RLSA-2025:20095
Moderate: kernel security update
Copyright 2025 Rocky Enterprise Software Foundation
Rocky Linux 10.1
1
Moderate
An update is available for kernel.
This update affects Rocky Linux 10.
A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
* kernel: xen: Xen hypercall page unsafe against speculative attacks (Xen Security Advisory 466) (CVE-2024-53241)
* kernel: exfat: fix out-of-bounds access of directory entries (CVE-2024-53147)
* kernel: zram: fix NULL pointer in comp_algorithm_show() (CVE-2024-53222)
* kernel: nfsd: release svc_expkey/svc_export with rcu_work (CVE-2024-53216)
* kernel: acpi: nfit: vmalloc-out-of-bounds Read in acpi_nfit_ctl (CVE-2024-56662)
* kernel: bpf: Fix UAF via mismatching bpf_prog/attachment RCU flavors (CVE-2024-56675)
* kernel: crypto: pcrypt - Call crypto layer directly when padata_do_parallel() return -EBUSY (CVE-2024-56690)
* kernel: igb: Fix potential invalid memory access in igb_init_module() (CVE-2024-52332)
* kernel: af_packet: fix vlan_get_protocol_dgram() vs MSG_PEEK (CVE-2024-57901)
* kernel: af_packet: fix vlan_get_tci() vs MSG_PEEK (CVE-2024-57902)
* kernel: io_uring/sqpoll: zero sqd->thread on tctx errors (CVE-2025-21633)
* kernel: ipvlan: Fix use-after-free in ipvlan_get_iflink(). (CVE-2025-21652)
* kernel: sched: sch_cake: add bounds checks to host bulk flow fairness counts (CVE-2025-21647)
* kernel: io_uring/eventfd: ensure io_eventfd_signal() defers another RCU period (CVE-2025-21655)
* kernel: netfs: Fix the (non-)cancellation of copy when cache is temporarily disabled (CVE-2024-57941)
* kernel: netfs: Fix ceph copy to cache on write-begin (CVE-2024-57942)
* kernel: zram: fix potential UAF of zram table (CVE-2025-21671)
* kernel: pktgen: Avoid out-of-bounds access in get_imix_entries (CVE-2025-21680)
* kernel: mm: zswap: properly synchronize freeing resources during CPU hotunplug (CVE-2025-21693)
* kernel: cachestat: fix page cache statistics permission checking (CVE-2025-21691)
* kernel: mm: clear uffd-wp PTE/PMD state on mremap() (CVE-2025-21696)
* kernel: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (CVE-2025-21702)
* kernel: RDMA/mlx5: Fix a race for an ODP MR which leads to CQE with error (CVE-2025-21732)
* kernel: NFSD: fix hang in nfsd4_shutdown_callback (CVE-2025-21795)
* kernel: NFS: Fix potential buffer overflowin nfs_sysfs_link_rpc_client() (CVE-2024-54456)
* kernel: Bluetooth: btrtl: check for NULL in btrtl_setup_realtek() (CVE-2024-57987)
* kernel: wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy() (CVE-2024-58014)
* kernel: Bluetooth: btbcm: Fix NULL deref in btbcm_get_board_name() (CVE-2024-57988)
* kernel: drm/xe/tracing: Fix a potential TP_printk UAF (CVE-2024-49570)
* kernel: media: intel/ipu6: remove cpu latency qos request on error (CVE-2024-58004)
* kernel: usbnet: ipheth: use static NDP16 location in URB (CVE-2025-21742)
* kernel: usbnet: ipheth: fix possible overflow in DPE length check (CVE-2025-21743)
* kernel: wifi: mt76: mt7925: fix NULL deref check in mt7925_change_vif_links (CVE-2024-57989)
* kernel: wifi: ath12k: Fix for out-of bound access error (CVE-2024-58015)
* kernel: wifi: ath12k: fix read pointer after free in ath12k_mac_assign_vif_to_vdev() (CVE-2024-57995)
* kernel: nfsd: clear acl_access/acl_default after releasing them (CVE-2025-21796)
* kernel: workqueue: Put the pwq after detaching the rescuer from the pool (CVE-2025-21786)
* kernel: tpm: Change to kvalloc() in eventlog/acpi.c (CVE-2024-58005)
* kernel: Bluetooth: MGMT: Fix slab-use-after-free Read in mgmt_remove_adv_monitor_sync (CVE-2024-58013)
* kernel: ring-buffer: Validate the persistent meta data subbuf array (CVE-2025-21777)
* kernel: ata: libata-sff: Ensure that we cannot write outside the allocated buffer (CVE-2025-21738)
* kernel: HID: core: Fix assumption that Resolution Multipliers must be in Logical Collections (CVE-2024-57986)
* kernel: padata: avoid UAF for reorder_work (CVE-2025-21726)
* kernel: vrf: use RCU protection in l3mdev_l3_out() (CVE-2025-21791)
* kernel: HID: multitouch: Add NULL check in mt_input_configured (CVE-2024-58020)
* kernel: i3c: dw: Fix use-after-free in dw_i3c_master driver due to race condition (CVE-2024-57984)
* kernel: openvswitch: use RCU protection in ovs_vport_cmd_fill_info() (CVE-2025-21761)
* kernel: sched_ext: Fix incorrect autogroup migration detection (CVE-2025-21771)
* kernel: usb: xhci: Fix NULL pointer dereference on certain command aborts (CVE-2024-57981)
* kernel: memcg: fix soft lockup in the OOM process (CVE-2024-57977)
* kernel: vxlan: check vxlan_vnigroup_init() return value (CVE-2025-21790)
* kernel: usbnet: ipheth: fix DPE OoB read (CVE-2025-21741)
* kernel: arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array (CVE-2025-21785)
* kernel: ipv6: use RCU protection in ip6_default_advmss() (CVE-2025-21765)
* kernel: PCI: dwc: ep: Prevent changing BAR size/flags in pci_epc_set_bar() (CVE-2024-58006)
* kernel: ASoC: SOF: Intel: hda-dai: Ensure DAI widget is valid during params (CVE-2024-58012)
* kernel: wifi: brcmfmac: Check the return value of of_property_read_string_index() (CVE-2025-21750)
* kernel: wifi: rtlwifi: remove unused check_buddy_priv (CVE-2024-58072)
* kernel: rtc: pcf85063: fix potential OOB write in PCF85063 NVMEM read (CVE-2024-58069)
* kernel: wifi: mac80211: prohibit deactivating all links (CVE-2024-58061)
* kernel: idpf: convert workqueues to unbound (CVE-2024-58057)
* kernel: wifi: mac80211: don't flush non-uploaded STAs (CVE-2025-21828)
* kernel: netfilter: nf_tables: reject mismatching sum of field_len with set key length (CVE-2025-21826)
* kernel: ASoC: soc-pcm: don't use soc_pcm_ret() on .prepare callback (CVE-2024-58077)
* kernel: crypto: tegra - do not transfer req when tegra init fails (CVE-2024-58075)
* kernel: io_uring/uring_cmd: unconditionally copy SQEs at prep time (CVE-2025-21837)
* kernel: information leak via transient execution vulnerability in some AMD processors (CVE-2024-36350)
* kernel: transient execution vulnerability in some AMD processors (CVE-2024-36357)
* kernel: net/sched: cls_api: fix error handling causing NULL dereference (CVE-2025-21857)
* kernel: bpf: Fix softlockup in arena_map_free on 64k page kernel (CVE-2025-21851)
* kernel: ibmvnic: Don't reference skb after sending to VIOS (CVE-2025-21855)
* kernel: smb: client: Add check for next_buffer in receive_encrypted_standard() (CVE-2025-21844)
* kernel: bpf: avoid holding freeze_mutex during mmap operation (CVE-2025-21853)
* kernel: ASoC: SOF: stream-ipc: Check for cstream nullity in sof_ipc_msg_data() (CVE-2025-21847)
* kernel: tcp: drop secpath at the same time as we currently drop dst (CVE-2025-21864)
* kernel: bpf: Fix deadlock when freeing cgroup storage (CVE-2024-58088)
* kernel: acct: perform last write from workqueue (CVE-2025-21846)
* kernel: mm/migrate_device: don't add folio to be freed to LRU in migrate_device_finalize() (CVE-2025-21861)
* kernel: io_uring: prevent opcode speculation (CVE-2025-21863)
* kernel: fbdev: hyperv_fb: Allow graceful removal of framebuffer (CVE-2025-21976)
* kernel: netfilter: nft_tunnel: fix geneve_opt type confusion addition (CVE-2025-22056)
* kernel: net: ppp: Add bound checking for skb data on ppp_sync_txmung (CVE-2025-37749)
* microcode_ctl: From CVEorg collector (CVE-2024-28956)
* kernel: usb: typec: ucsi: displayport: Fix NULL pointer access (CVE-2025-37994)
* kernel: wifi: ath12k: fix uaf in ath12k_core_init() (CVE-2025-38116)
* kernel: platform/x86: dell-wmi-sysman: Fix WMI data block retrieval in sysfs callbacks (CVE-2025-38412)
* kernel: dmaengine: idxd: Check availability of workqueue allocated by idxd wq driver before using (CVE-2025-38369)
* kernel: net/sched: Return NULL when htb_lookup_leaf encounters an empty rbtree (CVE-2025-38468)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Rocky Linux 10 Release Notes linked from the References section.
rocky-linux-10-x86-64-baseos-rpms
kernel-6.12.0-124.8.1.el10_1.x86_64.rpm
f990c2dca983f90c79190f85b2b928f18a918a36339400b8b14041806c191282
kernel-abi-stablelists-6.12.0-124.8.1.el10_1.noarch.rpm
cf2f27485a692bfdcd43874fea44bab7e5b99670b75801c3af24937fae25e5a1
kernel-core-6.12.0-124.8.1.el10_1.x86_64.rpm
5615c4901c36f630952d003f5f6d679ad4ed6219dda582dfd10de81edc3889d0
kernel-debug-6.12.0-124.8.1.el10_1.x86_64.rpm
171a8040d4d730562cb54eb34dd3363ecc0010d47ece9ebcfc0cd2efbab20df6
kernel-debug-core-6.12.0-124.8.1.el10_1.x86_64.rpm
e660702c4cb9d857f3f98a1c1d50390e66c765d20436f023a47a47df533b3443
kernel-debuginfo-common-x86_64-6.12.0-124.8.1.el10_1.x86_64.rpm
a1135a260b0a76391c3b35bf8cb3e8772b01e3626797a6acf83afd91015b8c89
kernel-debug-modules-6.12.0-124.8.1.el10_1.x86_64.rpm
117614e654d40424964345355419ca89cbbcaf05400bd366ed298ecb8dde8f1c
kernel-debug-modules-core-6.12.0-124.8.1.el10_1.x86_64.rpm
7283b4e28bc62c5bac8a90eb88dd5ef3ea319ea7f78115bd4b65fcb29d74354b
kernel-debug-modules-extra-6.12.0-124.8.1.el10_1.x86_64.rpm
a2ccc683b1d4cad5d922e9bd35388b2d95a54f16b3da7dceea09767579037da1
kernel-debug-uki-virt-6.12.0-124.8.1.el10_1.x86_64.rpm
535194ddbfb9332ffe5937b16b78616ca3bb502b98bd3f17447666d5c654fd04
kernel-modules-6.12.0-124.8.1.el10_1.x86_64.rpm
0c0004ea4a5db36b79a9feabd78655ccc6a4022e52466b83364f966627d6b584
kernel-modules-core-6.12.0-124.8.1.el10_1.x86_64.rpm
a8ef4fe4f92533c3856c1d740d13c9b769d45d3834b73eb5b6bce06a27869e42
kernel-modules-extra-6.12.0-124.8.1.el10_1.x86_64.rpm
fe8dc30f4b3d720049bac641f2214a61eb57d7ede1ca86a33db6c7b79b69aa5a
kernel-modules-extra-matched-6.12.0-124.8.1.el10_1.x86_64.rpm
58a8daba528f0339fa88d7d27e177f2eed2fb6c962f33c8e023a0e3ad14e527d
kernel-tools-6.12.0-124.8.1.el10_1.x86_64.rpm
e82ca4e86c354486ff75811b57bc9883e0bb974d666c9ab3a357f999a64dd1e3
kernel-tools-libs-6.12.0-124.8.1.el10_1.x86_64.rpm
30fdf8c1e249d1a29fbef1accf6ed8676e26dfe942b08b0b1037e32207a1e631
kernel-uki-virt-6.12.0-124.8.1.el10_1.x86_64.rpm
ac5b1360f99a05c4ff2a1c077696c2550de69d9f5a147b86a4ac2679604d7fd6
kernel-uki-virt-addons-6.12.0-124.8.1.el10_1.x86_64.rpm
41c4a70ab1de39048c1886d8729d00794a2d0f2cf6efe6b3fb5dea0b3ce53556
RLSA-2025:21248
Moderate: openssl security update
Copyright 2025 Rocky Enterprise Software Foundation
Rocky Linux 10.1
1
Moderate
An update is available for openssl.
This update affects Rocky Linux 10.
A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.
Security Fix(es):
* openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap (CVE-2025-9230)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
rocky-linux-10-x86-64-baseos-rpms
openssl-3.5.1-4.el10_1.x86_64.rpm
8af0e247976b2a47ed7dd987622134e2828f5b44d899cf497f7501326dadef1a
openssl-libs-3.5.1-4.el10_1.x86_64.rpm
2c35528699551a907f1a722afe7b83c65ca17e1b0036ead629c863901b4edd49
RLSA-2025:21020
Important: sssd security update
Copyright 2025 Rocky Enterprise Software Foundation
Rocky Linux 10.1
1
Important
An update is available for sssd.
This update affects Rocky Linux 10.
A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list
The System Security Services Daemon (SSSD) service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch (NSS) and the Pluggable Authentication Modules (PAM) interfaces toward the system, and a pluggable back-end system to connect to multiple different account sources.
Security Fix(es):
* sssd: SSSD default Kerberos configuration allows privilege escalation on AD-joined Linux systems (CVE-2025-11561)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
rocky-linux-10-x86-64-baseos-rpms
libipa_hbac-2.11.1-2.el10_1.1.x86_64.rpm
bad001a146f46c9dc8fe08f10792926a1e21b1d32c7e996ceeafa6f92847852e
libsss_autofs-2.11.1-2.el10_1.1.x86_64.rpm
2ec7e9a487815c69574d06cf2ee07b19f4fa191c094ed19997b421c434815dde
libsss_certmap-2.11.1-2.el10_1.1.x86_64.rpm
54eac306740f3c78836c127e86fa555d35b489f2b76c45c9679ce4f9267d4989
libsss_idmap-2.11.1-2.el10_1.1.x86_64.rpm
f8d94fb2d62bd3001a2046f82e8f005c533a86f74b75af4ad527bbe5be5e6003
libsss_nss_idmap-2.11.1-2.el10_1.1.x86_64.rpm
04d33462dd10d608a88cc43c37eefc3d5f379b4ef7d974fae11a6305c0cf4c05
libsss_sudo-2.11.1-2.el10_1.1.x86_64.rpm
37542fb9b44177f308ab3fb81ba50a02b69ed545076bf874dc195561ce15e444
python3-libipa_hbac-2.11.1-2.el10_1.1.x86_64.rpm
bf2426a3db93e0f42bcee926799138f821110cc4d8edf8a8b0274b593ab49da7
python3-libsss_nss_idmap-2.11.1-2.el10_1.1.x86_64.rpm
20e8c6b131f9167a69e170129ef17aca288a6c55452f2888c1e5092efb89c64a
python3-sss-2.11.1-2.el10_1.1.x86_64.rpm
151dd9683e8d4a72d5465ace307186c0a341123caf70a2c9ec644eb538afd148
python3-sssdconfig-2.11.1-2.el10_1.1.noarch.rpm
036504dffa0918523b3b78d455c0d71feed0cdb451db730df99b6355a3b0c825
python3-sss-murmur-2.11.1-2.el10_1.1.x86_64.rpm
556d1171a17888ee476be668912994cb3b814707b9debc5f4841cd877873b932
sssd-2.11.1-2.el10_1.1.x86_64.rpm
32ca5cf0b49d9b039442b15112407cfa31a256783f6edbb0e8e86e864b8e480d
sssd-ad-2.11.1-2.el10_1.1.x86_64.rpm
9f364b807b641ed843dd09bc94c3b3aadb53022301741c15c73c7425aaecc1e8
sssd-client-2.11.1-2.el10_1.1.x86_64.rpm
3da0afdb004952939789b2210e748427314fc81317e5635d170350e447b644fa
sssd-common-2.11.1-2.el10_1.1.x86_64.rpm
6d44acd9118801009c5c8518e3d4c7c6d803e95c6df7c327d07077e91846f67d
sssd-common-pac-2.11.1-2.el10_1.1.x86_64.rpm
f369f2c8a9615cc10ee483cfae94a7303552ddf994ccb8e31cdb398e971d7858
sssd-dbus-2.11.1-2.el10_1.1.x86_64.rpm
e08ef54e631b00dfa2df1da0b9829b2292a5bacae488999fefbb25fadf99fce6
sssd-ipa-2.11.1-2.el10_1.1.x86_64.rpm
fb92e039ddaf20794ab899b6548cba92ad8ddf780cd2cc6e3b9d6442350b2146
sssd-kcm-2.11.1-2.el10_1.1.x86_64.rpm
5e9173ba3870ba74df9882d25d5bfb0de981abb0729be856250e1ae1ca8f4fb0
sssd-krb5-2.11.1-2.el10_1.1.x86_64.rpm
477de127d125bb4c3837aa7d98d9df1e9b49b12914b3230c92e6a014f3bebc7f
sssd-krb5-common-2.11.1-2.el10_1.1.x86_64.rpm
f602fa53e2d3a4b6a2cb9d601b083d78d52c888ce712be1e52e441c398eb3d05
sssd-ldap-2.11.1-2.el10_1.1.x86_64.rpm
74e7662fe637e4793fa40a66046234fcddb8887a1bf2e2595526899d4202c12e
sssd-nfs-idmap-2.11.1-2.el10_1.1.x86_64.rpm
ee908eb3aa05068d151c0354ea67fe3b78a6a52d23d653167bc2a573ab6f466c
sssd-passkey-2.11.1-2.el10_1.1.x86_64.rpm
c7b90178c33b98029e1932b5d6607e87b1955e8e0876be4b56e27beb29066db6
sssd-proxy-2.11.1-2.el10_1.1.x86_64.rpm
f468f2c7e8a5c91374d378eb0c0d3e1b5bcb8434e0edd4681dcf21305e257ab8
sssd-tools-2.11.1-2.el10_1.1.x86_64.rpm
a526fd4ab76319a529be5bba801ac0cee6023676586c7da8efed17ee5b13f7e4
sssd-winbind-idmap-2.11.1-2.el10_1.1.x86_64.rpm
f801e7133fce40a14849206d73aedb527048d7f093dd6736d40e563525f7340f
RLSA-2025:21038
Important: kea security update
Copyright 2025 Rocky Enterprise Software Foundation
Rocky Linux 10.1
1
Important
An update is available for kea.
This update affects Rocky Linux 10.
A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list
DHCP implementation from Internet Systems Consortium, Inc. that features fully functional DHCPv4, DHCPv6 and Dynamic DNS servers. Both DHCP servers fully support server discovery, address assignment, renewal, rebinding and release. The DHCPv6 server supports prefix delegation. Both servers support DNS Update mechanism, using stand-alone DDNS daemon.
Security Fix(es):
* kea: Invalid characters cause assert (CVE-2025-11232)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
rocky-linux-10-x86-64-baseos-rpms
kea-3.0.1-2.el10_1.x86_64.rpm
b5f4e651c4525c608aae80acc54d49f46370ead7f521035d1ddce8b30f8a9ac9
kea-libs-3.0.1-2.el10_1.x86_64.rpm
80fd323f41516ab4e4dc0941e4f57d782fa8b0bddbf30073fa63f43684b9244a