INFSA-2025:17812: kernel-rt security update
Information about definition
Identificator: INFSA-2025:17812
Type: security
Release date: 2025-10-17 10:44:28 UTC
Information about package
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Vulnerabilities description
- CVE-2022-50228
In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Don't BUG if userspace injects an interrupt with GIF=0.
- CVE-2023-53305
This L2CAP issue is adjacency-only (Bluetooth LE): an attacker must be within radio range and craft malicious LE frames. Impact is primarily kernel crash / DoS. It could trigger a use-after-free condition when processing LE command rejection. In practice an attacker must either establish a BLE connection or rely on the device accepting unauthenticated L2CAP traffic. If the device enforces pairing/authentication for L2CAP operations, exploitation from an unauthenticated remote actor is unlikely.
Severity level
| CVE | Score CVSS 2.0 | Score CVSS 3.x | Score CVSS 4.0 |
|---|---|---|---|
|
NIST — CVE-2022-50228
|
no information | 7.0 | no information |
|
NIST — CVE-2023-53305
|
no information | 7.6 | no information |
Updated packages
Preparing to download...