Issued at: 2025-10-10
Updated at: 2025-10-15
Synopsis
Moderate: kernel security update
Description
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
* kernel: netfilter: nf_conntrack: fix crash due to removal of uninitialised entry (CVE-2025-38472)
* kernel: smb: client: fix use-after-free in cifs_oplock_break (CVE-2025-38527)
* kernel: sctp: linearize cloned gso packets in sctp_rcv (CVE-2025-38718)
* kernel: tls: fix handling of zero-length records on the rx_list (CVE-2025-39682)
* kernel: io_uring/futex: ensure io_futex_wait() cleans up properly on failure (CVE-2025-39698)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.