INFSA-2025:16398: kernel security update
Information about definition
Identificator: INFSA-2025:16398
Type: security
Release date: 2025-09-29 14:11:10 UTC
Information about package
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Vulnerabilities description
- CVE-2023-53125
In the Linux kernel, the following vulnerability has been resolved: net: usb: smsc75xx: Packet length retrieved from skb data may be larger than the actual socket buffer length (up to 9026 bytes). In such case the cloned skb passed up the network stack will leak kernel memory contents.
- CVE-2025-37810
In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: check that event count does not exceed event buffer length.
- CVE-2025-38498
In the Linux kernel, the following vulnerability has been resolved: do_change_type(): refuse to operate on unmounted/not ours mounts.
- CVE-2025-39694
In the Linux kernel, the following vulnerability has been resolved: s390/sclp: Fix SCCB present check.
Severity level
| CVE | Score CVSS 2.0 | Score CVSS 3.x | Score CVSS 4.0 |
|---|---|---|---|
|
NIST — CVE-2023-53125
|
no information | 7.5 | no information |
|
NIST — CVE-2025-37810
|
no information | 7.1 | no information |
|
NIST — CVE-2025-38498
|
no information | 7.3 | no information |
|
NIST — CVE-2025-39694
|
no information | 7.0 | no information |
Updated packages
Preparing to download...