RLSA-2025:15011

Security

Mirrored from RHSA-2025:15011

Issued at: 2025-10-10

Updated at: 2025-10-14

Synopsis

Important: kernel security update

Description

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

* kernel: net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too (CVE-2025-37823)

* kernel: i40e: fix MMIO write access to an invalid page in i40e_clear_hw (CVE-2025-38200)

* kernel: RDMA/iwcm: Fix use-after-free of work objects after cm_id destruction (CVE-2025-38211)

* kernel: net/sched: Always pass notifications when child class becomes empty (CVE-2025-38350)

* kernel: tipc: Fix use-after-free in tipc_conn_close() (CVE-2025-38464)

* kernel: vsock: Fix transport_* TOCTOU (CVE-2025-38461)

* kernel: xfrm: interface: fix use-after-free after changing collect_md xfrm interface (CVE-2025-38500)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected products

Rocky Linux 9.6 aarch64

Rocky Linux 9.6 ppc64le

Rocky Linux 9.6 s390x

Rocky Linux 9.6 x86_64

Fixes

2365024

2376392

2376406

2382054

2383509

2383513

2387866

CVEs

CVE-2025-37823

CVE-2025-38200

CVE-2025-38211

CVE-2025-38350

CVE-2025-38461

CVE-2025-38464

CVE-2025-38500

Affected packages

Rocky Linux 9.6 aarch64 - BaseOS

kernel-0:5.14.0-570.39.1.el9_6.aarch64.rpm

kernel-0:5.14.0-570.39.1.el9_6.src.rpm

kernel-64k-0:5.14.0-570.39.1.el9_6.aarch64.rpm

kernel-64k-core-0:5.14.0-570.39.1.el9_6.aarch64.rpm

kernel-64k-debug-0:5.14.0-570.39.1.el9_6.aarch64.rpm

kernel-64k-debug-core-0:5.14.0-570.39.1.el9_6.aarch64.rpm

kernel-64k-debug-debuginfo-0:5.14.0-570.39.1.el9_6.aarch64.rpm

kernel-64k-debuginfo-0:5.14.0-570.39.1.el9_6.aarch64.rpm

kernel-64k-debug-modules-0:5.14.0-570.39.1.el9_6.aarch64.rpm

kernel-64k-debug-modules-core-0:5.14.0-570.39.1.el9_6.aarch64.rpm

kernel-64k-debug-modules-extra-0:5.14.0-570.39.1.el9_6.aarch64.rpm

kernel-64k-modules-0:5.14.0-570.39.1.el9_6.aarch64.rpm

kernel-64k-modules-core-0:5.14.0-570.39.1.el9_6.aarch64.rpm

kernel-64k-modules-extra-0:5.14.0-570.39.1.el9_6.aarch64.rpm

kernel-abi-stablelists-0:5.14.0-570.39.1.el9_6.noarch.rpm

kernel-core-0:5.14.0-570.39.1.el9_6.aarch64.rpm

kernel-debug-0:5.14.0-570.39.1.el9_6.aarch64.rpm

kernel-debug-core-0:5.14.0-570.39.1.el9_6.aarch64.rpm

kernel-debug-debuginfo-0:5.14.0-570.39.1.el9_6.aarch64.rpm

kernel-debuginfo-0:5.14.0-570.39.1.el9_6.aarch64.rpm

kernel-debug-modules-0:5.14.0-570.39.1.el9_6.aarch64.rpm

kernel-debug-modules-core-0:5.14.0-570.39.1.el9_6.aarch64.rpm

kernel-debug-modules-extra-0:5.14.0-570.39.1.el9_6.aarch64.rpm

kernel-modules-0:5.14.0-570.39.1.el9_6.aarch64.rpm

kernel-modules-core-0:5.14.0-570.39.1.el9_6.aarch64.rpm

kernel-modules-extra-0:5.14.0-570.39.1.el9_6.aarch64.rpm

kernel-tools-0:5.14.0-570.39.1.el9_6.aarch64.rpm

kernel-tools-debuginfo-0:5.14.0-570.39.1.el9_6.aarch64.rpm

kernel-tools-libs-0:5.14.0-570.39.1.el9_6.aarch64.rpm

Rocky Linux 9.6 ppc64le - BaseOS

kernel-0:5.14.0-570.39.1.el9_6.ppc64le.rpm

kernel-0:5.14.0-570.39.1.el9_6.src.rpm

kernel-abi-stablelists-0:5.14.0-570.39.1.el9_6.noarch.rpm

kernel-core-0:5.14.0-570.39.1.el9_6.ppc64le.rpm

kernel-debug-0:5.14.0-570.39.1.el9_6.ppc64le.rpm

kernel-debug-core-0:5.14.0-570.39.1.el9_6.ppc64le.rpm

kernel-debug-debuginfo-0:5.14.0-570.39.1.el9_6.ppc64le.rpm

kernel-debuginfo-0:5.14.0-570.39.1.el9_6.ppc64le.rpm

kernel-debug-modules-0:5.14.0-570.39.1.el9_6.ppc64le.rpm

kernel-debug-modules-core-0:5.14.0-570.39.1.el9_6.ppc64le.rpm

kernel-debug-modules-extra-0:5.14.0-570.39.1.el9_6.ppc64le.rpm

kernel-modules-0:5.14.0-570.39.1.el9_6.ppc64le.rpm

kernel-modules-core-0:5.14.0-570.39.1.el9_6.ppc64le.rpm

kernel-modules-extra-0:5.14.0-570.39.1.el9_6.ppc64le.rpm

kernel-tools-0:5.14.0-570.39.1.el9_6.ppc64le.rpm

kernel-tools-debuginfo-0:5.14.0-570.39.1.el9_6.ppc64le.rpm

kernel-tools-libs-0:5.14.0-570.39.1.el9_6.ppc64le.rpm

Rocky Linux 9.6 s390x - BaseOS

kernel-0:5.14.0-570.39.1.el9_6.s390x.rpm

kernel-0:5.14.0-570.39.1.el9_6.src.rpm

kernel-abi-stablelists-0:5.14.0-570.39.1.el9_6.noarch.rpm

kernel-core-0:5.14.0-570.39.1.el9_6.s390x.rpm

kernel-debug-0:5.14.0-570.39.1.el9_6.s390x.rpm

kernel-debug-core-0:5.14.0-570.39.1.el9_6.s390x.rpm

kernel-debug-debuginfo-0:5.14.0-570.39.1.el9_6.s390x.rpm

kernel-debuginfo-0:5.14.0-570.39.1.el9_6.s390x.rpm

kernel-debug-modules-0:5.14.0-570.39.1.el9_6.s390x.rpm

kernel-debug-modules-core-0:5.14.0-570.39.1.el9_6.s390x.rpm

kernel-debug-modules-extra-0:5.14.0-570.39.1.el9_6.s390x.rpm

kernel-modules-0:5.14.0-570.39.1.el9_6.s390x.rpm

kernel-modules-core-0:5.14.0-570.39.1.el9_6.s390x.rpm

kernel-modules-extra-0:5.14.0-570.39.1.el9_6.s390x.rpm

kernel-tools-0:5.14.0-570.39.1.el9_6.s390x.rpm

kernel-tools-debuginfo-0:5.14.0-570.39.1.el9_6.s390x.rpm

kernel-zfcpdump-0:5.14.0-570.39.1.el9_6.s390x.rpm

kernel-zfcpdump-core-0:5.14.0-570.39.1.el9_6.s390x.rpm

kernel-zfcpdump-debuginfo-0:5.14.0-570.39.1.el9_6.s390x.rpm

kernel-zfcpdump-modules-0:5.14.0-570.39.1.el9_6.s390x.rpm

kernel-zfcpdump-modules-core-0:5.14.0-570.39.1.el9_6.s390x.rpm

kernel-zfcpdump-modules-extra-0:5.14.0-570.39.1.el9_6.s390x.rpm

Rocky Linux 9.6 aarch64 - AppStream

kernel-0:5.14.0-570.39.1.el9_6.src.rpm

kernel-64k-debug-devel-0:5.14.0-570.39.1.el9_6.aarch64.rpm

kernel-64k-debug-devel-matched-0:5.14.0-570.39.1.el9_6.aarch64.rpm

kernel-64k-devel-0:5.14.0-570.39.1.el9_6.aarch64.rpm

kernel-64k-devel-matched-0:5.14.0-570.39.1.el9_6.aarch64.rpm

kernel-debug-devel-0:5.14.0-570.39.1.el9_6.aarch64.rpm

kernel-debug-devel-matched-0:5.14.0-570.39.1.el9_6.aarch64.rpm

kernel-devel-0:5.14.0-570.39.1.el9_6.aarch64.rpm

kernel-devel-matched-0:5.14.0-570.39.1.el9_6.aarch64.rpm

kernel-doc-0:5.14.0-570.39.1.el9_6.noarch.rpm

perf-0:5.14.0-570.39.1.el9_6.aarch64.rpm

perf-debuginfo-0:5.14.0-570.39.1.el9_6.aarch64.rpm

python3-perf-0:5.14.0-570.39.1.el9_6.aarch64.rpm

python3-perf-debuginfo-0:5.14.0-570.39.1.el9_6.aarch64.rpm

rtla-0:5.14.0-570.39.1.el9_6.aarch64.rpm

rv-0:5.14.0-570.39.1.el9_6.aarch64.rpm

Rocky Linux 9.6 aarch64 - CRB

kernel-0:5.14.0-570.39.1.el9_6.src.rpm

kernel-tools-libs-devel-0:5.14.0-570.39.1.el9_6.aarch64.rpm

libperf-0:5.14.0-570.39.1.el9_6.aarch64.rpm

libperf-debuginfo-0:5.14.0-570.39.1.el9_6.aarch64.rpm

Rocky Linux 9.6 aarch64 - NFV

kernel-0:5.14.0-570.39.1.el9_6.src.rpm

Rocky Linux 9.6 aarch64 - RT

kernel-0:5.14.0-570.39.1.el9_6.src.rpm

kernel-rt-0:5.14.0-570.39.1.el9_6.aarch64.rpm

kernel-rt-64k-0:5.14.0-570.39.1.el9_6.aarch64.rpm

kernel-rt-64k-core-0:5.14.0-570.39.1.el9_6.aarch64.rpm

kernel-rt-64k-debug-0:5.14.0-570.39.1.el9_6.aarch64.rpm

kernel-rt-64k-debug-core-0:5.14.0-570.39.1.el9_6.aarch64.rpm

kernel-rt-64k-debug-debuginfo-0:5.14.0-570.39.1.el9_6.aarch64.rpm

kernel-rt-64k-debug-devel-0:5.14.0-570.39.1.el9_6.aarch64.rpm

kernel-rt-64k-debuginfo-0:5.14.0-570.39.1.el9_6.aarch64.rpm

kernel-rt-64k-debug-modules-0:5.14.0-570.39.1.el9_6.aarch64.rpm

kernel-rt-64k-debug-modules-core-0:5.14.0-570.39.1.el9_6.aarch64.rpm

kernel-rt-64k-debug-modules-extra-0:5.14.0-570.39.1.el9_6.aarch64.rpm

kernel-rt-64k-devel-0:5.14.0-570.39.1.el9_6.aarch64.rpm

kernel-rt-64k-modules-0:5.14.0-570.39.1.el9_6.aarch64.rpm

kernel-rt-64k-modules-core-0:5.14.0-570.39.1.el9_6.aarch64.rpm

kernel-rt-64k-modules-extra-0:5.14.0-570.39.1.el9_6.aarch64.rpm

kernel-rt-core-0:5.14.0-570.39.1.el9_6.aarch64.rpm

kernel-rt-debug-0:5.14.0-570.39.1.el9_6.aarch64.rpm

kernel-rt-debug-core-0:5.14.0-570.39.1.el9_6.aarch64.rpm

kernel-rt-debug-debuginfo-0:5.14.0-570.39.1.el9_6.aarch64.rpm

kernel-rt-debug-devel-0:5.14.0-570.39.1.el9_6.aarch64.rpm

kernel-rt-debuginfo-0:5.14.0-570.39.1.el9_6.aarch64.rpm

kernel-rt-debug-modules-0:5.14.0-570.39.1.el9_6.aarch64.rpm

kernel-rt-debug-modules-core-0:5.14.0-570.39.1.el9_6.aarch64.rpm

kernel-rt-debug-modules-extra-0:5.14.0-570.39.1.el9_6.aarch64.rpm

kernel-rt-devel-0:5.14.0-570.39.1.el9_6.aarch64.rpm

kernel-rt-modules-0:5.14.0-570.39.1.el9_6.aarch64.rpm

kernel-rt-modules-core-0:5.14.0-570.39.1.el9_6.aarch64.rpm

kernel-rt-modules-extra-0:5.14.0-570.39.1.el9_6.aarch64.rpm

Rocky Linux 9.6 ppc64le - AppStream

kernel-0:5.14.0-570.39.1.el9_6.src.rpm

kernel-debug-devel-0:5.14.0-570.39.1.el9_6.ppc64le.rpm

kernel-debug-devel-matched-0:5.14.0-570.39.1.el9_6.ppc64le.rpm

kernel-devel-0:5.14.0-570.39.1.el9_6.ppc64le.rpm

kernel-devel-matched-0:5.14.0-570.39.1.el9_6.ppc64le.rpm

kernel-doc-0:5.14.0-570.39.1.el9_6.noarch.rpm

perf-0:5.14.0-570.39.1.el9_6.ppc64le.rpm

perf-debuginfo-0:5.14.0-570.39.1.el9_6.ppc64le.rpm

python3-perf-0:5.14.0-570.39.1.el9_6.ppc64le.rpm

python3-perf-debuginfo-0:5.14.0-570.39.1.el9_6.ppc64le.rpm

rtla-0:5.14.0-570.39.1.el9_6.ppc64le.rpm

rv-0:5.14.0-570.39.1.el9_6.ppc64le.rpm

Rocky Linux 9.6 ppc64le - CRB

kernel-0:5.14.0-570.39.1.el9_6.src.rpm

kernel-tools-libs-devel-0:5.14.0-570.39.1.el9_6.ppc64le.rpm

libperf-0:5.14.0-570.39.1.el9_6.ppc64le.rpm

libperf-debuginfo-0:5.14.0-570.39.1.el9_6.ppc64le.rpm

Rocky Linux 9.6 ppc64le - NFV

kernel-0:5.14.0-570.39.1.el9_6.src.rpm

Rocky Linux 9.6 ppc64le - RT

kernel-0:5.14.0-570.39.1.el9_6.src.rpm

Rocky Linux 9.6 s390x - AppStream

kernel-0:5.14.0-570.39.1.el9_6.src.rpm

kernel-debug-devel-0:5.14.0-570.39.1.el9_6.s390x.rpm

kernel-debug-devel-matched-0:5.14.0-570.39.1.el9_6.s390x.rpm

kernel-devel-0:5.14.0-570.39.1.el9_6.s390x.rpm

kernel-devel-matched-0:5.14.0-570.39.1.el9_6.s390x.rpm

kernel-doc-0:5.14.0-570.39.1.el9_6.noarch.rpm

kernel-zfcpdump-devel-0:5.14.0-570.39.1.el9_6.s390x.rpm

kernel-zfcpdump-devel-matched-0:5.14.0-570.39.1.el9_6.s390x.rpm

perf-0:5.14.0-570.39.1.el9_6.s390x.rpm

perf-debuginfo-0:5.14.0-570.39.1.el9_6.s390x.rpm

python3-perf-0:5.14.0-570.39.1.el9_6.s390x.rpm

python3-perf-debuginfo-0:5.14.0-570.39.1.el9_6.s390x.rpm

rtla-0:5.14.0-570.39.1.el9_6.s390x.rpm

rv-0:5.14.0-570.39.1.el9_6.s390x.rpm

Rocky Linux 9.6 s390x - CRB

kernel-0:5.14.0-570.39.1.el9_6.src.rpm

libperf-0:5.14.0-570.39.1.el9_6.s390x.rpm

libperf-debuginfo-0:5.14.0-570.39.1.el9_6.s390x.rpm

Rocky Linux 9.6 s390x - NFV

kernel-0:5.14.0-570.39.1.el9_6.src.rpm

Rocky Linux 9.6 s390x - RT

kernel-0:5.14.0-570.39.1.el9_6.src.rpm

Rocky Linux 9.6 x86_64 - AppStream

kernel-0:5.14.0-570.39.1.el9_6.src.rpm

kernel-debug-devel-0:5.14.0-570.39.1.el9_6.x86_64.rpm

kernel-debug-devel-matched-0:5.14.0-570.39.1.el9_6.x86_64.rpm

kernel-devel-0:5.14.0-570.39.1.el9_6.x86_64.rpm

kernel-devel-matched-0:5.14.0-570.39.1.el9_6.x86_64.rpm

kernel-doc-0:5.14.0-570.39.1.el9_6.noarch.rpm

perf-0:5.14.0-570.39.1.el9_6.x86_64.rpm

perf-debuginfo-0:5.14.0-570.39.1.el9_6.x86_64.rpm

python3-perf-0:5.14.0-570.39.1.el9_6.x86_64.rpm

python3-perf-debuginfo-0:5.14.0-570.39.1.el9_6.x86_64.rpm

rtla-0:5.14.0-570.39.1.el9_6.x86_64.rpm

rv-0:5.14.0-570.39.1.el9_6.x86_64.rpm

Rocky Linux 9.6 x86_64 - BaseOS

kernel-0:5.14.0-570.39.1.el9_6.src.rpm

kernel-0:5.14.0-570.39.1.el9_6.x86_64.rpm

kernel-abi-stablelists-0:5.14.0-570.39.1.el9_6.noarch.rpm

kernel-core-0:5.14.0-570.39.1.el9_6.x86_64.rpm

kernel-debug-0:5.14.0-570.39.1.el9_6.x86_64.rpm

kernel-debug-core-0:5.14.0-570.39.1.el9_6.x86_64.rpm

kernel-debug-debuginfo-0:5.14.0-570.39.1.el9_6.x86_64.rpm

kernel-debuginfo-0:5.14.0-570.39.1.el9_6.x86_64.rpm

kernel-debug-modules-0:5.14.0-570.39.1.el9_6.x86_64.rpm

kernel-debug-modules-core-0:5.14.0-570.39.1.el9_6.x86_64.rpm

kernel-debug-modules-extra-0:5.14.0-570.39.1.el9_6.x86_64.rpm

kernel-debug-uki-virt-0:5.14.0-570.39.1.el9_6.x86_64.rpm

kernel-modules-0:5.14.0-570.39.1.el9_6.x86_64.rpm

kernel-modules-core-0:5.14.0-570.39.1.el9_6.x86_64.rpm

kernel-modules-extra-0:5.14.0-570.39.1.el9_6.x86_64.rpm

kernel-tools-0:5.14.0-570.39.1.el9_6.x86_64.rpm

kernel-tools-debuginfo-0:5.14.0-570.39.1.el9_6.x86_64.rpm

kernel-tools-libs-0:5.14.0-570.39.1.el9_6.x86_64.rpm

kernel-uki-virt-0:5.14.0-570.39.1.el9_6.x86_64.rpm

kernel-uki-virt-addons-0:5.14.0-570.39.1.el9_6.x86_64.rpm

Rocky Linux 9.6 x86_64 - CRB

kernel-0:5.14.0-570.39.1.el9_6.src.rpm

kernel-tools-libs-devel-0:5.14.0-570.39.1.el9_6.x86_64.rpm

libperf-0:5.14.0-570.39.1.el9_6.x86_64.rpm

libperf-debuginfo-0:5.14.0-570.39.1.el9_6.x86_64.rpm

Rocky Linux 9.6 x86_64 - NFV

kernel-0:5.14.0-570.39.1.el9_6.src.rpm

kernel-rt-0:5.14.0-570.39.1.el9_6.x86_64.rpm

kernel-rt-core-0:5.14.0-570.39.1.el9_6.x86_64.rpm

kernel-rt-debug-0:5.14.0-570.39.1.el9_6.x86_64.rpm

kernel-rt-debug-core-0:5.14.0-570.39.1.el9_6.x86_64.rpm

kernel-rt-debug-debuginfo-0:5.14.0-570.39.1.el9_6.x86_64.rpm

kernel-rt-debug-devel-0:5.14.0-570.39.1.el9_6.x86_64.rpm

kernel-rt-debuginfo-0:5.14.0-570.39.1.el9_6.x86_64.rpm

kernel-rt-debug-kvm-0:5.14.0-570.39.1.el9_6.x86_64.rpm

kernel-rt-debug-modules-0:5.14.0-570.39.1.el9_6.x86_64.rpm

kernel-rt-debug-modules-core-0:5.14.0-570.39.1.el9_6.x86_64.rpm

kernel-rt-debug-modules-extra-0:5.14.0-570.39.1.el9_6.x86_64.rpm

kernel-rt-devel-0:5.14.0-570.39.1.el9_6.x86_64.rpm

kernel-rt-kvm-0:5.14.0-570.39.1.el9_6.x86_64.rpm

kernel-rt-modules-0:5.14.0-570.39.1.el9_6.x86_64.rpm

kernel-rt-modules-core-0:5.14.0-570.39.1.el9_6.x86_64.rpm

kernel-rt-modules-extra-0:5.14.0-570.39.1.el9_6.x86_64.rpm

Rocky Linux 9.6 x86_64 - RT

kernel-0:5.14.0-570.39.1.el9_6.src.rpm

kernel-rt-0:5.14.0-570.39.1.el9_6.x86_64.rpm

kernel-rt-core-0:5.14.0-570.39.1.el9_6.x86_64.rpm

kernel-rt-debug-0:5.14.0-570.39.1.el9_6.x86_64.rpm

kernel-rt-debug-core-0:5.14.0-570.39.1.el9_6.x86_64.rpm

kernel-rt-debug-debuginfo-0:5.14.0-570.39.1.el9_6.x86_64.rpm

kernel-rt-debug-devel-0:5.14.0-570.39.1.el9_6.x86_64.rpm

kernel-rt-debuginfo-0:5.14.0-570.39.1.el9_6.x86_64.rpm

kernel-rt-debug-modules-0:5.14.0-570.39.1.el9_6.x86_64.rpm

kernel-rt-debug-modules-core-0:5.14.0-570.39.1.el9_6.x86_64.rpm

kernel-rt-debug-modules-extra-0:5.14.0-570.39.1.el9_6.x86_64.rpm

kernel-rt-devel-0:5.14.0-570.39.1.el9_6.x86_64.rpm

kernel-rt-modules-0:5.14.0-570.39.1.el9_6.x86_64.rpm

kernel-rt-modules-core-0:5.14.0-570.39.1.el9_6.x86_64.rpm

kernel-rt-modules-extra-0:5.14.0-570.39.1.el9_6.x86_64.rpm