ALSA-2025:14009

[ALSA-2025:14009] Important: kernel security update

Type:

security

Severity:

important

Release date:

2025-09-04

Description:

The kernel packages contain the Linux kernel, the core of any Linux operating system.  

Security Fix(es):  

  * kernel: bpf, test_run: Fix use-after-free issue in eth_skb_pkt_type() (CVE-2025-21867)
  * kernel: net: fix udp gso skb_segment after pull from frag_list (CVE-2025-38124)
  * kernel: Bluetooth: hci_core: Fix use-after-free in vhci_flush() (CVE-2025-38250)
  * kernel: i2c/designware: Fix an initialization issue (CVE-2025-38380)
  * kernel: tls: always refresh the queue when reading sock (CVE-2025-38471)


For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
noarch	kernel-abi-stablelists-6.12.0-55.28.1.el10_0.noarch.rpm	ac0c519e9bab316c7ceac464714318eb00c9538963640649bdd6d72510735270
noarch	kernel-doc-6.12.0-55.28.1.el10_0.noarch.rpm	e3470e5eeb7939be5ebf7f4aff9d34cb359b6b50c04b6a4bba3d5c6da2d2005f

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.