INFSA-2025:14510: kernel security update
Information about definition
Identificator: INFSA-2025:14510
Type: security
Release date: 2025-10-14 17:35:02 UTC
Information about package
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Vulnerabilities description
- CVE-2025-37914
A use-after-free vulnerability was found in the Linux kernel’s netem qdisc. This issue occurs when it incorrectly manages duplicated packets in classful parent qdiscs. This leads to a corrupted internal state and eventual dereferencing of freed memory, resulting in unpredictable behavior, system instability, or a crash.
- CVE-2025-38200
In the Linux kernel, the following vulnerability has been resolved: i40e: fix MMIO write access to an invalid page in i40e_clear_hw.
- CVE-2025-38417
In the Linux kernel, the following vulnerability has been resolved: ice: fix eswitch code memory leak in reset scenario.
Severity level
| CVE | Score CVSS 2.0 | Score CVSS 3.x | Score CVSS 4.0 |
|---|---|---|---|
|
NIST — CVE-2025-37914
|
no information | 7.0 | no information |
|
NIST — CVE-2025-38200
|
no information | 7.0 | no information |
|
NIST — CVE-2025-38417
|
no information | 4.7 | no information |
Updated packages
Preparing to download...