INFSA-2025:19103: kernel-rt security update
Information about definition
Identificator: INFSA-2025:19103
Type: security
Release date: 2025-11-05 16:24:03 UTC
Information about package
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Vulnerabilities description
- CVE-2025-39817
In the Linux kernel, the following vulnerability has been resolved: efivarfs: Fix slab-out-of-bounds in efivarfs_d_compare.
- CVE-2025-39841
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix buffer free/clear order in deferred receive path.
- CVE-2025-39849
In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: sme: cap SSID length in __cfg80211_connect_result().
- CVE-2022-50386
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix user-after-free.
- CVE-2023-53297
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: fix "bad unlock balance" in l2cap_disconnect_rsp.
- CVE-2023-53386
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix potential use-after-free when clear keys.
Severity level
| CVE | Score CVSS 2.0 | Score CVSS 3.x | Score CVSS 4.0 |
|---|---|---|---|
|
NIST — CVE-2022-50386
|
no information | 7.6 | no information |
|
NIST — CVE-2023-53297
|
no information | 7.0 | no information |
|
NIST — CVE-2023-53386
|
no information | 7.1 | no information |
|
NIST — CVE-2025-39817
|
no information | 7.0 | no information |
|
NIST — CVE-2025-39841
|
no information | 7.0 | no information |
|
NIST — CVE-2025-39849
|
no information | 7.5 | no information |
Updated packages
Preparing to download...