INFSA-2025:12662: kernel security update
Information about definition
Identificator: INFSA-2025:12662
Type: security
Release date: 2025-10-14 17:41:54 UTC
Information about package
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Vulnerabilities description
- CVE-2025-38086
In the Linux kernel, the following vulnerability has been resolved: net: ch9200: fix uninitialised access during mii_nway_restart.
- CVE-2025-22085
In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fix use-after-free when rename device name.
- CVE-2025-22113
In the Linux kernel, the following vulnerability has been resolved: ext4: avoid journaling sb update on error if journal is destroying.
- CVE-2025-21727
In the Linux kernel, the following vulnerability has been resolved: padata: fix UAF in padata_reorder.
- CVE-2025-21928
In the Linux kernel, the following vulnerability has been resolved: HID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove().
- CVE-2025-21929
In the Linux kernel, the following vulnerability has been resolved: HID: intel-ish-hid: Fix use-after-free issue in hid_ishtp_cl_remove().
- CVE-2025-22020
In the Linux kernel, the following vulnerability has been resolved: memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove.
- CVE-2025-37890
A use-after-free vulnerability has been identified in the Linux kernel's HFSC (Hierarchical Fair Service Curve) queuing discipline when it is configured with NETEM (Network Emulation) as a child. This flaw can lead to a kernel panic or crash due to incorrect assumptions about the queue state. Exploitation of this vulnerability requires local access with CAP_NET_ADMIN privileges and control over the qdisc (queueing discipline) setup. A local attacker could leverage this flaw to achieve denial of service or escalate privileges. Given that it affects kernel memory structures, successful exploitation could result in memory corruption, data leaks, or arbitrary write capabilities, leading to a full kernel crash.
- CVE-2025-38052
In the Linux kernel, the following vulnerability has been resolved: net/tipc: fix slab-use-after-free.
- CVE-2025-38087
In the Linux kernel, the following vulnerability has been resolved: net/sched: fix use-after-free in taprio_dev_notifier.
- CVE-2025-38264
The vulnerability lies in the lack of validation for list membership in nvme_tcp_handle_r2t(), potentially allowing malicious R2T PDUs to introduce list corruption or loops. This could lead to denial of service or memory corruption.
Severity level
| CVE | Score CVSS 2.0 | Score CVSS 3.x | Score CVSS 4.0 |
|---|---|---|---|
|
NIST — CVE-2025-21727
|
no information | 7.0 | no information |
|
NIST — CVE-2025-21928
|
no information | 6.7 | no information |
|
NIST — CVE-2025-21929
|
no information | 6.7 | no information |
|
NIST — CVE-2025-22020
|
no information | 7.0 | no information |
|
NIST — CVE-2025-22085
|
no information | 6.7 | no information |
|
NIST — CVE-2025-22113
|
no information | 7.1 | no information |
|
NIST — CVE-2025-37890
|
no information | 7.0 | no information |
|
NIST — CVE-2025-38052
|
no information | 7.8 | no information |
|
NIST — CVE-2025-38086
|
no information | 7.0 | no information |
|
NIST — CVE-2025-38087
|
no information | 7.8 | no information |
|
NIST — CVE-2025-38264
|
no information | 7.1 | no information |
Updated packages
Preparing to download...