CVE-2025-38211

EUVD-2025-20045
In the Linux kernel, the following vulnerability has been resolved:

RDMA/iwcm: Fix use-after-free of work objects after cm_id destruction

The commit 59c68ac31e15 ("iw_cm: free cm_id resources on the last
deref") simplified cm_id resource management by freeing cm_id once all
references to the cm_id were removed. The references are removed either
upon completion of iw_cm event handlers or when the application destroys
the cm_id. This commit introduced the use-after-free condition where
cm_id_private object could still be in use by event handler works during
the destruction of cm_id. The commit aee2424246f9 ("RDMA/iwcm: Fix a
use-after-free related to destroying CM IDs") addressed this use-after-
free by flushing all pending works at the cm_id destruction.

However, still another use-after-free possibility remained. It happens
with the work objects allocated for each cm_id_priv within
alloc_work_entries() during cm_id creation, and subsequently freed in
dealloc_work_entries() once all references to the cm_id are removed.
If the cm_id's last reference is decremented in the event handler work,
the work object for the work itself gets removed, and causes the use-
after-free BUG below:

  BUG: KASAN: slab-use-after-free in __pwq_activate_work+0x1ff/0x250
  Read of size 8 at addr ffff88811f9cf800 by task kworker/u16:1/147091

  CPU: 2 UID: 0 PID: 147091 Comm: kworker/u16:1 Not tainted 6.15.0-rc2+ #27 PREEMPT(voluntary)
  Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-3.fc41 04/01/2014
  Workqueue:  0x0 (iw_cm_wq)
  Call Trace:
   <TASK>
   dump_stack_lvl+0x6a/0x90
   print_report+0x174/0x554
   ? __virt_addr_valid+0x208/0x430
   ? __pwq_activate_work+0x1ff/0x250
   kasan_report+0xae/0x170
   ? __pwq_activate_work+0x1ff/0x250
   __pwq_activate_work+0x1ff/0x250
   pwq_dec_nr_in_flight+0x8c5/0xfb0
   process_one_work+0xc11/0x1460
   ? __pfx_process_one_work+0x10/0x10
   ? assign_work+0x16c/0x240
   worker_thread+0x5ef/0xfd0
   ? __pfx_worker_thread+0x10/0x10
   kthread+0x3b0/0x770
   ? __pfx_kthread+0x10/0x10
   ? rcu_is_watching+0x11/0xb0
   ? _raw_spin_unlock_irq+0x24/0x50
   ? rcu_is_watching+0x11/0xb0
   ? __pfx_kthread+0x10/0x10
   ret_from_fork+0x30/0x70
   ? __pfx_kthread+0x10/0x10
   ret_from_fork_asm+0x1a/0x30
   </TASK>

  Allocated by task 147416:
   kasan_save_stack+0x2c/0x50
   kasan_save_track+0x10/0x30
   __kasan_kmalloc+0xa6/0xb0
   alloc_work_entries+0xa9/0x260 [iw_cm]
   iw_cm_connect+0x23/0x4a0 [iw_cm]
   rdma_connect_locked+0xbfd/0x1920 [rdma_cm]
   nvme_rdma_cm_handler+0x8e5/0x1b60 [nvme_rdma]
   cma_cm_event_handler+0xae/0x320 [rdma_cm]
   cma_work_handler+0x106/0x1b0 [rdma_cm]
   process_one_work+0x84f/0x1460
   worker_thread+0x5ef/0xfd0
   kthread+0x3b0/0x770
   ret_from_fork+0x30/0x70
   ret_from_fork_asm+0x1a/0x30

  Freed by task 147091:
   kasan_save_stack+0x2c/0x50
   kasan_save_track+0x10/0x30
   kasan_save_free_info+0x37/0x60
   __kasan_slab_free+0x4b/0x70
   kfree+0x13a/0x4b0
   dealloc_work_entries+0x125/0x1f0 [iw_cm]
   iwcm_deref_id+0x6f/0xa0 [iw_cm]
   cm_work_handler+0x136/0x1ba0 [iw_cm]
   process_one_work+0x84f/0x1460
   worker_thread+0x5ef/0xfd0
   kthread+0x3b0/0x770
   ret_from_fork+0x30/0x70
   ret_from_fork_asm+0x1a/0x30

  Last potentially related work creation:
   kasan_save_stack+0x2c/0x50
   kasan_record_aux_stack+0xa3/0xb0
   __queue_work+0x2ff/0x1390
   queue_work_on+0x67/0xc0
   cm_event_handler+0x46a/0x820 [iw_cm]
   siw_cm_upcall+0x330/0x650 [siw]
   siw_cm_work_handler+0x6b9/0x2b20 [siw]
   process_one_work+0x84f/0x1460
   worker_thread+0x5ef/0xfd0
   kthread+0x3b0/0x770
   ret_from_fork+0x30/0x70
   ret_from_fork_asm+0x1a/0x30

This BUG is reproducible by repeating the blktests test case nvme/061
for the rdma transport and the siw driver.

To avoid the use-after-free of cm_id_private work objects, ensure that
the last reference to the cm_id is decremented not in the event handler
works, but in the cm_id destruction context. For that purpose, mo
---truncated---
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 19%
Affected Products (NVD)
VendorProductVersion
linuxlinux_kernel
4.8 ≤
𝑥
< 5.4.296
linuxlinux_kernel
5.5 ≤
𝑥
< 5.10.240
linuxlinux_kernel
5.11 ≤
𝑥
< 5.15.186
linuxlinux_kernel
5.16 ≤
𝑥
< 6.1.142
linuxlinux_kernel
6.2 ≤
𝑥
< 6.6.95
linuxlinux_kernel
6.7 ≤
𝑥
< 6.12.35
linuxlinux_kernel
6.13 ≤
𝑥
< 6.15.4
debiandebian_linux
11.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
linux
bookworm
6.1.170-3
fixed
bookworm (security)
6.1.172-1
fixed
bullseye
vulnerable
bullseye (security)
5.10.251-5
fixed
forky
7.0.7-1
fixed
sid
7.0.7-1
fixed
trixie
6.12.86-1
fixed
trixie (security)
6.12.88-1
fixed
linux-6.1
bullseye (security)
6.1.172-1~deb11u1
fixed
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
cluster-md-kmp-default
suse enterprise server 12 SP5
4.12.14-122.269.1
fixed
dlm-kmp-default
suse enterprise server 12 SP5
4.12.14-122.269.1
fixed
gfs2-kmp-default
suse enterprise server 12 SP5
4.12.14-122.269.1
fixed
kernel-64kb
suse enterprise desktop 15 SP6
6.4.0-150600.23.65.1
fixed
suse enterprise desktop 15 SP7
6.4.0-150700.53.11.1
fixed
suse enterprise sap 15 SP6
6.4.0-150600.23.65.1
fixed
suse enterprise sap 15 SP7
6.4.0-150700.53.11.1
fixed
suse enterprise server 15 SP6
6.4.0-150600.23.65.1
fixed
suse enterprise server 15 SP7
6.4.0-150700.53.11.1
fixed
kernel-azure
suse enterprise sap 15 SP6
6.4.0-150600.8.48.1
fixed
suse enterprise sap 15 SP7
6.4.0-150700.20.11.1
fixed
suse enterprise server 15 SP6
6.4.0-150600.8.48.1
fixed
suse enterprise server 15 SP7
6.4.0-150700.20.11.1
fixed
kernel-default
suse enterprise desktop 15 SP6
6.4.0-150600.23.65.1
fixed
suse enterprise desktop 15 SP7
6.4.0-150700.53.11.1
fixed
suse enterprise sap 15 SP6
6.4.0-150600.23.65.1
fixed
suse enterprise sap 15 SP7
6.4.0-150700.53.11.1
fixed
suse enterprise server 12 SP5
4.12.14-122.269.1
fixed
suse enterprise server 15 SP6
6.4.0-150600.23.65.1
fixed
suse enterprise server 15 SP7
6.4.0-150700.53.11.1
fixed
kernel-default-base
suse enterprise desktop 15 SP6
6.4.0-150600.23.65.1.150600.12.28.4
fixed
suse enterprise desktop 15 SP7
6.4.0-150700.53.11.1.150700.17.9.4
fixed
suse enterprise sap 15 SP6
6.4.0-150600.23.65.1.150600.12.28.4
fixed
suse enterprise sap 15 SP7
6.4.0-150700.53.11.1.150700.17.9.4
fixed
suse enterprise server 12 SP5
4.12.14-122.269.1
fixed
suse enterprise server 15 SP6
6.4.0-150600.23.65.1.150600.12.28.4
fixed
suse enterprise server 15 SP7
6.4.0-150700.53.11.1.150700.17.9.4
fixed
kernel-default-extra
suse enterprise desktop 15 SP6
6.4.0-150600.23.65.1
fixed
suse enterprise desktop 15 SP7
6.4.0-150700.53.11.1
fixed
suse enterprise sap 15 SP6
6.4.0-150600.23.65.1
fixed
suse enterprise sap 15 SP7
6.4.0-150700.53.11.1
fixed
suse enterprise server 15 SP6
6.4.0-150600.23.65.1
fixed
suse enterprise server 15 SP7
6.4.0-150700.53.11.1
fixed
suse enterprise workstation 15 SP6
6.4.0-150600.23.65.1
fixed
suse enterprise workstation 15 SP7
6.4.0-150700.53.11.1
fixed
kernel-default-man
suse enterprise server 12 SP5
4.12.14-122.269.1
fixed
kernel-docs
suse enterprise desktop 15 SP6
6.4.0-150600.23.65.1
fixed
suse enterprise desktop 15 SP7
6.4.0-150700.53.11.3
fixed
suse enterprise sap 15 SP6
6.4.0-150600.23.65.1
fixed
suse enterprise sap 15 SP7
6.4.0-150700.53.11.3
fixed
suse enterprise server 15 SP6
6.4.0-150600.23.65.1
fixed
suse enterprise server 15 SP7
6.4.0-150700.53.11.3
fixed
kernel-macros
suse enterprise desktop 15 SP6
6.4.0-150600.23.65.1
fixed
suse enterprise desktop 15 SP7
6.4.0-150700.53.11.1
fixed
suse enterprise sap 15 SP6
6.4.0-150600.23.65.1
fixed
suse enterprise sap 15 SP7
6.4.0-150700.53.11.1
fixed
suse enterprise server 12 SP5
4.12.14-122.269.1
fixed
suse enterprise server 15 SP6
6.4.0-150600.23.65.1
fixed
suse enterprise server 15 SP7
6.4.0-150700.53.11.1
fixed
kernel-obs-build
suse enterprise desktop 15 SP6
6.4.0-150600.23.65.1
fixed
suse enterprise desktop 15 SP7
6.4.0-150700.53.11.1
fixed
suse enterprise sap 15 SP6
6.4.0-150600.23.65.1
fixed
suse enterprise sap 15 SP7
6.4.0-150700.53.11.1
fixed
suse enterprise server 15 SP6
6.4.0-150600.23.65.1
fixed
suse enterprise server 15 SP7
6.4.0-150700.53.11.1
fixed
kernel-source
suse enterprise desktop 15 SP6
6.4.0-150600.23.65.1
fixed
suse enterprise desktop 15 SP7
6.4.0-150700.53.11.1
fixed
suse enterprise sap 15 SP6
6.4.0-150600.23.65.1
fixed
suse enterprise sap 15 SP7
6.4.0-150700.53.11.1
fixed
suse enterprise server 12 SP5
4.12.14-122.269.1
fixed
suse enterprise server 15 SP6
6.4.0-150600.23.65.1
fixed
suse enterprise server 15 SP7
6.4.0-150700.53.11.1
fixed
kernel-source-azure
suse enterprise sap 15 SP6
6.4.0-150600.8.48.1
fixed
suse enterprise sap 15 SP7
6.4.0-150700.20.11.1
fixed
suse enterprise server 15 SP6
6.4.0-150600.8.48.1
fixed
suse enterprise server 15 SP7
6.4.0-150700.20.11.1
fixed
kernel-syms
suse enterprise desktop 15 SP6
6.4.0-150600.23.65.1
fixed
suse enterprise desktop 15 SP7
6.4.0-150700.53.11.1
fixed
suse enterprise sap 15 SP6
6.4.0-150600.23.65.1
fixed
suse enterprise sap 15 SP7
6.4.0-150700.53.11.1
fixed
suse enterprise server 12 SP5
4.12.14-122.269.1
fixed
suse enterprise server 15 SP6
6.4.0-150600.23.65.1
fixed
suse enterprise server 15 SP7
6.4.0-150700.53.11.1
fixed
kernel-syms-azure
suse enterprise sap 15 SP6
6.4.0-150600.8.48.1
fixed
suse enterprise sap 15 SP7
6.4.0-150700.20.11.1
fixed
suse enterprise server 15 SP6
6.4.0-150600.8.48.1
fixed
suse enterprise server 15 SP7
6.4.0-150700.20.11.1
fixed
kernel-zfcpdump
suse enterprise desktop 15 SP6
6.4.0-150600.23.65.1
fixed
suse enterprise desktop 15 SP7
6.4.0-150700.53.11.1
fixed
suse enterprise sap 15 SP6
6.4.0-150600.23.65.1
fixed
suse enterprise sap 15 SP7
6.4.0-150700.53.11.1
fixed
suse enterprise server 15 SP6
6.4.0-150600.23.65.1
fixed
suse enterprise server 15 SP7
6.4.0-150700.53.11.1
fixed
ocfs2-kmp-default
suse enterprise server 12 SP5
4.12.14-122.269.1
fixed
reiserfs-kmp-default
suse enterprise sap 15 SP7
6.4.0-150700.53.11.1
fixed
suse enterprise server 15 SP7
6.4.0-150700.53.11.1
fixed
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
bpftool
RHEL 8
0:4.18.0-553.72.1.el8_10
fixed
RHEL 8.2 AUS
0:4.18.0-193.173.1.el8_2
fixed
RHEL 8.4 AUS
0:4.18.0-305.179.1.el8_4
fixed
RHEL 8.6 AUS
0:4.18.0-372.164.1.el8_6
fixed
RHEL 8.6 E4S
0:4.18.0-372.164.1.el8_6
fixed
RHEL 8.6 TUS
0:4.18.0-372.164.1.el8_6
fixed
RHEL 8.8 E4S
0:4.18.0-477.114.1.el8_8
fixed
RHEL 8.8 TUS
0:4.18.0-477.114.1.el8_8
fixed
kernel
RHEL 8
0:4.18.0-553.72.1.el8_10
fixed
RHEL 8.2 AUS
0:4.18.0-193.173.1.el8_2
fixed
RHEL 8.4 AUS
0:4.18.0-305.179.1.el8_4
fixed
RHEL 8.6 AUS
0:4.18.0-372.164.1.el8_6
fixed
RHEL 8.6 E4S
0:4.18.0-372.164.1.el8_6
fixed
RHEL 8.6 TUS
0:4.18.0-372.164.1.el8_6
fixed
RHEL 8.8 E4S
0:4.18.0-477.114.1.el8_8
fixed
RHEL 8.8 TUS
0:4.18.0-477.114.1.el8_8
fixed
RHEL 9
0:5.14.0-570.39.1.el9_6
fixed
kernel-64k
RHEL 9
0:5.14.0-570.39.1.el9_6
fixed
kernel-64k-core
RHEL 9
0:5.14.0-570.39.1.el9_6
fixed
kernel-64k-debug
RHEL 9
0:5.14.0-570.39.1.el9_6
fixed
kernel-64k-debug-core
RHEL 9
0:5.14.0-570.39.1.el9_6
fixed
kernel-64k-debug-devel
RHEL 9
0:5.14.0-570.39.1.el9_6
fixed
kernel-64k-debug-devel-matched
RHEL 9
0:5.14.0-570.39.1.el9_6
fixed
kernel-64k-debug-modules
RHEL 9
0:5.14.0-570.39.1.el9_6
fixed
kernel-64k-debug-modules-core
RHEL 9
0:5.14.0-570.39.1.el9_6
fixed
kernel-64k-debug-modules-extra
RHEL 9
0:5.14.0-570.39.1.el9_6
fixed
kernel-64k-devel
RHEL 9
0:5.14.0-570.39.1.el9_6
fixed
kernel-64k-devel-matched
RHEL 9
0:5.14.0-570.39.1.el9_6
fixed
kernel-64k-modules
RHEL 9
0:5.14.0-570.39.1.el9_6
fixed
kernel-64k-modules-core
RHEL 9
0:5.14.0-570.39.1.el9_6
fixed
kernel-64k-modules-extra
RHEL 9
0:5.14.0-570.39.1.el9_6
fixed
kernel-abi-stablelists
RHEL 8
0:4.18.0-553.72.1.el8_10
fixed
RHEL 8.4 AUS
0:4.18.0-305.179.1.el8_4
fixed
RHEL 8.6 AUS
0:4.18.0-372.164.1.el8_6
fixed
RHEL 8.6 E4S
0:4.18.0-372.164.1.el8_6
fixed
RHEL 8.6 TUS
0:4.18.0-372.164.1.el8_6
fixed
RHEL 8.8 E4S
0:4.18.0-477.114.1.el8_8
fixed
RHEL 8.8 TUS
0:4.18.0-477.114.1.el8_8
fixed
RHEL 9
0:5.14.0-570.39.1.el9_6
fixed
kernel-abi-whitelists
RHEL 8.2 AUS
0:4.18.0-193.173.1.el8_2
fixed
kernel-core
RHEL 8
0:4.18.0-553.72.1.el8_10
fixed
RHEL 8.2 AUS
0:4.18.0-193.173.1.el8_2
fixed
RHEL 8.4 AUS
0:4.18.0-305.179.1.el8_4
fixed
RHEL 8.6 AUS
0:4.18.0-372.164.1.el8_6
fixed
RHEL 8.6 E4S
0:4.18.0-372.164.1.el8_6
fixed
RHEL 8.6 TUS
0:4.18.0-372.164.1.el8_6
fixed
RHEL 8.8 E4S
0:4.18.0-477.114.1.el8_8
fixed
RHEL 8.8 TUS
0:4.18.0-477.114.1.el8_8
fixed
RHEL 9
0:5.14.0-570.39.1.el9_6
fixed
kernel-debug
RHEL 8
0:4.18.0-553.72.1.el8_10
fixed
RHEL 8.2 AUS
0:4.18.0-193.173.1.el8_2
fixed
RHEL 8.4 AUS
0:4.18.0-305.179.1.el8_4
fixed
RHEL 8.6 AUS
0:4.18.0-372.164.1.el8_6
fixed
RHEL 8.6 E4S
0:4.18.0-372.164.1.el8_6
fixed
RHEL 8.6 TUS
0:4.18.0-372.164.1.el8_6
fixed
RHEL 8.8 E4S
0:4.18.0-477.114.1.el8_8
fixed
RHEL 8.8 TUS
0:4.18.0-477.114.1.el8_8
fixed
RHEL 9
0:5.14.0-570.39.1.el9_6
fixed
kernel-debug-core
RHEL 8
0:4.18.0-553.72.1.el8_10
fixed
RHEL 8.2 AUS
0:4.18.0-193.173.1.el8_2
fixed
RHEL 8.4 AUS
0:4.18.0-305.179.1.el8_4
fixed
RHEL 8.6 AUS
0:4.18.0-372.164.1.el8_6
fixed
RHEL 8.6 E4S
0:4.18.0-372.164.1.el8_6
fixed
RHEL 8.6 TUS
0:4.18.0-372.164.1.el8_6
fixed
RHEL 8.8 E4S
0:4.18.0-477.114.1.el8_8
fixed
RHEL 8.8 TUS
0:4.18.0-477.114.1.el8_8
fixed
RHEL 9
0:5.14.0-570.39.1.el9_6
fixed
kernel-debug-devel
RHEL 8
0:4.18.0-553.72.1.el8_10
fixed
RHEL 8.2 AUS
0:4.18.0-193.173.1.el8_2
fixed
RHEL 8.4 AUS
0:4.18.0-305.179.1.el8_4
fixed
RHEL 8.6 AUS
0:4.18.0-372.164.1.el8_6
fixed
RHEL 8.6 E4S
0:4.18.0-372.164.1.el8_6
fixed
RHEL 8.6 TUS
0:4.18.0-372.164.1.el8_6
fixed
RHEL 8.8 E4S
0:4.18.0-477.114.1.el8_8
fixed
RHEL 8.8 TUS
0:4.18.0-477.114.1.el8_8
fixed
RHEL 9
0:5.14.0-570.39.1.el9_6
fixed
kernel-debug-devel-matched
RHEL 9
0:5.14.0-570.39.1.el9_6
fixed
kernel-debug-modules
RHEL 8
0:4.18.0-553.72.1.el8_10
fixed
RHEL 8.2 AUS
0:4.18.0-193.173.1.el8_2
fixed
RHEL 8.4 AUS
0:4.18.0-305.179.1.el8_4
fixed
RHEL 8.6 AUS
0:4.18.0-372.164.1.el8_6
fixed
RHEL 8.6 E4S
0:4.18.0-372.164.1.el8_6
fixed
RHEL 8.6 TUS
0:4.18.0-372.164.1.el8_6
fixed
RHEL 8.8 E4S
0:4.18.0-477.114.1.el8_8
fixed
RHEL 8.8 TUS
0:4.18.0-477.114.1.el8_8
fixed
RHEL 9
0:5.14.0-570.39.1.el9_6
fixed
kernel-debug-modules-core
RHEL 9
0:5.14.0-570.39.1.el9_6
fixed
kernel-debug-modules-extra
RHEL 8
0:4.18.0-553.72.1.el8_10
fixed
RHEL 8.2 AUS
0:4.18.0-193.173.1.el8_2
fixed
RHEL 8.4 AUS
0:4.18.0-305.179.1.el8_4
fixed
RHEL 8.6 AUS
0:4.18.0-372.164.1.el8_6
fixed
RHEL 8.6 E4S
0:4.18.0-372.164.1.el8_6
fixed
RHEL 8.6 TUS
0:4.18.0-372.164.1.el8_6
fixed
RHEL 8.8 E4S
0:4.18.0-477.114.1.el8_8
fixed
RHEL 8.8 TUS
0:4.18.0-477.114.1.el8_8
fixed
RHEL 9
0:5.14.0-570.39.1.el9_6
fixed
kernel-debug-uki-virt
RHEL 9
0:5.14.0-570.39.1.el9_6
fixed
kernel-devel
RHEL 8
0:4.18.0-553.72.1.el8_10
fixed
RHEL 8.2 AUS
0:4.18.0-193.173.1.el8_2
fixed
RHEL 8.4 AUS
0:4.18.0-305.179.1.el8_4
fixed
RHEL 8.6 AUS
0:4.18.0-372.164.1.el8_6
fixed
RHEL 8.6 E4S
0:4.18.0-372.164.1.el8_6
fixed
RHEL 8.6 TUS
0:4.18.0-372.164.1.el8_6
fixed
RHEL 8.8 E4S
0:4.18.0-477.114.1.el8_8
fixed
RHEL 8.8 TUS
0:4.18.0-477.114.1.el8_8
fixed
RHEL 9
0:5.14.0-570.39.1.el9_6
fixed
kernel-devel-matched
RHEL 9
0:5.14.0-570.39.1.el9_6
fixed
kernel-doc
RHEL 8
0:4.18.0-553.72.1.el8_10
fixed
RHEL 8.2 AUS
0:4.18.0-193.173.1.el8_2
fixed
RHEL 8.4 AUS
0:4.18.0-305.179.1.el8_4
fixed
RHEL 8.6 AUS
0:4.18.0-372.164.1.el8_6
fixed
RHEL 8.6 E4S
0:4.18.0-372.164.1.el8_6
fixed
RHEL 8.6 TUS
0:4.18.0-372.164.1.el8_6
fixed
RHEL 8.8 E4S
0:4.18.0-477.114.1.el8_8
fixed
RHEL 8.8 TUS
0:4.18.0-477.114.1.el8_8
fixed
RHEL 9
0:5.14.0-570.39.1.el9_6
fixed
kernel-modules
RHEL 8
0:4.18.0-553.72.1.el8_10
fixed
RHEL 8.2 AUS
0:4.18.0-193.173.1.el8_2
fixed
RHEL 8.4 AUS
0:4.18.0-305.179.1.el8_4
fixed
RHEL 8.6 AUS
0:4.18.0-372.164.1.el8_6
fixed
RHEL 8.6 E4S
0:4.18.0-372.164.1.el8_6
fixed
RHEL 8.6 TUS
0:4.18.0-372.164.1.el8_6
fixed
RHEL 8.8 E4S
0:4.18.0-477.114.1.el8_8
fixed
RHEL 8.8 TUS
0:4.18.0-477.114.1.el8_8
fixed
RHEL 9
0:5.14.0-570.39.1.el9_6
fixed
kernel-modules-core
RHEL 9
0:5.14.0-570.39.1.el9_6
fixed
kernel-modules-extra
RHEL 8
0:4.18.0-553.72.1.el8_10
fixed
RHEL 8.2 AUS
0:4.18.0-193.173.1.el8_2
fixed
RHEL 8.4 AUS
0:4.18.0-305.179.1.el8_4
fixed
RHEL 8.6 AUS
0:4.18.0-372.164.1.el8_6
fixed
RHEL 8.6 E4S
0:4.18.0-372.164.1.el8_6
fixed
RHEL 8.6 TUS
0:4.18.0-372.164.1.el8_6
fixed
RHEL 8.8 E4S
0:4.18.0-477.114.1.el8_8
fixed
RHEL 8.8 TUS
0:4.18.0-477.114.1.el8_8
fixed
RHEL 9
0:5.14.0-570.39.1.el9_6
fixed
kernel-rt
RHEL 8
0:4.18.0-553.72.1.rt7.413.el8_10
fixed
RHEL 9
0:5.14.0-570.39.1.el9_6
fixed
kernel-rt-64k
RHEL 9
0:5.14.0-570.39.1.el9_6
fixed
kernel-rt-64k-core
RHEL 9
0:5.14.0-570.39.1.el9_6
fixed
kernel-rt-64k-debug
RHEL 9
0:5.14.0-570.39.1.el9_6
fixed
kernel-rt-64k-debug-core
RHEL 9
0:5.14.0-570.39.1.el9_6
fixed
kernel-rt-64k-debug-devel
RHEL 9
0:5.14.0-570.39.1.el9_6
fixed
kernel-rt-64k-debug-modules
RHEL 9
0:5.14.0-570.39.1.el9_6
fixed
kernel-rt-64k-debug-modules-core
RHEL 9
0:5.14.0-570.39.1.el9_6
fixed
kernel-rt-64k-debug-modules-extra
RHEL 9
0:5.14.0-570.39.1.el9_6
fixed
kernel-rt-64k-devel
RHEL 9
0:5.14.0-570.39.1.el9_6
fixed
kernel-rt-64k-modules
RHEL 9
0:5.14.0-570.39.1.el9_6
fixed
kernel-rt-64k-modules-core
RHEL 9
0:5.14.0-570.39.1.el9_6
fixed
kernel-rt-64k-modules-extra
RHEL 9
0:5.14.0-570.39.1.el9_6
fixed
kernel-rt-core
RHEL 8
0:4.18.0-553.72.1.rt7.413.el8_10
fixed
RHEL 9
0:5.14.0-570.39.1.el9_6
fixed
kernel-rt-debug
RHEL 8
0:4.18.0-553.72.1.rt7.413.el8_10
fixed
RHEL 9
0:5.14.0-570.39.1.el9_6
fixed
kernel-rt-debug-core
RHEL 8
0:4.18.0-553.72.1.rt7.413.el8_10
fixed
RHEL 9
0:5.14.0-570.39.1.el9_6
fixed
kernel-rt-debug-devel
RHEL 8
0:4.18.0-553.72.1.rt7.413.el8_10
fixed
RHEL 9
0:5.14.0-570.39.1.el9_6
fixed
kernel-rt-debug-kvm
RHEL 8
0:4.18.0-553.72.1.rt7.413.el8_10
fixed
RHEL 9
0:5.14.0-570.39.1.el9_6
fixed
kernel-rt-debug-modules
RHEL 8
0:4.18.0-553.72.1.rt7.413.el8_10
fixed
RHEL 9
0:5.14.0-570.39.1.el9_6
fixed
kernel-rt-debug-modules-core
RHEL 9
0:5.14.0-570.39.1.el9_6
fixed
kernel-rt-debug-modules-extra
RHEL 8
0:4.18.0-553.72.1.rt7.413.el8_10
fixed
RHEL 9
0:5.14.0-570.39.1.el9_6
fixed
kernel-rt-devel
RHEL 8
0:4.18.0-553.72.1.rt7.413.el8_10
fixed
RHEL 9
0:5.14.0-570.39.1.el9_6
fixed
kernel-rt-kvm
RHEL 8
0:4.18.0-553.72.1.rt7.413.el8_10
fixed
RHEL 9
0:5.14.0-570.39.1.el9_6
fixed
kernel-rt-modules
RHEL 8
0:4.18.0-553.72.1.rt7.413.el8_10
fixed
RHEL 9
0:5.14.0-570.39.1.el9_6
fixed
kernel-rt-modules-core
RHEL 9
0:5.14.0-570.39.1.el9_6
fixed
kernel-rt-modules-extra
RHEL 8
0:4.18.0-553.72.1.rt7.413.el8_10
fixed
RHEL 9
0:5.14.0-570.39.1.el9_6
fixed
kernel-tools
RHEL 8
0:4.18.0-553.72.1.el8_10
fixed
RHEL 8.2 AUS
0:4.18.0-193.173.1.el8_2
fixed
RHEL 8.4 AUS
0:4.18.0-305.179.1.el8_4
fixed
RHEL 8.6 AUS
0:4.18.0-372.164.1.el8_6
fixed
RHEL 8.6 E4S
0:4.18.0-372.164.1.el8_6
fixed
RHEL 8.6 TUS
0:4.18.0-372.164.1.el8_6
fixed
RHEL 8.8 E4S
0:4.18.0-477.114.1.el8_8
fixed
RHEL 8.8 TUS
0:4.18.0-477.114.1.el8_8
fixed
RHEL 9
0:5.14.0-570.39.1.el9_6
fixed
kernel-tools-libs
RHEL 8
0:4.18.0-553.72.1.el8_10
fixed
RHEL 8.2 AUS
0:4.18.0-193.173.1.el8_2
fixed
RHEL 8.4 AUS
0:4.18.0-305.179.1.el8_4
fixed
RHEL 8.6 AUS
0:4.18.0-372.164.1.el8_6
fixed
RHEL 8.6 E4S
0:4.18.0-372.164.1.el8_6
fixed
RHEL 8.6 TUS
0:4.18.0-372.164.1.el8_6
fixed
RHEL 8.8 E4S
0:4.18.0-477.114.1.el8_8
fixed
RHEL 8.8 TUS
0:4.18.0-477.114.1.el8_8
fixed
RHEL 9
0:5.14.0-570.39.1.el9_6
fixed
kernel-tools-libs-devel
RHEL 8
0:4.18.0-553.72.1.el8_10
fixed
RHEL 9
0:5.14.0-570.39.1.el9_6
fixed
kernel-uki-virt
RHEL 9
0:5.14.0-570.39.1.el9_6
fixed
kernel-uki-virt-addons
RHEL 9
0:5.14.0-570.39.1.el9_6
fixed
kernel-zfcpdump
RHEL 8
0:4.18.0-553.72.1.el8_10
fixed
RHEL 8.6 E4S
0:4.18.0-372.164.1.el8_6
fixed
RHEL 9
0:5.14.0-570.39.1.el9_6
fixed
kernel-zfcpdump-core
RHEL 8
0:4.18.0-553.72.1.el8_10
fixed
RHEL 8.6 E4S
0:4.18.0-372.164.1.el8_6
fixed
RHEL 9
0:5.14.0-570.39.1.el9_6
fixed
kernel-zfcpdump-devel
RHEL 8
0:4.18.0-553.72.1.el8_10
fixed
RHEL 8.6 E4S
0:4.18.0-372.164.1.el8_6
fixed
RHEL 9
0:5.14.0-570.39.1.el9_6
fixed
kernel-zfcpdump-devel-matched
RHEL 9
0:5.14.0-570.39.1.el9_6
fixed
kernel-zfcpdump-modules
RHEL 8
0:4.18.0-553.72.1.el8_10
fixed
RHEL 8.6 E4S
0:4.18.0-372.164.1.el8_6
fixed
RHEL 9
0:5.14.0-570.39.1.el9_6
fixed
kernel-zfcpdump-modules-core
RHEL 9
0:5.14.0-570.39.1.el9_6
fixed
kernel-zfcpdump-modules-extra
RHEL 8
0:4.18.0-553.72.1.el8_10
fixed
RHEL 8.6 E4S
0:4.18.0-372.164.1.el8_6
fixed
RHEL 9
0:5.14.0-570.39.1.el9_6
fixed
libperf
RHEL 9
0:5.14.0-570.39.1.el9_6
fixed
perf
RHEL 8
0:4.18.0-553.72.1.el8_10
fixed
RHEL 8.2 AUS
0:4.18.0-193.173.1.el8_2
fixed
RHEL 8.4 AUS
0:4.18.0-305.179.1.el8_4
fixed
RHEL 8.6 AUS
0:4.18.0-372.164.1.el8_6
fixed
RHEL 8.6 E4S
0:4.18.0-372.164.1.el8_6
fixed
RHEL 8.6 TUS
0:4.18.0-372.164.1.el8_6
fixed
RHEL 8.8 E4S
0:4.18.0-477.114.1.el8_8
fixed
RHEL 8.8 TUS
0:4.18.0-477.114.1.el8_8
fixed
RHEL 9
0:5.14.0-570.39.1.el9_6
fixed
python3-perf
RHEL 8
0:4.18.0-553.72.1.el8_10
fixed
RHEL 8.2 AUS
0:4.18.0-193.173.1.el8_2
fixed
RHEL 8.4 AUS
0:4.18.0-305.179.1.el8_4
fixed
RHEL 8.6 AUS
0:4.18.0-372.164.1.el8_6
fixed
RHEL 8.6 E4S
0:4.18.0-372.164.1.el8_6
fixed
RHEL 8.6 TUS
0:4.18.0-372.164.1.el8_6
fixed
RHEL 8.8 E4S
0:4.18.0-477.114.1.el8_8
fixed
RHEL 8.8 TUS
0:4.18.0-477.114.1.el8_8
fixed
RHEL 9
0:5.14.0-570.39.1.el9_6
fixed
rtla
RHEL 9
0:5.14.0-570.39.1.el9_6
fixed
rv
RHEL 9
0:5.14.0-570.39.1.el9_6
fixed
Common Weakness Enumeration
References
https://git.kernel.org/stable/c/013dcdf6f03bcedbaf1669e3db71c34a197715b2
https://git.kernel.org/stable/c/23a707bbcbea468eedb398832eeb7e8e0ceafd21
https://git.kernel.org/stable/c/3b4a50d733acad6831f6bd9288a76a80f70650ac
https://git.kernel.org/stable/c/6883b680e703c6b2efddb4e7a8d891ce1803d06b
https://git.kernel.org/stable/c/764c9f69beabef8bdc651a7746c59f7a340d104f
https://git.kernel.org/stable/c/78381dc8a6b61c9bb9987d37b4d671b99767c4a1
https://git.kernel.org/stable/c/bf7eff5e3a36c54bbe8aff7fd6dd7c07490b81c5
https://git.kernel.org/stable/c/fd960b5ddf4faf00da43babdd3acda68842e1f6a
https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html
https://lists.debian.org/debian-lts-announce/2025/10/msg00008.html