INFSA-2025:21469: kernel security update

Information about definition

Identificator: INFSA-2025:21469

Type: security

Release date: 2025-12-01 14:35:39 UTC

Information about package

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Vulnerabilities description

  • CVE-2025-38498

    In the Linux kernel, the following vulnerability has been resolved: do_change_type(): refuse to operate on unmounted/not ours mounts.

  • CVE-2025-38351

    In the Linux kernel, the following vulnerability has been resolved: KVM: x86/hyper-v: Skip non-canonical addresses during PV TLB flush.

  • CVE-2025-39697

    In the Linux kernel, the following vulnerability has been resolved: NFS: Fix a race when updating an existing write.

  • CVE-2025-39881

    In the Linux kernel, the following vulnerability has been resolved: kernfs: Fix UAF in polling when open file is released.

  • CVE-2025-39971

    In the Linux kernel, the following vulnerability has been resolved: i40e: fix idx validation in config queues msg.

  • CVE-2025-39982

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_event: Fix UAF in hci_acl_create_conn_sync.

  • CVE-2025-39983

    In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_event: Fix UAF in hci_conn_tx_dequeue.

  • CVE-2025-40047

    In the Linux kernel, the following vulnerability has been resolved: io_uring/waitid: always prune wait queue entry in io_waitid_wait().

Severity level

CVE Score CVSS 2.0 Score CVSS 3.x Score CVSS 4.0
no information 7.3 no information
no information 7.3 no information
no information 7.5 no information
no information 7.3 no information
no information 7.6 no information
no information 7.5 no information
no information 6.4 no information
no information 7.8 no information
Critical, important, moderate, low

Updated packages

loader icon Preparing to download...
Architecture: Download