INFSA-2025:8333: kernel security update
Information about definition
Identificator: INFSA-2025:8333
Type: security
Release date: 2025-07-07 11:08:32 UTC
Information about package
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Vulnerabilities description
- CVE-2022-3424
A use-after-free flaw was found in the Linux kernel’s SGI GRU driver in the way the first gru_file_unlocked_ioctl function is called by the user, where a fail pass occurs in the gru_check_chiplet_assignment function. This flaw allows a local user to crash or potentially escalate their privileges on the system.
- CVE-2025-21764
In the Linux kernel, the following vulnerability has been resolved: ndisc: use RCU protection in ndisc_alloc_skb().
Severity level
| CVE | Score CVSS 2.0 | Score CVSS 3.x | Score CVSS 4.0 |
|---|---|---|---|
|
NIST — CVE-2022-3424
|
no information | 7.0 | no information |
|
NIST — CVE-2025-21764
|
no information | 7.0 | no information |
Updated packages