{"id":"ALSA-2025:12662","summary":"Important: kernel security update","details":"The kernel packages contain the Linux kernel, the core of any Linux operating system.  \n\nSecurity Fix(es):  \n\n  * kernel: padata: fix UAF in padata_reorder (CVE-2025-21727)\n  * kernel: HID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove() (CVE-2025-21928)\n  * kernel: HID: intel-ish-hid: Fix use-after-free issue in hid_ishtp_cl_remove() (CVE-2025-21929)\n  * kernel: memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove (CVE-2025-22020)\n  * kernel: ext4: avoid journaling sb update on error if journal is destroying (CVE-2025-22113)\n  * kernel: RDMA/core: Fix use-after-free when rename device name (CVE-2025-22085)\n  * kernel: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc (CVE-2025-37890)\n  * kernel: net/tipc: fix slab-use-after-free Read in tipc_aead_encrypt_done (CVE-2025-38052)\n  * kernel: net: ch9200: fix uninitialised access during mii_nway_restart (CVE-2025-38086)\n  * kernel: net/sched: fix use-after-free in taprio_dev_notifier (CVE-2025-38087)\n  * kernel: nvme-tcp: sanitize request list handling (CVE-2025-38264)\n\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n","modified":"2026-01-30T02:19:46.163663Z","published":"2025-08-04T00:00:00Z","related":["CVE-2025-21727","CVE-2025-21928","CVE-2025-21929","CVE-2025-22020","CVE-2025-22085","CVE-2025-22113","CVE-2025-37890","CVE-2025-38052","CVE-2025-38086","CVE-2025-38087","CVE-2025-38264"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:12662"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2025-21727"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2025-21928"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2025-21929"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2025-22020"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2025-22085"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2025-22113"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2025-37890"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2025-38052"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2025-38086"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2025-38087"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2025-38264"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2348516"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2356592"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2356594"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2360099"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2360212"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2360219"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2366848"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2373380"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2375305"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2375531"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2378996"},{"type":"ADVISORY","url":"https://errata.almalinux.org/10/ALSA-2025-12662.html"}],"affected":[{"package":{"name":"kernel-abi-stablelists","ecosystem":"AlmaLinux:10","purl":"pkg:rpm/almalinux/kernel-abi-stablelists"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"6.12.0-55.25.1.el10_0"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2025:12662.json"}},{"package":{"name":"kernel-doc","ecosystem":"AlmaLinux:10","purl":"pkg:rpm/almalinux/kernel-doc"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"6.12.0-55.25.1.el10_0"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2025:12662.json"}}],"schema_version":"1.7.3"}