Issued at: 2025-07-29
Updated at: 2025-07-29
Synopsis
Important: kernel security update
Description
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
* kernel: kobject_uevent: Fix OOB access within zap_modalias_env() (CVE-2024-42292)
* kernel: ipvs: properly dereference pe in ip_vs_add_service (CVE-2024-42322)
* kernel: bonding: fix null pointer deref in bond_ipsec_offload_ok (CVE-2024-44990)
* kernel: ELF: fix kernel.randomize_va_space double read (CVE-2024-46826)
* kernel: nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu() (CVE-2025-21927)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.