INFSA-2025:17797: kernel security update
Information about definition
Identificator: INFSA-2025:17797
Type: security
Release date: 2025-10-17 10:36:03 UTC
Information about package
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Vulnerabilities description
- CVE-2022-50228
In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Don't BUG if userspace injects an interrupt with GIF=0.
- CVE-2023-53305
This L2CAP issue is adjacency-only (Bluetooth LE): an attacker must be within radio range and craft malicious LE frames. Impact is primarily kernel crash / DoS. It could trigger a use-after-free condition when processing LE command rejection. In practice an attacker must either establish a BLE connection or rely on the device accepting unauthenticated L2CAP traffic. If the device enforces pairing/authentication for L2CAP operations, exploitation from an unauthenticated remote actor is unlikely.
Severity level
| CVE | Score CVSS 2.0 | Score CVSS 3.x | Score CVSS 4.0 |
|---|---|---|---|
|
NIST — CVE-2022-50228
|
no information | 7.0 | no information |
|
NIST — CVE-2023-53305
|
no information | 7.6 | no information |
Updated packages
Preparing to download...