INFSA-2025:15472: kernel-rt security update
Information about definition
Identificator: INFSA-2025:15472
Type: security
Release date: 2025-09-19 15:56:53 UTC
Information about package
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Vulnerabilities description
- CVE-2022-49985
In the Linux kernel, the following vulnerability has been resolved: bpf: Don't use tnum_range on array range checking for poke descriptors.
- CVE-2025-38352
A race condition was found in the Linux kernel’s POSIX CPU timer handling, where handle_posix_cpu_timers() may run concurrently with posix_cpu_timer_del() on an exiting task which could result in use-after-free scenarios. An attacker with local user access could use this flaw to crash or escalate their privileges on a system.
Severity level
| CVE | Score CVSS 2.0 | Score CVSS 3.x | Score CVSS 4.0 |
|---|---|---|---|
|
NIST — CVE-2022-49985
|
no information | 7.0 | no information |
|
NIST — CVE-2025-38352
|
no information | 7.8 | no information |
Updated packages
Preparing to download...