mm/vma: add give_up_on_oom option on modify/merge, use in uffd release
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-23159
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363285
Bugzilla Description:
kernel: media: venus: hfi: add a check to handle OOB in sfr region
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37795
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363286
Bugzilla Description:
kernel: wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-23157
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363287
Bugzilla Description:
kernel: media: venus: hfi_parser: add check to avoid out of bound access
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-23154
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363288
Bugzilla Description:
kernel: io_uring/net: fix io_req_post_cqe abuse by send bundle
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-23147
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363289
Bugzilla Description:
kernel: i3c: Add NULL pointer check in i3c_master_queue_ibi()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37766
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363291
Bugzilla Description:
kernel: drm/amd/pm: Prevent division by zero
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37775
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363292
Bugzilla Description:
kernel: ksmbd: fix the warning from __kernel_write_iter
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37757
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363293
Bugzilla Description:
kernel: tipc: fix memory leak in tipc_link_xmit
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37771
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363294
Bugzilla Description:
kernel: drm/amd/pm: Prevent division by zero
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-23156
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363295
Bugzilla Description:
kernel: media: venus: hfi_parser: refactor hfi packet parsing logic
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37752
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363296
Bugzilla Description:
kernel: net_sched: sch_sfq: move the limit validation
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37744
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363297
Bugzilla Description:
kernel: wifi: ath12k: fix memory leak in ath12k_pci_remove()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37748
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363298
Bugzilla Description:
kernel: iommu/mediatek: Fix NULL pointer deference in mtk_iommu_device_group
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37790
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363299
Bugzilla Description:
kernel: net: mctp: Set SOCK_RCU_FREE
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-23142
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363300
Bugzilla Description:
kernel: sctp: detect and prevent references to a freed transport in sendmsg
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-23143
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363301
Bugzilla Description:
kernel: net: Fix null-ptr-deref by sock_lock_init_class_and_name() and rmmod.
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37786
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363302
Bugzilla Description:
kernel: net: dsa: free routing table on probe failure
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37768
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363303
Bugzilla Description:
kernel: drm/amd/pm: Prevent division by zero
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37769
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363304
Bugzilla Description:
kernel: drm/amd/pm/smu11: Prevent division by zero
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37738
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363305
Bugzilla Description:
kernel: ext4: ignore xattrs past end
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-23162
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363306
Bugzilla Description:
kernel: drm/xe/vf: Don't try to trigger a full GT reset if VF
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37777
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363307
Bugzilla Description:
kernel: ksmbd: fix use-after-free in __smb2_lease_break_noti()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37762
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363308
Bugzilla Description:
kernel: drm/virtio: Fix missed dmabuf unpinning in error path of prepare_fb()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37774
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363309
Bugzilla Description:
kernel: slab: ensure slab->obj_exts is clear in a newly allocated slab page
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37741
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363310
Bugzilla Description:
kernel: jfs: Prevent copying of nlink with value 0 from disk inode
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37747
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363311
Bugzilla Description:
kernel: perf: Fix hang while freeing sigtrap event
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37740
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363313
Bugzilla Description:
kernel: jfs: add sanity check for agwidth in dbMount
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37796
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363314
Bugzilla Description:
kernel: wifi: at76c50x: fix use after free access in at76_disconnect
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37789
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363315
Bugzilla Description:
kernel: net: openvswitch: fix nested key length validation in the set() action
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-23140
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363316
Bugzilla Description:
kernel: misc: pci_endpoint_test: Avoid issue of interrupts remaining after request_irq error
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-23149
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363317
Bugzilla Description:
kernel: tpm: do not start chip while suspended
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37761
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363318
Bugzilla Description:
kernel: drm/xe: Fix an out-of-bounds shift when invalidating TLB
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37743
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363319
Bugzilla Description:
kernel: wifi: ath12k: Avoid memory leak while enabling statistics
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37763
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363320
Bugzilla Description:
kernel: drm/imagination: take paired job reference
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-23148
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363321
Bugzilla Description:
kernel: soc: samsung: exynos-chipid: Add NULL pointer check in exynos_chipid_probe()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37780
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363322
Bugzilla Description:
kernel: isofs: Prevent the use of too small fid
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37742
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363323
Bugzilla Description:
kernel: jfs: Fix uninit-value access of imap allocated in the diMount() function
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-23141
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363324
Bugzilla Description:
kernel: KVM: x86: Acquire SRCU in KVM_GET_MP_STATE to protect guest memory accesses
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37779
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363325
Bugzilla Description:
kernel: lib/iov_iter: fix to increase non slab folio refcount
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37756
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363326
Bugzilla Description:
kernel: net: tls: explicitly disallow disconnect
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37765
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363327
Bugzilla Description:
kernel: drm/nouveau: prime: fix ttm_bo_delayed_delete oops
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37773
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363328
Bugzilla Description:
kernel: virtiofs: add filesystem context source name check
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37784
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363329
Bugzilla Description:
kernel: net: ti: icss-iep: Fix possible NULL pointer dereference for perout request
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-23153
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363330
Bugzilla Description:
kernel: arm/crc-t10dif: fix use of out-of-scope array in crc_t10dif_arch()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37778
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363331
Bugzilla Description:
kernel: ksmbd: Fix dangling pointer in krb_authenticate
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37749
Severity: important
Released on: 01/05/2025
Advisory:
Bugzilla: 2363332
Bugzilla Description:
kernel: net: ppp: Add bound checking for skb data on ppp_sync_txmung
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37767
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363333
Bugzilla Description:
kernel: drm/amd/pm: Prevent division by zero
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37792
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363336
Bugzilla Description:
kernel: Bluetooth: btrtl: Prevent potential NULL dereference
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37793
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363337
Bugzilla Description:
kernel: ASoC: Intel: avs: Fix null-ptr-deref in avs_component_probe()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37783
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363339
Bugzilla Description:
kernel: drm/msm/dpu: Fix error pointers in dpu_plane_virtual_atomic_check
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37754
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363340
Bugzilla Description:
kernel: drm/i915/huc: Fix fence not released on early probe errors
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37750
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363341
Bugzilla Description:
kernel: smb: client: fix UAF in decryption with multichannel
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-23151
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363342
Bugzilla Description:
kernel: bus: mhi: host: Fix race between unprepare and queue_buf
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-23158
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363343
Bugzilla Description:
kernel: media: venus: hfi: add check to handle incorrect queue size
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37794
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363344
Bugzilla Description:
kernel: wifi: mac80211: Purge vif txq in ieee80211_do_stop()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-23163
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363345
Bugzilla Description:
kernel: net: vlan: don't propagate flags on open
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37788
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363347
Bugzilla Description:
kernel: cxgb4: fix memory leak in cxgb4_init_ethtool_filters() error path
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-23145
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363348
Bugzilla Description:
kernel: mptcp: fix NULL pointer in can_accept_new_subflow
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37776
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363350
Bugzilla Description:
kernel: ksmbd: fix use-after-free in smb_break_all_levII_oplock()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37751
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363351
Bugzilla Description:
kernel: x86/cpu: Avoid running off the end of an AMD erratum table
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37753
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363352
Bugzilla Description:
kernel: s390/cpumf: Fix double free on error in cpumf_pmu_event_init()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49771
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363357
Bugzilla Description:
kernel: dm ioctl: fix misbehavior if list_versions races with module loading
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49815
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363358
Bugzilla Description:
kernel: erofs: fix missing xas_retry() in fscache mode
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49868
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363359
Bugzilla Description:
kernel: phy: ralink: mt7621-pci: add sentinel to quirks table
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49779
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363360
Bugzilla Description:
kernel: kprobes: Skip clearing aggrprobe's post_handler in kprobe-on-ftrace case
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49885
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363361
Bugzilla Description:
kernel: ACPI: APEI: Fix integer overflow in ghes_estatus_pool_init()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49843
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363362
Bugzilla Description:
kernel: drm/amdkfd: Migrate in CPU page fault use current mm
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49925
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363363
Bugzilla Description:
kernel: RDMA/core: Fix null-ptr-deref in ib_core_cleanup()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49918
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363364
Bugzilla Description:
kernel: ipvs: fix WARNING in __ip_vs_cleanup_batch()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49764
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363365
Bugzilla Description:
kernel: bpf: Prevent bpf program recursion for raw tracepoint probes
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49922
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363366
Bugzilla Description:
kernel: nfc: nfcmrvl: Fix potential memory leak in nfcmrvl_i2c_nci_send()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49777
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363367
Bugzilla Description:
kernel: Input: i8042 - fix leaking of platform device on module removal
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49786
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363368
Bugzilla Description:
kernel: blk-cgroup: properly pin the parent in blkcg_css_online
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49855
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363369
Bugzilla Description:
kernel: net: wwan: iosm: fix memory leak in ipc_pcie_read_bios_cfg
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49839
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363370
Bugzilla Description:
kernel: scsi: scsi_transport_sas: Fix error handling in sas_phy_add()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49831
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363371
Bugzilla Description:
kernel: btrfs: zoned: initialize device's zone info for seeding
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49763
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363372
Bugzilla Description:
kernel: ntfs: fix use-after-free in ntfs_attr_find()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49908
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363373
Bugzilla Description:
kernel: Bluetooth: L2CAP: Fix memory leak in vhci_write
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2020-36790
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363374
Bugzilla Description:
kernel: nvmet: fix a memory leak
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49812
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363375
Bugzilla Description:
kernel: bridge: switchdev: Fix memory leaks when changing VLAN protocol
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49850
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363377
Bugzilla Description:
kernel: nilfs2: fix deadlock in nilfs_count_free_blocks()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49788
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363378
Bugzilla Description:
kernel: misc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49785
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363379
Bugzilla Description:
kernel: x86/sgx: Add overflow check in sgx_validate_offset_length()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49845
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363380
Bugzilla Description:
kernel: can: j1939: j1939_send_one(): fix missing CAN header initialization
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49768
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363381
Bugzilla Description:
kernel: 9p: trans_fd/p9_conn_cancel: drop client lock earlier
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49853
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363383
Bugzilla Description:
kernel: net: macvlan: fix memory leaks of macvlan_common_newlink
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49860
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363384
Bugzilla Description:
kernel: dmaengine: ti: k3-udma-glue: fix memory leak when register device fail
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49902
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363385
Bugzilla Description:
kernel: block: Fix possible memory leak for rq_wb on add_disk failure
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49795
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363386
Bugzilla Description:
kernel: rethook: fix a potential memleak in rethook_alloc()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49767
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363387
Bugzilla Description:
kernel: 9p/trans_fd: always use O_NONBLOCK read/write
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49870
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363388
Bugzilla Description:
kernel: capabilities: fix undefined behavior in bit shift for CAP_TO_MASK
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49799
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363389
Bugzilla Description:
kernel: tracing: Fix wild-memory-access in register_synth_event()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49776
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363390
Bugzilla Description:
kernel: macvlan: enforce a consistent minimal mtu
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49789
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363391
Bugzilla Description:
kernel: scsi: zfcp: Fix double free of FSF request when qdio send fails
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49775
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363392
Bugzilla Description:
kernel: tcp: cdg: allow tcp_cdg_release() to be called multiple times
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49910
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363393
Bugzilla Description:
kernel: Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49821
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363394
Bugzilla Description:
kernel: mISDN: fix possible memory leak in mISDN_dsp_element_register()
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49794
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363395
Bugzilla Description:
kernel: iio: adc: at91_adc: fix possible memory leak in at91_adc_allocate_trigger()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49787
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363396
Bugzilla Description:
kernel: mmc: sdhci-pci: Fix possible memory leak caused by missing pci_dev_put()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49801
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363397
Bugzilla Description:
kernel: tracing: Fix memory leak in tracing_read_pipe()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49856
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363398
Bugzilla Description:
kernel: net: tun: call napi_schedule_prep() to ensure we own a napi
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49780
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363399
Bugzilla Description:
kernel: scsi: target: tcm_loop: Fix possible name leak in tcm_loop_setup_hba_bus()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49905
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363400
Bugzilla Description:
kernel: net/smc: Fix possible leaked pernet namespace in smc_init()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49900
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363401
Bugzilla Description:
kernel: i2c: piix4: Fix adapter not be removed in piix4_remove()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49930
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363402
Bugzilla Description:
kernel: RDMA/hns: Fix NULL pointer problem in free_mr_init()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49791
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363403
Bugzilla Description:
kernel: io_uring: fix multishot accept request leaks
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49904
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363404
Bugzilla Description:
kernel: net, neigh: Fix null-ptr-deref in neigh_table_clear()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49783
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363405
Bugzilla Description:
kernel: x86/fpu: Drop fpregs lock before inheriting FPU permissions
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49931
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363406
Bugzilla Description:
kernel: IB/hfi1: Correctly move list in sc_disable()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49781
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363407
Bugzilla Description:
kernel: perf/x86/amd: Fix crash due to race between amd_pmu_enable_all, perf NMI and throttling
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49882
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363408
Bugzilla Description:
kernel: KVM: Reject attempts to consume or refresh inactive gfn_to_pfn_cache
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49827
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363409
Bugzilla Description:
kernel: drm: Fix potential null-ptr-deref in drm_vblank_destroy_worker()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49920
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363410
Bugzilla Description:
kernel: netfilter: nf_tables: netlink notifier might race to release objects
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49849
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363411
Bugzilla Description:
kernel: btrfs: fix match incorrectly in dev_args_match_device
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49912
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363412
Bugzilla Description:
kernel: btrfs: fix ulist leaks in error paths of qgroup self tests
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49866
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363413
Bugzilla Description:
kernel: net: wwan: mhi: fix memory leak in mhi_mbim_dellink
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49819
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363414
Bugzilla Description:
kernel: octeon_ep: fix potential memory leak in octep_device_setup()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49857
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363415
Bugzilla Description:
kernel: net: marvell: prestera: fix memory leak in prestera_rxtx_switch_init()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49929
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363416
Bugzilla Description:
kernel: RDMA/rxe: Fix mr leak in RESPST_ERR_RNR
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49847
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363417
Bugzilla Description:
kernel: net: ethernet: ti: am65-cpsw: Fix segmentation fault at module unload
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49830
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363418
Bugzilla Description:
kernel: drm/drv: Fix potential memory leak in drm_dev_init()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49820
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363419
Bugzilla Description:
kernel: mctp i2c: don't count unused / invalid keys for flow release
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49842
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363420
Bugzilla Description:
kernel: ASoC: core: Fix use-after-free in snd_soc_exit()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49911
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363421
Bugzilla Description:
kernel: netfilter: ipset: enforce documented limit to prevent allocating huge memory
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49772
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363422
Bugzilla Description:
kernel: ALSA: usb-audio: Drop snd_BUG_ON() from snd_usbmidi_output_open()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49875
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363423
Bugzilla Description:
kernel: bpftool: Fix NULL pointer dereference when pin {PROG, MAP, LINK} without FILE
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49877
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363424
Bugzilla Description:
kernel: bpf, sockmap: Fix the sk->sk_forward_alloc warning of sk_stream_kill_queues
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49898
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363425
Bugzilla Description:
kernel: btrfs: fix tree mod log mishandling of reallocated nodes
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49919
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363426
Bugzilla Description:
kernel: netfilter: nf_tables: release flow rule object from commit path
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49778
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363427
Bugzilla Description:
kernel: arm64/mm: fix incorrect file_map_count for non-leaf pmd/pud
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49909
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363428
Bugzilla Description:
kernel: Bluetooth: L2CAP: fix use-after-free in l2cap_conn_del()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49874
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363429
Bugzilla Description:
kernel: HID: hyperv: fix possible memory leak in mousevsc_probe()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49822
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363431
Bugzilla Description:
kernel: cifs: Fix connections leak when tlink setup failed
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49846
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363432
Bugzilla Description:
kernel: udf: Fix a slab-out-of-bounds write bug in udf_find_entry()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49859
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363433
Bugzilla Description:
kernel: net: lapbether: fix issue of invalid opcode in lapbeth_open()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49865
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363434
Bugzilla Description:
kernel: ipv6: addrlabel: fix infoleak when sending struct ifaddrlblmsg to network
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49841
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363435
Bugzilla Description:
kernel: serial: imx: Add missing .thaw_noirq hook
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49879
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363436
Bugzilla Description:
kernel: ext4: fix BUG_ON() when directory entry has invalid rec_len
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49867
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363437
Bugzilla Description:
kernel: net: wwan: iosm: fix memory leak in ipc_wwan_dellink
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49769
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363438
Bugzilla Description:
kernel: gfs2: Check sb_bsize_shift after reading superblock
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49835
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363439
Bugzilla Description:
kernel: ALSA: hda: fix potential memleak in 'add_widget_node'
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49790
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363440
Bugzilla Description:
kernel: Input: iforce - invert valid length check when fetching device IDs
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49833
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363441
Bugzilla Description:
kernel: btrfs: zoned: clone zoned device info when cloning a device
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49782
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363442
Bugzilla Description:
kernel: perf: Improve missing SIGTRAP checking
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49878
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363443
Bugzilla Description:
kernel: bpf, verifier: Fix memory leak in array reallocation for stack state
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49886
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363444
Bugzilla Description:
kernel: x86/tdx: Panic on bad configs that #VE on "private" memory access
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49889
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363445
Bugzilla Description:
kernel: ring-buffer: Check for NULL cpu_buffer in ring_buffer_wake_waiters()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49883
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363446
Bugzilla Description:
kernel: KVM: x86: smm: number of GPRs in the SMRAM image depends on the image format
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49872
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363447
Bugzilla Description:
kernel: net: gso: fix panic on frag_list with mixed head alloc types
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49890
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363448
Bugzilla Description:
kernel: capabilities: fix potential memleak on error path from vfs_getxattr_alloc()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49832
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363449
Bugzilla Description:
kernel: pinctrl: devicetree: fix null pointer dereferencing in pinctrl_dt_to_map
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49901
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363450
Bugzilla Description:
kernel: blk-mq: Fix kmemleak in blk_mq_init_allocated_queue
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49921
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363452
Bugzilla Description:
kernel: net: sched: Fix use after free in red_enqueue()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49928
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363453
Bugzilla Description:
kernel: SUNRPC: Fix null-ptr-deref when xps sysfs alloc failed
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49838
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363454
Bugzilla Description:
kernel: sctp: clear out_curr if all frag chunks of current msg are pruned
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49893
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363455
Bugzilla Description:
kernel: cxl/region: Fix cxl_region leak, cleanup targets at region delete
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49804
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363456
Bugzilla Description:
kernel: s390: avoid using global register for current_stack_pointer
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49894
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363457
Bugzilla Description:
kernel: cxl/region: Fix region HPA ordering validation
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49862
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363458
Bugzilla Description:
kernel: tipc: fix the msg->req tlv len check in tipc_nl_compat_name_table_dump_header
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49906
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363459
Bugzilla Description:
kernel: ibmvnic: Free rwi on reset success
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49805
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363460
Bugzilla Description:
kernel: net: lan966x: Fix potential null-ptr-deref in lan966x_stats_init()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49824
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363461
Bugzilla Description:
kernel: ata: libata-transport: fix error handling in ata_tlink_add()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49825
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363463
Bugzilla Description:
kernel: ata: libata-transport: fix error handling in ata_tport_add()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49871
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363464
Bugzilla Description:
kernel: net: tun: Fix memory leaks of napi_get_frags
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49907
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363465
Bugzilla Description:
kernel: net: mdio: fix undefined behavior in bit shift for __mdiobus_register
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49881
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363466
Bugzilla Description:
kernel: wifi: cfg80211: fix memory leak in query_regdb_file()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49873
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363467
Bugzilla Description:
kernel: bpf: Fix wrong reg type conversion in release_reference()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49816
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363468
Bugzilla Description:
kernel: xen/pcpu: fix possible memory leak in register_pcpu()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49844
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363469
Bugzilla Description:
kernel: can: dev: fix skb drop check
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49858
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363470
Bugzilla Description:
kernel: octeontx2-pf: Fix SQE threshold checking
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49802
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363471
Bugzilla Description:
kernel: ftrace: Fix null pointer dereference in ftrace_add_mod()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49810
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363472
Bugzilla Description:
kernel: netfs: Fix missing xas_retry() calls in xarray iteration
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49797
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363473
Bugzilla Description:
kernel: tracing: kprobe: Fix potential null-ptr-deref on trace_event_file in kprobe_event_gen_test_exit()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49915
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363474
Bugzilla Description:
kernel: mISDN: fix possible memory leak in mISDN_register_device()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49818
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363475
Bugzilla Description:
kernel: mISDN: fix misuse of put_device() in mISDN_register_device()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49917
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363476
Bugzilla Description:
kernel: ipvs: fix WARNING in ip_vs_app_net_cleanup()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49773
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363477
Bugzilla Description:
kernel: drm/amd/display: Fix optc2_configure warning on dcn314
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49766
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363478
Bugzilla Description:
kernel: netlink: Bounds-check struct nlmsgerr creation
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49765
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363479
Bugzilla Description:
kernel: net/9p: use a dedicated spinlock for trans_fd
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49823
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363480
Bugzilla Description:
kernel: ata: libata-transport: fix error handling in ata_tdev_add()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49926
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363481
Bugzilla Description:
kernel: net: dsa: Fix possible memory leaks in dsa_loop_init()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49762
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363482
Bugzilla Description:
kernel: ntfs: check overflow when iterating ATTR_RECORDs
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49796
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363483
Bugzilla Description:
kernel: tracing: kprobe: Fix potential null-ptr-deref on trace_array in kprobe_event_gen_test_exit()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49897
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363485
Bugzilla Description:
kernel: fscrypt: fix keyring memory leak on mount failure
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49813
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363486
Bugzilla Description:
kernel: net: ena: Fix error handling in ena_init()
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49863
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363487
Bugzilla Description:
kernel: can: af_can: fix NULL pointer dereference in can_rx_register()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49792
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363488
Bugzilla Description:
kernel: iio: adc: mp2629: fix potential array out of bound access
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49899
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363489
Bugzilla Description:
kernel: fscrypt: stop using keyrings subsystem for fscrypt_master_key
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49798
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363490
Bugzilla Description:
kernel: tracing: Fix race where eprobes can be called before the event
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49903
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363491
Bugzilla Description:
kernel: ipv6: fix WARNING in ip6_route_net_exit_late()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49884
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363492
Bugzilla Description:
kernel: KVM: Initialize gfn_to_pfn_cache locks in dedicated helper
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49770
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363493
Bugzilla Description:
kernel: ceph: avoid putting the realm twice when decoding snaps fails
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49852
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363494
Bugzilla Description:
kernel: riscv: process: fix kernel info leakage
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49864
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363495
Bugzilla Description:
kernel: drm/amdkfd: Fix NULL pointer dereference in svm_migrate_to_ram()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49784
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363496
Bugzilla Description:
kernel: perf/x86/amd/uncore: Fix memory leak for events array
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49774
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363497
Bugzilla Description:
kernel: KVM: x86/xen: Fix eventfd error handling in kvm_xen_eventfd_assign()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49876
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363498
Bugzilla Description:
kernel: wifi: mac80211: fix general-protection-fault in ieee80211_subif_start_xmit()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49851
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363500
Bugzilla Description:
kernel: riscv: fix reserved memory setup
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49803
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363501
Bugzilla Description:
kernel: netdevsim: Fix memory leak of nsim_dev->fa_cookie
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49848
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363502
Bugzilla Description:
kernel: phy: qcom-qmp-combo: fix NULL-deref on runtime resume
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49854
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363503
Bugzilla Description:
kernel: mctp: Fix an error handling path in mctp_init()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49828
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363504
Bugzilla Description:
kernel: hugetlbfs: don't delete error page from pagecache
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49837
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363505
Bugzilla Description:
kernel: bpf: Fix memory leaks in __check_func_call
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49826
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363506
Bugzilla Description:
kernel: ata: libata-transport: fix double ata_host_put() in ata_tport_add()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49913
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363508
Bugzilla Description:
kernel: btrfs: fix inode list leak during backref walking at find_parent_nodes()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49869
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363509
Bugzilla Description:
kernel: bnxt_en: Fix possible crash in bnxt_hwrm_set_coal()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49880
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363510
Bugzilla Description:
kernel: ext4: fix warning in 'ext4_da_release_space'
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49892
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363511
Bugzilla Description:
kernel: ftrace: Fix use-after-free for dynamic ftrace_ops
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49914
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363512
Bugzilla Description:
kernel: btrfs: fix inode list leak during backref walking at resolve_indirect_refs()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49924
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363513
Bugzilla Description:
kernel: nfc: fdp: Fix potential memory leak in fdp_nci_send()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49806
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363514
Bugzilla Description:
kernel: net: microchip: sparx5: Fix potential null-ptr-deref in sparx_stats_init() and sparx5_start()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49809
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363515
Bugzilla Description:
kernel: net/x25: Fix skb leak in x25_lapb_receive_frame()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49927
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363516
Bugzilla Description:
kernel: nfs4: Fix kmemleak when allocate slot failed
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49861
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363517
Bugzilla Description:
kernel: dmaengine: mv_xor_v2: Fix a resource leak in mv_xor_v2_remove()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49895
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363518
Bugzilla Description:
kernel: cxl/region: Fix decoder allocation crash
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49807
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363519
Bugzilla Description:
kernel: nvmet: fix a memory leak in nvmet_auth_set_key
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49888
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363520
Bugzilla Description:
kernel: arm64: entry: avoid kprobe recursion
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49896
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363521
Bugzilla Description:
kernel: cxl/pmem: Fix cxl_pmem_region and cxl_memdev leak
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49814
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363522
Bugzilla Description:
kernel: kcm: close race conditions on sk_receive_queue
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49817
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363523
Bugzilla Description:
kernel: net: mhi: Fix memory leak in mhi_net_dellink()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49808
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363524
Bugzilla Description:
kernel: net: dsa: don't leak tagger-owned storage on switch driver unbind
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49834
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363525
Bugzilla Description:
kernel: nilfs2: fix use-after-free bug of ns_writer on remount
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49891
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363526
Bugzilla Description:
kernel: tracing: kprobe: Fix memory leak in test_gen_kprobe/kretprobe_cmd()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49840
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363527
Bugzilla Description:
kernel: bpf, test_run: Fix alignment problem in bpf_prog_test_run_skb()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49829
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363528
Bugzilla Description:
kernel: drm/scheduler: fix fence ref counting
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49923
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363529
Bugzilla Description:
kernel: nfc: nxp-nci: Fix potential memory leak in nxp_nci_send()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2022-49811
Severity: moderate
Released on: 01/05/2025
Advisory:
Bugzilla: 2363530
Bugzilla Description:
kernel: drbd: use after free in drbd_create_device()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-27611
Severity: important
Released on: 30/04/2025
Advisory:
Bugzilla: 2363176
Bugzilla Description:
base-x: base-x homograph attack allows Unicode lookalike characters to bypass validation.
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-1007
Affected Packages:
Package States: Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,
Full Details
CVE document
CVE-2025-32444
Severity: critical
Released on: 30/04/2025
Advisory:
Bugzilla: 2363024
Bugzilla Description:
vllm: vLLM Vulnerable to Remote Code Execution via Mooncake Integration
CVSS Score:
CVSSv3 Score: 10.0
Vector:
CWE: CWE-502
Affected Packages:
Package States: Red Hat Enterprise Linux AI (RHEL AI),Red Hat Enterprise Linux AI (RHEL AI),Red Hat Enterprise Linux AI (RHEL AI),Red Hat Enterprise Linux AI (RHEL AI),Red Hat Enterprise Linux AI (RHEL AI),Red Hat Enterprise Linux AI (RHEL AI),Red Hat Enterprise Linux AI (RHEL AI),Red Hat Enterprise Linux AI (RHEL AI),Red Hat Enterprise Linux AI (RHEL AI),Red Hat Enterprise Linux AI (RHEL AI),Red Hat Enterprise Linux AI (RHEL AI),Red Hat Enterprise Linux AI (RHEL AI),
Full Details
CVE document
CVE-2025-46560
Severity: moderate
Released on: 30/04/2025
Advisory:
Bugzilla: 2363025
Bugzilla Description:
vllm: vLLM phi4mm: Quadratic Time Complexity in Input Token Processing​ leads to denial of service
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-1333
Affected Packages:
Package States: Red Hat Enterprise Linux AI (RHEL AI),Red Hat Enterprise Linux AI (RHEL AI),Red Hat Enterprise Linux AI (RHEL AI),Red Hat Enterprise Linux AI (RHEL AI),Red Hat Enterprise Linux AI (RHEL AI),Red Hat Enterprise Linux AI (RHEL AI),Red Hat Enterprise Linux AI (RHEL AI),Red Hat Enterprise Linux AI (RHEL AI),Red Hat Enterprise Linux AI (RHEL AI),Red Hat Enterprise Linux AI (RHEL AI),Red Hat Enterprise Linux AI (RHEL AI),Red Hat Enterprise Linux AI (RHEL AI),
Full Details
CVE document
CVE-2025-0716
Severity: moderate
Released on: 29/04/2025
Advisory:
Bugzilla: 2362958
Bugzilla Description:
angular: AngularJS improper sanitization in SVG '
CVSS Score:
CVSSv3 Score: 4.8
Vector:
CWE: CWE-791
Affected Packages:
Package States: Logging Subsystem for Red Hat OpenShift,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Fuse 7,Red Hat Fuse 7,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat OpenStack Platform 16.2,Red Hat Quay 3,Red Hat Single Sign-On 7,
Full Details
CVE document
CVE-2025-4093
Severity: important
Released on: 29/04/2025
Advisory: RHSA-2025:4752, RHSA-2025:4751, RHSA-2025:4443, RHSA-2025:4460, RHSA-2025:4756, RHSA-2025:4458, RHSA-2025:4753,
Bugzilla: 2362915
Bugzilla Description:
firefox: thunderbird: Memory safety bug fixed in Firefox ESR 128.10 and Thunderbird 128.10
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-120
Affected Packages: firefox-0:128.10.0-1.el9_2,thunderbird-0:128.10.0-1.el9_5,firefox-0:128.10.0-1.el9_4,firefox-0:128.10.0-1.el9_5,firefox-0:128.10.0-1.el8_10,firefox-0:128.10.0-1.el7_9,firefox-0:128.10.0-1.el9_0,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-4092
Severity: important
Released on: 29/04/2025
Advisory:
Bugzilla: 2362909
Bugzilla Description:
firefox: thunderbird: Memory safety bugs fixed in Firefox 138 and Thunderbird 138
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-120
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-4091
Severity: moderate
Released on: 29/04/2025
Advisory: RHSA-2025:4752, RHSA-2025:4751, RHSA-2025:4443, RHSA-2025:4460, RHSA-2025:4756, RHSA-2025:4458, RHSA-2025:4753,
Bugzilla: 2362912
Bugzilla Description:
firefox: thunderbird: Memory safety bugs fixed in Firefox 138, Thunderbird 138, Firefox ESR 128.10, and Thunderbird 128.10
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-120
Affected Packages: firefox-0:128.10.0-1.el9_2,thunderbird-0:128.10.0-1.el9_5,firefox-0:128.10.0-1.el9_4,firefox-0:128.10.0-1.el9_5,firefox-0:128.10.0-1.el8_10,firefox-0:128.10.0-1.el7_9,firefox-0:128.10.0-1.el9_0,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-4090
Severity: low
Released on: 29/04/2025
Advisory:
Bugzilla: 2362913
Bugzilla Description:
firefox: thunderbird: Leaked library paths in Firefox for Android
CVSS Score:
CVSSv3 Score: 3.3
Vector:
CWE: CWE-532
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-4089
Severity: moderate
Released on: 29/04/2025
Advisory:
Bugzilla: 2362910
Bugzilla Description:
firefox: thunderbird: Potential local code execution in "copy as cURL" command
CVSS Score:
CVSSv3 Score: 6.3
Vector:
CWE: CWE-138
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-4088
Severity: moderate
Released on: 29/04/2025
Advisory:
Bugzilla: 2362908
Bugzilla Description:
firefox: thunderbird: Cross-site request forgery via storage access API redirects
CVSS Score:
CVSSv3 Score: 5.4
Vector:
CWE: CWE-601
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-4087
Severity: moderate
Released on: 29/04/2025
Advisory: RHSA-2025:4752, RHSA-2025:4751, RHSA-2025:4443, RHSA-2025:4460, RHSA-2025:4756, RHSA-2025:4458, RHSA-2025:4753,
Bugzilla: 2362904
Bugzilla Description:
firefox: thunderbird: Unsafe attribute access during XPath parsing
CVSS Score:
CVSSv3 Score: 7.6
Vector:
CWE: CWE-125
Affected Packages: firefox-0:128.10.0-1.el9_2,thunderbird-0:128.10.0-1.el9_5,firefox-0:128.10.0-1.el9_4,firefox-0:128.10.0-1.el9_5,firefox-0:128.10.0-1.el8_10,firefox-0:128.10.0-1.el7_9,firefox-0:128.10.0-1.el9_0,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-4086
Severity: moderate
Released on: 29/04/2025
Advisory:
Bugzilla: 2362914
Bugzilla Description:
firefox: thunderbird: Specially crafted filename could be used to obscure download type
CVSS Score:
CVSSv3 Score: 5.4
Vector:
CWE: CWE-451
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-4085
Severity: moderate
Released on: 29/04/2025
Advisory:
Bugzilla: 2362905
Bugzilla Description:
firefox: thunderbird: Potential information leakage and privilege escalation in UITour actor
CVSS Score:
CVSSv3 Score: 6.8
Vector:
CWE: CWE-200
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-4084
Severity: moderate
Released on: 29/04/2025
Advisory:
Bugzilla: 2362911
Bugzilla Description:
firefox: thunderbird: Potential local code execution in "copy as cURL" command
CVSS Score:
CVSSv3 Score: 6.3
Vector:
CWE: CWE-138
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-4083
Severity: important
Released on: 29/04/2025
Advisory: RHSA-2025:4752, RHSA-2025:4751, RHSA-2025:4443, RHSA-2025:4460, RHSA-2025:4756, RHSA-2025:4458, RHSA-2025:4753,
Bugzilla: 2362907
Bugzilla Description:
firefox: thunderbird: Process isolation bypass using "javascript:" URI links in cross-origin frames
CVSS Score:
CVSSv3 Score: 8.3
Vector:
CWE: CWE-653
Affected Packages: firefox-0:128.10.0-1.el9_2,thunderbird-0:128.10.0-1.el9_5,firefox-0:128.10.0-1.el9_4,firefox-0:128.10.0-1.el9_5,firefox-0:128.10.0-1.el8_10,firefox-0:128.10.0-1.el7_9,firefox-0:128.10.0-1.el9_0,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-4082
Severity: important
Released on: 29/04/2025
Advisory:
Bugzilla: 2362903
Bugzilla Description:
firefox: thunderbird: WebGL shader attribute memory corruption in Firefox for macOS
CVSS Score:
CVSSv3 Score: 7.6
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-2817
Severity: important
Released on: 29/04/2025
Advisory: RHSA-2025:4752, RHSA-2025:4751, RHSA-2025:4443, RHSA-2025:4460, RHSA-2025:4756, RHSA-2025:4458, RHSA-2025:4753,
Bugzilla: 2362902
Bugzilla Description:
firefox: thunderbird: Privilege escalation in Firefox Updater
CVSS Score:
CVSSv3 Score: 8.5
Vector:
CWE: CWE-94
Affected Packages: firefox-0:128.10.0-1.el9_2,thunderbird-0:128.10.0-1.el9_5,firefox-0:128.10.0-1.el9_4,firefox-0:128.10.0-1.el9_5,firefox-0:128.10.0-1.el8_10,firefox-0:128.10.0-1.el7_9,firefox-0:128.10.0-1.el9_0,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-3891
Severity: moderate
Released on: 29/04/2025
Advisory: RHSA-2025:4597,
Bugzilla: 2361633
Bugzilla Description:
mod_auth_openidc: DoS via Empty POST in mod_auth_openidc with OIDCPreservePost Enabled
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-248
Affected Packages: mod_auth_openidc:2.3-8100020250426100353.489197e6,
Package States: Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-3501
Severity: important
Released on: 29/04/2025
Advisory: RHSA-2025:4336, RHSA-2025:4335,
Bugzilla: 2358834
Bugzilla Description:
org.keycloak.protocol.services: Keycloak hostname verification
CVSS Score:
CVSSv3 Score: 8.2
Vector:
CWE: CWE-297
Affected Packages: keycloak,rhbk/keycloak-operator-bundle:26.0.11-2,rhbk/keycloak-rhel9:26.0-12,rhbk/keycloak-rhel9-operator:26.0-13,
Package States: Red Hat Single Sign-On 7,
Full Details
CVE document
CVE-2025-3910
Severity: moderate
Released on: 29/04/2025
Advisory: RHSA-2025:4336, RHSA-2025:4335,
Bugzilla: 2361923
Bugzilla Description:
org.keycloak.authentication: Two factor authentication bypass
CVSS Score:
CVSSv3 Score: 5.4
Vector:
CWE: CWE-287
Affected Packages: org.keycloak.authentication,rhbk/keycloak-operator-bundle:26.0.11-2,rhbk/keycloak-rhel9:26.0-12,rhbk/keycloak-rhel9-operator:26.0-13,
Package States:
Full Details
CVE document
CVE-2025-4056
Severity: low
Released on: 29/04/2025
Advisory:
Bugzilla: 2362826
Bugzilla Description:
glib: glib crash after long command line
CVSS Score:
CVSSv3 Score: 3.7
Vector:
CWE: CWE-94
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-58099
Severity: moderate
Released on: 29/04/2025
Advisory:
Bugzilla: 2362882
Bugzilla Description:
kernel: vmxnet3: Fix packet corruption in vmxnet3_xdp_xmit_frame
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-131
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-31651
Severity: moderate
Released on: 28/04/2025
Advisory:
Bugzilla: 2362782
Bugzilla Description:
tomcat: Apache Tomcat: Bypass of rules in Rewrite Valve
CVSS Score:
CVSSv3 Score: 4.8
Vector:
CWE: CWE-150
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-31650
Severity: moderate
Released on: 28/04/2025
Advisory:
Bugzilla: 2362783
Bugzilla Description:
tomcat: Apache Tomcat: DoS via malformed HTTP/2 PRIORITY_UPDATE frame
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat JBoss Web Server 5,Red Hat JBoss Web Server 6,
Full Details
CVE document
CVE-2025-43857
Severity: moderate
Released on: 28/04/2025
Advisory:
Bugzilla: 2362749
Bugzilla Description:
net-imap: net-imap rubygem vulnerable to possible DoS by memory exhaustion
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: (CWE-400|CWE-405|CWE-770|CWE-789)
Affected Packages:
Package States: Logging Subsystem for Red Hat OpenShift,Red Hat 3scale API Management Platform 2,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22235
Severity: important
Released on: 28/04/2025
Advisory:
Bugzilla: 2362668
Bugzilla Description:
org.springframework.boot/spring-boot: Spring Boot EndpointRequest.to() creates wrong matcher if actuator endpoint is not exposed
CVSS Score:
CVSSv3 Score: 7.3
Vector:
CWE: CWE-20
Affected Packages:
Package States: AMQ Clients,A-MQ Clients 2,Red Hat AMQ Broker 7,Red Hat build of Apache Camel for Spring Boot 4,Red Hat build of OptaPlanner 8,Red Hat Data Grid 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Fuse 7,Red Hat Integration Camel K 1,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat Process Automation 7,Red Hat Single Sign-On 7,streams for Apache Kafka,
Full Details
CVE document
CVE-2025-4035
Severity: moderate
Released on: 28/04/2025
Advisory:
Bugzilla: 2362651
Bugzilla Description:
libsoup: Cookie domain validation bypass via uppercase characters in libsoup
CVSS Score:
CVSSv3 Score: 4.3
Vector:
CWE: CWE-178
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-2866
Severity: low
Released on: 27/04/2025
Advisory:
Bugzilla: 2362574
Bugzilla Description:
LibreOffice: PDF signature forgery with adbe.pkcs7.sha1 SubFilter
CVSS Score:
CVSSv3 Score: 2.8
Vector:
CWE: CWE-347
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-46646
Severity: moderate
Released on: 26/04/2025
Advisory:
Bugzilla: 2362446
Bugzilla Description:
Ghostscript: Mishandling of Overlong UTF-8 Encoding in Artifex Ghostscript's decode_utf8 Function
CVSS Score:
CVSSv3 Score: 4.5
Vector:
CWE: CWE-24
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-46653
Severity: low
Released on: 26/04/2025
Advisory:
Bugzilla: 2362485
Bugzilla Description:
formidable: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in Formidable
CVSS Score:
CVSSv3 Score: 3.1
Vector:
CWE: CWE-338
Affected Packages:
Package States: OpenShift Serverless,OpenShift Serverless,Red Hat Developer Hub,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,
Full Details
CVE document
CVE-2025-3260
Severity: important
Released on: 25/04/2025
Advisory:
Bugzilla: 2358556
Bugzilla Description:
grafana: Unauthorized Dashboard Access in Grafana
CVSS Score:
CVSSv3 Score: 8.5
Vector:
CWE: CWE-281
Affected Packages:
Package States: Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-6198
Severity: important
Released on: 25/04/2025
Advisory:
Bugzilla: 2362311
Bugzilla Description:
SNORE Interface Unauthenticated Remote Code Execution
CVSS Score:
Vector:
CWE: CWE-120
Affected Packages:
Package States:
Full Details
CVE document
CVE-2025-43865
Severity: moderate
Released on: 25/04/2025
Advisory:
Bugzilla: 2362231
Bugzilla Description:
react-router: React Router allows pre-render data spoofing on React-Router framework mode
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-345
Affected Packages:
Package States: Cryostat 3,Cryostat 4,Logging Subsystem for Red Hat OpenShift,Migration Toolkit for Applications 7,Migration Toolkit for Containers,Migration Toolkit for Virtualization,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Network Observability Operator,OpenShift Lightspeed,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Serverless,OpenShift Service Mesh 2,OpenShift Service Mesh 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat build of Apache Camel - HawtIO 4,Red Hat build of Apicurio Registry 2,Red Hat build of OptaPlanner 8,Red Hat Data Grid 8,Red Hat Developer Hub,Red Hat Discovery,Red Hat Enterprise Linux 8,Red Hat Fuse 7,Red Hat Integration Camel K 1,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat Process Automation 7,Red Hat Quay 3,Red Hat Single Sign-On 7,
Full Details
CVE document
CVE-2025-43864
Severity: moderate
Released on: 25/04/2025
Advisory:
Bugzilla: 2362232
Bugzilla Description:
react-router: React Router allows a DoS via cache poisoning by forcing SPA mode
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-755
Affected Packages:
Package States: Cryostat 3,Cryostat 4,Logging Subsystem for Red Hat OpenShift,Migration Toolkit for Applications 7,Migration Toolkit for Containers,Migration Toolkit for Virtualization,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Network Observability Operator,OpenShift Lightspeed,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Serverless,OpenShift Service Mesh 2,OpenShift Service Mesh 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat build of Apache Camel - HawtIO 4,Red Hat build of Apicurio Registry 2,Red Hat build of OptaPlanner 8,Red Hat Data Grid 8,Red Hat Developer Hub,Red Hat Discovery,Red Hat Enterprise Linux 8,Red Hat Fuse 7,Red Hat Integration Camel K 1,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat Process Automation 7,Red Hat Quay 3,Red Hat Single Sign-On 7,
Full Details
CVE document
CVE-2025-46613
Severity: important
Released on: 25/04/2025
Advisory:
Bugzilla: 2362250
Bugzilla Description:
From CVEorg collector
CVSS Score:
Vector:
CWE: CWE-362
Affected Packages:
Package States:
Full Details
CVE document
CVE-2025-43859
Severity: important
Released on: 24/04/2025
Advisory:
Bugzilla: 2362162
Bugzilla Description:
h11: h11 accepts some malformed Chunked-Encoding bodies
CVSS Score:
CVSSv3 Score: 7.4
Vector:
CWE: CWE-444
Affected Packages:
Package States: OpenShift Lightspeed,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Enterprise Linux AI (RHEL AI),Red Hat Enterprise Linux AI (RHEL AI),Red Hat Enterprise Linux AI (RHEL AI),Red Hat Enterprise Linux AI (RHEL AI),Red Hat Enterprise Linux AI (RHEL AI),Red Hat Enterprise Linux AI (RHEL AI),Red Hat Enterprise Linux AI (RHEL AI),Red Hat Enterprise Linux AI (RHEL AI),Red Hat Enterprise Linux AI (RHEL AI),Red Hat Enterprise Linux AI (RHEL AI),Red Hat Enterprise Linux AI (RHEL AI),Red Hat Enterprise Linux AI (RHEL AI),Red Hat Enterprise Linux AI (RHEL AI),Red Hat OpenShift AI (RHOAI),Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 18.0,Red Hat Satellite 6,
Full Details
CVE document
CVE-2025-27820
Severity: moderate
Released on: 24/04/2025
Advisory:
Bugzilla: 2362042
Bugzilla Description:
org.apache.httpcomponents.client5/httpclient5: Apache HttpComponents: PSL (Public Suffix List) validation bypass
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-295
Affected Packages:
Package States: AMQ Clients,Cryostat 3,Cryostat 4,Red Hat AMQ Broker 7,Red Hat build of Apache Camel 4 for Quarkus 3,Red Hat build of Apache Camel 4 for Quarkus 3,Red Hat build of Apache Camel for Spring Boot 4,Red Hat build of Apache Camel - HawtIO 4,Red Hat build of Apicurio Registry 2,Red Hat build of Apicurio Registry 3,Red Hat build of Debezium 2,Red Hat build of Debezium 3,Red Hat Data Grid 8,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat JBoss Web Server 6,Red Hat OpenShift AI (RHOAI),Red Hat Process Automation 7,streams for Apache Kafka,streams for Apache Kafka 2,
Full Details
CVE document
CVE-2025-46421
Severity: moderate
Released on: 24/04/2025
Advisory: RHSA-2025:4440, RHSA-2025:4560, RHSA-2025:4609, RHSA-2025:4508, RHSA-2025:4538, RHSA-2025:4439, RHSA-2025:4624, RHSA-2025:4568,
Bugzilla: 2361962
Bugzilla Description:
libsoup: Information disclosure may leads libsoup client sends Authorization header to a different host when being redirected by a server
CVSS Score:
CVSSv3 Score: 6.8
Vector:
CWE: CWE-497
Affected Packages: libsoup-0:2.62.3-8.el8_10,libsoup-0:2.62.3-2.el8_6.4,libsoup-0:2.62.3-2.el8_4.4,libsoup-0:2.72.0-8.el9_4.4,libsoup-0:2.62.3-3.el8_8.4,libsoup-0:2.72.0-8.el9_2.4,libsoup-0:2.62.3-1.el8_2.4,libsoup-0:2.72.0-8.el9_0.4,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-46420
Severity: moderate
Released on: 24/04/2025
Advisory: RHSA-2025:4440, RHSA-2025:4560, RHSA-2025:4609, RHSA-2025:4508, RHSA-2025:4538, RHSA-2025:4439, RHSA-2025:4624, RHSA-2025:4568,
Bugzilla: 2361963
Bugzilla Description:
libsoup: Memory leak on soup_header_parse_quality_list() via soup-headers.c
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-401
Affected Packages: libsoup-0:2.62.3-8.el8_10,libsoup-0:2.62.3-2.el8_6.4,libsoup-0:2.62.3-2.el8_4.4,libsoup-0:2.72.0-8.el9_4.4,libsoup-0:2.62.3-3.el8_8.4,libsoup-0:2.72.0-8.el9_2.4,libsoup-0:2.62.3-1.el8_2.4,libsoup-0:2.72.0-8.el9_0.4,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-47829
Severity: moderate
Released on: 23/04/2025
Advisory:
Bugzilla: 2361884
Bugzilla Description:
pnpm: pnpm uses the md5 path shortening function causes packet paths to coincide, which causes indirect packet overwriting
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-328
Affected Packages:
Package States: Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,
Full Details
CVE document
CVE-2025-21605
Severity: important
Released on: 23/04/2025
Advisory: RHSA-2025:4441, RHSA-2025:4561, RHSA-2025:4607, RHSA-2025:4577,
Bugzilla: 2361883
Bugzilla Description:
redis: Redis DoS Vulnerability due to unlimited growth of output buffers abused by unauthenticated client
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-770
Affected Packages: redis:6-8060020250430112137.ad008a3a,redis:6-8080020250506112946.63b34585,redis-0:6.2.6-1.el9_0.2,redis:6-8040020250429071832.522a0ee4,
Package States: OpenShift Lightspeed,Red Hat Developer Hub,Red Hat Discovery,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux AI (RHEL AI),Red Hat Enterprise Linux AI (RHEL AI),Red Hat Enterprise Linux AI (RHEL AI),Red Hat Quay 3,
Full Details
CVE document
CVE-2025-42603
Severity: important
Released on: 23/04/2025
Advisory:
Bugzilla: 2361843
Bugzilla Description:
Information Disclosure Vulnerability in Meon KYC solutions
CVSS Score:
Vector:
CWE: CWE-319
Affected Packages:
Package States:
Full Details
CVE document
CVE-2025-2703
Severity: moderate
Released on: 23/04/2025
Advisory:
Bugzilla: 2358582
Bugzilla Description:
grafana: Cross-Site Scripting in Grafana XY Chart Panel
CVSS Score:
CVSSv3 Score: 6.4
Vector:
CWE: CWE-79
Affected Packages:
Package States: Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-3454
Severity: moderate
Released on: 23/04/2025
Advisory:
Bugzilla: 2358581
Bugzilla Description:
grafana: Unauthorized Data Source Access in Grafana via URL Path Manipulation
CVSS Score:
CVSSv3 Score: 4.3
Vector:
CWE: CWE-22
Affected Packages:
Package States: Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-43965
Severity: low
Released on: 23/04/2025
Advisory:
Bugzilla: 2361876
Bugzilla Description:
ImageMagick: Incorrect Handling of Image Depth in MIFF Processing in ImageMagick
CVSS Score:
CVSSv3 Score: 2.9
Vector:
CWE: CWE-131
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,
Full Details
CVE document
CVE-2025-46393
Severity: low
Released on: 23/04/2025
Advisory:
Bugzilla: 2361888
Bugzilla Description:
ImageMagick: Incorrect Calculation of Buffer Size in ImageMagick's Multispectral MIFF Processing
CVSS Score:
CVSSv3 Score: 2.9
Vector:
CWE: CWE-131
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,
Full Details
CVE document
CVE-2024-33452
Severity: important
Released on: 22/04/2025
Advisory:
Bugzilla: 2361691
Bugzilla Description:
lua-nginx-module: HTTP request smuggling via a crafted HEAD request
CVSS Score:
CVSSv3 Score: 7.7
Vector:
CWE: CWE-444
Affected Packages:
Package States: Red Hat 3scale API Management Platform 2,
Full Details
CVE document
CVE-2025-32955
Severity: moderate
Released on: 21/04/2025
Advisory:
Bugzilla: 2361532
Bugzilla Description:
Harden-Runner: Harden-Runner Evasion of 'disable-sudo' policy
CVSS Score:
CVSSv3 Score: 6.0
Vector:
CWE: (CWE-268|CWE-269)
Affected Packages:
Package States: Red Hat Enterprise Linux AI (RHEL AI),Red Hat Enterprise Linux AI (RHEL AI),Red Hat OpenShift distributed tracing 3,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift distributed tracing 3,
Full Details
CVE document
CVE-2025-43961
Severity: low
Released on: 20/04/2025
Advisory:
Bugzilla: 2361283
Bugzilla Description:
LibRaw: Out-of-Bounds Read in Fujifilm 0xf00c Tag Parser in LibRaw
CVSS Score:
CVSSv3 Score: 2.9
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-43962
Severity: low
Released on: 20/04/2025
Advisory:
Bugzilla: 2361286
Bugzilla Description:
LibRaw: Out-of-Bounds Read in LibRaw's phase_one_correct Function
CVSS Score:
CVSSv3 Score: 2.9
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-43964
Severity: low
Released on: 20/04/2025
Advisory:
Bugzilla: 2361287
Bugzilla Description:
LibRaw: Improper Validation of Specified Quantity in Input in LibRaw
CVSS Score:
CVSSv3 Score: 2.9
Vector:
CWE: CWE-1284
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-43963
Severity: low
Released on: 20/04/2025
Advisory:
Bugzilla: 2361288
Bugzilla Description:
LibRaw: out-of-buffer access
CVSS Score:
CVSSv3 Score: 2.9
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-26819
Severity: low
Released on: 19/04/2025
Advisory:
Bugzilla: 2361186
Bugzilla Description:
cJSON: cJSON rejects a valid text
CVSS Score:
CVSSv3 Score: 2.9
Vector:
CWE: CWE-440
Affected Packages:
Package States: Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,
Full Details
CVE document
CVE-2025-32442
Severity: important
Released on: 18/04/2025
Advisory:
Bugzilla: 2361006
Bugzilla Description:
Fastify: Fastify vulnerable to invalid content-type parsing, which could lead to validation bypass
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-1287
Affected Packages:
Package States: OpenShift Serverless,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,
Full Details
CVE document
CVE-2025-38049
Severity: low
Released on: 18/04/2025
Advisory:
Bugzilla: 2360917
Bugzilla Description:
kernel: x86/resctrl: Fix allocation of cleanest CLOSID on platforms with no monitors
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-40325
Severity: low
Released on: 18/04/2025
Advisory:
Bugzilla: 2360918
Bugzilla Description:
kernel: md/raid10: wait barrier before returning discard request with REQ_NOWAIT
CVSS Score:
CVSSv3 Score: 3.3
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37860
Severity: moderate
Released on: 18/04/2025
Advisory:
Bugzilla: 2360919
Bugzilla Description:
kernel: sfc: fix NULL dereferences in ef100_process_design_param()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-39755
Severity: moderate
Released on: 18/04/2025
Advisory:
Bugzilla: 2360920
Bugzilla Description:
kernel: staging: gpib: Fix cb7210 pcmcia Oops
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37785
Severity: moderate
Released on: 18/04/2025
Advisory:
Bugzilla: 2360921
Bugzilla Description:
kernel: ext4: fix OOB read when checking dotdot dir
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-39778
Severity: low
Released on: 18/04/2025
Advisory:
Bugzilla: 2360922
Bugzilla Description:
kernel: objtool, nvmet: Fix out-of-bounds stack access in nvmet_ctrl_state_show()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-38240
Severity: moderate
Released on: 18/04/2025
Advisory:
Bugzilla: 2360923
Bugzilla Description:
kernel: drm/mediatek: dp: drm_err => dev_err in HPD path to avoid NULL ptr
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-38104
Severity: moderate
Released on: 18/04/2025
Advisory:
Bugzilla: 2360924
Bugzilla Description:
kernel: drm/amdgpu: Replace Mutex with Spinlock for RLCG register access to avoid Priority Inversion in SRIOV
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-39688
Severity: moderate
Released on: 18/04/2025
Advisory:
Bugzilla: 2360925
Bugzilla Description:
kernel: nfsd: allow SC_STATUS_FREEABLE when searching via nfs4_lookup_stateid()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-99
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-38637
Severity: moderate
Released on: 18/04/2025
Advisory:
Bugzilla: 2360926
Bugzilla Description:
kernel: net_sched: skbprio: Remove overly strict queue assertions
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-617
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-38575
Severity: low
Released on: 18/04/2025
Advisory:
Bugzilla: 2360927
Bugzilla Description:
kernel: ksmbd: use aead_request_free to match aead_request_alloc
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-38152
Severity: moderate
Released on: 18/04/2025
Advisory:
Bugzilla: 2360928
Bugzilla Description:
kernel: remoteproc: core: Clear table_sz when rproc_shutdown
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-40114
Severity: moderate
Released on: 18/04/2025
Advisory:
Bugzilla: 2360929
Bugzilla Description:
kernel: iio: light: Add check for array bounds in veml6075_read_int_time_ms
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-39735
Severity: moderate
Released on: 18/04/2025
Advisory:
Bugzilla: 2360930
Bugzilla Description:
kernel: jfs: fix slab-out-of-bounds read in ea_get()
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37893
Severity: moderate
Released on: 18/04/2025
Advisory:
Bugzilla: 2360931
Bugzilla Description:
kernel: LoongArch: BPF: Fix off-by-one error in build_prologue()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-193
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-39728
Severity: moderate
Released on: 18/04/2025
Advisory:
Bugzilla: 2360932
Bugzilla Description:
kernel: clk: samsung: Fix UBSAN panic in samsung_clk_init()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-39930
Severity: low
Released on: 18/04/2025
Advisory:
Bugzilla: 2360933
Bugzilla Description:
kernel: ASoC: simple-card-utils: Don't use __free(device_node) at graph_util_parse_dai()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37925
Severity: moderate
Released on: 18/04/2025
Advisory:
Bugzilla: 2360934
Bugzilla Description:
kernel: jfs: reject on-disk inodes of an unsupported type
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-38479
Severity: low
Released on: 18/04/2025
Advisory:
Bugzilla: 2360935
Bugzilla Description:
kernel: dmaengine: fsl-edma: free irq correctly in remove path
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-40014
Severity: moderate
Released on: 18/04/2025
Advisory:
Bugzilla: 2360936
Bugzilla Description:
kernel: objtool, spi: amd: Fix out-of-bounds stack access in amd_set_spi_freq()
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-39989
Severity: moderate
Released on: 18/04/2025
Advisory:
Bugzilla: 2360937
Bugzilla Description:
kernel: x86/mce: use is_copy_from_user() to determine copy-from-user context
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-99
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-40364
Severity: low
Released on: 18/04/2025
Advisory:
Bugzilla: 2360969
Bugzilla Description:
kernel: io_uring: fix io_req_prep_async with provided buffers
CVSS Score:
CVSSv3 Score: 3.3
Vector:
CWE: CWE-401
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-37838
Severity: moderate
Released on: 18/04/2025
Advisory:
Bugzilla: 2360979
Bugzilla Description:
kernel: HSI: ssi_protocol: Fix use after free vulnerability in ssi_protocol Driver Due to Race Condition
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-43903
Severity: moderate
Released on: 18/04/2025
Advisory:
Bugzilla: 2361067
Bugzilla Description:
poppler: SignatureValue not checked within SignerInfo
CVSS Score:
CVSSv3 Score: 4.3
Vector:
CWE: CWE-347
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-42178
Severity: low
Released on: 17/04/2025
Advisory:
Bugzilla: 2360842
Bugzilla Description:
HCL MyXalytics is affected by a failure to restrict URL access vulnerability
CVSS Score:
Vector:
CWE: CWE-288
Affected Packages:
Package States:
Full Details
CVE document
CVE-2025-32415
Severity: low
Released on: 17/04/2025
Advisory:
Bugzilla: 2360768
Bugzilla Description:
libxml2: Out-of-bounds Read in xmlSchemaIDCFillNodeTables
CVSS Score:
CVSSv3 Score: 2.9
Vector:
CWE: CWE-1284
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat JBoss Core Services,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2020-36789
Severity: moderate
Released on: 17/04/2025
Advisory:
Bugzilla: 2360782
Bugzilla Description:
kernel: can: dev: can_get_echo_skb(): prevent call to kfree_skb() in hard IRQ context
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47671
Severity: low
Released on: 17/04/2025
Advisory: RHSA-2023:2458,
Bugzilla: 2360784
Bugzilla Description:
kernel: can: etas_es58x: es58x_rx_err_msg(): fix memory leak in error path
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-401
Affected Packages: kernel-0:5.14.0-284.11.1.el9_2,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47668
Severity: moderate
Released on: 17/04/2025
Advisory:
Bugzilla: 2360785
Bugzilla Description:
kernel: can: dev: can_restart: fix use after free bug
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47670
Severity: moderate
Released on: 17/04/2025
Advisory:
Bugzilla: 2360786
Bugzilla Description:
kernel: can: peak_usb: fix use after free bugs
CVSS Score:
CVSSv3 Score: 6.7
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2021-47669
Severity: moderate
Released on: 17/04/2025
Advisory:
Bugzilla: 2360787
Bugzilla Description:
kernel: can: vxcan: vxcan_xmit: fix use after free bug
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22872
Severity: moderate
Released on: 16/04/2025
Advisory:
Bugzilla: 2360404
Bugzilla Description:
golang.org/x/net/html: Incorrect Neutralization of Input During Web Page Generation in x/net in golang.org/x/net
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-79
Affected Packages:
Package States: Assisted Installer for Red Hat OpenShift Container Platform,Assisted Installer for Red Hat OpenShift Container Platform,Assisted Installer for Red Hat OpenShift Container Platform,Builds for Red Hat OpenShift,Builds for Red Hat OpenShift,Builds for Red Hat OpenShift,Builds for Red Hat OpenShift,Builds for Red Hat OpenShift,Builds for Red Hat OpenShift,Builds for Red Hat OpenShift,Builds for Red Hat OpenShift,Builds for Red Hat OpenShift,Builds for Red Hat OpenShift,cert-manager Operator for Red Hat OpenShift,cert-manager Operator for Red Hat OpenShift,cert-manager Operator for Red Hat OpenShift,cert-manager Operator for Red Hat OpenShift,Cryostat 3,Cryostat 3,Cryostat 4,Cryostat 4,Cryostat 4,Custom Metric Autoscaler operator for Red Hat Openshift,Custom Metric Autoscaler operator for Red Hat Openshift,Custom Metric Autoscaler operator for Red Hat Openshift,Fence Agents Remediation Operator,Fence Agents Remediation Operator,Gatekeeper,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logging Subsystem for Red Hat OpenShift,Logical Volume Manager Storage,Logical Volume Manager Storage,Migration Toolkit for Applications 7,Migration Toolkit for Applications 7,Migration Toolkit for Applications 7,Migration Toolkit for Applications 7,Migration Toolkit for Applications 7,Migration Toolkit for Applications 7,Migration Toolkit for Applications 7,Migration Toolkit for Containers,Migration Toolkit for Virtualization,Migration Toolkit for Virtualization,Migration Toolkit for Virtualization,Migration Toolkit for Virtualization,Migration Toolkit for Virtualization,Migration Toolkit for Virtualization,Migration Toolkit for Virtualization,Migration Toolkit for Virtualization,Migration Toolkit for Virtualization,Migration Toolkit for Virtualization,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Global Hub,Multicluster Global Hub,Multicluster Global Hub,Multicluster Global Hub,Multicluster Global Hub,NBDE Tang Server,NBDE Tang Server,Network Observability Operator,Network Observability Operator,Network Observability Operator,Network Observability Operator,Network Observability Operator,Node HealthCheck Operator,Node HealthCheck Operator,Node Maintenance Operator,Node Maintenance Operator,OpenShift API for Data Protection,OpenShift API for Data Protection,OpenShift API for Data Protection,OpenShift API for Data Protection,OpenShift API for Data Protection,OpenShift Developer Tools and Services,OpenShift Developer Tools and Services,OpenShift Pipelines,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Serverless,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,Red Hat 3scale API Management Platform 2,Red Hat 3scale API Management Platform 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Ansible Automation Platform 2,Red Hat Ceph Storage 5,Red Hat Ceph Storage 6,Red Hat Ceph Storage 8,Red Hat Ceph Storage 8,Red Hat Connectivity Link,Red Hat Connectivity Link,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Cluster Manager CLI,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat Openshift Data Foundation 4,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Workspaces Operator,Red Hat OpenShift Dev Workspaces Operator,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift on AWS,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Self Node Remediation Operator,Self Node Remediation Operator,
Full Details
CVE document
CVE-2025-22018
Severity: low
Released on: 16/04/2025
Advisory:
Bugzilla: 2360047
Bugzilla Description:
kernel: atm: Fix NULL pointer dereference
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-58092
Severity: moderate
Released on: 16/04/2025
Advisory:
Bugzilla: 2360096
Bugzilla Description:
kernel: nfsd: fix legacy client tracking initialization
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22021
Severity: moderate
Released on: 16/04/2025
Advisory:
Bugzilla: 2360097
Bugzilla Description:
kernel: netfilter: socket: Lookup orig tuple for IPv6 SNAT
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22020
Severity: moderate
Released on: 16/04/2025
Advisory:
Bugzilla: 2360099
Bugzilla Description:
kernel: memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22022
Severity: low
Released on: 16/04/2025
Advisory:
Bugzilla: 2360100
Bugzilla Description:
kernel: usb: xhci: Apply the link chain quirk on NEC isoc endpoints
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22023
Severity: moderate
Released on: 16/04/2025
Advisory:
Bugzilla: 2360103
Bugzilla Description:
kernel: usb: xhci: Don't skip on Stopped - Length Invalid
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22019
Severity: moderate
Released on: 16/04/2025
Advisory:
Bugzilla: 2360104
Bugzilla Description:
kernel: bcachefs: bch2_ioctl_subvolume_destroy() fixes
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22091
Severity: low
Released on: 16/04/2025
Advisory:
Bugzilla: 2360186
Bugzilla Description:
kernel: RDMA/mlx5: Fix page_size variable overflow
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22086
Severity: low
Released on: 16/04/2025
Advisory:
Bugzilla: 2360187
Bugzilla Description:
kernel: RDMA/mlx5: Fix mlx5_poll_one() cur_qp update flow
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-23136
Severity: moderate
Released on: 16/04/2025
Advisory:
Bugzilla: 2360188
Bugzilla Description:
kernel: thermal: int340x: Add NULL check for adev
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22110
Severity: moderate
Released on: 16/04/2025
Advisory:
Bugzilla: 2360189
Bugzilla Description:
kernel: netfilter: nfnetlink_queue: Initialize ctx to avoid memory allocation error
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22098
Severity: moderate
Released on: 16/04/2025
Advisory:
Bugzilla: 2360190
Bugzilla Description:
kernel: drm: zynqmp_dp: Fix a deadlock in zynqmp_dp_ignore_hpd_set()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-23132
Severity: moderate
Released on: 16/04/2025
Advisory:
Bugzilla: 2360191
Bugzilla Description:
kernel: f2fs: quota: fix to avoid warning in dquot_writeback_dquots()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22064
Severity: moderate
Released on: 16/04/2025
Advisory:
Bugzilla: 2360192
Bugzilla Description:
kernel: netfilter: nf_tables: don't unregister hook when table is dormant
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22114
Severity: low
Released on: 16/04/2025
Advisory:
Bugzilla: 2360193
Bugzilla Description:
kernel: btrfs: don't clobber ret in btrfs_validate_super()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22102
Severity: low
Released on: 16/04/2025
Advisory:
Bugzilla: 2360194
Bugzilla Description:
kernel: Bluetooth: btnxpuart: Fix kernel panic during FW release
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22089
Severity: low
Released on: 16/04/2025
Advisory:
Bugzilla: 2360195
Bugzilla Description:
kernel: RDMA/core: Don't expose hw_counters outside of init net namespace
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-58094
Severity: moderate
Released on: 16/04/2025
Advisory:
Bugzilla: 2360196
Bugzilla Description:
kernel: jfs: add check read-only before truncation in jfs_truncate_nolock()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-58095
Severity: moderate
Released on: 16/04/2025
Advisory:
Bugzilla: 2360197
Bugzilla Description:
kernel: jfs: add check read-only before txBeginAnon() call
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22052
Severity: moderate
Released on: 16/04/2025
Advisory:
Bugzilla: 2360198
Bugzilla Description:
kernel: staging: gpib: Fix Oops after disconnect in ni_usb
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22121
Severity: moderate
Released on: 16/04/2025
Advisory:
Bugzilla: 2360199
Bugzilla Description:
kernel: ext4: fix out-of-bound read in ext4_xattr_inode_dec_ref_all()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22107
Severity: moderate
Released on: 16/04/2025
Advisory:
Bugzilla: 2360200
Bugzilla Description:
kernel: net: dsa: sja1105: fix kasan out-of-bounds warning in sja1105_table_delete_entry()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22060
Severity: moderate
Released on: 16/04/2025
Advisory:
Bugzilla: 2360201
Bugzilla Description:
kernel: net: mvpp2: Prevent parser TCAM memory corruption
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22075
Severity: moderate
Released on: 16/04/2025
Advisory:
Bugzilla: 2360202
Bugzilla Description:
kernel: rtnetlink: Allocate vfinfo size for VF GUIDs when supported
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22024
Severity: low
Released on: 16/04/2025
Advisory:
Bugzilla: 2360203
Bugzilla Description:
kernel: nfsd: fix management of listener transports
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22054
Severity: moderate
Released on: 16/04/2025
Advisory:
Bugzilla: 2360204
Bugzilla Description:
kernel: arcnet: Add NULL check in com20020pci_probe()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22119
Severity: low
Released on: 16/04/2025
Advisory:
Bugzilla: 2360205
Bugzilla Description:
kernel: wifi: cfg80211: init wiphy_work before allocating rfkill fails
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22092
Severity: low
Released on: 16/04/2025
Advisory:
Bugzilla: 2360206
Bugzilla Description:
kernel: PCI: Fix NULL dereference in SR-IOV VF creation error path
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22071
Severity: low
Released on: 16/04/2025
Advisory:
Bugzilla: 2360207
Bugzilla Description:
kernel: spufs: fix a leak in spufs_create_context()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-58096
Severity: moderate
Released on: 16/04/2025
Advisory:
Bugzilla: 2360208
Bugzilla Description:
kernel: wifi: ath11k: add srng->lock for ath11k_hal_srng_* in monitor mode
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22061
Severity: moderate
Released on: 16/04/2025
Advisory:
Bugzilla: 2360209
Bugzilla Description:
kernel: net: airoha: Fix qid report in airoha_tc_get_htb_get_leaf_queue()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22035
Severity: moderate
Released on: 16/04/2025
Advisory:
Bugzilla: 2360210
Bugzilla Description:
kernel: tracing: Fix use-after-free in print_graph_function_flags during tracer switching
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-23138
Severity: moderate
Released on: 16/04/2025
Advisory:
Bugzilla: 2360211
Bugzilla Description:
kernel: watch_queue: fix pipe accounting mismatch
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22113
Severity: moderate
Released on: 16/04/2025
Advisory:
Bugzilla: 2360212
Bugzilla Description:
kernel: ext4: avoid journaling sb update on error if journal is destroying
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22120
Severity: low
Released on: 16/04/2025
Advisory:
Bugzilla: 2360213
Bugzilla Description:
kernel: ext4: goto right label 'out_mmap_sem' in ext4_setattr()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22047
Severity: low
Released on: 16/04/2025
Advisory:
Bugzilla: 2360214
Bugzilla Description:
kernel: x86/microcode/AMD: Fix __apply_microcode_amd()'s return value
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22056
Severity: moderate
Released on: 16/04/2025
Advisory:
Bugzilla: 2360215
Bugzilla Description:
kernel: netfilter: nft_tunnel: fix geneve_opt type confusion addition
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-787
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22078
Severity: moderate
Released on: 16/04/2025
Advisory:
Bugzilla: 2360216
Bugzilla Description:
kernel: staging: vchiq_arm: Fix possible NPR of keep-alive thread
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22087
Severity: low
Released on: 16/04/2025
Advisory:
Bugzilla: 2360217
Bugzilla Description:
kernel: bpf: Fix array bounds error with may_goto
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22083
Severity: low
Released on: 16/04/2025
Advisory:
Bugzilla: 2360218
Bugzilla Description:
kernel: vhost-scsi: Fix handling of multiple calls to vhost_scsi_set_endpoint
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22085
Severity: moderate
Released on: 16/04/2025
Advisory:
Bugzilla: 2360219
Bugzilla Description:
kernel: RDMA/core: Fix use-after-free when rename device name
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22076
Severity: moderate
Released on: 16/04/2025
Advisory:
Bugzilla: 2360220
Bugzilla Description:
kernel: exfat: fix missing shutdown check
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22029
Severity: moderate
Released on: 16/04/2025
Advisory:
Bugzilla: 2360221
Bugzilla Description:
kernel: exec: fix the racy usage of fs_struct->in_exec
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22093
Severity: low
Released on: 16/04/2025
Advisory:
Bugzilla: 2360222
Bugzilla Description:
kernel: drm/amd/display: avoid NPD when ASIC does not support DMUB
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22097
Severity: moderate
Released on: 16/04/2025
Advisory:
Bugzilla: 2360223
Bugzilla Description:
kernel: drm/vkms: Fix use after free and double free on init error
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22026
Severity: moderate
Released on: 16/04/2025
Advisory:
Bugzilla: 2360224
Bugzilla Description:
kernel: nfsd: don't ignore the return code of svc_proc_register()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22068
Severity: moderate
Released on: 16/04/2025
Advisory:
Bugzilla: 2360225
Bugzilla Description:
kernel: ublk: make sure ubq->canceling is set when queue is frozen
CVSS Score:
CVSSv3 Score: 6.7
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22033
Severity: low
Released on: 16/04/2025
Advisory:
Bugzilla: 2360226
Bugzilla Description:
kernel: arm64: Don't call NULL in do_compat_alignment_fixup()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22094
Severity: low
Released on: 16/04/2025
Advisory:
Bugzilla: 2360227
Bugzilla Description:
kernel: powerpc/perf: Fix ref-counting on the PMU 'vpa_pmu'
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22117
Severity: moderate
Released on: 16/04/2025
Advisory:
Bugzilla: 2360228
Bugzilla Description:
kernel: ice: fix using untrusted value of pkt_len in ice_vc_fdir_parse_raw()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22037
Severity: low
Released on: 16/04/2025
Advisory:
Bugzilla: 2360229
Bugzilla Description:
kernel: ksmbd: fix null pointer dereference in alloc_preauth_hash()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22045
Severity: low
Released on: 16/04/2025
Advisory:
Bugzilla: 2360230
Bugzilla Description:
kernel: x86/mm: Fix flush_tlb_range() when used for zapping normal PMDs
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22036
Severity: moderate
Released on: 16/04/2025
Advisory:
Bugzilla: 2360231
Bugzilla Description:
kernel: exfat: fix random stack corruption after get_block
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-23137
Severity: moderate
Released on: 16/04/2025
Advisory:
Bugzilla: 2360232
Bugzilla Description:
kernel: cpufreq/amd-pstate: Add missing NULL ptr check in amd_pstate_update
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22079
Severity: moderate
Released on: 16/04/2025
Advisory:
Bugzilla: 2360233
Bugzilla Description:
kernel: ocfs2: validate l_tree_depth to avoid out-of-bounds access
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22067
Severity: moderate
Released on: 16/04/2025
Advisory:
Bugzilla: 2360234
Bugzilla Description:
kernel: spi: cadence: Fix out-of-bounds array access in cdns_mrvl_xspi_setup_clock()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22124
Severity: moderate
Released on: 16/04/2025
Advisory:
Bugzilla: 2360235
Bugzilla Description:
kernel: md/md-bitmap: fix wrong bitmap_limit for clustermd when write sb
CVSS Score:
CVSSv3 Score: 6.0
Vector:
CWE: CWE-131
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22126
Severity: moderate
Released on: 16/04/2025
Advisory:
Bugzilla: 2360236
Bugzilla Description:
kernel: md: fix mddev uaf while iterating all_mddevs list
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22070
Severity: moderate
Released on: 16/04/2025
Advisory:
Bugzilla: 2360237
Bugzilla Description:
kernel: fs/9p: fix NULL pointer dereference on mkdir
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22043
Severity: low
Released on: 16/04/2025
Advisory:
Bugzilla: 2360238
Bugzilla Description:
kernel: ksmbd: add bounds check for durable handle context
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53034
Severity: moderate
Released on: 16/04/2025
Advisory:
Bugzilla: 2360239
Bugzilla Description:
kernel: ntb_hw_switchtec: Fix shift-out-of-bounds in switchtec_ntb_mw_set_trans
CVSS Score:
CVSSv3 Score: 6.0
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22038
Severity: low
Released on: 16/04/2025
Advisory:
Bugzilla: 2360240
Bugzilla Description:
kernel: ksmbd: validate zero num_subauth before sub_auth is accessed
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22025
Severity: low
Released on: 16/04/2025
Advisory:
Bugzilla: 2360241
Bugzilla Description:
kernel: nfsd: put dl_stid if fail to queue dl_recall
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22040
Severity: low
Released on: 16/04/2025
Advisory:
Bugzilla: 2360242
Bugzilla Description:
kernel: ksmbd: fix session use-after-free in multichannel connection
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22116
Severity: low
Released on: 16/04/2025
Advisory:
Bugzilla: 2360243
Bugzilla Description:
kernel: idpf: check error for register_netdev() on init
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-23134
Severity: moderate
Released on: 16/04/2025
Advisory:
Bugzilla: 2360244
Bugzilla Description:
kernel: ALSA: timer: Don't take register_mutex with copy_from/to_user()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-833
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22072
Severity: low
Released on: 16/04/2025
Advisory:
Bugzilla: 2360245
Bugzilla Description:
kernel: spufs: fix gang directory lifetimes
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22034
Severity: low
Released on: 16/04/2025
Advisory:
Bugzilla: 2360246
Bugzilla Description:
kernel: mm/gup: reject FOLL_SPLIT_PMD with hugetlb VMAs
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22105
Severity: low
Released on: 16/04/2025
Advisory:
Bugzilla: 2360247
Bugzilla Description:
kernel: bonding: check xdp prog when set bond mode
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22028
Severity: moderate
Released on: 16/04/2025
Advisory:
Bugzilla: 2360248
Bugzilla Description:
kernel: media: vimc: skip .s_stream() for stopped entities
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-23129
Severity: low
Released on: 16/04/2025
Advisory:
Bugzilla: 2360249
Bugzilla Description:
kernel: wifi: ath11k: Clear affinity hint before calling ath11k_pcic_free_irq() in error path
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22088
Severity: moderate
Released on: 16/04/2025
Advisory:
Bugzilla: 2360250
Bugzilla Description:
kernel: RDMA/erdma: Prevent use-after-free in erdma_accept_newconn()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22069
Severity: low
Released on: 16/04/2025
Advisory:
Bugzilla: 2360251
Bugzilla Description:
kernel: riscv: fgraph: Fix stack layout to match __arch_ftrace_regs argument of ftrace_return_to_handler
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22118
Severity: moderate
Released on: 16/04/2025
Advisory:
Bugzilla: 2360252
Bugzilla Description:
kernel: ice: validate queue quanta parameters to prevent OOB access
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22081
Severity: low
Released on: 16/04/2025
Advisory:
Bugzilla: 2360253
Bugzilla Description:
kernel: fs/ntfs3: Fix a couple integer overflows on 32bit systems
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22115
Severity: low
Released on: 16/04/2025
Advisory:
Bugzilla: 2360254
Bugzilla Description:
kernel: btrfs: fix block group refcount race in btrfs_create_pending_block_groups()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22048
Severity: low
Released on: 16/04/2025
Advisory:
Bugzilla: 2360255
Bugzilla Description:
kernel: LoongArch: BPF: Don't override subprog's return value
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22066
Severity: moderate
Released on: 16/04/2025
Advisory:
Bugzilla: 2360256
Bugzilla Description:
kernel: ASoC: imx-card: Add NULL check in imx_card_probe()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22111
Severity: low
Released on: 16/04/2025
Advisory:
Bugzilla: 2360257
Bugzilla Description:
kernel: net: Remove RTNL dance for SIOCBRADDIF and SIOCBRDELIF.
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22049
Severity: low
Released on: 16/04/2025
Advisory:
Bugzilla: 2360258
Bugzilla Description:
kernel: LoongArch: Increase ARCH_DMA_MINALIGN up to 16
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22082
Severity: moderate
Released on: 16/04/2025
Advisory:
Bugzilla: 2360259
Bugzilla Description:
kernel: iio: backend: make sure to NULL terminate stack buffer
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22073
Severity: low
Released on: 16/04/2025
Advisory:
Bugzilla: 2360260
Bugzilla Description:
kernel: spufs: fix a leak on spufs_new_file() failure
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22065
Severity: moderate
Released on: 16/04/2025
Advisory:
Bugzilla: 2360261
Bugzilla Description:
kernel: idpf: fix adapter NULL pointer dereference on reboot
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22032
Severity: moderate
Released on: 16/04/2025
Advisory:
Bugzilla: 2360262
Bugzilla Description:
kernel: wifi: mt76: mt7921: fix kernel panic due to null pointer dereference
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22031
Severity: low
Released on: 16/04/2025
Advisory:
Bugzilla: 2360263
Bugzilla Description:
kernel: PCI/bwctrl: Fix NULL pointer dereference on bus number exhaustion
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22042
Severity: low
Released on: 16/04/2025
Advisory:
Bugzilla: 2360264
Bugzilla Description:
kernel: ksmbd: add bounds check for create lease context
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22104
Severity: moderate
Released on: 16/04/2025
Advisory:
Bugzilla: 2360265
Bugzilla Description:
kernel: ibmvnic: Use kernel helpers for hex dumps
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-120
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22112
Severity: low
Released on: 16/04/2025
Advisory:
Bugzilla: 2360266
Bugzilla Description:
kernel: eth: bnxt: fix out-of-range access of vnic_info array
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-23135
Severity: low
Released on: 16/04/2025
Advisory:
Bugzilla: 2360267
Bugzilla Description:
kernel: RISC-V: KVM: Teardown riscv specific bits after kvm_exit
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22108
Severity: moderate
Released on: 16/04/2025
Advisory:
Bugzilla: 2360268
Bugzilla Description:
kernel: bnxt_en: Mask the bd_cnt field in the TX BD properly
CVSS Score:
CVSSv3 Score: 4.7
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22103
Severity: moderate
Released on: 16/04/2025
Advisory:
Bugzilla: 2360269
Bugzilla Description:
kernel: net: fix NULL pointer dereference in l3mdev_l3_rcv
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22057
Severity: moderate
Released on: 16/04/2025
Advisory:
Bugzilla: 2360270
Bugzilla Description:
kernel: net: decrease cached dst counters in dst_release
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22074
Severity: low
Released on: 16/04/2025
Advisory:
Bugzilla: 2360271
Bugzilla Description:
kernel: ksmbd: fix r_count dec/increment mismatch
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22123
Severity: moderate
Released on: 16/04/2025
Advisory:
Bugzilla: 2360272
Bugzilla Description:
kernel: f2fs: fix to avoid accessing uninitialized curseg
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22063
Severity: moderate
Released on: 16/04/2025
Advisory:
Bugzilla: 2360273
Bugzilla Description:
kernel: netlabel: Fix NULL pointer exception caused by CALIPSO on IPv4 sockets
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22050
Severity: moderate
Released on: 16/04/2025
Advisory:
Bugzilla: 2360274
Bugzilla Description:
kernel: usbnet:fix NPE during rx_complete
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22062
Severity: low
Released on: 16/04/2025
Advisory:
Bugzilla: 2360275
Bugzilla Description:
kernel: sctp: add mutual exclusion in proc_sctp_do_udp_port()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22058
Severity: moderate
Released on: 16/04/2025
Advisory:
Bugzilla: 2360276
Bugzilla Description:
kernel: udp: Fix memory accounting leak.
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-190
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22059
Severity: moderate
Released on: 16/04/2025
Advisory:
Bugzilla: 2360277
Bugzilla Description:
kernel: udp: Fix multiple wraparounds of sk->sk_rmem_alloc.
CVSS Score:
CVSSv3 Score: 5.7
Vector:
CWE: CWE-190
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22053
Severity: moderate
Released on: 16/04/2025
Advisory:
Bugzilla: 2360278
Bugzilla Description:
kernel: net: ibmveth: make veth_pool_store stop hanging
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-413
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-23133
Severity: moderate
Released on: 16/04/2025
Advisory:
Bugzilla: 2360279
Bugzilla Description:
kernel: wifi: ath11k: update channel list in reg notifier instead reg worker
CVSS Score:
CVSSv3 Score: 6.0
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22100
Severity: moderate
Released on: 16/04/2025
Advisory:
Bugzilla: 2360280
Bugzilla Description:
kernel: drm/panthor: Fix race condition when gathering fdinfo group samples
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-362
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22096
Severity: low
Released on: 16/04/2025
Advisory:
Bugzilla: 2360281
Bugzilla Description:
kernel: drm/msm/gem: Fix error code msm_parse_deps()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22106
Severity: moderate
Released on: 16/04/2025
Advisory:
Bugzilla: 2360282
Bugzilla Description:
kernel: vmxnet3: unregister xdp rxq info in the reset path
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-459
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22077
Severity: moderate
Released on: 16/04/2025
Advisory:
Bugzilla: 2360283
Bugzilla Description:
kernel: smb: client: Fix netns refcount imbalance causing leaks and use-after-free
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22122
Severity: low
Released on: 16/04/2025
Advisory:
Bugzilla: 2360284
Bugzilla Description:
kernel: block: fix adding folio to bio
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-23131
Severity: moderate
Released on: 16/04/2025
Advisory:
Bugzilla: 2360285
Bugzilla Description:
kernel: dlm: prevent NPD when writing a positive value to event_done
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22090
Severity: moderate
Released on: 16/04/2025
Advisory:
Bugzilla: 2360286
Bugzilla Description:
kernel: x86/mm/pat: Fix VM_PAT handling when fork() fails in copy_page_range()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-459
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-58093
Severity: moderate
Released on: 16/04/2025
Advisory:
Bugzilla: 2360287
Bugzilla Description:
kernel: PCI/ASPM: Fix link state exit during switch upstream function removal
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22084
Severity: moderate
Released on: 16/04/2025
Advisory:
Bugzilla: 2360288
Bugzilla Description:
kernel: w1: fix NULL pointer dereference in probe
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-23130
Severity: low
Released on: 16/04/2025
Advisory:
Bugzilla: 2360289
Bugzilla Description:
kernel: f2fs: fix to avoid panic once fallocation fails for pinfile
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22051
Severity: moderate
Released on: 16/04/2025
Advisory:
Bugzilla: 2360290
Bugzilla Description:
kernel: staging: gpib: Fix Oops after disconnect in agilent usb
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22039
Severity: low
Released on: 16/04/2025
Advisory:
Bugzilla: 2360291
Bugzilla Description:
kernel: ksmbd: fix overflow in dacloffset bounds check
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22044
Severity: moderate
Released on: 16/04/2025
Advisory:
Bugzilla: 2360292
Bugzilla Description:
kernel: acpi: nfit: fix narrowing conversion in acpi_nfit_ctl
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-681
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22095
Severity: low
Released on: 16/04/2025
Advisory:
Bugzilla: 2360293
Bugzilla Description:
kernel: PCI: brcmstb: Fix error path after a call to regulator_bulk_get()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22041
Severity: low
Released on: 16/04/2025
Advisory:
Bugzilla: 2360294
Bugzilla Description:
kernel: ksmbd: fix use-after-free in ksmbd_sessions_deregister()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22046
Severity: low
Released on: 16/04/2025
Advisory:
Bugzilla: 2360295
Bugzilla Description:
kernel: uprobes/x86: Harden uretprobe syscall trampoline check
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-99
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22127
Severity: low
Released on: 16/04/2025
Advisory:
Bugzilla: 2360296
Bugzilla Description:
kernel: f2fs: fix potential deadloop in prepare_compress_overwrite()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22099
Severity: low
Released on: 16/04/2025
Advisory:
Bugzilla: 2360297
Bugzilla Description:
kernel: drm: xlnx: zynqmp_dpsub: Add NULL check in zynqmp_audio_init
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22101
Severity: moderate
Released on: 16/04/2025
Advisory:
Bugzilla: 2360298
Bugzilla Description:
kernel: net: libwx: fix Tx L4 checksum
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22027
Severity: low
Released on: 16/04/2025
Advisory:
Bugzilla: 2360299
Bugzilla Description:
kernel: media: streamzap: fix race between device disconnection and urb callback
CVSS Score:
CVSSv3 Score: 4.7
Vector:
CWE: CWE-362
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22055
Severity: moderate
Released on: 16/04/2025
Advisory:
Bugzilla: 2360300
Bugzilla Description:
kernel: net: fix geneve_opt length integer overflow
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22109
Severity: low
Released on: 16/04/2025
Advisory:
Bugzilla: 2360302
Bugzilla Description:
kernel: ax25: Remove broken autobind
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22128
Severity: low
Released on: 16/04/2025
Advisory:
Bugzilla: 2360303
Bugzilla Description:
kernel: wifi: ath12k: Clear affinity hint before calling ath12k_pci_free_irq() in error path
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-99
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22080
Severity: moderate
Released on: 16/04/2025
Advisory:
Bugzilla: 2360304
Bugzilla Description:
kernel: fs/ntfs3: Prevent integer overflow in hdr_first_de()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22030
Severity: moderate
Released on: 16/04/2025
Advisory:
Bugzilla: 2360305
Bugzilla Description:
kernel: mm: zswap: fix crypto_free_acomp() deadlock in zswap_cpu_comp_dead()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-833
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22125
Severity: moderate
Released on: 16/04/2025
Advisory:
Bugzilla: 2360306
Bugzilla Description:
kernel: md/raid1,raid10: don't ignore IO flags
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-99
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-58097
Severity: moderate
Released on: 16/04/2025
Advisory:
Bugzilla: 2360307
Bugzilla Description:
kernel: wifi: ath11k: fix RCU stall while reaping monitor destination ring
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-835
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-30215
Severity: critical
Released on: 15/04/2025
Advisory:
Bugzilla: 2360022
Bugzilla Description:
nats-server: NATS-Server Fails to Authorize Certain Jetstream Admin APIs
CVSS Score:
CVSSv3 Score: 9.6
Vector:
CWE: (CWE-287|CWE-306)
Affected Packages:
Package States: Red Hat Trusted Profile Analyzer,
Full Details
CVE document
CVE-2025-30698
Severity: moderate
Released on: 15/04/2025
Advisory: RHSA-2025:3849, RHSA-2025:3848, RHSA-2025:3847, RHSA-2025:3857, RHSA-2025:3846, RHSA-2025:3856, RHSA-2025:3845, RHSA-2025:3844, RHSA-2025:3855, RHSA-2025:3854, RHSA-2025:3853, RHSA-2025:3852, RHSA-2025:3850,
Bugzilla: 2359693
Bugzilla Description:
openjdk: Enhance Buffered Image handling (Oracle CPU 2025-04)
CVSS Score:
CVSSv3 Score: 5.6
Vector:
CWE: CWE-122
Affected Packages: java-1.8.0-openjdk-1:1.8.0.452.b09-1.el7_9,java-21-openjdk-1:21.0.7.0.6-1.el8,java-1.8.0-openjdk-1:1.8.0.452.b09-1.el8_6,java-21-openjdk-1:21.0.7.0.6-1.el9,java-1.8.0-openjdk-windows,java-11-openjdk-windows,java-1.8.0-openjdk-1:1.8.0.452.b09-1.el9_0,java-17-openjdk-portable,java-17-openjdk-1:17.0.15.0.6-2.el9_0,java-11-openjdk-1:11.0.27.0.6-1.el7_9,java-17-openjdk-windows,java-1.8.0-openjdk-1:1.8.0.452.b09-1.el8_4,java-1.8.0-openjdk-portable,java-1.8.0-openjdk-1:1.8.0.452.b09-1.el8_2,java-1.8.0-openjdk-1:1.8.0.452.b09-2.el9,java-1.8.0-openjdk-1:1.8.0.452.b09-2.el8,java-21-openjdk-portable,java-17-openjdk-1:17.0.15.0.6-2.el8,java-17-openjdk-1:17.0.15.0.6-2.el9,java-11-openjdk-1:11.0.27.0.6-1.el9,java-11-openjdk-1:11.0.27.0.6-1.el8,java-21-openjdk-windows,java-17-openjdk-1:17.0.15.0.6-1.el8_6,java-17-openjdk-1:17.0.15.0.6-1.el8_4,java-11-openjdk-portable,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-30691
Severity: moderate
Released on: 15/04/2025
Advisory: RHSA-2025:3849, RHSA-2025:3848, RHSA-2025:3847, RHSA-2025:3857, RHSA-2025:3846, RHSA-2025:3856, RHSA-2025:3845, RHSA-2025:3844, RHSA-2025:3855, RHSA-2025:3854, RHSA-2025:3853, RHSA-2025:3852, RHSA-2025:3850,
Bugzilla: 2359694
Bugzilla Description:
openjdk: Improve compiler transformations (Oracle CPU 2025-04)
CVSS Score:
CVSSv3 Score: 4.8
Vector:
CWE: CWE-120
Affected Packages: java-1.8.0-openjdk-1:1.8.0.452.b09-1.el7_9,java-21-openjdk-1:21.0.7.0.6-1.el8,java-1.8.0-openjdk-1:1.8.0.452.b09-1.el8_6,java-21-openjdk-1:21.0.7.0.6-1.el9,java-1.8.0-openjdk-windows,java-11-openjdk-windows,java-1.8.0-openjdk-1:1.8.0.452.b09-1.el9_0,java-17-openjdk-portable,java-17-openjdk-1:17.0.15.0.6-2.el9_0,java-11-openjdk-1:11.0.27.0.6-1.el7_9,java-17-openjdk-windows,java-1.8.0-openjdk-1:1.8.0.452.b09-1.el8_4,java-1.8.0-openjdk-portable,java-1.8.0-openjdk-1:1.8.0.452.b09-1.el8_2,java-1.8.0-openjdk-1:1.8.0.452.b09-2.el9,java-1.8.0-openjdk-1:1.8.0.452.b09-2.el8,java-21-openjdk-portable,java-17-openjdk-1:17.0.15.0.6-2.el8,java-17-openjdk-1:17.0.15.0.6-2.el9,java-11-openjdk-1:11.0.27.0.6-1.el9,java-11-openjdk-1:11.0.27.0.6-1.el8,java-21-openjdk-windows,java-17-openjdk-1:17.0.15.0.6-1.el8_6,java-17-openjdk-1:17.0.15.0.6-1.el8_4,java-11-openjdk-portable,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21587
Severity: moderate
Released on: 15/04/2025
Advisory: RHSA-2025:3849, RHSA-2025:3848, RHSA-2025:3847, RHSA-2025:3857, RHSA-2025:3846, RHSA-2025:3856, RHSA-2025:3845, RHSA-2025:3844, RHSA-2025:3855, RHSA-2025:3854, RHSA-2025:3853, RHSA-2025:3852, RHSA-2025:3850,
Bugzilla: 2359695
Bugzilla Description:
openjdk: Better TLS connection support (Oracle CPU 2025-04)
CVSS Score:
CVSSv3 Score: 7.4
Vector:
CWE: CWE-208
Affected Packages: java-1.8.0-openjdk-1:1.8.0.452.b09-1.el7_9,java-21-openjdk-1:21.0.7.0.6-1.el8,java-1.8.0-openjdk-1:1.8.0.452.b09-1.el8_6,java-21-openjdk-1:21.0.7.0.6-1.el9,java-1.8.0-openjdk-windows,java-11-openjdk-windows,java-1.8.0-openjdk-1:1.8.0.452.b09-1.el9_0,java-17-openjdk-portable,java-17-openjdk-1:17.0.15.0.6-2.el9_0,java-11-openjdk-1:11.0.27.0.6-1.el7_9,java-17-openjdk-windows,java-1.8.0-openjdk-1:1.8.0.452.b09-1.el8_4,java-1.8.0-openjdk-portable,java-1.8.0-openjdk-1:1.8.0.452.b09-1.el8_2,java-1.8.0-openjdk-1:1.8.0.452.b09-2.el9,java-1.8.0-openjdk-1:1.8.0.452.b09-2.el8,java-21-openjdk-portable,java-17-openjdk-1:17.0.15.0.6-2.el8,java-17-openjdk-1:17.0.15.0.6-2.el9,java-11-openjdk-1:11.0.27.0.6-1.el9,java-11-openjdk-1:11.0.27.0.6-1.el8,java-21-openjdk-windows,java-17-openjdk-1:17.0.15.0.6-1.el8_6,java-17-openjdk-1:17.0.15.0.6-1.el8_4,java-11-openjdk-portable,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-30722
Severity: moderate
Released on: 15/04/2025
Advisory:
Bugzilla: 2359885
Bugzilla Description:
mysql: mysqldump unspecified vulnerability (CPU Apr 2025)
CVSS Score:
CVSSv3 Score: 5.9
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-30721
Severity: moderate
Released on: 15/04/2025
Advisory:
Bugzilla: 2359894
Bugzilla Description:
mysql: UDF unspecified vulnerability (CPU Apr 2025)
CVSS Score:
CVSSv3 Score: 4.0
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-30715
Severity: moderate
Released on: 15/04/2025
Advisory:
Bugzilla: 2359900
Bugzilla Description:
mysql: Components Services unspecified vulnerability (CPU Apr 2025)
CVSS Score:
CVSSv3 Score: 4.9
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-30706
Severity: important
Released on: 15/04/2025
Advisory:
Bugzilla: 2359931
Bugzilla Description:
mysql-connector-java: Connector/J unspecified vulnerability (CPU Apr 2025)
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Fuse 7,Red Hat Integration Camel K 1,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat Process Automation 7,Red Hat Single Sign-On 7,
Full Details
CVE document
CVE-2025-30705
Severity: moderate
Released on: 15/04/2025
Advisory:
Bugzilla: 2359932
Bugzilla Description:
mysql: PS unspecified vulnerability (CPU Apr 2025)
CVSS Score:
CVSSv3 Score: 4.9
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-30704
Severity: moderate
Released on: 15/04/2025
Advisory:
Bugzilla: 2359943
Bugzilla Description:
mysql: Components Services unspecified vulnerability (CPU Apr 2025)
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-30703
Severity: low
Released on: 15/04/2025
Advisory:
Bugzilla: 2359950
Bugzilla Description:
mysql: InnoDB unspecified vulnerability (CPU Apr 2025)
CVSS Score:
CVSSv3 Score: 2.7
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-30699
Severity: moderate
Released on: 15/04/2025
Advisory:
Bugzilla: 2359892
Bugzilla Description:
mysql: Stored Procedure unspecified vulnerability (CPU Apr 2025)
CVSS Score:
CVSSv3 Score: 4.9
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-30696
Severity: moderate
Released on: 15/04/2025
Advisory:
Bugzilla: 2359930
Bugzilla Description:
mysql: PS unspecified vulnerability (CPU Apr 2025)
CVSS Score:
CVSSv3 Score: 4.9
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-30695
Severity: moderate
Released on: 15/04/2025
Advisory:
Bugzilla: 2359947
Bugzilla Description:
mysql: InnoDB unspecified vulnerability (CPU Apr 2025)
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-30693
Severity: moderate
Released on: 15/04/2025
Advisory:
Bugzilla: 2359963
Bugzilla Description:
mysql: InnoDB unspecified vulnerability (CPU Apr 2025)
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-30689
Severity: moderate
Released on: 15/04/2025
Advisory:
Bugzilla: 2359945
Bugzilla Description:
mysql: Optimizer unspecified vulnerability (CPU Apr 2025)
CVSS Score:
CVSSv3 Score: 4.9
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-30688
Severity: moderate
Released on: 15/04/2025
Advisory:
Bugzilla: 2359888
Bugzilla Description:
mysql: Optimizer unspecified vulnerability (CPU Apr 2025)
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-30687
Severity: moderate
Released on: 15/04/2025
Advisory:
Bugzilla: 2359924
Bugzilla Description:
mysql: Optimizer unspecified vulnerability (CPU Apr 2025)
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-30685
Severity: moderate
Released on: 15/04/2025
Advisory:
Bugzilla: 2359940
Bugzilla Description:
mysql: Replication unspecified vulnerability (CPU Apr 2025)
CVSS Score:
CVSSv3 Score: 4.9
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-30682
Severity: moderate
Released on: 15/04/2025
Advisory:
Bugzilla: 2359895
Bugzilla Description:
mysql: Optimizer unspecified vulnerability (CPU Apr 2025)
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-30683
Severity: moderate
Released on: 15/04/2025
Advisory:
Bugzilla: 2359899
Bugzilla Description:
mysql: Replication unspecified vulnerability (CPU Apr 2025)
CVSS Score:
CVSSv3 Score: 4.9
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-30684
Severity: moderate
Released on: 15/04/2025
Advisory:
Bugzilla: 2359972
Bugzilla Description:
mysql: Replication unspecified vulnerability (CPU Apr 2025)
CVSS Score:
CVSSv3 Score: 4.9
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21588
Severity: moderate
Released on: 15/04/2025
Advisory:
Bugzilla: 2359911
Bugzilla Description:
mysql: DML unspecified vulnerability (CPU Apr 2025)
CVSS Score:
CVSSv3 Score: 4.9
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-30681
Severity: low
Released on: 15/04/2025
Advisory:
Bugzilla: 2359918
Bugzilla Description:
mysql: Replication unspecified vulnerability (CPU Apr 2025)
CVSS Score:
CVSSv3 Score: 2.7
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21585
Severity: moderate
Released on: 15/04/2025
Advisory:
Bugzilla: 2359903
Bugzilla Description:
mysql: Optimizer unspecified vulnerability (CPU Apr 2025)
CVSS Score:
CVSSv3 Score: 4.9
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21584
Severity: moderate
Released on: 15/04/2025
Advisory:
Bugzilla: 2359964
Bugzilla Description:
mysql: DDL unspecified vulnerability (CPU Apr 2025)
CVSS Score:
CVSSv3 Score: 4.9
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21583
Severity: moderate
Released on: 15/04/2025
Advisory:
Bugzilla: 2359968
Bugzilla Description:
mysql: DDL unspecified vulnerability (CPU Apr 2025)
CVSS Score:
CVSSv3 Score: 4.9
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21580
Severity: moderate
Released on: 15/04/2025
Advisory:
Bugzilla: 2359928
Bugzilla Description:
mysql: DML unspecified vulnerability (CPU Apr 2025)
CVSS Score:
CVSSv3 Score: 4.9
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21579
Severity: moderate
Released on: 15/04/2025
Advisory:
Bugzilla: 2359938
Bugzilla Description:
mysql: Options unspecified vulnerability (CPU Apr 2025)
CVSS Score:
CVSSv3 Score: 4.9
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21581
Severity: moderate
Released on: 15/04/2025
Advisory:
Bugzilla: 2359944
Bugzilla Description:
mysql: Optimizer unspecified vulnerability (CPU Apr 2025)
CVSS Score:
CVSSv3 Score: 4.9
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21577
Severity: moderate
Released on: 15/04/2025
Advisory:
Bugzilla: 2359920
Bugzilla Description:
mysql: InnoDB unspecified vulnerability (CPU Apr 2025)
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21575
Severity: moderate
Released on: 15/04/2025
Advisory:
Bugzilla: 2359934
Bugzilla Description:
mysql: Parser unspecified vulnerability (CPU Apr 2025)
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21574
Severity: moderate
Released on: 15/04/2025
Advisory:
Bugzilla: 2359902
Bugzilla Description:
mysql: Parser unspecified vulnerability (CPU Apr 2025)
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-5616
Severity: moderate
Released on: 15/04/2025
Advisory:
Bugzilla: 2359838
Bugzilla Description:
gnome-control-center: Remote login misconfiguration in GNOME Control Center
CVSS Score:
CVSSv3 Score: 4.9
Vector:
CWE: CWE-290
Affected Packages:
Package States: Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-3523
Severity: low
Released on: 15/04/2025
Advisory: RHSA-2025:4389, RHSA-2025:4617, RHSA-2025:4649, RHSA-2025:4229, RHSA-2025:4514, RHSA-2025:4513, RHSA-2025:4512, RHSA-2025:4654, RHSA-2025:4665,
Bugzilla: 2359786
Bugzilla Description:
thunderbird: User Interface (UI) Misrepresentation of attachment URL
CVSS Score:
CVSSv3 Score: 6.4
Vector:
CWE: CWE-451
Affected Packages: thunderbird-0:128.9.2-1.el8_8,thunderbird-0:128.9.2-1.el8_6,thunderbird-0:128.9.2-1.el9_5,thunderbird-0:128.9.2-1.el9_4,thunderbird-0:128.9.2-1.el8_4,thunderbird-0:128.9.2-1.el8_10,thunderbird-0:128.9.2-1.el9_2,thunderbird-0:128.9.2-1.el8_2,thunderbird-0:128.9.2-1.el9_0,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-2830
Severity: important
Released on: 15/04/2025
Advisory: RHSA-2025:4389, RHSA-2025:4617, RHSA-2025:4649, RHSA-2025:4229, RHSA-2025:4514, RHSA-2025:4513, RHSA-2025:4512, RHSA-2025:4654, RHSA-2025:4665,
Bugzilla: 2359789
Bugzilla Description:
thunderbird: Information Disclosure of /tmp directory listing
CVSS Score:
CVSSv3 Score: 6.1
Vector:
CWE: CWE-200
Affected Packages: thunderbird-0:128.9.2-1.el8_8,thunderbird-0:128.9.2-1.el8_6,thunderbird-0:128.9.2-1.el9_5,thunderbird-0:128.9.2-1.el9_4,thunderbird-0:128.9.2-1.el8_4,thunderbird-0:128.9.2-1.el8_10,thunderbird-0:128.9.2-1.el9_2,thunderbird-0:128.9.2-1.el8_2,thunderbird-0:128.9.2-1.el9_0,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-3522
Severity: important
Released on: 15/04/2025
Advisory: RHSA-2025:4389, RHSA-2025:4617, RHSA-2025:4649, RHSA-2025:4229, RHSA-2025:4514, RHSA-2025:4513, RHSA-2025:4512, RHSA-2025:4654, RHSA-2025:4665,
Bugzilla: 2359793
Bugzilla Description:
thunderbird: Leak of hashed Window credentials via crafted attachment URL
CVSS Score:
CVSSv3 Score: 7.4
Vector:
CWE: CWE-1220
Affected Packages: thunderbird-0:128.9.2-1.el8_8,thunderbird-0:128.9.2-1.el8_6,thunderbird-0:128.9.2-1.el9_5,thunderbird-0:128.9.2-1.el9_4,thunderbird-0:128.9.2-1.el8_4,thunderbird-0:128.9.2-1.el8_10,thunderbird-0:128.9.2-1.el9_2,thunderbird-0:128.9.2-1.el8_2,thunderbird-0:128.9.2-1.el9_0,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-3608
Severity: important
Released on: 15/04/2025
Advisory:
Bugzilla: 2359752
Bugzilla Description:
firefox: Race condition in nsHttpTransaction could lead to memory corruption
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-364
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-3573
Severity: moderate
Released on: 15/04/2025
Advisory:
Bugzilla: 2359682
Bugzilla Description:
jquery-validation: XSS Vulnerability in jquery-validation
CVSS Score:
CVSSv3 Score: 6.1
Vector:
CWE: CWE-79
Affected Packages:
Package States: Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-3612
Severity: moderate
Released on: 15/04/2025
Advisory:
Bugzilla: 2359631
Bugzilla Description:
Demtec Graphytics HTTP GET Parameter visualization cross site scripting
CVSS Score:
Vector:
CWE: (CWE-79|CWE-94)
Affected Packages:
Package States:
Full Details
CVE document
CVE-2025-3576
Severity: moderate
Released on: 15/04/2025
Advisory:
Bugzilla: 2359465
Bugzilla Description:
krb5: Kerberos RC4-HMAC-MD5 Checksum Vulnerability Enabling Message Spoofing via MD5 Collisions
CVSS Score:
CVSSv3 Score: 5.9
Vector:
CWE: CWE-328
Affected Packages:
Package States: Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2025-32987
Severity: moderate
Released on: 15/04/2025
Advisory:
Bugzilla: 2359623
Bugzilla Description:
From CVEorg collector
CVSS Score:
Vector:
CWE: CWE-214
Affected Packages:
Package States:
Full Details
CVE document
CVE-2025-32996
Severity: moderate
Released on: 15/04/2025
Advisory:
Bugzilla: 2359627
Bugzilla Description:
http-proxy-middleware: Always-Incorrect Control Flow Implementation in http-proxy-middleware
CVSS Score:
CVSSv3 Score: 4.0
Vector:
CWE: CWE-670
Affected Packages:
Package States: Cryostat 3,Cryostat 4,Migration Toolkit for Applications 7,Migration Toolkit for Containers,Network Observability Operator,OpenShift Lightspeed,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Serverless,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat build of Apache Camel - HawtIO 4,Red Hat build of Apicurio Registry 2,Red Hat build of OptaPlanner 8,Red Hat Data Grid 8,Red Hat Developer Hub,Red Hat Discovery,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Fuse 7,Red Hat Fuse 7,Red Hat Integration Camel K 1,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift distributed tracing 3,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift distributed tracing 3,Red Hat Process Automation 7,Red Hat Quay 3,Red Hat Trusted Profile Analyzer,
Full Details
CVE document
CVE-2025-32997
Severity: moderate
Released on: 15/04/2025
Advisory:
Bugzilla: 2359628
Bugzilla Description:
http-proxy-middleware: Improper Check for Unusual or Exceptional Conditions in http-proxy-middleware
CVSS Score:
CVSSv3 Score: 4.0
Vector:
CWE: CWE-754
Affected Packages:
Package States: Cryostat 3,Cryostat 4,Migration Toolkit for Applications 7,Migration Toolkit for Containers,Network Observability Operator,OpenShift Lightspeed,OpenShift Pipelines,OpenShift Pipelines,OpenShift Pipelines,OpenShift Serverless,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat build of Apache Camel - HawtIO 4,Red Hat build of Apicurio Registry 2,Red Hat build of OptaPlanner 8,Red Hat Data Grid 8,Red Hat Developer Hub,Red Hat Discovery,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Fuse 7,Red Hat Fuse 7,Red Hat Integration Camel K 1,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift distributed tracing 3,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift distributed tracing 3,Red Hat Process Automation 7,Red Hat Quay 3,Red Hat Trusted Profile Analyzer,
Full Details
CVE document
CVE-2025-3588
Severity: moderate
Released on: 14/04/2025
Advisory:
Bugzilla: 2359604
Bugzilla Description:
jsonschema2pojo: joelittlejohn jsonschema2pojo JSON File SchemaRule.java apply stack-based overflow
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: (CWE-119|CWE-121)
Affected Packages:
Package States: Red Hat build of Apicurio Registry 2,Red Hat build of Apicurio Registry 3,Red Hat Fuse 7,Red Hat Fuse 7,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat JBoss Enterprise Application Platform Expansion Pack,streams for Apache Kafka,streams for Apache Kafka,streams for Apache Kafka,
Full Details
CVE document
CVE-2025-32445
Severity: critical
Released on: 14/04/2025
Advisory:
Bugzilla: 2359572
Bugzilla Description:
argo-events: Argo Events users can gain privileged access to the host system and cluster with EventSource and Sensor CR
CVSS Score:
CVSSv3 Score: 9.9
Vector:
CWE: CWE-268
Affected Packages:
Package States: Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),
Full Details
CVE document
CVE-2025-3277
Severity: important
Released on: 14/04/2025
Advisory: RHSA-2025:4459,
Bugzilla: 2359553
Bugzilla Description:
SQLite: integer overflow in SQLite
CVSS Score:
CVSSv3 Score: 7.3
Vector:
CWE: CWE-122
Affected Packages: nodejs:22-8100020250429143334.6d880403,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2025-31344
Severity: moderate
Released on: 14/04/2025
Advisory:
Bugzilla: 2359418
Bugzilla Description:
giflib: The giflib open-source component has a buffer overflow vulnerability
CVSS Score:
CVSSv3 Score: 5.9
Vector:
CWE: CWE-122
Affected Packages:
Package States: Red Hat build of OpenJDK 11,Red Hat build of OpenJDK 17,Red Hat build of OpenJDK 1.8,Red Hat build of OpenJDK 21,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-3549
Severity: moderate
Released on: 14/04/2025
Advisory:
Bugzilla: 2359377
Bugzilla Description:
Assimp: Open Asset Import Library Assimp File MD3Loader.cpp ValidateSurfaceHeaderOffsets heap-based overflow
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: (CWE-119|CWE-122)
Affected Packages:
Package States: Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-3548
Severity: moderate
Released on: 14/04/2025
Advisory:
Bugzilla: 2359372
Bugzilla Description:
Assimp: Open Asset Import Library Assimp File types.h Set heap-based overflow
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: (CWE-119|CWE-122)
Affected Packages:
Package States: Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-3572
Severity: important
Released on: 14/04/2025
Advisory:
Bugzilla: 2359373
Bugzilla Description:
INTUMIT SmartRobot - Server-Side Request Forgery
CVSS Score:
Vector:
CWE: CWE-918
Affected Packages:
Package States:
Full Details
CVE document
CVE-2025-32906
Severity: important
Released on: 14/04/2025
Advisory: RHSA-2025:4440, RHSA-2025:4560, RHSA-2025:4609, RHSA-2025:4508, RHSA-2025:4538, RHSA-2025:4439, RHSA-2025:4624, RHSA-2025:4568,
Bugzilla: 2359341
Bugzilla Description:
libsoup: Out of bounds reads in soup_headers_parse_request()
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-125
Affected Packages: libsoup-0:2.62.3-8.el8_10,libsoup-0:2.62.3-2.el8_6.4,libsoup-0:2.62.3-2.el8_4.4,libsoup-0:2.72.0-8.el9_4.4,libsoup-0:2.62.3-3.el8_8.4,libsoup-0:2.72.0-8.el9_2.4,libsoup-0:2.62.3-1.el8_2.4,libsoup-0:2.72.0-8.el9_0.4,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-32907
Severity: moderate
Released on: 14/04/2025
Advisory: RHSA-2025:4440, RHSA-2025:4508, RHSA-2025:4439,
Bugzilla: 2359342
Bugzilla Description:
libsoup: Denial of service in server when client requests a large amount of overlapping ranges with Range header
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-1050
Affected Packages: libsoup-0:2.72.0-8.el9_4.4,libsoup-0:2.72.0-8.el9_2.4,libsoup-0:2.72.0-8.el9_0.4,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-32908
Severity: important
Released on: 14/04/2025
Advisory:
Bugzilla: 2359343
Bugzilla Description:
libsoup: Denial of service on libsoup through HTTP/2 server
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-115
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-32909
Severity: moderate
Released on: 14/04/2025
Advisory:
Bugzilla: 2359353
Bugzilla Description:
libsoup: NULL Pointer Dereference on libsoup through function "sniff_mp4" in soup-content-sniffer.c
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-32910
Severity: moderate
Released on: 14/04/2025
Advisory:
Bugzilla: 2359354
Bugzilla Description:
libsoup: Null pointer deference on libsoup via /auth/soup-auth-digest.c through "soup_auth_digest_authenticate" on client when server omits the "realm" parameter in an Unauthorized response with Digest authentication
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-32911
Severity: important
Released on: 14/04/2025
Advisory: RHSA-2025:4440, RHSA-2025:4560, RHSA-2025:4609, RHSA-2025:4508, RHSA-2025:4538, RHSA-2025:4439, RHSA-2025:4624, RHSA-2025:4568,
Bugzilla: 2359355
Bugzilla Description:
libsoup: Double free on soup_message_headers_get_content_disposition() through "soup-message-headers.c" via "params" GHashTable value
CVSS Score:
CVSSv3 Score: 9.0
Vector:
CWE: CWE-590
Affected Packages: libsoup-0:2.62.3-8.el8_10,libsoup-0:2.62.3-2.el8_6.4,libsoup-0:2.62.3-2.el8_4.4,libsoup-0:2.72.0-8.el9_4.4,libsoup-0:2.62.3-3.el8_8.4,libsoup-0:2.72.0-8.el9_2.4,libsoup-0:2.62.3-1.el8_2.4,libsoup-0:2.72.0-8.el9_0.4,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-32912
Severity: moderate
Released on: 14/04/2025
Advisory:
Bugzilla: 2359356
Bugzilla Description:
libsoup: NULL pointer dereference in client when server omits the "nonce" parameter in an Unauthorized response with Digest authentication
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-32913
Severity: important
Released on: 14/04/2025
Advisory: RHSA-2025:4440, RHSA-2025:4560, RHSA-2025:4609, RHSA-2025:4508, RHSA-2025:4538, RHSA-2025:4439, RHSA-2025:4624, RHSA-2025:4568,
Bugzilla: 2359357
Bugzilla Description:
libsoup: NULL pointer dereference in soup_message_headers_get_content_disposition when "filename" parameter is present, but has no value in Content-Disposition header
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-476
Affected Packages: libsoup-0:2.62.3-8.el8_10,libsoup-0:2.62.3-2.el8_6.4,libsoup-0:2.62.3-2.el8_4.4,libsoup-0:2.72.0-8.el9_4.4,libsoup-0:2.62.3-3.el8_8.4,libsoup-0:2.72.0-8.el9_2.4,libsoup-0:2.62.3-1.el8_2.4,libsoup-0:2.72.0-8.el9_0.4,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-32914
Severity: moderate
Released on: 14/04/2025
Advisory:
Bugzilla: 2359358
Bugzilla Description:
libsoup: OOB Read on libsoup through function "soup_multipart_new_from_message" in soup-multipart.c leads to crash or exit of process
CVSS Score:
CVSSv3 Score: 7.4
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-3445
Severity: important
Released on: 13/04/2025
Advisory:
Bugzilla: 2359334
Bugzilla Description:
mholt/archiver: A Path Traversal "Zip Slip" vulnerability in mholt/archiver
CVSS Score:
CVSSv3 Score: 8.1
Vector:
CWE: CWE-22
Affected Packages:
Package States: OpenShift Serverless,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2024-56406
Severity: important
Released on: 13/04/2025
Advisory:
Bugzilla: 2359290
Bugzilla Description:
perl: Perl 5.34, 5.36, 5.38 and 5.40 are vulnerable to a heap buffer overflow when transliterating non-ASCII bytes
CVSS Score:
CVSSv3 Score: 7.3
Vector:
CWE: (CWE-122|CWE-787)
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2025-3532
Severity: moderate
Released on: 13/04/2025
Advisory:
Bugzilla: 2359266
Bugzilla Description:
YouDianCMS index.html.Attackers cross site scripting
CVSS Score:
Vector:
CWE: (CWE-79|CWE-94)
Affected Packages:
Package States:
Full Details
CVE document
CVE-2025-3531
Severity: moderate
Released on: 13/04/2025
Advisory:
Bugzilla: 2359264
Bugzilla Description:
YouDianCMS index.html cross site scripting
CVSS Score:
Vector:
CWE: (CWE-79|CWE-94)
Affected Packages:
Package States:
Full Details
CVE document
CVE-2025-2814
Severity: moderate
Released on: 12/04/2025
Advisory:
Bugzilla: 2359259
Bugzilla Description:
Crypt-CBC: Crypt::CBC versions between 1.21 and 3.04 for Perl may use insecure rand() function for cryptographic functions
CVSS Score:
CVSSv3 Score: 4.8
Vector:
CWE: CWE-338
Affected Packages:
Package States: Red Hat Enterprise Linux 7,
Full Details
CVE document
CVE-2025-22232
Severity: moderate
Released on: 10/04/2025
Advisory:
Bugzilla: 2358900
Bugzilla Description:
spring-cloud-config-server: Spring Cloud Config Server May Not Use Vault Token Sent By Clients
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-287
Affected Packages:
Package States: A-MQ Clients 2,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,
Full Details
CVE document
CVE-2025-32395
Severity: moderate
Released on: 10/04/2025
Advisory:
Bugzilla: 2358861
Bugzilla Description:
vite: Vite has an `server.fs.deny` bypass with an invalid `request-target`
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-200
Affected Packages:
Package States: Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift distributed tracing 3,
Full Details
CVE document
CVE-2025-32728
Severity: moderate
Released on: 10/04/2025
Advisory:
Bugzilla: 2358767
Bugzilla Description:
openssh: OpenSSH SSHD Agent Forwarding and X11 Forwarding
CVSS Score:
CVSSv3 Score: 4.3
Vector:
CWE: CWE-440
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2025-29088
Severity: moderate
Released on: 10/04/2025
Advisory:
Bugzilla: 2358876
Bugzilla Description:
sqlite: Denial of Service in SQLite
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-190
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2025-32386
Severity: moderate
Released on: 09/04/2025
Advisory:
Bugzilla: 2358755
Bugzilla Description:
helm.sh/helm/v3: Helm Allows A Specially Crafted Chart Archive To Cause Out Of Memory Termination
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: (CWE-770|CWE-789)
Affected Packages:
Package States: cert-manager Operator for Red Hat OpenShift,cert-manager Operator for Red Hat OpenShift,Deployment Validation Operator,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Global Hub,Multicluster Global Hub,Multicluster Global Hub,Multicluster Global Hub,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Developer Hub,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat Trusted Application Pipeline,
Full Details
CVE document
CVE-2025-32387
Severity: moderate
Released on: 09/04/2025
Advisory:
Bugzilla: 2358754
Bugzilla Description:
helm.sh/helm/v3: Helm Allows A Specially Crafted JSON Schema To Cause A Stack Overflow
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: (CWE-121|CWE-674)
Affected Packages:
Package States: cert-manager Operator for Red Hat OpenShift,cert-manager Operator for Red Hat OpenShift,Deployment Validation Operator,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Engine for Kubernetes,Multicluster Global Hub,Multicluster Global Hub,Multicluster Global Hub,Multicluster Global Hub,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,OpenShift Service Mesh 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Advanced Cluster Security 4,Red Hat Developer Hub,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat Trusted Application Pipeline,
Full Details
CVE document
CVE-2025-32379
Severity: moderate
Released on: 09/04/2025
Advisory:
Bugzilla: 2358649
Bugzilla Description:
koa: XSS at ctx.redirect() function in Koajs
CVSS Score:
CVSSv3 Score: 5.0
Vector:
CWE: CWE-79
Affected Packages:
Package States: Red Hat Developer Hub,
Full Details
CVE document
CVE-2025-27391
Severity: moderate
Released on: 09/04/2025
Advisory:
Bugzilla: 2358637
Bugzilla Description:
org.apache.activemq/artemis-core-client: Apache ActiveMQ Artemis: Passwords leaking from broker properties in the debug log
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-532
Affected Packages:
Package States: AMQ Clients,A-MQ Clients 2,Red Hat AMQ Broker 7,Red Hat build of Apache Camel 4 for Quarkus 3,Red Hat build of Apache Camel 4 for Quarkus 3,Red Hat build of Apache Camel for Spring Boot 4,Red Hat build of OptaPlanner 8,Red Hat Fuse 7,Red Hat Integration Camel K 1,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat Process Automation 7,Red Hat Single Sign-On 7,
Full Details
CVE document
CVE-2025-32381
Severity: moderate
Released on: 09/04/2025
Advisory:
Bugzilla: 2358639
Bugzilla Description:
xgrammar: xgrammar Vulnerable to Denial of Service (DoS) by abusing unbounded cache in memory
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-770
Affected Packages:
Package States: Red Hat Enterprise Linux AI (RHEL AI),
Full Details
CVE document
CVE-2025-31672
Severity: moderate
Released on: 09/04/2025
Advisory:
Bugzilla: 2358619
Bugzilla Description:
org.apache.poi/poi-ooxml: Apache POI: parsing OOXML based files (xlsx, docx, etc.), poi-ooxml could read unexpected data if underlying zip has duplicate zip entry names
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-20
Affected Packages:
Package States: Logging Subsystem for Red Hat OpenShift,Red Hat build of Apicurio Registry 3,Red Hat build of OptaPlanner 8,Red Hat Fuse 7,Red Hat Integration Camel K 1,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat Process Automation 7,streams for Apache Kafka,streams for Apache Kafka 2,
Full Details
CVE document
CVE-2025-32464
Severity: moderate
Released on: 09/04/2025
Advisory:
Bugzilla: 2358543
Bugzilla Description:
haproxy: Buffer Overflow via Improper Back-Reference Replacement Length Check
CVSS Score:
CVSSv3 Score: 6.8
Vector:
CWE: CWE-1025
Affected Packages:
Package States: Red Hat Ceph Storage 5,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2025-22871
Severity: moderate
Released on: 08/04/2025
Advisory:
Bugzilla: 2358493
Bugzilla Description:
net/http: Request smuggling due to acceptance of invalid chunked data in net/http
CVSS Score:
CVSSv3 Score: 5.4
Vector:
CWE: CWE-444
Affected Packages:
Package States: Assisted Installer for Red Hat OpenShift Container Platform,Cryostat 3,Cryostat 4,Custom Metric Autoscaler operator for Red Hat Openshift,Deployment Validation Operator,Fence Agents Remediation Operator,Gatekeeper,Kube Descheduler Operator,Logging Subsystem for Red Hat OpenShift,Logical Volume Manager Storage,Machine Deletion Remediation Operator,Migration Toolkit for Applications 7,Migration Toolkit for Containers,Migration Toolkit for Virtualization,Multicluster Engine for Kubernetes,Multicluster Global Hub,Node HealthCheck Operator,Node Maintenance Operator,OpenShift API for Data Protection,OpenShift Developer Tools and Services,OpenShift Developer Tools and Services,OpenShift Developer Tools and Services,OpenShift Pipelines,OpenShift Run Once Duration Override Operator,OpenShift Secondary Scheduler Operator,OpenShift Serverless,OpenShift Service Mesh 2,Power monitoring for Red Hat OpenShift,Red Hat 3scale API Management Platform 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Management for Kubernetes 2,Red Hat Advanced Cluster Security 4,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat build of Apache Camel - HawtIO 4,Red Hat Ceph Storage 5,Red Hat Ceph Storage 6,Red Hat Ceph Storage 6,Red Hat Ceph Storage 7,Red Hat Ceph Storage 7,Red Hat Ceph Storage 8,Red Hat Ceph Storage 8,Red Hat Certification for Red Hat Enterprise Linux 8,Red Hat Certification for Red Hat Enterprise Linux 9,Red Hat Connectivity Link,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat Openshift Data Foundation 4,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Workspaces Operator,Red Hat OpenShift GitOps,Red Hat OpenShift on AWS,Red Hat Openshift Sandboxed Containers,Red Hat OpenShift Update Service,Red Hat OpenShift Virtualization 4,Red Hat OpenShift Virtualization 4,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 18.0,Red Hat OpenStack Platform 18.0,Red Hat Quay 3,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Satellite 6,Red Hat Service Interconnect 2,Red Hat Web Terminal,Self Node Remediation Operator,Service Telemetry Framework 1.5 for RHEL 8,
Full Details
CVE document
CVE-2025-26666
Severity: important
Released on: 08/04/2025
Advisory:
Bugzilla: 2358391
Bugzilla Description:
Windows Media Remote Code Execution Vulnerability
CVSS Score:
Vector:
CWE: CWE-122
Affected Packages:
Package States:
Full Details
CVE document
CVE-2025-26682
Severity: important
Released on: 08/04/2025
Advisory:
Bugzilla: 2357945
Bugzilla Description:
dotnet: .NET: ASP.NET Core denial of service with HTTP/3
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-770
Affected Packages:
Package States: Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-31498
Severity: moderate
Released on: 08/04/2025
Advisory: RHSA-2025:4461, RHSA-2025:4459,
Bugzilla: 2358271
Bugzilla Description:
c-ares: c-ares has a use-after-free in read_answers()
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-416
Affected Packages: nodejs:20-8100020250425153222.489197e6,nodejs:22-8100020250429143334.6d880403,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2025-32414
Severity: moderate
Released on: 08/04/2025
Advisory:
Bugzilla: 2358121
Bugzilla Description:
libxml2: Out-of-Bounds Read in libxml2
CVSS Score:
CVSSv3 Score: 5.6
Vector:
CWE: CWE-393
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat JBoss Core Services,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2025-22012
Severity: low
Released on: 08/04/2025
Advisory:
Bugzilla: 2358217
Bugzilla Description:
kernel: Revert "arm64: dts: qcom: sdm845: Affirm IDR0.CCTW on apps_smmu"
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22010
Severity: moderate
Released on: 08/04/2025
Advisory:
Bugzilla: 2358219
Bugzilla Description:
kernel: RDMA/hns: Fix soft lockup during bt pages loop
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-606
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22014
Severity: moderate
Released on: 08/04/2025
Advisory:
Bugzilla: 2358221
Bugzilla Description:
kernel: soc: qcom: pdr: Fix the potential deadlock
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-833
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22013
Severity: moderate
Released on: 08/04/2025
Advisory:
Bugzilla: 2358222
Bugzilla Description:
kernel: KVM: arm64: Unconditionally save+flush host FPSIMD/SVE/SME state
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-99
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22008
Severity: low
Released on: 08/04/2025
Advisory:
Bugzilla: 2358223
Bugzilla Description:
kernel: regulator: check that dummy regulator has been probed before using it
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-29
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22017
Severity: moderate
Released on: 08/04/2025
Advisory:
Bugzilla: 2358224
Bugzilla Description:
kernel: devlink: fix xa_alloc_cyclic() error handling
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-395
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22015
Severity: moderate
Released on: 08/04/2025
Advisory:
Bugzilla: 2358228
Bugzilla Description:
kernel: mm/migrate: fix shmem xarray update during migration
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22016
Severity: moderate
Released on: 08/04/2025
Advisory:
Bugzilla: 2358232
Bugzilla Description:
kernel: dpll: fix xa_alloc_cyclic() error handling
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-395
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22009
Severity: low
Released on: 08/04/2025
Advisory:
Bugzilla: 2358234
Bugzilla Description:
kernel: regulator: dummy: force synchronous probing
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22011
Severity: low
Released on: 08/04/2025
Advisory:
Bugzilla: 2358235
Bugzilla Description:
kernel: ARM: dts: bcm2711: Fix xHCI power-domain
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-38797
Severity: moderate
Released on: 07/04/2025
Advisory:
Bugzilla: 2358006
Bugzilla Description:
edk2: Out-of-bounds Read in EDK2
CVSS Score:
CVSSv3 Score: 4.6
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-2251
Severity: moderate
Released on: 07/04/2025
Advisory:
Bugzilla: 2351678
Bugzilla Description:
org.jboss.eap:wildfly-ejb3: Improper Deserialization in JBoss Marshalling Allows Remote Code Execution
CVSS Score:
CVSSv3 Score: 6.2
Vector:
CWE: CWE-502
Affected Packages:
Package States: Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,
Full Details
CVE document
CVE-2025-3359
Severity: moderate
Released on: 07/04/2025
Advisory:
Bugzilla: 2357749
Bugzilla Description:
gnuplot: Segmentation fault via IO_str_init_static_internal function
CVSS Score:
CVSSv3 Score: 6.2
Vector:
CWE: CWE-754
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,
Full Details
CVE document
CVE-2025-3360
Severity: low
Released on: 07/04/2025
Advisory:
Bugzilla: 2357754
Bugzilla Description:
glibc: GLib prior to 2.82.5 is vulnerable to integer overflow and buffer under-read when parsing a very long invalid ISO 8601 timestamp with g_date_time_new_from_iso8601().
CVSS Score:
CVSSv3 Score: 3.7
Vector:
CWE: CWE-190
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-54551
Severity: moderate
Released on: 07/04/2025
Advisory: RHSA-2025:3713, RHSA-2025:3756, RHSA-2025:3755, RHSA-2025:3974, RHSA-2025:4445,
Bugzilla: 2357909
Bugzilla Description:
webkitgtk: Processing web content may lead to a denial-of-service
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-119
Affected Packages: webkit2gtk3-0:2.48.1-1.el9_5,webkit2gtk3-0:2.48.1-1.el8_8,webkit2gtk3-0:2.48.1-2.el9_4,webkit2gtk3-0:2.48.1-1.el8_10,webkit2gtk3-0:2.48.1-3.el9_2,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,
Full Details
CVE document
CVE-2025-24208
Severity: moderate
Released on: 07/04/2025
Advisory: RHSA-2025:3713, RHSA-2025:3756, RHSA-2025:3755, RHSA-2025:3974, RHSA-2025:4445,
Bugzilla: 2357910
Bugzilla Description:
webkitgtk: Loading a malicious iframe may lead to a cross-site scripting attack
CVSS Score:
CVSSv3 Score: 6.1
Vector:
CWE: CWE-79
Affected Packages: webkit2gtk3-0:2.48.1-1.el9_5,webkit2gtk3-0:2.48.1-1.el8_8,webkit2gtk3-0:2.48.1-2.el9_4,webkit2gtk3-0:2.48.1-1.el8_10,webkit2gtk3-0:2.48.1-3.el9_2,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,
Full Details
CVE document
CVE-2025-24209
Severity: important
Released on: 07/04/2025
Advisory: RHSA-2025:3713, RHSA-2025:3756, RHSA-2025:3755, RHSA-2025:3974, RHSA-2025:4445,
Bugzilla: 2357911
Bugzilla Description:
webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-120
Affected Packages: webkit2gtk3-0:2.48.1-1.el9_5,webkit2gtk3-0:2.48.1-1.el8_8,webkit2gtk3-0:2.48.1-2.el9_4,webkit2gtk3-0:2.48.1-1.el8_10,webkit2gtk3-0:2.48.1-3.el9_2,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,
Full Details
CVE document
CVE-2025-24213
Severity: important
Released on: 07/04/2025
Advisory:
Bugzilla: 2357913
Bugzilla Description:
webkitgtk: A type confusion issue could lead to memory corruption
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-843
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-24216
Severity: important
Released on: 07/04/2025
Advisory: RHSA-2025:3713, RHSA-2025:3756, RHSA-2025:3755, RHSA-2025:3974, RHSA-2025:4445,
Bugzilla: 2357917
Bugzilla Description:
webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-119
Affected Packages: webkit2gtk3-0:2.48.1-1.el9_5,webkit2gtk3-0:2.48.1-1.el8_8,webkit2gtk3-0:2.48.1-2.el9_4,webkit2gtk3-0:2.48.1-1.el8_10,webkit2gtk3-0:2.48.1-3.el9_2,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,
Full Details
CVE document
CVE-2025-24264
Severity: important
Released on: 07/04/2025
Advisory: RHSA-2023:4202, RHSA-2023:4201,
Bugzilla: 2357918
Bugzilla Description:
webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-119
Affected Packages: webkit2gtk3-0:2.38.5-1.el8_8.5,webkit2gtk3-0:2.38.5-1.el9_2.3,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,
Full Details
CVE document
CVE-2025-30427
Severity: important
Released on: 07/04/2025
Advisory: RHSA-2025:3713, RHSA-2025:3756, RHSA-2025:3755, RHSA-2025:3974, RHSA-2025:4445,
Bugzilla: 2357919
Bugzilla Description:
webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-416
Affected Packages: webkit2gtk3-0:2.48.1-1.el9_5,webkit2gtk3-0:2.48.1-1.el8_8,webkit2gtk3-0:2.48.1-2.el9_4,webkit2gtk3-0:2.48.1-1.el8_10,webkit2gtk3-0:2.48.1-3.el9_2,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,
Full Details
CVE document
CVE-2025-29480
Severity: moderate
Released on: 07/04/2025
Advisory:
Bugzilla: 2358021
Bugzilla Description:
gdal: Buffer Overflow in GDAL
CVSS Score:
CVSSv3 Score: 4.0
Vector:
CWE: CWE-120
Affected Packages:
Package States: Red Hat Enterprise Linux AI (RHEL AI),
Full Details
CVE document
CVE-2025-29481
Severity: moderate
Released on: 07/04/2025
Advisory:
Bugzilla: 2358023
Bugzilla Description:
libbpf: Heap Buffer Overflow in libbpf
CVSS Score:
CVSSv3 Score: 7.3
Vector:
CWE: CWE-122
Affected Packages:
Package States: Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2025-29087
Severity: moderate
Released on: 07/04/2025
Advisory:
Bugzilla: 2358028
Bugzilla Description:
sqlite: Integer Overflow in SQLite concat_ws Function
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-190
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2025-29479
Severity: moderate
Released on: 07/04/2025
Advisory:
Bugzilla: 2358029
Bugzilla Description:
hiredis: Heap Buffer Overflow in Hiredis
CVSS Score:
CVSSv3 Score: 4.0
Vector:
CWE: CWE-122
Affected Packages:
Package States: Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux AI (RHEL AI),Red Hat Enterprise Linux AI (RHEL AI),Red Hat Enterprise Linux AI (RHEL AI),
Full Details
CVE document
CVE-2025-31492
Severity: important
Released on: 06/04/2025
Advisory: RHSA-2025:4224, RHSA-2025:3945, RHSA-2025:4192, RHSA-2025:3997, RHSA-2025:4228, RHSA-2025:4227, RHSA-2025:4128, RHSA-2025:4225,
Bugzilla: 2357738
Bugzilla Description:
mod_auth_openidc: mod_auth_openidc allows OIDCProviderAuthRequestMethod POSTs to leak protected data
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-200
Affected Packages: mod_auth_openidc-0:2.4.9.4-1.el9_0.2,mod_auth_openidc:2.3-8040020250422161642.522a0ee4,mod_auth_openidc:2.3-8020020250422085336.4cda2c84,mod_auth_openidc:2.3-8060020250422111826.ad008a3a,mod_auth_openidc-0:2.4.9.4-1.el9_2.2,mod_auth_openidc-0:2.4.9.4-4.el9_4.1,mod_auth_openidc:2.3-8100020250411144918.489197e6,mod_auth_openidc:2.3-8080020250415192452.63b34585,
Package States: Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-32365
Severity: moderate
Released on: 05/04/2025
Advisory:
Bugzilla: 2357656
Bugzilla Description:
poppler: Out-of-Bounds Read in Poppler
CVSS Score:
CVSSv3 Score: 4.0
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-32364
Severity: moderate
Released on: 05/04/2025
Advisory:
Bugzilla: 2357657
Bugzilla Description:
poppler: Floating-Point Exception in Poppler
CVSS Score:
CVSSv3 Score: 4.0
Vector:
CWE: CWE-190
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-3416
Severity: low
Released on: 04/04/2025
Advisory:
Bugzilla: 2357560
Bugzilla Description:
openssl: rust-openssl Use-After-Free in `Md::fetch` and `Cipher::fetch`
CVSS Score:
CVSSv3 Score: 3.7
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Directory Server 11,Red Hat Directory Server 12,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,Red Hat OpenShift Container Platform 4,Red Hat Trusted Artifact Signer,Red Hat Trusted Artifact Signer,Red Hat Trusted Profile Analyzer,
Full Details
CVE document
CVE-2024-11235
Severity: important
Released on: 04/04/2025
Advisory:
Bugzilla: 2357531
Bugzilla Description:
php: Reference counting in php_request_shutdown causes Use-After-Free
CVSS Score:
CVSSv3 Score: 7.3
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-3198
Severity: low
Released on: 04/04/2025
Advisory:
Bugzilla: 2357358
Bugzilla Description:
binutils: GNU Binutils objdump bucomm.c display_info memory leak
CVSS Score:
CVSSv3 Score: 3.3
Vector:
CWE: (CWE-401|CWE-404)
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2025-3196
Severity: moderate
Released on: 04/04/2025
Advisory:
Bugzilla: 2357356
Bugzilla Description:
assimp: Open Asset Import Library Assimp Malformed File MD2Loader.cpp InternReadFile stack-based overflow
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: (CWE-119|CWE-121)
Affected Packages:
Package States: Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-30370
Severity: important
Released on: 03/04/2025
Advisory:
Bugzilla: 2357342
Bugzilla Description:
jupyterlab-git: jupyterlab-git has a command injection vulnerability in "Open Git Repository in Terminal"
CVSS Score:
CVSSv3 Score: 7.4
Vector:
CWE: CWE-78
Affected Packages:
Package States: Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),
Full Details
CVE document
CVE-2025-31489
Severity: important
Released on: 03/04/2025
Advisory:
Bugzilla: 2357275
Bugzilla Description:
minio: MinIO performs incomplete signature validation for unsigned-trailer uploads
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-347
Affected Packages:
Package States: Network Observability Operator,Network Observability Operator,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift distributed tracing 3,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift distributed tracing 3,
Full Details
CVE document
CVE-2025-31486
Severity: moderate
Released on: 03/04/2025
Advisory:
Bugzilla: 2357264
Bugzilla Description:
vite: Vite allows server.fs.deny to be bypassed with .svg or relative paths
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: (CWE-200|CWE-284)
Affected Packages:
Package States: Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift distributed tracing 3,
Full Details
CVE document
CVE-2025-31115
Severity: important
Released on: 03/04/2025
Advisory:
Bugzilla: 2357249
Bugzilla Description:
xz: XZ has a heap-use-after-free bug in threaded .xz decoder
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: (CWE-366|CWE-416|CWE-476|CWE-826)
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2025-3160
Severity: low
Released on: 03/04/2025
Advisory:
Bugzilla: 2357217
Bugzilla Description:
assimp: Open Asset Import Library Assimp File SceneCombiner.cpp AddNodeHashes out-of-bounds
CVSS Score:
CVSSv3 Score: 3.3
Vector:
CWE: (CWE-119|CWE-125)
Affected Packages:
Package States: Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-3159
Severity: moderate
Released on: 03/04/2025
Advisory:
Bugzilla: 2357216
Bugzilla Description:
assimp: Open Asset Import Library Assimp ASE File ASEParser.cpp ParseLV4MeshBonesVertices heap-based overflow
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: (CWE-119|CWE-122)
Affected Packages:
Package States: Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-3158
Severity: moderate
Released on: 03/04/2025
Advisory:
Bugzilla: 2357196
Bugzilla Description:
assimp: Open Asset Import Library Assimp LWO File LWOAnimation.cpp UpdateAnimRangeSetup heap-based overflow
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: (CWE-119|CWE-122)
Affected Packages:
Package States: Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-32049
Severity: moderate
Released on: 03/04/2025
Advisory:
Bugzilla: 2357066
Bugzilla Description:
libsoup: Denial of Service attack to websocket server
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-770
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-32050
Severity: moderate
Released on: 03/04/2025
Advisory: RHSA-2025:4440, RHSA-2025:4560, RHSA-2025:4508, RHSA-2025:4568,
Bugzilla: 2357067
Bugzilla Description:
libsoup: Integer overflow in append_param_quoted
CVSS Score:
CVSSv3 Score: 5.9
Vector:
CWE: CWE-127
Affected Packages: libsoup-0:2.62.3-8.el8_10,libsoup-0:2.72.0-8.el9_4.4,libsoup-0:2.62.3-3.el8_8.4,libsoup-0:2.72.0-8.el9_2.4,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-32051
Severity: moderate
Released on: 03/04/2025
Advisory:
Bugzilla: 2357068
Bugzilla Description:
libsoup: Segmentation fault when parsing malformed data URI
CVSS Score:
CVSSv3 Score: 5.9
Vector:
CWE: CWE-754
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-32052
Severity: moderate
Released on: 03/04/2025
Advisory: RHSA-2025:4440, RHSA-2025:4560, RHSA-2025:4508, RHSA-2025:4568,
Bugzilla: 2357069
Bugzilla Description:
libsoup: Heap buffer overflow in sniff_unknown()
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-126
Affected Packages: libsoup-0:2.62.3-8.el8_10,libsoup-0:2.72.0-8.el9_4.4,libsoup-0:2.62.3-3.el8_8.4,libsoup-0:2.72.0-8.el9_2.4,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-32053
Severity: moderate
Released on: 03/04/2025
Advisory: RHSA-2025:4440, RHSA-2025:4560, RHSA-2025:4508, RHSA-2025:4568,
Bugzilla: 2357070
Bugzilla Description:
libsoup: Heap buffer overflows in sniff_feed_or_html() and skip_insignificant_space()
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-126
Affected Packages: libsoup-0:2.62.3-8.el8_10,libsoup-0:2.72.0-8.el9_4.4,libsoup-0:2.62.3-3.el8_8.4,libsoup-0:2.72.0-8.el9_2.4,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-3155
Severity: important
Released on: 03/04/2025
Advisory: RHSA-2025:4455, RHSA-2025:4532, RHSA-2025:4451, RHSA-2025:4450, RHSA-2025:4505, RHSA-2025:4457, RHSA-2025:4456,
Bugzilla: 2357091
Bugzilla Description:
yelp: Arbitrary file read
CVSS Score:
CVSSv3 Score: 7.4
Vector:
CWE: CWE-829
Affected Packages: yelp-2:3.28.1-3.el8_2.1,yelp-2:3.28.1-3.el8_6.1,yelp-2:40.3-2.el9_4.1,yelp-2:3.28.1-3.el8_4.1,yelp-2:40.3-2.el9_2.1,yelp-2:40.3-2.el9_0.1,yelp-2:3.28.1-3.el8_8.1,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22005
Severity: moderate
Released on: 03/04/2025
Advisory:
Bugzilla: 2357129
Bugzilla Description:
kernel: ipv6: Fix memleak of nhc_pcpu_rth_output in fib_check_nh_v6_gw().
CVSS Score:
CVSSv3 Score: 6.1
Vector:
CWE: CWE-401
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21996
Severity: low
Released on: 03/04/2025
Advisory:
Bugzilla: 2357132
Bugzilla Description:
kernel: drm/radeon: fix uninitialized size issue in radeon_vce_cs_parse()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-908
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22003
Severity: moderate
Released on: 03/04/2025
Advisory:
Bugzilla: 2357133
Bugzilla Description:
kernel: can: ucan: fix out of bound read in strscpy() source
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21999
Severity: moderate
Released on: 03/04/2025
Advisory:
Bugzilla: 2357134
Bugzilla Description:
kernel: proc: fix UAF in proc_get_inode()
CVSS Score:
CVSSv3 Score: 6.4
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21998
Severity: moderate
Released on: 03/04/2025
Advisory:
Bugzilla: 2357135
Bugzilla Description:
kernel: firmware: qcom: uefisecapp: fix efivars registration race
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22001
Severity: moderate
Released on: 03/04/2025
Advisory:
Bugzilla: 2357136
Bugzilla Description:
kernel: accel/qaic: Fix integer overflow in qaic_validate_req()
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-190
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22000
Severity: moderate
Released on: 03/04/2025
Advisory:
Bugzilla: 2357137
Bugzilla Description:
kernel: mm/huge_memory: drop beyond-EOF folios with the right number of refs
CVSS Score:
CVSSv3 Score: 6.1
Vector:
CWE: CWE-401
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22007
Severity: moderate
Released on: 03/04/2025
Advisory:
Bugzilla: 2357138
Bugzilla Description:
kernel: Bluetooth: Fix error code in chan_alloc_skb_cb()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21995
Severity: low
Released on: 03/04/2025
Advisory:
Bugzilla: 2357139
Bugzilla Description:
kernel: drm/sched: Fix fence reference count leak
CVSS Score:
CVSSv3 Score: 6.1
Vector:
CWE: CWE-401
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22002
Severity: moderate
Released on: 03/04/2025
Advisory:
Bugzilla: 2357140
Bugzilla Description:
kernel: netfs: Call `invalidate_cache` only if implemented
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22006
Severity: moderate
Released on: 03/04/2025
Advisory:
Bugzilla: 2357141
Bugzilla Description:
kernel: net: ethernet: ti: am65-cpsw: Fix NAPI registration sequence
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-22004
Severity: low
Released on: 03/04/2025
Advisory:
Bugzilla: 2357142
Bugzilla Description:
kernel: net: atm: fix use after free in lec_send()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21997
Severity: moderate
Released on: 03/04/2025
Advisory:
Bugzilla: 2357143
Bugzilla Description:
kernel: xsk: fix an integer overflow in xp_create_and_assign_umem()
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-190
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-30218
Severity: low
Released on: 02/04/2025
Advisory:
Bugzilla: 2357034
Bugzilla Description:
next.js: Next.js may leak x-middleware-subrequest-id to external hosts
CVSS Score:
CVSSv3 Score: 3.7
Vector:
CWE: CWE-200
Affected Packages:
Package States: Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux AI (RHEL AI),Red Hat Enterprise Linux AI (RHEL AI),Red Hat Trusted Artifact Signer,streams for Apache Kafka 2,
Full Details
CVE document
CVE-2025-31721
Severity: moderate
Released on: 02/04/2025
Advisory:
Bugzilla: 2356948
Bugzilla Description:
jenkins: Missing permission check allows retrieving secrets from agent configurations
CVSS Score:
CVSSv3 Score: 4.9
Vector:
CWE: CWE-862
Affected Packages:
Package States: OpenShift Developer Tools and Services,Red Hat Developer Hub,
Full Details
CVE document
CVE-2025-31720
Severity: moderate
Released on: 02/04/2025
Advisory:
Bugzilla: 2356952
Bugzilla Description:
jenkins: Missing permission check allows retrieving agent configurations
CVSS Score:
CVSSv3 Score: 4.3
Vector:
CWE: CWE-862
Affected Packages:
Package States: OpenShift Developer Tools and Services,Red Hat Developer Hub,
Full Details
CVE document
CVE-2025-27556
Severity: moderate
Released on: 02/04/2025
Advisory:
Bugzilla: 2356899
Bugzilla Description:
django: Django DoS Unicode Attack
CVSS Score:
CVSSv3 Score: 5.8
Vector:
CWE: CWE-770
Affected Packages:
Package States: Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Discovery,
Full Details
CVE document
CVE-2025-21987
Severity: low
Released on: 02/04/2025
Advisory:
Bugzilla: 2356900
Bugzilla Description:
kernel: drm/amdgpu: init return value in amdgpu_ttm_clear_buffer
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-908
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21988
Severity: moderate
Released on: 02/04/2025
Advisory:
Bugzilla: 2356906
Bugzilla Description:
kernel: fs/netfs/read_collect: add to next->prev_donated
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-99
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21993
Severity: moderate
Released on: 02/04/2025
Advisory:
Bugzilla: 2356908
Bugzilla Description:
kernel: iscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic()
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21989
Severity: low
Released on: 02/04/2025
Advisory:
Bugzilla: 2356913
Bugzilla Description:
kernel: drm/amd/display: fix missing .is_two_pixels_per_container
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21991
Severity: moderate
Released on: 02/04/2025
Advisory:
Bugzilla: 2356917
Bugzilla Description:
kernel: x86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes
CVSS Score:
CVSSv3 Score: 6.7
Vector:
CWE: CWE-787
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21990
Severity: low
Released on: 02/04/2025
Advisory:
Bugzilla: 2356918
Bugzilla Description:
kernel: drm/amdgpu: NULL-check BO's backing store when determining GFX12 PTE flags
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21992
Severity: low
Released on: 02/04/2025
Advisory:
Bugzilla: 2356919
Bugzilla Description:
kernel: HID: ignore non-functional sensor in HP 5MP Camera
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-20
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21994
Severity: moderate
Released on: 02/04/2025
Advisory:
Bugzilla: 2356924
Bugzilla Description:
kernel: ksmbd: fix incorrect validation for num_aces field of smb_acl
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-99
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-6800
Severity:
Released on: 01/04/2025
Advisory:
Bugzilla: 2254394
Bugzilla Description:
keycloak-core: Session Fixation
CVSS Score:
Vector:
CWE: CWE-384
Affected Packages:
Package States:
Full Details
CVE document
CVE-2025-3032
Severity: moderate
Released on: 01/04/2025
Advisory:
Bugzilla: 2356558
Bugzilla Description:
thunderbird: firefox: Leaking file descriptors from the fork server
CVSS Score:
CVSSv3 Score: 6.3
Vector:
CWE: CWE-497
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-3031
Severity: moderate
Released on: 01/04/2025
Advisory:
Bugzilla: 2356560
Bugzilla Description:
firefox: thunderbird: JIT optimization bug with different stack slot sizes
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-203
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-3030
Severity: important
Released on: 01/04/2025
Advisory: RHSA-2025:3628, RHSA-2025:3623, RHSA-2025:4029, RHSA-2025:3556, RHSA-2025:3589, RHSA-2025:3621, RHSA-2025:4028, RHSA-2025:3620, RHSA-2025:3587, RHSA-2025:4027, RHSA-2025:4169, RHSA-2025:4026, RHSA-2025:3582, RHSA-2025:4032, RHSA-2025:3581, RHSA-2025:4031, RHSA-2025:4030, RHSA-2025:3590, RHSA-2025:4170,
Bugzilla: 2356563
Bugzilla Description:
firefox: thunderbird: Memory safety bugs fixed in Firefox 137, Thunderbird 137, Firefox ESR 128.9, and Thunderbird 128.9
CVSS Score:
CVSSv3 Score: 8.8
Vector:
CWE: CWE-120
Affected Packages: firefox-0:128.9.0-2.el7_9,firefox-0:128.9.0-2.el8_8,firefox-0:128.9.0-2.el8_6,firefox-0:128.9.0-2.el9_5,firefox-0:128.9.0-2.el8_4,firefox-0:128.9.0-2.el9_4,firefox-0:128.9.0-2.el8_2,firefox-0:128.9.0-2.el9_2,thunderbird-0:128.9.0-2.el8_6,thunderbird-0:128.9.0-2.el9_5,thunderbird-0:128.9.0-2.el8_8,thunderbird-0:128.9.0-2.el8_2,firefox-0:128.9.0-2.el9_0,thunderbird-0:128.9.0-2.el9_2,thunderbird-0:128.9.0-2.el8_10,thunderbird-0:128.9.0-2.el8_4,thunderbird-0:128.9.0-2.el9_4,firefox-0:128.9.0-2.el8_10,thunderbird-0:128.9.0-2.el9_0,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-3029
Severity: moderate
Released on: 01/04/2025
Advisory: RHSA-2025:3628, RHSA-2025:3623, RHSA-2025:4029, RHSA-2025:3556, RHSA-2025:3589, RHSA-2025:3621, RHSA-2025:4028, RHSA-2025:3620, RHSA-2025:3587, RHSA-2025:4027, RHSA-2025:4169, RHSA-2025:4026, RHSA-2025:3582, RHSA-2025:4032, RHSA-2025:3581, RHSA-2025:4031, RHSA-2025:4030, RHSA-2025:3590, RHSA-2025:4170,
Bugzilla: 2356556
Bugzilla Description:
firefox: thunderbird: URL Bar Spoofing via non-BMP Unicode characters
CVSS Score:
CVSSv3 Score: 5.4
Vector:
CWE: CWE-346
Affected Packages: firefox-0:128.9.0-2.el7_9,firefox-0:128.9.0-2.el8_8,firefox-0:128.9.0-2.el8_6,firefox-0:128.9.0-2.el9_5,firefox-0:128.9.0-2.el8_4,firefox-0:128.9.0-2.el9_4,firefox-0:128.9.0-2.el8_2,firefox-0:128.9.0-2.el9_2,thunderbird-0:128.9.0-2.el8_6,thunderbird-0:128.9.0-2.el9_5,thunderbird-0:128.9.0-2.el8_8,thunderbird-0:128.9.0-2.el8_2,firefox-0:128.9.0-2.el9_0,thunderbird-0:128.9.0-2.el9_2,thunderbird-0:128.9.0-2.el8_10,thunderbird-0:128.9.0-2.el8_4,thunderbird-0:128.9.0-2.el9_4,firefox-0:128.9.0-2.el8_10,thunderbird-0:128.9.0-2.el9_0,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-3028
Severity: important
Released on: 01/04/2025
Advisory: RHSA-2025:3628, RHSA-2025:3623, RHSA-2025:4029, RHSA-2025:3556, RHSA-2025:3589, RHSA-2025:3621, RHSA-2025:4028, RHSA-2025:3620, RHSA-2025:3587, RHSA-2025:4027, RHSA-2025:4169, RHSA-2025:4026, RHSA-2025:3582, RHSA-2025:4032, RHSA-2025:3581, RHSA-2025:4031, RHSA-2025:4030, RHSA-2025:3590, RHSA-2025:4170,
Bugzilla: 2356562
Bugzilla Description:
firefox: thunderbird: Use-after-free triggered by XSLTProcessor
CVSS Score:
CVSSv3 Score: 7.6
Vector:
CWE: CWE-416
Affected Packages: firefox-0:128.9.0-2.el7_9,firefox-0:128.9.0-2.el8_8,firefox-0:128.9.0-2.el8_6,firefox-0:128.9.0-2.el9_5,firefox-0:128.9.0-2.el8_4,firefox-0:128.9.0-2.el9_4,firefox-0:128.9.0-2.el8_2,firefox-0:128.9.0-2.el9_2,thunderbird-0:128.9.0-2.el8_6,thunderbird-0:128.9.0-2.el9_5,thunderbird-0:128.9.0-2.el8_8,thunderbird-0:128.9.0-2.el8_2,firefox-0:128.9.0-2.el9_0,thunderbird-0:128.9.0-2.el9_2,thunderbird-0:128.9.0-2.el8_10,thunderbird-0:128.9.0-2.el8_4,thunderbird-0:128.9.0-2.el9_4,firefox-0:128.9.0-2.el8_10,thunderbird-0:128.9.0-2.el9_0,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-30177
Severity: moderate
Released on: 01/04/2025
Advisory:
Bugzilla: 2356545
Bugzilla Description:
org.apache.camel/camel-undertow: Apache Camel: Camel-Undertow Message Header Injection via Improper Filtering
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-164
Affected Packages:
Package States: Red Hat build of Apache Camel for Spring Boot 4,Red Hat build of Apache Camel for Spring Boot 4,Red Hat Fuse 7,Red Hat Fuse 7,Red Hat Fuse 7,Red Hat Fuse 7,Red Hat Integration Camel K 1,Red Hat Integration Camel K 1,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat Single Sign-On 7,
Full Details
CVE document
CVE-2025-30065
Severity: critical
Released on: 01/04/2025
Advisory:
Bugzilla: 2356519
Bugzilla Description:
org.apache.parquet/parquet-avro: Apache Parquet Java: Arbitrary code execution in the parquet-avro module when reading an Avro schema from a Parquet file metadata
CVSS Score:
CVSSv3 Score: 10.0
Vector:
CWE: CWE-502
Affected Packages:
Package States: Red Hat build of Apache Camel for Spring Boot 4,Red Hat build of Apache Camel for Spring Boot 4,
Full Details
CVE document
CVE-2025-27427
Severity: low
Released on: 01/04/2025
Advisory:
Bugzilla: 2356520
Bugzilla Description:
org.apache.activemq/artemis-core-client: Apache ActiveMQ Artemis: Address routing-type can be updated by user without the createAddress permission
CVSS Score:
CVSSv3 Score: 4.3
Vector:
CWE: CWE-863
Affected Packages:
Package States: AMQ Clients,A-MQ Clients 2,Red Hat AMQ Broker 7,Red Hat build of Apache Camel 4 for Quarkus 3,Red Hat build of Apache Camel 4 for Quarkus 3,Red Hat build of Apache Camel for Spring Boot 4,Red Hat build of OptaPlanner 8,Red Hat Fuse 7,Red Hat Integration Camel K 1,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat Process Automation 7,Red Hat Single Sign-On 7,
Full Details
CVE document
CVE-2025-21961
Severity: moderate
Released on: 01/04/2025
Advisory:
Bugzilla: 2356584
Bugzilla Description:
kernel: eth: bnxt: fix truesize for mb-xdp-pass case
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-665
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21912
Severity: moderate
Released on: 01/04/2025
Advisory:
Bugzilla: 2356585
Bugzilla Description:
kernel: gpio: rcar: Use raw_spinlock to protect register access
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-667
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21939
Severity: low
Released on: 01/04/2025
Advisory:
Bugzilla: 2356586
Bugzilla Description:
kernel: drm/xe/hmm: Don't dereference struct page pointers without notifier lock
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21926
Severity: moderate
Released on: 01/04/2025
Advisory:
Bugzilla: 2356587
Bugzilla Description:
kernel: net: gso: fix ownership in __udp_gso_segment
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21948
Severity: moderate
Released on: 01/04/2025
Advisory:
Bugzilla: 2356588
Bugzilla Description:
kernel: HID: appleir: Fix potential NULL dereference at raw event handle
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21937
Severity: low
Released on: 01/04/2025
Advisory:
Bugzilla: 2356589
Bugzilla Description:
kernel: Bluetooth: Add check for mgmt_alloc_skb() in mgmt_remote_name()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21932
Severity: low
Released on: 01/04/2025
Advisory:
Bugzilla: 2356590
Bugzilla Description:
kernel: mm: abort vma_modify() on merge out of memory failure
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21936
Severity: moderate
Released on: 01/04/2025
Advisory:
Bugzilla: 2356591
Bugzilla Description:
kernel: Bluetooth: Add check for mgmt_alloc_skb() in mgmt_device_connected()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21928
Severity: moderate
Released on: 01/04/2025
Advisory:
Bugzilla: 2356592
Bugzilla Description:
kernel: HID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove()
CVSS Score:
CVSSv3 Score: 6.7
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21927
Severity: important
Released on: 01/04/2025
Advisory: RHSA-2025:4499, RHSA-2025:4498, RHSA-2025:4497, RHSA-2025:4496, RHSA-2025:4341, RHSA-2025:4340, RHSA-2025:4471, RHSA-2025:4509, RHSA-2025:4339, RHSA-2025:4469,
Bugzilla: 2356593
Bugzilla Description:
kernel: nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu()
CVSS Score:
CVSSv3 Score: 8.1
Vector:
CWE: CWE-119
Affected Packages: kernel-0:5.14.0-503.40.1.el9_5,kpatch-patch,kernel-0:5.14.0-70.131.1.el9_0,kernel-rt-0:5.14.0-70.131.1.rt21.203.el9_0,kernel-rt-0:5.14.0-284.115.1.rt14.400.el9_2,kernel-0:5.14.0-284.115.1.el9_2,kernel-0:5.14.0-427.67.1.el9_4,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21929
Severity: moderate
Released on: 01/04/2025
Advisory:
Bugzilla: 2356594
Bugzilla Description:
kernel: HID: intel-ish-hid: Fix use-after-free issue in hid_ishtp_cl_remove()
CVSS Score:
CVSSv3 Score: 6.7
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21901
Severity: low
Released on: 01/04/2025
Advisory:
Bugzilla: 2356595
Bugzilla Description:
kernel: RDMA/bnxt_re: Add sanity checks on rdev validity
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21910
Severity: low
Released on: 01/04/2025
Advisory:
Bugzilla: 2356596
Bugzilla Description:
kernel: wifi: cfg80211: regulatory: improve invalid hints checking
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21950
Severity: low
Released on: 01/04/2025
Advisory:
Bugzilla: 2356597
Bugzilla Description:
kernel: drivers: virt: acrn: hsm: Use kzalloc to avoid info leak in pmcmd_ioctl
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21971
Severity: moderate
Released on: 01/04/2025
Advisory:
Bugzilla: 2356598
Bugzilla Description:
kernel: net_sched: Prevent creation of classes with TC_H_ROOT
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21968
Severity: important
Released on: 01/04/2025
Advisory:
Bugzilla: 2356599
Bugzilla Description:
kernel: drm/amd/display: Fix slab-use-after-free on hdcp_work
CVSS Score:
CVSSv3 Score: 7.8
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21956
Severity: low
Released on: 01/04/2025
Advisory:
Bugzilla: 2356600
Bugzilla Description:
kernel: drm/amd/display: Assign normalized_pix_clk when color depth = 14
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21954
Severity: low
Released on: 01/04/2025
Advisory:
Bugzilla: 2356601
Bugzilla Description:
kernel: netmem: prevent TX of unreadable skbs
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21972
Severity: low
Released on: 01/04/2025
Advisory:
Bugzilla: 2356602
Bugzilla Description:
kernel: net: mctp: unshare packets when reassembling
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21960
Severity: moderate
Released on: 01/04/2025
Advisory:
Bugzilla: 2356603
Bugzilla Description:
kernel: eth: bnxt: do not update checksum in bnxt_xdp_build_skb()
CVSS Score:
CVSSv3 Score: 5.7
Vector:
CWE: CWE-675
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21941
Severity: moderate
Released on: 01/04/2025
Advisory:
Bugzilla: 2356604
Bugzilla Description:
kernel: drm/amd/display: Fix null check for pipe_ctx->plane_state in resource_build_scaling_params
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21966
Severity: moderate
Released on: 01/04/2025
Advisory:
Bugzilla: 2356605
Bugzilla Description:
kernel: dm-flakey: Fix memory corruption in optional corrupt_bio_byte feature
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-119
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21973
Severity: moderate
Released on: 01/04/2025
Advisory:
Bugzilla: 2356606
Bugzilla Description:
kernel: eth: bnxt: fix kernel panic in the bnxt_get_queue_stats{rx | tx}
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21986
Severity: moderate
Released on: 01/04/2025
Advisory:
Bugzilla: 2356607
Bugzilla Description:
kernel: net: switchdev: Convert blocking notification chain to a raw one
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21934
Severity: important
Released on: 01/04/2025
Advisory:
Bugzilla: 2356608
Bugzilla Description:
kernel: rapidio: fix an API misues when rio_add_net() fails
CVSS Score:
CVSSv3 Score: 7.8
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21914
Severity: low
Released on: 01/04/2025
Advisory:
Bugzilla: 2356609
Bugzilla Description:
kernel: slimbus: messaging: Free transaction ID in delayed interrupt scenario
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21959
Severity: moderate
Released on: 01/04/2025
Advisory:
Bugzilla: 2356610
Bugzilla Description:
kernel: netfilter: nf_conncount: Fully initialize struct nf_conncount_tuple in insert_tree()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-908
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21923
Severity: important
Released on: 01/04/2025
Advisory:
Bugzilla: 2356611
Bugzilla Description:
kernel: HID: hid-steam: Fix use-after-free when detaching device
CVSS Score:
CVSSv3 Score: 7.8
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21933
Severity: moderate
Released on: 01/04/2025
Advisory:
Bugzilla: 2356612
Bugzilla Description:
kernel: arm: pgtable: fix NULL pointer dereference issue
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21905
Severity: moderate
Released on: 01/04/2025
Advisory:
Bugzilla: 2356613
Bugzilla Description:
kernel: wifi: iwlwifi: limit printed string from FW file
CVSS Score:
CVSSv3 Score: 6.0
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21895
Severity: low
Released on: 01/04/2025
Advisory:
Bugzilla: 2356614
Bugzilla Description:
kernel: perf/core: Order the PMU list to fix warning about unordered pmu_ctx_list
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21916
Severity: low
Released on: 01/04/2025
Advisory:
Bugzilla: 2356615
Bugzilla Description:
kernel: usb: atm: cxacru: fix a flaw in existing endpoint checks
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21943
Severity: moderate
Released on: 01/04/2025
Advisory:
Bugzilla: 2356616
Bugzilla Description:
kernel: gpio: aggregator: protect driver attr handlers against module unload
CVSS Score:
CVSSv3 Score: 4.7
Vector:
CWE: CWE-362
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21975
Severity: moderate
Released on: 01/04/2025
Advisory:
Bugzilla: 2356617
Bugzilla Description:
kernel: net/mlx5: handle errors in mlx5_chains_create_table()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21919
Severity: moderate
Released on: 01/04/2025
Advisory:
Bugzilla: 2356618
Bugzilla Description:
kernel: sched/fair: Fix potential memory corruption in child_cfs_rq_on_list
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-787
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21903
Severity: low
Released on: 01/04/2025
Advisory:
Bugzilla: 2356619
Bugzilla Description:
kernel: mctp i3c: handle NULL header address
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21908
Severity: moderate
Released on: 01/04/2025
Advisory:
Bugzilla: 2356620
Bugzilla Description:
kernel: NFS: fix nfs_release_folio() to not deadlock via kcompactd writeback
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-667
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21896
Severity: moderate
Released on: 01/04/2025
Advisory:
Bugzilla: 2356621
Bugzilla Description:
kernel: fuse: revert back to __readahead_folio() for readahead
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21949
Severity: moderate
Released on: 01/04/2025
Advisory:
Bugzilla: 2356622
Bugzilla Description:
kernel: LoongArch: Set hugetlb mmap base address aligned with pmd size
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-665
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21955
Severity: low
Released on: 01/04/2025
Advisory:
Bugzilla: 2356623
Bugzilla Description:
kernel: ksmbd: prevent connection release during oplock break notification
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21962
Severity: moderate
Released on: 01/04/2025
Advisory:
Bugzilla: 2356624
Bugzilla Description:
kernel: cifs: Fix integer overflow while processing closetimeo mount option
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-190
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21945
Severity: moderate
Released on: 01/04/2025
Advisory:
Bugzilla: 2356625
Bugzilla Description:
kernel: ksmbd: fix use-after-free in smb2_lock
CVSS Score:
CVSSv3 Score: 7.8
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21953
Severity: low
Released on: 01/04/2025
Advisory:
Bugzilla: 2356626
Bugzilla Description:
kernel: net: mana: cleanup mana struct after debugfs_remove()
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21981
Severity: low
Released on: 01/04/2025
Advisory:
Bugzilla: 2356627
Bugzilla Description:
kernel: ice: fix memory leak in aRFS after reset
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-401
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21899
Severity: moderate
Released on: 01/04/2025
Advisory:
Bugzilla: 2356628
Bugzilla Description:
kernel: tracing: Fix bad hist from corrupting named_triggers list
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21894
Severity: moderate
Released on: 01/04/2025
Advisory:
Bugzilla: 2356629
Bugzilla Description:
kernel: net: enetc: VFs do not support HWTSTAMP_TX_ONESTEP_SYNC
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21982
Severity: moderate
Released on: 01/04/2025
Advisory:
Bugzilla: 2356630
Bugzilla Description:
kernel: pinctrl: nuvoton: npcm8xx: Add NULL check in npcm8xx_gpio_fw
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21946
Severity: low
Released on: 01/04/2025
Advisory:
Bugzilla: 2356631
Bugzilla Description:
kernel: ksmbd: fix out-of-bounds in parse_sec_desc()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21977
Severity: low
Released on: 01/04/2025
Advisory:
Bugzilla: 2356632
Bugzilla Description:
kernel: fbdev: hyperv_fb: Fix hang in kdump kernel when on Hyper-V Gen 2 VMs
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21969
Severity: moderate
Released on: 01/04/2025
Advisory:
Bugzilla: 2356633
Bugzilla Description:
kernel: Bluetooth: L2CAP: Fix slab-use-after-free Read in l2cap_send_cmd
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21907
Severity: low
Released on: 01/04/2025
Advisory:
Bugzilla: 2356634
Bugzilla Description:
kernel: mm: memory-failure: update ttu flag inside unmap_poisoned_folio
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21917
Severity: moderate
Released on: 01/04/2025
Advisory:
Bugzilla: 2356635
Bugzilla Description:
kernel: usb: renesas_usbhs: Flush the notify_hotplug_work
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21980
Severity: moderate
Released on: 01/04/2025
Advisory:
Bugzilla: 2356636
Bugzilla Description:
kernel: sched: address a potential NULL pointer dereference in the GRED scheduler.
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21983
Severity: low
Released on: 01/04/2025
Advisory:
Bugzilla: 2356637
Bugzilla Description:
kernel: mm/slab/kvfree_rcu: Switch to WQ_MEM_RECLAIM wq
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21958
Severity: low
Released on: 01/04/2025
Advisory:
Bugzilla: 2356638
Bugzilla Description:
kernel: Revert "openvswitch: switch to per-action label counting in conntrack"
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21920
Severity: moderate
Released on: 01/04/2025
Advisory:
Bugzilla: 2356639
Bugzilla Description:
kernel: vlan: enforce underlying device type
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-125
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21978
Severity: low
Released on: 01/04/2025
Advisory:
Bugzilla: 2356640
Bugzilla Description:
kernel: drm/hyperv: Fix address space leak when Hyper-V DRM device is removed
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21931
Severity: low
Released on: 01/04/2025
Advisory:
Bugzilla: 2356641
Bugzilla Description:
kernel: hwpoison, memory_hotplug: lock folio before unmap hwpoisoned folio
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21963
Severity: moderate
Released on: 01/04/2025
Advisory:
Bugzilla: 2356642
Bugzilla Description:
kernel: cifs: Fix integer overflow while processing acdirmax mount option
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-190
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21930
Severity: low
Released on: 01/04/2025
Advisory:
Bugzilla: 2356643
Bugzilla Description:
kernel: wifi: iwlwifi: mvm: don't try to talk to a dead firmware
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21909
Severity: low
Released on: 01/04/2025
Advisory:
Bugzilla: 2356644
Bugzilla Description:
kernel: wifi: nl80211: reject cooked mode if it is set along with other flags
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21924
Severity: low
Released on: 01/04/2025
Advisory:
Bugzilla: 2356645
Bugzilla Description:
kernel: net: hns3: make sure ptp clock is unregister and freed if hclge_ptp_get_cycle returns an error
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-459
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21967
Severity: important
Released on: 01/04/2025
Advisory:
Bugzilla: 2356646
Bugzilla Description:
kernel: ksmbd: fix use-after-free in ksmbd_free_work_struct
CVSS Score:
CVSSv3 Score: 7.8
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21902
Severity: low
Released on: 01/04/2025
Advisory:
Bugzilla: 2356647
Bugzilla Description:
kernel: acpi: typec: ucsi: Introduce a ->poll_cci method
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21906
Severity: low
Released on: 01/04/2025
Advisory:
Bugzilla: 2356648
Bugzilla Description:
kernel: wifi: iwlwifi: mvm: clean up ROC on failure
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21974
Severity: moderate
Released on: 01/04/2025
Advisory:
Bugzilla: 2356649
Bugzilla Description:
kernel: eth: bnxt: return fail if interface is down in bnxt_queue_mem_alloc()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-460
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21942
Severity: low
Released on: 01/04/2025
Advisory:
Bugzilla: 2356650
Bugzilla Description:
kernel: btrfs: zoned: fix extent range end unlock in cow_file_range()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21965
Severity: low
Released on: 01/04/2025
Advisory:
Bugzilla: 2356651
Bugzilla Description:
kernel: sched_ext: Validate prev_cpu in scx_bpf_select_cpu_dfl()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21979
Severity: moderate
Released on: 01/04/2025
Advisory:
Bugzilla: 2356652
Bugzilla Description:
kernel: wifi: cfg80211: cancel wiphy_work before freeing wiphy
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21904
Severity: moderate
Released on: 01/04/2025
Advisory:
Bugzilla: 2356653
Bugzilla Description:
kernel: caif_virtio: fix wrong pointer check in cfv_probe()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21935
Severity: low
Released on: 01/04/2025
Advisory:
Bugzilla: 2356654
Bugzilla Description:
kernel: rapidio: add check for rio_add_net() in rio_scan_alloc_net()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21940
Severity: moderate
Released on: 01/04/2025
Advisory:
Bugzilla: 2356655
Bugzilla Description:
kernel: drm/amdkfd: Fix NULL Pointer Dereference in KFD queue
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21952
Severity: moderate
Released on: 01/04/2025
Advisory:
Bugzilla: 2356656
Bugzilla Description:
kernel: HID: corsair-void: Update power supply values with a unified work handler
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21922
Severity: low
Released on: 01/04/2025
Advisory:
Bugzilla: 2356657
Bugzilla Description:
kernel: ppp: Fix KMSAN uninit-value warning with bpf
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-908
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21985
Severity: moderate
Released on: 01/04/2025
Advisory:
Bugzilla: 2356658
Bugzilla Description:
kernel: drm/amd/display: Fix out-of-bound accesses
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-787
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21984
Severity: moderate
Released on: 01/04/2025
Advisory:
Bugzilla: 2356659
Bugzilla Description:
kernel: mm: fix kernel BUG when userfaultfd_move encounters swapcache
CVSS Score:
CVSSv3 Score: 4.7
Vector:
CWE: CWE-362
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21921
Severity: low
Released on: 01/04/2025
Advisory:
Bugzilla: 2356660
Bugzilla Description:
kernel: net: ethtool: netlink: Allow NULL nlattrs when getting a phy_device
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21970
Severity: moderate
Released on: 01/04/2025
Advisory:
Bugzilla: 2356661
Bugzilla Description:
kernel: net/mlx5: Bridge, fix the crash caused by LAG state check
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21897
Severity: moderate
Released on: 01/04/2025
Advisory:
Bugzilla: 2356662
Bugzilla Description:
kernel: sched_ext: Fix pick_task_scx() picking non-queued tasks when it's called without balance()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21951
Severity: moderate
Released on: 01/04/2025
Advisory:
Bugzilla: 2356663
Bugzilla Description:
kernel: bus: mhi: host: pci_generic: Use pci_try_reset_function() to avoid deadlock
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-667
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21976
Severity: low
Released on: 01/04/2025
Advisory:
Bugzilla: 2356664
Bugzilla Description:
kernel: fbdev: hyperv_fb: Allow graceful removal of framebuffer
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21964
Severity: moderate
Released on: 01/04/2025
Advisory:
Bugzilla: 2356665
Bugzilla Description:
kernel: cifs: Fix integer overflow while processing acregmax mount option
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-190
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21957
Severity: moderate
Released on: 01/04/2025
Advisory:
Bugzilla: 2356666
Bugzilla Description:
kernel: scsi: qla1280: Fix kernel oops when debug level > 2
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21900
Severity: moderate
Released on: 01/04/2025
Advisory:
Bugzilla: 2356667
Bugzilla Description:
kernel: NFSv4: Fix a deadlock when recovering state on a sillyrenamed file
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-667
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21938
Severity: moderate
Released on: 01/04/2025
Advisory:
Bugzilla: 2356668
Bugzilla Description:
kernel: mptcp: fix 'scheduling while atomic' in mptcp_pm_nl_append_new_local_addr
CVSS Score:
CVSSv3 Score: 5.9
Vector:
CWE: CWE-362
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21915
Severity: moderate
Released on: 01/04/2025
Advisory:
Bugzilla: 2356669
Bugzilla Description:
kernel: cdx: Fix possible UAF error in driver_override_show()
CVSS Score:
CVSSv3 Score: 7.0
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21911
Severity: moderate
Released on: 01/04/2025
Advisory:
Bugzilla: 2356670
Bugzilla Description:
kernel: drm/imagination: avoid deadlock on fence release
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-667
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21898
Severity: low
Released on: 01/04/2025
Advisory:
Bugzilla: 2356671
Bugzilla Description:
kernel: ftrace: Avoid potential division by zero in function_stat_show()
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-369
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21913
Severity: low
Released on: 01/04/2025
Advisory:
Bugzilla: 2356672
Bugzilla Description:
kernel: x86/amd_nb: Use rdmsr_safe() in amd_get_mmconfig_range()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21944
Severity: low
Released on: 01/04/2025
Advisory:
Bugzilla: 2356674
Bugzilla Description:
kernel: ksmbd: fix bug on trap in smb2_lock
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21925
Severity: low
Released on: 01/04/2025
Advisory:
Bugzilla: 2356675
Bugzilla Description:
kernel: llc: do not use skb_get() before dev_queue_xmit()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21947
Severity: moderate
Released on: 01/04/2025
Advisory:
Bugzilla: 2356676
Bugzilla Description:
kernel: ksmbd: fix type confusion via race condition when using ipc_msg_send_request
CVSS Score:
CVSSv3 Score: 4.7
Vector:
CWE: CWE-362
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21918
Severity: low
Released on: 01/04/2025
Advisory:
Bugzilla: 2356677
Bugzilla Description:
kernel: usb: typec: ucsi: Fix NULL pointer access
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-31695
Severity:
Released on: 31/03/2025
Advisory:
Bugzilla: 2356383
Bugzilla Description:
Link field display mode formatter - Moderately critical - Cross site scripting - SA-CONTRIB-2025-024
CVSS Score:
Vector:
CWE: CWE-79
Affected Packages:
Package States:
Full Details
CVE document
CVE-2025-31125
Severity: moderate
Released on: 31/03/2025
Advisory:
Bugzilla: 2356283
Bugzilla Description:
vite: Vite has a `server.fs.deny` bypassed for `inline` and `raw` with `?import` query
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: (CWE-200|CWE-284)
Affected Packages:
Package States: Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat Ansible Automation Platform 2,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift distributed tracing 3,
Full Details
CVE document
CVE-2025-3004
Severity: moderate
Released on: 31/03/2025
Advisory:
Bugzilla: 2356284
Bugzilla Description:
Sayski ForestBlog search cross site scripting
CVSS Score:
Vector:
CWE: (CWE-79|CWE-94)
Affected Packages:
Package States:
Full Details
CVE document
CVE-2025-2586
Severity: important
Released on: 31/03/2025
Advisory:
Bugzilla: 2353998
Bugzilla Description:
ols: Unauthenticated Metrics Flooding in OpenShift Lightspeed Service Leading to Resource Exhaustion
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-400
Affected Packages:
Package States: OpenShift Lightspeed,
Full Details
CVE document
CVE-2025-21893
Severity: moderate
Released on: 31/03/2025
Advisory:
Bugzilla: 2356295
Bugzilla Description:
kernel: keys: Fix UAF in key_put()
CVSS Score:
CVSSv3 Score: 7.1
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-2953
Severity: low
Released on: 30/03/2025
Advisory:
Bugzilla: 2356078
Bugzilla Description:
torch: PyTorch torch.mkldnn_max_pool2d denial of service
CVSS Score:
CVSSv3 Score: 3.3
Vector:
CWE: CWE-404
Affected Packages:
Package States: OpenShift Lightspeed,Red Hat Enterprise Linux AI (RHEL AI),Red Hat Enterprise Linux AI (RHEL AI),Red Hat Enterprise Linux AI (RHEL AI),Red Hat Enterprise Linux AI (RHEL AI),Red Hat Enterprise Linux AI (RHEL AI),Red Hat Enterprise Linux AI (RHEL AI),Red Hat Enterprise Linux AI (RHEL AI),Red Hat Enterprise Linux AI (RHEL AI),Red Hat Enterprise Linux AI (RHEL AI),Red Hat Enterprise Linux AI (RHEL AI),Red Hat Enterprise Linux AI (RHEL AI),Red Hat Enterprise Linux AI (RHEL AI),Red Hat Enterprise Linux AI (RHEL AI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),
Full Details
CVE document
CVE-2025-1861
Severity: moderate
Released on: 30/03/2025
Advisory: RHSA-2025:4263,
Bugzilla: 2356046
Bugzilla Description:
php: Stream HTTP wrapper truncates redirect location to 1024 bytes
CVSS Score:
CVSSv3 Score: 5.3
Vector:
CWE: CWE-131
Affected Packages: php:8.1-9050020250423093228.9,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-1736
Severity: moderate
Released on: 30/03/2025
Advisory: RHSA-2025:4263,
Bugzilla: 2356041
Bugzilla Description:
php: Stream HTTP wrapper header check might omit basic auth header
CVSS Score:
CVSSv3 Score: 3.7
Vector:
CWE: CWE-20
Affected Packages: php:8.1-9050020250423093228.9,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-1734
Severity: moderate
Released on: 30/03/2025
Advisory: RHSA-2025:4263,
Bugzilla: 2356042
Bugzilla Description:
php: Streams HTTP wrapper does not fail for headers with invalid name and no colon
CVSS Score:
CVSSv3 Score: 3.7
Vector:
CWE: CWE-20
Affected Packages: php:8.1-9050020250423093228.9,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-1219
Severity: moderate
Released on: 30/03/2025
Advisory: RHSA-2025:4263,
Bugzilla: 2356043
Bugzilla Description:
php: libxml streams use wrong content-type header when requesting a redirected resource
CVSS Score:
CVSSv3 Score: 3.7
Vector:
CWE: CWE-20
Affected Packages: php:8.1-9050020250423093228.9,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-0927
Severity: moderate
Released on: 30/03/2025
Advisory:
Bugzilla: 2354340
Bugzilla Description:
kernel: heap overflow in the hfs and hfsplus filesystems with manually crafted filesystem
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-787
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-1217
Severity: moderate
Released on: 29/03/2025
Advisory: RHSA-2025:4263,
Bugzilla: 2355917
Bugzilla Description:
php: Header parser of http stream wrapper does not handle folded headers
CVSS Score:
CVSSv3 Score: 3.7
Vector:
CWE: CWE-20
Affected Packages: php:8.1-9050020250423093228.9,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-6875
Severity: moderate
Released on: 28/03/2025
Advisory:
Bugzilla: 2298555
Bugzilla Description:
infinispan: infinispan: REST compare API has buffer leak
CVSS Score:
CVSSv3 Score: 6.5
Vector:
CWE: CWE-401
Affected Packages:
Package States: Red Hat Data Grid 8,Red Hat JBoss Data Grid 7,
Full Details
CVE document
CVE-2025-2926
Severity: low
Released on: 28/03/2025
Advisory:
Bugzilla: 2355868
Bugzilla Description:
hdf5: HDF5 H5Ocache.c H5O__cache_chk_serialize null pointer dereference
CVSS Score:
CVSSv3 Score: 3.3
Vector:
CWE: (CWE-404|CWE-476)
Affected Packages:
Package States: Red Hat Enterprise Linux AI (RHEL AI),
Full Details
CVE document
CVE-2025-2925
Severity: low
Released on: 28/03/2025
Advisory:
Bugzilla: 2355863
Bugzilla Description:
hdf5: HDF5 H5MM.c H5MM_realloc double free
CVSS Score:
CVSSv3 Score: 3.3
Vector:
CWE: (CWE-119|CWE-415)
Affected Packages:
Package States: Red Hat Enterprise Linux AI (RHEL AI),
Full Details
CVE document
CVE-2024-11735
Severity:
Released on: 28/03/2025
Advisory:
Bugzilla: 2328849
Bugzilla Description:
org.keycloak:keycloak-quarkus-server: HTTP Metrics explosion
CVSS Score:
Vector:
CWE: CWE-770
Affected Packages:
Package States: Red Hat JBoss Enterprise Application Platform 8,
Full Details
CVE document
CVE-2025-2924
Severity: low
Released on: 28/03/2025
Advisory:
Bugzilla: 2355824
Bugzilla Description:
hdf5: HDF5 H5HLcache.c H5HL__fl_deserialize heap-based overflow
CVSS Score:
CVSSv3 Score: 3.3
Vector:
CWE: (CWE-119|CWE-122)
Affected Packages:
Package States: Red Hat Enterprise Linux AI (RHEL AI),
Full Details
CVE document
CVE-2025-2915
Severity: low
Released on: 28/03/2025
Advisory:
Bugzilla: 2355811
Bugzilla Description:
hdf5: HDF5 H5Faccum.c H5F__accum_free heap-based overflow
CVSS Score:
CVSSv3 Score: 3.3
Vector:
CWE: (CWE-119|CWE-122)
Affected Packages:
Package States: Red Hat Enterprise Linux AI (RHEL AI),
Full Details
CVE document
CVE-2025-2914
Severity: low
Released on: 28/03/2025
Advisory:
Bugzilla: 2355804
Bugzilla Description:
hdf5: HDF5 H5FScache.c H5FS__sinfo_Srialize_Sct_cb heap-based overflow
CVSS Score:
CVSSv3 Score: 3.3
Vector:
CWE: (CWE-119|CWE-122)
Affected Packages:
Package States: Red Hat Enterprise Linux AI (RHEL AI),
Full Details
CVE document
CVE-2025-2913
Severity: low
Released on: 28/03/2025
Advisory:
Bugzilla: 2355803
Bugzilla Description:
hdf5: HDF5 H5FL.c H5FL__blk_gc_list use after free
CVSS Score:
CVSSv3 Score: 3.3
Vector:
CWE: (CWE-119|CWE-416)
Affected Packages:
Package States: Red Hat Enterprise Linux AI (RHEL AI),
Full Details
CVE document
CVE-2025-2912
Severity: low
Released on: 28/03/2025
Advisory:
Bugzilla: 2355805
Bugzilla Description:
hdf5: HDF5 H5Omessage.c H5O_msg_flush heap-based overflow
CVSS Score:
CVSSv3 Score: 3.3
Vector:
CWE: (CWE-119|CWE-122)
Affected Packages:
Package States: Red Hat Enterprise Linux AI (RHEL AI),
Full Details
CVE document
CVE-2025-30211
Severity: important
Released on: 28/03/2025
Advisory:
Bugzilla: 2355785
Bugzilla Description:
erlang: KEX init error results with excessive memory usage
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-789
Affected Packages:
Package States: Red Hat OpenStack Platform 16.2,Red Hat OpenStack Platform 17.1,Red Hat OpenStack Platform 18.0,
Full Details
CVE document
CVE-2025-31335
Severity: moderate
Released on: 28/03/2025
Advisory:
Bugzilla: 2355681
Bugzilla Description:
opensaml-core: Signature Forgery in OpenSAML
CVSS Score:
CVSSv3 Score: 4.0
Vector:
CWE: CWE-347
Affected Packages:
Package States: Logging Subsystem for Red Hat OpenShift,Red Hat build of Apache Camel 4 for Quarkus 3,Red Hat build of Apache Camel 4 for Quarkus 3,Red Hat build of Apache Camel for Spring Boot 4,Red Hat Fuse 7,Red Hat Integration Camel K 1,Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat Single Sign-On 7,
Full Details
CVE document
CVE-2025-2901
Severity: moderate
Released on: 28/03/2025
Advisory:
Bugzilla: 2355685
Bugzilla Description:
org.jboss.hal-hal-parent: Stored Cross-Site Scripting (XSS) in JBoss EAP Management Console
CVSS Score:
CVSSv3 Score: 4.6
Vector:
CWE: CWE-79
Affected Packages:
Package States: Red Hat JBoss Enterprise Application Platform 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,
Full Details
CVE document
CVE-2024-48615
Severity: important
Released on: 28/03/2025
Advisory:
Bugzilla: 2355784
Bugzilla Description:
libarchive: Null Pointer Dereference in Libarchive
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat OpenShift Container Platform 4,
Full Details
CVE document
CVE-2024-57083
Severity: important
Released on: 28/03/2025
Advisory: RHSA-2025:3929, RHSA-2025:3928, RHSA-2025:3930,
Bugzilla: 2355865
Bugzilla Description:
redoc: Prototype Pollution in redoc
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: CWE-1321
Affected Packages: advanced-cluster-security/rhacs-main-rhel8:4.7.2-3,advanced-cluster-security/rhacs-scanner-v4-db-rhel8:4.7.2-1,advanced-cluster-security/rhacs-scanner-rhel8:4.7.2-2,advanced-cluster-security/rhacs-roxctl-rhel8:4.7.2-1,advanced-cluster-security/rhacs-scanner-v4-rhel8:4.7.2-3,advanced-cluster-security/rhacs-rhel8-operator:4.6.5-1,advanced-cluster-security/rhacs-scanner-db-slim-rhel8:4.7.2-1,advanced-cluster-security/rhacs-central-db-rhel8:4.5.9-1,advanced-cluster-security/rhacs-collector-rhel8:4.7.2-2,advanced-cluster-security/rhacs-scanner-slim-rhel8:4.7.2-1,advanced-cluster-security/rhacs-roxctl-rhel8:4.6.5-1,advanced-cluster-security/rhacs-scanner-db-rhel8:4.5.9-1,advanced-cluster-security/rhacs-scanner-rhel8:4.6.5-1,advanced-cluster-security/rhacs-scanner-v4-db-rhel8:4.6.5-1,advanced-cluster-security/rhacs-rhel8-operator:4.7.2-1,advanced-cluster-security/rhacs-collector-slim-rhel8:4.6.5-1,advanced-cluster-security/rhacs-main-rhel8:4.6.5-1,advanced-cluster-security/rhacs-scanner-db-slim-rhel8:4.6.5-1,advanced-cluster-security/rhacs-operator-bundle:4.7.2-4,advanced-cluster-security/rhacs-roxctl-rhel8:4.5.9-1,advanced-cluster-security/rhacs-scanner-slim-rhel8:4.5.9-1,advanced-cluster-security/rhacs-main-rhel8:4.5.9-1,advanced-cluster-security/rhacs-scanner-db-rhel8:4.6.5-1,advanced-cluster-security/rhacs-central-db-rhel8:4.7.2-2,advanced-cluster-security/rhacs-operator-bundle:4.6.5-1,advanced-cluster-security/rhacs-scanner-db-slim-rhel8:4.5.9-1,advanced-cluster-security/rhacs-scanner-rhel8:4.5.9-1,advanced-cluster-security/rhacs-scanner-v4-db-rhel8:4.5.9-1,advanced-cluster-security/rhacs-collector-slim-rhel8:4.5.9-1,advanced-cluster-security/rhacs-scanner-slim-rhel8:4.6.5-1,advanced-cluster-security/rhacs-scanner-v4-rhel8:4.6.5-1,advanced-cluster-security/rhacs-central-db-rhel8:4.6.5-1,advanced-cluster-security/rhacs-collector-rhel8:4.5.9-1,advanced-cluster-security/rhacs-rhel8-operator:4.5.9-1,advanced-cluster-security/rhacs-operator-bundle:4.5.9-1,advanced-cluster-security/rhacs-collector-rhel8:4.6.5-1,advanced-cluster-security/rhacs-scanner-v4-rhel8:4.5.9-1,advanced-cluster-security/rhacs-scanner-db-rhel8:4.7.2-1,
Package States: Red Hat build of Apicurio Registry 2,Red Hat Integration Camel K 1,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,Red Hat OpenShift GitOps,
Full Details
CVE document
CVE-2024-12905
Severity: important
Released on: 27/03/2025
Advisory: RHSA-2025:3932,
Bugzilla: 2355460
Bugzilla Description:
tar-fs: link following and path traversal via maliciously crafted tar file
CVSS Score:
CVSSv3 Score: 7.5
Vector:
CWE: (CWE-22|CWE-59)
Affected Packages: devspaces/pluginregistry-rhel9:3.20-6,
Package States: Logging Subsystem for Red Hat OpenShift,OpenShift Serverless,Red Hat Developer Hub,Red Hat Fuse 7,Red Hat JBoss Enterprise Application Platform 8,Red Hat JBoss Enterprise Application Platform Expansion Pack,Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift AI (RHOAI),Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat OpenShift Dev Spaces,Red Hat Trusted Artifact Signer,
Full Details
CVE document
CVE-2025-2857
Severity:
Released on: 27/03/2025
Advisory:
Bugzilla: 2355327
Bugzilla Description:
firefox: Firefox IPC sandbox escape on windows
CVSS Score:
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-2842
Severity: moderate
Released on: 27/03/2025
Advisory: RHSA-2025:3740, RHSA-2025:3607,
Bugzilla: 2355219
Bugzilla Description:
tempo-operator: Tempo Operator Token Exposition lead to read sensitive data
CVSS Score:
CVSSv3 Score: 4.3
Vector:
CWE: CWE-200
Affected Packages: registry.redhat.io/rhosdt/tempo-rhel8-operator:sha256:a494025181bea65d1d839460a4a3985a46dc5f62cf7939b69293b95de5b1563a,registry.redhat.io/rhosdt/tempo-rhel8-operator:sha256:be2ec2e3d3b21748cfe3b9382f7fc1f6c72d5f380fc97773518c254c6e5794ca,
Package States: Red Hat OpenShift distributed tracing 3,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift distributed tracing 3,Red Hat OpenShift distributed tracing 3,
Full Details
CVE document
CVE-2025-21870
Severity: low
Released on: 27/03/2025
Advisory:
Bugzilla: 2355328
Bugzilla Description:
kernel: ASoC: SOF: ipc4-topology: Harden loops for looking up ALH copiers
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21869
Severity: low
Released on: 27/03/2025
Advisory:
Bugzilla: 2355329
Bugzilla Description:
kernel: powerpc/code-patching: Disable KASAN report during patching via temporary mm
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21868
Severity: low
Released on: 27/03/2025
Advisory:
Bugzilla: 2355331
Bugzilla Description:
kernel: net: allow small head cache usage with large MAX_SKB_FRAGS values
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21871
Severity: moderate
Released on: 27/03/2025
Advisory:
Bugzilla: 2355333
Bugzilla Description:
kernel: tee: optee: Fix supplicant wait loop
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-667
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21867
Severity: low
Released on: 27/03/2025
Advisory:
Bugzilla: 2355334
Bugzilla Description:
kernel: bpf, test_run: Fix use-after-free issue in eth_skb_pkt_type()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-31181
Severity: moderate
Released on: 27/03/2025
Advisory:
Bugzilla: 2355338
Bugzilla Description:
gnuplot: gnuplot segmentation fault on X11_graphics
CVSS Score:
CVSSv3 Score: 6.2
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,
Full Details
CVE document
CVE-2025-31180
Severity: moderate
Released on: 27/03/2025
Advisory:
Bugzilla: 2355339
Bugzilla Description:
gnuplot: gnuplot segmentation fault on CANVAS_text
CVSS Score:
CVSSv3 Score: 6.2
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,
Full Details
CVE document
CVE-2025-31179
Severity: moderate
Released on: 27/03/2025
Advisory:
Bugzilla: 2355340
Bugzilla Description:
gnuplot: gnuplot segmentation fault on xstrftime
CVSS Score:
CVSSv3 Score: 6.2
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,
Full Details
CVE document
CVE-2025-31178
Severity: moderate
Released on: 27/03/2025
Advisory:
Bugzilla: 2355341
Bugzilla Description:
gnuplot: gnuplot segmentation fault on GetAnnotateString
CVSS Score:
CVSSv3 Score: 6.2
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,
Full Details
CVE document
CVE-2025-31177
Severity: moderate
Released on: 27/03/2025
Advisory:
Bugzilla: 2355342
Bugzilla Description:
gnuplot: gnuplot heap-buffer overflow on utf8_copy_one
CVSS Score:
CVSSv3 Score: 6.2
Vector:
CWE: CWE-122
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,
Full Details
CVE document
CVE-2025-31176
Severity: moderate
Released on: 27/03/2025
Advisory:
Bugzilla: 2355343
Bugzilla Description:
gnuplot: gnuplot segmentation fault on plot3d_points
CVSS Score:
CVSSv3 Score: 6.2
Vector:
CWE: CWE-476
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,
Full Details
CVE document
CVE-2025-21878
Severity: moderate
Released on: 27/03/2025
Advisory:
Bugzilla: 2355395
Bugzilla Description:
kernel: i2c: npcm: disable interrupt enable bit before devm_request_irq
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21885
Severity: moderate
Released on: 27/03/2025
Advisory:
Bugzilla: 2355396
Bugzilla Description:
kernel: RDMA/bnxt_re: Fix the page details for the srq created by kernel consumers
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21890
Severity: moderate
Released on: 27/03/2025
Advisory:
Bugzilla: 2355397
Bugzilla Description:
kernel: idpf: fix checksums set in idpf_rx_rsc()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21884
Severity: low
Released on: 27/03/2025
Advisory:
Bugzilla: 2355399
Bugzilla Description:
kernel: net: better track kernel sockets lifetime
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21880
Severity: low
Released on: 27/03/2025
Advisory:
Bugzilla: 2355400
Bugzilla Description:
kernel: drm/xe/userptr: fix EFAULT handling
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21872
Severity: low
Released on: 27/03/2025
Advisory:
Bugzilla: 2355401
Bugzilla Description:
kernel: efi: Don't map the entire mokvar table to determine its size
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21889
Severity: low
Released on: 27/03/2025
Advisory:
Bugzilla: 2355402
Bugzilla Description:
kernel: perf/core: Add RCU read lock protection to perf_iterate_ctx()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21875
Severity: moderate
Released on: 27/03/2025
Advisory:
Bugzilla: 2355403
Bugzilla Description:
kernel: mptcp: always handle address removal under msk socket lock
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21887
Severity: moderate
Released on: 27/03/2025
Advisory:
Bugzilla: 2355405
Bugzilla Description:
kernel: ovl: fix UAF in ovl_dentry_update_reval by moving dput() in ovl_link_up
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21886
Severity: moderate
Released on: 27/03/2025
Advisory:
Bugzilla: 2355406
Bugzilla Description:
kernel: RDMA/mlx5: Fix implicit ODP hang on parent deregistration
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21879
Severity: low
Released on: 27/03/2025
Advisory:
Bugzilla: 2355407
Bugzilla Description:
kernel: btrfs: fix use-after-free on inode when scanning root during em shrinking
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21891
Severity: moderate
Released on: 27/03/2025
Advisory:
Bugzilla: 2355408
Bugzilla Description:
kernel: ipvlan: ensure network headers are in skb linear part
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE: CWE-908
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21888
Severity: low
Released on: 27/03/2025
Advisory:
Bugzilla: 2355410
Bugzilla Description:
kernel: RDMA/mlx5: Fix a WARN during dereg_mr for DM type
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21876
Severity: low
Released on: 27/03/2025
Advisory:
Bugzilla: 2355411
Bugzilla Description:
kernel: iommu/vt-d: Fix suspicious RCU usage
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21892
Severity: moderate
Released on: 27/03/2025
Advisory:
Bugzilla: 2355412
Bugzilla Description:
kernel: RDMA/mlx5: Fix the recovery flow of the UMR QP
CVSS Score:
CVSSv3 Score: 4.7
Vector:
CWE: CWE-221
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21882
Severity: low
Released on: 27/03/2025
Advisory:
Bugzilla: 2355413
Bugzilla Description:
kernel: net/mlx5: Fix vport QoS cleanup on error
CVSS Score:
CVSSv3 Score: 3.3
Vector:
CWE: CWE-772
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21883
Severity: moderate
Released on: 27/03/2025
Advisory:
Bugzilla: 2355415
Bugzilla Description:
kernel: ice: Fix deinitializing VF in error path
CVSS Score:
CVSSv3 Score: 6.7
Vector:
CWE: CWE-416
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-58090
Severity: low
Released on: 27/03/2025
Advisory:
Bugzilla: 2355416
Bugzilla Description:
kernel: sched/core: Prevent rescheduling when interrupts are disabled
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21877
Severity: low
Released on: 27/03/2025
Advisory:
Bugzilla: 2355418
Bugzilla Description:
kernel: usbnet: gl620a: fix endpoint checking in genelink_bind()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21873
Severity: moderate
Released on: 27/03/2025
Advisory:
Bugzilla: 2355419
Bugzilla Description:
kernel: scsi: ufs: core: bsg: Fix crash when arpmb command fails
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2024-58091
Severity: low
Released on: 27/03/2025
Advisory:
Bugzilla: 2355420
Bugzilla Description:
kernel: drm/fbdev-dma: Add shadow buffering for deferred I/O
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21874
Severity: moderate
Released on: 27/03/2025
Advisory:
Bugzilla: 2355421
Bugzilla Description:
kernel: dm-integrity: Avoid divide by zero in table status in Inline mode
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2025-21881
Severity: low
Released on: 27/03/2025
Advisory:
Bugzilla: 2355422
Bugzilla Description:
kernel: uprobes: Reject the shared zeropage in uprobe_write_opcode()
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53001
Severity: low
Released on: 27/03/2025
Advisory:
Bugzilla: 2355430
Bugzilla Description:
kernel: drm/drm_vma_manager: Add drm_vma_node_allow_once()
CVSS Score:
CVSSv3 Score: 4.4
Vector:
CWE: CWE-99
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52988
Severity: moderate
Released on: 27/03/2025
Advisory: RHSA-2023:6583,
Bugzilla: 2355431
Bugzilla Description:
kernel: ALSA: hda/via: Avoid potential array out-of-bound in add_secret_dac_path()
CVSS Score:
CVSSv3 Score: 6.0
Vector:
CWE: CWE-129
Affected Packages: kernel-0:5.14.0-362.8.1.el9_3,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53006
Severity: moderate
Released on: 27/03/2025
Advisory:
Bugzilla: 2355432
Bugzilla Description:
kernel: cifs: Fix oops due to uncleared server->smbd_conn in reconnect
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-52973
Severity: moderate
Released on: 27/03/2025
Advisory:
Bugzilla: 2355433
Bugzilla Description:
kernel: vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF
CVSS Score:
CVSSv3 Score: 5.5
Vector:
CWE:
Affected Packages:
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,Red Hat Enterprise Linux 9,
Full Details
CVE document
CVE-2023-53020
Severity: low
Released on: 27/03/2025
Advisory: RHSA-2023:2458,
Bugzilla: 2355434
Bugzilla Description:
kernel: l2tp: close all race conditions in l2tp_tunnel_register()
CVSS Score:
CVSSv3 Score: 4.7
Vector:
CWE: CWE-362
Affected Packages: kernel-0:5.14.0-284.11.1.el9_2,
Package States: Red Hat Enterprise Linux 6,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9,
Full Details
CVE document