chore(deps): update rpm updates to v4.18.0-553.77.1.el8_10 [security] (rhoai-2.19) - abandoned

[konflux-internal-p02]

This PR contains the following updates:

Package	Update	Change
kernel-headers	patch	4.18.0-553.76.1.el8_10 -> 4.18.0-553.77.1.el8_10

---

kernel: mt76: fix use-after-free by removing a non-RCU wcid pointer

CVE-2022-49328

More information

Severity

Moderate

References

• https://access.redhat.com/security/cve/CVE-2022-49328
• https://bugzilla.redhat.com/show_bug.cgi?id=2348217
• https://www.cve.org/CVERecord?id=CVE-2022-49328
• https://nvd.nist.gov/vuln/detail/CVE-2022-49328
• https://lore.kernel.org/linux-cve-announce/2025022638-CVE-2022-49328-ec2f@gregkh/T

---

kernel: tipc: fix use-after-free Read in tipc_named_reinit

CVE-2022-49696

More information

Severity

Moderate

References

• https://access.redhat.com/security/cve/CVE-2022-49696
• https://bugzilla.redhat.com/show_bug.cgi?id=2347851
• https://www.cve.org/CVERecord?id=CVE-2022-49696
• https://nvd.nist.gov/vuln/detail/CVE-2022-49696
• https://lore.kernel.org/linux-cve-announce/2025022628-CVE-2022-49696-c188@​gregkh/T

---

kernel: ndisc: use RCU protection in ndisc_alloc_skb()

CVE-2025-21764

More information

Severity

Moderate

References

• https://access.redhat.com/security/cve/CVE-2025-21764
• https://bugzilla.redhat.com/show_bug.cgi?id=2348575
• https://www.cve.org/CVERecord?id=CVE-2025-21764
• https://nvd.nist.gov/vuln/detail/CVE-2025-21764
• https://lore.kernel.org/linux-cve-announce/2025022605-CVE-2025-21764-1061@​gregkh/T

---

kernel: blk-mq: don't touch ->tagset in blk_mq_get_sq_hctx

CVE-2022-49377

More information

Severity

Moderate

References

• https://access.redhat.com/security/cve/CVE-2022-49377
• https://bugzilla.redhat.com/show_bug.cgi?id=2347929
• https://www.cve.org/CVERecord?id=CVE-2022-49377
• https://nvd.nist.gov/vuln/detail/CVE-2022-49377
• https://lore.kernel.org/linux-cve-announce/2025022647-CVE-2022-49377-4fdf@gregkh/T

---

kernel: dlm: fix plock invalid read

CVE-2022-49407

More information

Severity

Moderate

References

• https://access.redhat.com/security/cve/CVE-2022-49407
• https://bugzilla.redhat.com/show_bug.cgi?id=2347662
• https://www.cve.org/CVERecord?id=CVE-2022-49407
• https://nvd.nist.gov/vuln/detail/CVE-2022-49407
• https://lore.kernel.org/linux-cve-announce/2025022652-CVE-2022-49407-2755@​gregkh/T

---

kernel: scsi: libfc: Fix use after free in fc_exch_abts_resp()

CVE-2022-49114

More information

Severity

Moderate

References

• https://access.redhat.com/security/cve/CVE-2022-49114
• https://bugzilla.redhat.com/show_bug.cgi?id=2348136
• https://www.cve.org/CVERecord?id=CVE-2022-49114
• https://nvd.nist.gov/vuln/detail/CVE-2022-49114
• https://lore.kernel.org/linux-cve-announce/2025022602-CVE-2022-49114-86bb@gregkh/T

---

kernel: Bluetooth: Fix use after free in hci_send_acl

CVE-2022-49111

More information

Severity

Moderate

References

• https://access.redhat.com/security/cve/CVE-2022-49111
• https://bugzilla.redhat.com/show_bug.cgi?id=2347952
• https://www.cve.org/CVERecord?id=CVE-2022-49111
• https://nvd.nist.gov/vuln/detail/CVE-2022-49111
• https://lore.kernel.org/linux-cve-announce/2025022602-CVE-2022-49111-8795@​gregkh/T

---

Kernel: use-after-free in nfsd4_ssc_setup_dul in fs/nfsd/nfs4proc.c

CVE-2023-1652

More information

Severity

Moderate

References

• https://access.redhat.com/security/cve/CVE-2023-1652
• https://bugzilla.redhat.com/show_bug.cgi?id=2182031
• https://www.cve.org/CVERecord?id=CVE-2023-1652
• https://nvd.nist.gov/vuln/detail/CVE-2023-1652
• https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=e6cf91b7b47ff82b624bdfe2fdcde32bb52e71dd

---

kernel: um: Fix out-of-bounds read in LDT setup

CVE-2022-49395

More information

Severity

Important

References

• https://access.redhat.com/security/cve/CVE-2022-49395
• https://bugzilla.redhat.com/show_bug.cgi?id=2347899
• https://www.cve.org/CVERecord?id=CVE-2022-49395
• https://nvd.nist.gov/vuln/detail/CVE-2022-49395
• https://lore.kernel.org/linux-cve-announce/2025022650-CVE-2022-49395-7419@​gregkh/T

---

kernel: net: atlantic: fix aq_vec index out of range error

CVE-2022-50066

More information

Severity

Important

References

• https://access.redhat.com/security/cve/CVE-2022-50066
• https://bugzilla.redhat.com/show_bug.cgi?id=2373683
• https://www.cve.org/CVERecord?id=CVE-2022-50066
• https://nvd.nist.gov/vuln/detail/CVE-2022-50066
• https://lore.kernel.org/linux-cve-announce/2025061851-CVE-2022-50066-a2ad@gregkh/T

---

kernel: ipv6: mcast: extend RCU protection in igmp6_send()

CVE-2025-21759

More information

Severity

Important

References

• https://access.redhat.com/security/cve/CVE-2025-21759
• https://bugzilla.redhat.com/show_bug.cgi?id=2348596
• https://www.cve.org/CVERecord?id=CVE-2025-21759
• https://nvd.nist.gov/vuln/detail/CVE-2025-21759
• https://lore.kernel.org/linux-cve-announce/2025022604-CVE-2025-21759-ad7c@gregkh/T

---

kernel: net: atm: fix use after free in lec_send()

CVE-2025-22004

More information

Severity

Important

References

• https://access.redhat.com/security/cve/CVE-2025-22004
• https://bugzilla.redhat.com/show_bug.cgi?id=2357142
• https://www.cve.org/CVERecord?id=CVE-2025-22004
• https://nvd.nist.gov/vuln/detail/CVE-2025-22004
• https://lore.kernel.org/linux-cve-announce/2025040349-CVE-2025-22004-64f9@​gregkh/T

---

kernel: ext4: fix out-of-bound read in ext4_xattr_inode_dec_ref_all()

CVE-2025-22121

More information

Severity

Important

References

• https://access.redhat.com/security/cve/CVE-2025-22121
• https://bugzilla.redhat.com/show_bug.cgi?id=2360199
• https://www.cve.org/CVERecord?id=CVE-2025-22121
• https://nvd.nist.gov/vuln/detail/CVE-2025-22121
• https://lore.kernel.org/linux-cve-announce/2025041628-CVE-2025-22121-52fd@gregkh/T

---

kernel: dm ioctl: prevent potential spectre v1 gadget

CVE-2022-49122

More information

Severity

Important

References

• https://access.redhat.com/security/cve/CVE-2022-49122
• https://bugzilla.redhat.com/show_bug.cgi?id=2348154
• https://www.cve.org/CVERecord?id=CVE-2022-49122
• https://nvd.nist.gov/vuln/detail/CVE-2022-49122
• https://lore.kernel.org/linux-cve-announce/2025022604-CVE-2022-49122-b139@​gregkh/T

---

kernel: udf: Fix a slab-out-of-bounds write bug in udf_find_entry()

CVE-2022-49846

More information

Severity

Important

References

• https://access.redhat.com/security/cve/CVE-2022-49846
• https://bugzilla.redhat.com/show_bug.cgi?id=2363432
• https://www.cve.org/CVERecord?id=CVE-2022-49846
• https://nvd.nist.gov/vuln/detail/CVE-2022-49846
• https://lore.kernel.org/linux-cve-announce/2025050142-CVE-2022-49846-728c@gregkh/T

---

kernel: Squashfs: fix handling and sanity checking of xattr_ids count

CVE-2023-52933

More information

Severity

Important

References

• https://access.redhat.com/security/cve/CVE-2023-52933
• https://bugzilla.redhat.com/show_bug.cgi?id=2355476
• https://www.cve.org/CVERecord?id=CVE-2023-52933
• https://nvd.nist.gov/vuln/detail/CVE-2023-52933
• https://lore.kernel.org/linux-cve-announce/2025032720-CVE-2023-52933-f292@​gregkh/T

---

kernel: ext4: ignore xattrs past end

CVE-2025-37738

More information

Severity

Important

References

• https://access.redhat.com/security/cve/CVE-2025-37738
• https://bugzilla.redhat.com/show_bug.cgi?id=2363305
• https://www.cve.org/CVERecord?id=CVE-2025-37738
• https://nvd.nist.gov/vuln/detail/CVE-2025-37738
• https://lore.kernel.org/linux-cve-announce/2025050132-CVE-2025-37738-deb1@​gregkh/T

---

kernel: ibmvnic: Use kernel helpers for hex dumps

CVE-2025-22104

More information

Severity

Important

References

• https://access.redhat.com/security/cve/CVE-2025-22104
• https://bugzilla.redhat.com/show_bug.cgi?id=2360265
• https://www.cve.org/CVERecord?id=CVE-2025-22104
• https://nvd.nist.gov/vuln/detail/CVE-2025-22104
• https://lore.kernel.org/linux-cve-announce/2025041622-CVE-2025-22104-0a82@​gregkh/T

---

kernel: writeback: avoid use-after-free after removing device

CVE-2022-49995

More information

Severity

Moderate

References

• https://access.redhat.com/security/cve/CVE-2022-49995
• https://bugzilla.redhat.com/show_bug.cgi?id=2373560
• https://www.cve.org/CVERecord?id=CVE-2022-49995
• https://nvd.nist.gov/vuln/detail/CVE-2022-49995
• https://lore.kernel.org/linux-cve-announce/2025061826-CVE-2022-49995-2d74@​gregkh/T

---

kernel: wifi: iwlwifi: limit printed string from FW file

CVE-2025-21905

More information

Severity

Moderate

References

• https://access.redhat.com/security/cve/CVE-2025-21905
• https://bugzilla.redhat.com/show_bug.cgi?id=2356613
• https://www.cve.org/CVERecord?id=CVE-2025-21905
• https://nvd.nist.gov/vuln/detail/CVE-2025-21905
• https://lore.kernel.org/linux-cve-announce/2025040129-CVE-2025-21905-348b@gregkh/T

---

kernel: ext4: fix off-by-one error in do_split

CVE-2025-23150

More information

Severity

Moderate

References

• https://access.redhat.com/security/cve/CVE-2025-23150
• https://bugzilla.redhat.com/show_bug.cgi?id=2363268
• https://www.cve.org/CVERecord?id=CVE-2025-23150
• https://nvd.nist.gov/vuln/detail/CVE-2025-23150
• https://lore.kernel.org/linux-cve-announce/2025050127-CVE-2025-23150-15b8@​gregkh/T

---

kernel: ext4: avoid journaling sb update on error if journal is destroying

CVE-2025-22113

More information

Severity

Moderate

References

• https://access.redhat.com/security/cve/CVE-2025-22113
• https://bugzilla.redhat.com/show_bug.cgi?id=2360212
• https://www.cve.org/CVERecord?id=CVE-2025-22113
• https://nvd.nist.gov/vuln/detail/CVE-2025-22113
• https://lore.kernel.org/linux-cve-announce/2025041625-CVE-2025-22113-34cd@gregkh/T

---

kernel: media: uvcvideo: Fix double free in error path

CVE-2024-57980

More information

Severity

Moderate

References

• https://access.redhat.com/security/cve/CVE-2024-57980
• https://bugzilla.redhat.com/show_bug.cgi?id=2348599
• https://www.cve.org/CVERecord?id=CVE-2024-57980
• https://nvd.nist.gov/vuln/detail/CVE-2024-57980
• https://lore.kernel.org/linux-cve-announce/2025022634-CVE-2024-57980-4b5a@gregkh/T

---

kernel: mm/huge_memory: fix dereferencing invalid pmd migration entry

CVE-2025-37958

More information

Severity

Moderate

References

• https://access.redhat.com/security/cve/CVE-2025-37958
• https://bugzilla.redhat.com/show_bug.cgi?id=2367572
• https://www.cve.org/CVERecord?id=CVE-2025-37958
• https://nvd.nist.gov/vuln/detail/CVE-2025-37958
• https://lore.kernel.org/linux-cve-announce/2025052003-CVE-2025-37958-02de@gregkh/T

---

kernel: media: uvcvideo: Remove dangling pointers

CVE-2024-58002

More information

Severity

Important

References

• https://access.redhat.com/security/cve/CVE-2024-58002
• https://bugzilla.redhat.com/show_bug.cgi?id=2348513
• https://www.cve.org/CVERecord?id=CVE-2024-58002
• https://nvd.nist.gov/vuln/detail/CVE-2024-58002
• https://lore.kernel.org/linux-cve-announce/2025022654-CVE-2024-58002-6f93@​gregkh/T

---

kernel: HID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove()

CVE-2025-21928

More information

Severity

Important

References

• https://access.redhat.com/security/cve/CVE-2025-21928
• https://bugzilla.redhat.com/show_bug.cgi?id=2356592
• https://www.cve.org/CVERecord?id=CVE-2025-21928
• https://nvd.nist.gov/vuln/detail/CVE-2025-21928
• https://lore.kernel.org/linux-cve-announce/2025040133-CVE-2025-21928-e444@​gregkh/T

---

kernel: misc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram()

CVE-2022-49788

More information

Severity

Important

References

• https://access.redhat.com/security/cve/CVE-2022-49788
• https://bugzilla.redhat.com/show_bug.cgi?id=2363378
• https://www.cve.org/CVERecord?id=CVE-2022-49788
• https://nvd.nist.gov/vuln/detail/CVE-2022-49788
• https://lore.kernel.org/linux-cve-announce/2025050121-CVE-2022-49788-6e84@​gregkh/T

---

kernel: net/tipc: fix slab-use-after-free Read in tipc_aead_encrypt_done

CVE-2025-38052

More information

Severity

Important

References

• https://access.redhat.com/security/cve/CVE-2025-38052
• https://bugzilla.redhat.com/show_bug.cgi?id=2373380
• https://www.cve.org/CVERecord?id=CVE-2025-38052
• https://nvd.nist.gov/vuln/detail/CVE-2025-38052
• https://lore.kernel.org/linux-cve-announce/2025061832-CVE-2025-38052-6201@​gregkh/T

---

kernel: cifs: potential buffer overflow in handling symlinks

CVE-2022-49058

More information

Severity

Important

References

• https://access.redhat.com/security/cve/CVE-2022-49058
• https://bugzilla.redhat.com/show_bug.cgi?id=2348254
• https://www.cve.org/CVERecord?id=CVE-2022-49058
• https://nvd.nist.gov/vuln/detail/CVE-2022-49058
• https://lore.kernel.org/linux-cve-announce/2025022653-CVE-2022-49058-5df2@​gregkh/T

---

kernel: tee: amdtee: fix race condition in amdtee_open_session

CVE-2023-53047

More information

Severity

Important

References

• https://access.redhat.com/security/cve/CVE-2023-53047
• https://bugzilla.redhat.com/show_bug.cgi?id=2363689
• https://www.cve.org/CVERecord?id=CVE-2023-53047
• https://nvd.nist.gov/vuln/detail/CVE-2023-53047
• https://lore.kernel.org/linux-cve-announce/2025050204-CVE-2023-53047-7e31@​gregkh/T

---

kernel: driver: base: fix UAF when driver_attach failed

CVE-2022-49385

More information

Severity

Important

References

• https://access.redhat.com/security/cve/CVE-2022-49385
• https://bugzilla.redhat.com/show_bug.cgi?id=2348020
• https://www.cve.org/CVERecord?id=CVE-2022-49385
• https://nvd.nist.gov/vuln/detail/CVE-2022-49385
• https://lore.kernel.org/linux-cve-announce/2025022648-CVE-2022-49385-258c@gregkh/T

---

kernel: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice

CVE-2025-38001

More information

Severity

Important

References

• https://access.redhat.com/security/cve/CVE-2025-38001
• https://bugzilla.redhat.com/show_bug.cgi?id=2370776
• https://www.cve.org/CVERecord?id=CVE-2025-38001
• https://nvd.nist.gov/vuln/detail/CVE-2025-38001
• https://lore.kernel.org/linux-cve-announce/2025060650-CVE-2025-38001-f921@​gregkh/T

---

kernel: sch_hfsc: make hfsc_qlen_notify() idempotent

CVE-2025-38177

More information

Severity

Important

References

• https://access.redhat.com/security/cve/CVE-2025-38177
• https://bugzilla.redhat.com/show_bug.cgi?id=2376354
• https://www.cve.org/CVERecord?id=CVE-2025-38177
• https://nvd.nist.gov/vuln/detail/CVE-2025-38177
• https://lore.kernel.org/linux-cve-announce/2025070411-CVE-2025-38177-bd6c@gregkh/T

---

kernel: ftrace: Fix NULL pointer dereference in is_ftrace_trampoline when ftrace is dead

CVE-2022-49977

More information

Severity

Important

References

• https://access.redhat.com/security/cve/CVE-2022-49977
• https://bugzilla.redhat.com/show_bug.cgi?id=2373574
• https://www.cve.org/CVERecord?id=CVE-2022-49977
• https://nvd.nist.gov/vuln/detail/CVE-2022-49977
• https://lore.kernel.org/linux-cve-announce/2025061819-CVE-2022-49977-3826@​gregkh/T

---

kernel: mm/hugetlb: avoid corrupting page->mapping in hugetlb_mcopy_atomic_pte

CVE-2022-49991

More information

Severity

Important

References

• https://access.redhat.com/security/cve/CVE-2022-49991
• https://bugzilla.redhat.com/show_bug.cgi?id=2373639
• https://www.cve.org/CVERecord?id=CVE-2022-49991
• https://nvd.nist.gov/vuln/detail/CVE-2022-49991
• https://lore.kernel.org/linux-cve-announce/2025061824-CVE-2022-49991-c44f@gregkh/T

---

kernel: nfsd: don't ignore the return code of svc_proc_register()

CVE-2025-22026

More information

Severity

Important

References

• https://access.redhat.com/security/cve/CVE-2025-22026
• https://bugzilla.redhat.com/show_bug.cgi?id=2360224
• https://www.cve.org/CVERecord?id=CVE-2025-22026
• https://nvd.nist.gov/vuln/detail/CVE-2025-22026
• https://lore.kernel.org/linux-cve-announce/2025041654-CVE-2025-22026-f6be@gregkh/T

---

kernel: sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue()

CVE-2025-38000

More information

Severity

Important

References

• https://access.redhat.com/security/cve/CVE-2025-38000
• https://bugzilla.redhat.com/show_bug.cgi?id=2370786
• https://www.cve.org/CVERecord?id=CVE-2025-38000
• https://nvd.nist.gov/vuln/detail/CVE-2025-38000
• https://lore.kernel.org/linux-cve-announce/2025060639-CVE-2025-38000-f5a4@​gregkh/T

---

kernel: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc

CVE-2025-37890

More information

Severity

Important

References

• https://access.redhat.com/security/cve/CVE-2025-37890
• https://bugzilla.redhat.com/show_bug.cgi?id=2366848
• https://www.cve.org/CVERecord?id=CVE-2025-37890
• https://nvd.nist.gov/vuln/detail/CVE-2025-37890
• https://lore.kernel.org/linux-cve-announce/2025051617-CVE-2025-37890-437b@gregkh/T

---

kernel: net: qrtr: start MHI channel after endpoit creation

CVE-2022-50044

More information

Severity

Important

References

• https://access.redhat.com/security/cve/CVE-2022-50044
• https://bugzilla.redhat.com/show_bug.cgi?id=2373627
• https://www.cve.org/CVERecord?id=CVE-2022-50044
• https://nvd.nist.gov/vuln/detail/CVE-2022-50044
• https://lore.kernel.org/linux-cve-announce/2025061843-CVE-2022-50044-0b6b@gregkh/T

---

kernel: net/sched: Always pass notifications when child class becomes empty

CVE-2025-38350

More information

Severity

Important

References

• https://access.redhat.com/security/cve/CVE-2025-38350
• https://bugzilla.redhat.com/show_bug.cgi?id=2382054
• https://www.cve.org/CVERecord?id=CVE-2025-38350
• https://nvd.nist.gov/vuln/detail/CVE-2025-38350
• https://lore.kernel.org/linux-cve-announce/2025071933-CVE-2025-38350-262a@gregkh/T

---

kernel: xsk: fix OOB map writes when deleting elements

CVE-2024-56614

More information

Severity

Moderate

References

• https://access.redhat.com/security/cve/CVE-2024-56614
• https://bugzilla.redhat.com/show_bug.cgi?id=2334573
• https://www.cve.org/CVERecord?id=CVE-2024-56614
• https://nvd.nist.gov/vuln/detail/CVE-2024-56614
• https://lore.kernel.org/linux-cve-announce/2024122707-CVE-2024-56614-17c4@​gregkh/T

---

kernel: bpf: fix OOB devmap writes when deleting elements

CVE-2024-56615

More information

Severity

Moderate

References

• https://access.redhat.com/security/cve/CVE-2024-56615
• https://bugzilla.redhat.com/show_bug.cgi?id=2334493
• https://www.cve.org/CVERecord?id=CVE-2024-56615
• https://nvd.nist.gov/vuln/detail/CVE-2024-56615
• https://lore.kernel.org/linux-cve-announce/2024122708-CVE-2024-56615-5148@​gregkh/T

---

kernel: md: fix mddev uaf while iterating all_mddevs list

CVE-2025-22126

More information

Severity

Moderate

References

• https://access.redhat.com/security/cve/CVE-2025-22126
• https://bugzilla.redhat.com/show_bug.cgi?id=2360236
• https://www.cve.org/CVERecord?id=CVE-2025-22126
• https://nvd.nist.gov/vuln/detail/CVE-2025-22126
• https://lore.kernel.org/linux-cve-announce/2025041629-CVE-2025-22126-50e3@​gregkh/T

---

Kernel: use-after-free in nfsd4_ssc_setup_dul in fs/nfsd/nfs4proc.c

CVE-2023-1652

More information

Severity

Important

References

• https://access.redhat.com/security/cve/CVE-2023-1652
• https://bugzilla.redhat.com/show_bug.cgi?id=2182031
• https://www.cve.org/CVERecord?id=CVE-2023-1652
• https://nvd.nist.gov/vuln/detail/CVE-2023-1652
• https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=e6cf91b7b47ff82b624bdfe2fdcde32bb52e71dd

---

kernel: um: Fix out-of-bounds read in LDT setup

CVE-2022-49395

More information

Severity

Moderate

References

• https://access.redhat.com/security/cve/CVE-2022-49395
• https://bugzilla.redhat.com/show_bug.cgi?id=2347899
• https://www.cve.org/CVERecord?id=CVE-2022-49395
• https://nvd.nist.gov/vuln/detail/CVE-2022-49395
• https://lore.kernel.org/linux-cve-announce/2025022650-CVE-2022-49395-7419@​gregkh/T

---

kernel: Squashfs: fix handling and sanity checking of xattr_ids count

CVE-2023-52933

More information

Severity

Moderate

References

• https://access.redhat.com/security/cve/CVE-2023-52933
• https://bugzilla.redhat.com/show_bug.cgi?id=2355476
• https://www.cve.org/CVERecord?id=CVE-2023-52933
• https://nvd.nist.gov/vuln/detail/CVE-2023-52933
• https://lore.kernel.org/linux-cve-announce/2025032720-CVE-2023-52933-f292@​gregkh/T

---

kernel: ext4: fix off-by-one error in do_split

CVE-2025-23150

More information

Severity

Important

References

• https://access.redhat.com/security/cve/CVE-2025-23150
• https://bugzilla.redhat.com/show_bug.cgi?id=2363268
• https://www.cve.org/CVERecord?id=CVE-2025-23150
• https://nvd.nist.gov/vuln/detail/CVE-2025-23150
• https://lore.kernel.org/linux-cve-announce/2025050127-CVE-2025-23150-15b8@​gregkh/T

---

net/http: Request smuggling due to acceptance of invalid chunked data in net/http

CVE-2025-22871

More information

Severity

Moderate

References

• https://access.redhat.com/security/cve/CVE-2025-22871
• https://bugzilla.redhat.com/show_bug.cgi?id=2358493
• https://www.cve.org/CVERecord?id=CVE-2025-22871
• https://nvd.nist.gov/vuln/detail/CVE-2025-22871
• https://go.dev/cl/652998
• https://go.dev/issue/71988
• https://groups.google.com/g/golang-announce/c/Y2uBTVKjBQk
• https://pkg.go.dev/vuln/GO-2025-3563

---

kernel: udmabuf: fix a buf size overflow issue during udmabuf creation

CVE-2025-37803

More information

Severity

Important

References

• https://access.redhat.com/security/cve/CVE-2025-37803
• https://bugzilla.redhat.com/show_bug.cgi?id=2365013
• https://www.cve.org/CVERecord?id=CVE-2025-37803
• https://nvd.nist.gov/vuln/detail/CVE-2025-37803
• https://lore.kernel.org/linux-cve-announce/2025050814-CVE-2025-37803-0c5c@gregkh/T

---

kernel: ext4: avoid journaling sb update on error if journal is destroying

CVE-2025-22113

More information

Severity

Important

References

• https://access.redhat.com/security/cve/CVE-2025-22113
• https://bugzilla.redhat.com/show_bug.cgi?id=2360212
• https://www.cve.org/CVERecord?id=CVE-2025-22113
• https://nvd.nist.gov/vuln/detail/CVE-2025-22113
• https://lore.kernel.org/linux-cve-announce/2025041625-CVE-2025-22113-34cd@gregkh/T

---

kernel: mm/huge_memory: fix dereferencing invalid pmd migration entry

CVE-2025-37958

More information

Severity

Important

References

• https://access.redhat.com/security/cve/CVE-2025-37958
• https://bugzilla.redhat.com/show_bug.cgi?id=2367572
• https://www.cve.org/CVERecord?id=CVE-2025-37958
• https://nvd.nist.gov/vuln/detail/CVE-2025-37958
• https://lore.kernel.org/linux-cve-announce/2025052003-CVE-2025-37958-02de@gregkh/T

---

kernel: wifi: iwlwifi: limit printed string from FW file

CVE-2025-21905

More information

Severity

Important

References

• https://access.redhat.com/security/cve/CVE-2025-21905
• https://bugzilla.redhat.com/show_bug.cgi?id=2356613
• https://www.cve.org/CVERecord?id=CVE-2025-21905
• https://nvd.nist.gov/vuln/detail/CVE-2025-21905
• https://lore.kernel.org/linux-cve-announce/2025040129-CVE-2025-21905-348b@gregkh/T

---

kernel: media: uvcvideo: Fix double free in error path

CVE-2024-57980

More information

Severity

Important

References

• https://access.redhat.com/security/cve/CVE-2024-57980
• https://bugzilla.redhat.com/show_bug.cgi?id=2348599
• https://www.cve.org/CVERecord?id=CVE-2024-57980
• https://nvd.nist.gov/vuln/detail/CVE-2024-57980
• https://lore.kernel.org/linux-cve-announce/2025022634-CVE-2024-57980-4b5a@gregkh/T

---

kernel: i2c/designware: Fix an initialization issue

CVE-2025-38380

More information

Severity

Important

References

• https://access.redhat.com/security/cve/CVE-2025-38380
• https://bugzilla.redhat.com/show_bug.cgi?id=2383381
• https://www.cve.org/CVERecord?id=CVE-2025-38380
• https://nvd.nist.gov/vuln/detail/CVE-2025-38380
• https://lore.kernel.org/linux-cve-announce/2025072505-CVE-2025-38380-d1a9@​gregkh/T

---

kernel: tls: always refresh the queue when reading sock

CVE-2025-38471

More information

Severity

Important

References

• https://access.redhat.com/security/cve/CVE-2025-38471
• https://bugzilla.redhat.com/show_bug.cgi?id=2383893
• https://www.cve.org/CVERecord?id=CVE-2025-38471
• https://nvd.nist.gov/vuln/detail/CVE-2025-38471
• https://lore.kernel.org/linux-cve-announce/2025072812-CVE-2025-38471-ca92@​gregkh/T

---

kernel: scsi: lpfc: Use memcpy() for BIOS version

CVE-2025-38332

More information

Severity

Important

References

• https://access.redhat.com/security/cve/CVE-2025-38332
• https://bugzilla.redhat.com/show_bug.cgi?id=2379246
• https://www.cve.org/CVERecord?id=CVE-2025-38332
• https://nvd.nist.gov/vuln/detail/CVE-2025-38332
• https://lore.kernel.org/linux-cve-announce/2025071033-CVE-2025-38332-9590@​gregkh/T

---

kernel: crypto: algif_hash - fix double free in hash_accept

CVE-2025-38079

More information

Severity

Important

References

• https://access.redhat.com/security/cve/CVE-2025-38079
• https://bugzilla.redhat.com/show_bug.cgi?id=2373383
• https://www.cve.org/CVERecord?id=CVE-2025-38079
• https://nvd.nist.gov/vuln/detail/CVE-2025-38079
• https://lore.kernel.org/linux-cve-announce/2025061841-CVE-2025-38079-7fa5@​gregkh/T

---

kernel: bpf, test_run: Fix use-after-free issue in eth_skb_pkt_type()

CVE-2025-21867

More information

Severity

Important

References

• https://access.redhat.com/security/cve/CVE-2025-21867
• https://bugzilla.redhat.com/show_bug.cgi?id=2355334
• https://www.cve.org/CVERecord?id=CVE-2025-21867
• https://nvd.nist.gov/vuln/detail/CVE-2025-21867
• https://lore.kernel.org/linux-cve-announce/2025032732-CVE-2025-21867-3138@​gregkh/T

---

kernel: inet: inet_defrag: prevent sk release while still in use

CVE-2024-26921

More information

Severity

Moderate

References

• https://access.redhat.com/security/cve/CVE-2024-26921
• https://bugzilla.redhat.com/show_bug.cgi?id=2275928
• https://www.cve.org/CVERecord?id=CVE-2024-26921
• https://nvd.nist.gov/vuln/detail/CVE-2024-26921
• https://lore.kernel.org/linux-cve-announce/2024041819-CVE-2024-26921-e3b3@​gregkh/T

---

kernel: nsh: Restore skb->{protocol,data,mac_header} for outer header in nsh_gso_segment().

CVE-2024-36933

More information

Severity

Moderate

References

• https://access.redhat.com/security/cve/CVE-2024-36933
• https://bugzilla.redhat.com/show_bug.cgi?id=2284488
• https://www.cve.org/CVERecord?id=CVE-2024-36933
• https://nvd.nist.gov/vuln/detail/CVE-2024-36933
• https://lore.kernel.org/linux-cve-announce/2024053042-CVE-2024-36933-444e@gregkh/T

---

kernel: tracing: Ensure visibility when inserting an element into tracing_map

CVE-2024-26645

More information

Severity

Moderate

References

• https://access.redhat.com/security/cve/CVE-2024-26645
• https://bugzilla.redhat.com/show_bug.cgi?id=2271648
• https://www.cve.org/CVERecord?id=CVE-2024-26645
• https://nvd.nist.gov/vuln/detail/CVE-2024-26645
• https://lore.kernel.org/linux-cve-announce/20240326151722.1258576-4-lee@kernel.org/T

---

kernel: drm/amdgpu: Fix potential out-of-bounds access in &#​39;amdgpu_discovery_reg_base_init()&#​39;

CVE-2024-27042

More information

Severity

Moderate

References

• https://access.redhat.com/security/cve/CVE-2024-27042
• https://bugzilla.redhat.com/show_bug.cgi?id=2278447
• https://www.cve.org/CVERecord?id=CVE-2024-27042
• https://nvd.nist.gov/vuln/detail/CVE-2024-27042
• https://lore.kernel.org/linux-cve-announce/2024050113-CVE-2024-27042-e812@​gregkh/T

---

kernel: powerpc/lib: Validate size for vector operations

CVE-2023-52606

More information

Severity

Moderate

References

• https://access.redhat.com/security/cve/CVE-2023-52606
• https://bugzilla.redhat.com/show_bug.cgi?id=2268293
• https://www.cve.org/CVERecord?id=CVE-2023-52606
• https://nvd.nist.gov/vuln/detail/CVE-2023-52606
• https://lore.kernel.org/linux-cve-announce/2024030647-CVE-2023-52606-fdcc@gregkh/T

---

kernel: scsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc()

CVE-2024-35930

More information

Severity

Moderate

References

• https://access.redhat.com/security/cve/CVE-2024-35930
• https://bugzilla.redhat.com/show_bug.cgi?id=2281519
• https://www.cve.org/CVERecord?id=CVE-2024-35930
• https://nvd.nist.gov/vuln/detail/CVE-2024-35930
• https://lore.kernel.org/linux-cve-announce/2024051916-CVE-2024-35930-5571@​gregkh/T

---

kernel: netfilter: nf_tables: prefer nft_chain_validate

CVE-2024-41042

More information

Severity

Moderate

References

• https://access.redhat.com/security/cve/CVE-2024-41042
• https://bugzilla.redhat.com/show_bug.cgi?id=2300412
• https://www.cve.org/CVERecord?id=CVE-2024-41042
• https://nvd.nist.gov/vuln/detail/CVE-2024-41042
• https://lore.kernel.org/linux-cve-announce/2024072924-CVE-2024-41042-c338@​gregkh/T

---

kernel: SUNRPC: Fix a suspicious RCU usage warning

CVE-2023-52623

More information

Severity

Moderate

References

• https://access.redhat.com/security/cve/CVE-2023-52623
• https://bugzilla.redhat.com/show_bug.cgi?id=2271686
• https://www.cve.org/CVERecord?id=CVE-2023-52623
• https://nvd.nist.gov/vuln/detail/CVE-2023-52623
• https://lore.kernel.org/linux-cve-announce/20240326171931.1354035-6-lee@kernel.org/T

---

kernel: vmxnet3: Fix packet corruption in vmxnet3_xdp_xmit_frame

CVE-2024-58099

More information

Severity

Moderate

References

• https://access.redhat.com/security/cve/CVE-2024-58099
• https://bugzilla.redhat.com/show_bug.cgi?id=2362882
• https://www.cve.org/CVERecord?id=CVE-2024-58099
• https://nvd.nist.gov/vuln/detail/CVE-2024-58099
• https://lore.kernel.org/linux-cve-announce/2025042936-CVE-2024-58099-39c4@​gregkh/T

---

kernel: drm/i915/vma: Fix UAF on destroy against retire race

CVE-2024-26939

More information

Severity

Moderate

References

• https://access.redhat.com/security/cve/CVE-2024-26939
• https://bugzilla.redhat.com/show_bug.cgi?id=2278220
• https://www.cve.org/CVERecord?id=CVE-2024-26939
• https://nvd.nist.gov/vuln/detail/CVE-2024-26939
• https://lore.kernel.org/linux-cve-announce/2024050124-CVE-2024-26939-5314@​gregkh/T

---

kernel: irqchip/gic-v3-its: Prevent double free on error

CVE-2024-35847

More information

Severity

Moderate

References

• https://access.redhat.com/security/cve/CVE-2024-35847
• [https://bugzilla.redhat.com/show_bu

[konflux-internal-p02]

Autoclosing Skipped

This PR has been flagged for autoclosing. However, it is being skipped due to the branch being already modified. Please close/delete it manually or report a bug if you think this is in error.