INFSA-2025:10379: kernel security update
Information about definition
Identificator: INFSA-2025:10379
Type: security
Release date: 2025-07-25 10:16:48 UTC
Information about package
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Vulnerabilities description
- CVE-2022-49846
In the Linux kernel, the following vulnerability has been resolved: udf: Fix a slab-out-of-bounds write bug in udf_find_entry().
- CVE-2025-21759
In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: extend RCU protection in igmp6_send().
- CVE-2025-21887
In the Linux kernel, the following vulnerability has been resolved: ovl: fix UAF in ovl_dentry_update_reval by moving dput() in ovl_link_up.
- CVE-2025-22004
In the Linux kernel, the following vulnerability has been resolved: net: atm: fix use after free in lec_send().
- CVE-2025-37799
In the Linux kernel, the following vulnerability has been resolved: vmxnet3: Fix malformed packet sizing in vmxnet3_process_xdp.
Severity level
| CVE | Score CVSS 2.0 | Score CVSS 3.x | Score CVSS 4.0 |
|---|---|---|---|
|
NIST — CVE-2022-49846
|
no information | 7.1 | no information |
|
NIST — CVE-2025-21759
|
no information | 6.6 | no information |
|
NIST — CVE-2025-21887
|
no information | 7.1 | no information |
|
NIST — CVE-2025-22004
|
no information | 7.0 | no information |
|
NIST — CVE-2025-37799
|
no information | 7.1 | no information |
Updated packages