Vulnerability-Lookup

RHSA-2025:22800

Vulnerability from csaf_redhat - Published: 2025-12-08 03:01 - Updated: 2026-03-25 06:06

Summary

Red Hat Security Advisory: kernel-rt security update

Severity

Moderate

Notes

Topic: An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Details: The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es): * kernel: mm: kmem: fix a NULL pointer dereference in obj_stock_flush_required() (CVE-2023-53401) * kernel: RDMA/rxe: Fix incomplete state save in rxe_requester (CVE-2023-53539) * kernel: RDMA/rxe: Fix mr->map double free (CVE-2022-50543) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

CVE-2022-50543

A double-free vulnerability was found in the Linux kernel RDMA RXE (soft-RoCE) driver's memory region handling. A local user with access to RDMA userspace verbs can register a memory region with parameters that cause initialization to fail, triggering error handling code that frees the mr->map structure twice, which leads to memory corruption and can result in denial of service via kernel crash or potentially privilege escalation through heap manipulation.

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-1341 - Multiple Releases of Same Resource or Handle

Vendor Fix For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. https://access.redhat.com/errata/RHSA-2025:22800

Workaround To mitigate this issue, prevent the rdma_rxe module from loading. See https://access.redhat.com/solutions/41278 for instructions on blacklisting kernel modules.

CVE-2023-53401

A null pointer dereference exists in the linux kernel such that in obj_stock_flush_required():stock->cached_objcg can be reset between the check and dereference, resulting in damage to the availability of the system.

7.3 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Workaround Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.

CVE-2023-53539

An incorrect state restoration flaw was found in the Linux kernel's RDMA rxe (soft-RoCE) driver in the requester packet transmission logic. A local user with access to RDMA devices can trigger this issue when network layer packet drops occur during RDMA send operations, causing the work queue element state to be incompletely saved and restored. This results in data corruption in resent packets, leading to denial of service or potential data integrity issues.

7.0 (High)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Workaround To mitigate this issue, prevent the rdma_rxe module from being loaded. See https://access.redhat.com/solutions/41278 for instructions on blacklisting kernel modules.

References

URL

Category

	https://access.redhat.com/errata/RHSA-2025:22800	self
	https://access.redhat.com/security/updates/classi…	external
	https://bugzilla.redhat.com/show_bug.cgi?id=2396417	external
	https://bugzilla.redhat.com/show_bug.cgi?id=2401510	external
	https://bugzilla.redhat.com/show_bug.cgi?id=2402222	external
	https://security.access.redhat.com/data/csaf/v2/a…	self
	https://access.redhat.com/security/cve/CVE-2022-50543	self
	https://bugzilla.redhat.com/show_bug.cgi?id=2402222	external
	https://www.cve.org/CVERecord?id=CVE-2022-50543	external
	https://nvd.nist.gov/vuln/detail/CVE-2022-50543	external
	https://lore.kernel.org/linux-cve-announce/202510…	external
	https://access.redhat.com/security/cve/CVE-2023-53401	self
	https://bugzilla.redhat.com/show_bug.cgi?id=2396417	external
	https://www.cve.org/CVERecord?id=CVE-2023-53401	external
	https://nvd.nist.gov/vuln/detail/CVE-2023-53401	external
	https://lore.kernel.org/linux-cve-announce/202509…	external
	https://access.redhat.com/security/cve/CVE-2023-53539	self
	https://bugzilla.redhat.com/show_bug.cgi?id=2401510	external
	https://www.cve.org/CVERecord?id=CVE-2023-53539	external
	https://nvd.nist.gov/vuln/detail/CVE-2023-53539	external
	https://lore.kernel.org/linux-cve-announce/202510…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update for kernel-rt is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es):\n\n* kernel: mm: kmem: fix a NULL pointer dereference in obj_stock_flush_required() (CVE-2023-53401)\n\n* kernel: RDMA/rxe: Fix incomplete state save in rxe_requester (CVE-2023-53539)\n\n* kernel: RDMA/rxe: Fix mr-\u003emap double free (CVE-2022-50543)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2025:22800",
        "url": "https://access.redhat.com/errata/RHSA-2025:22800"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#moderate",
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "category": "external",
        "summary": "2396417",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2396417"
      },
      {
        "category": "external",
        "summary": "2401510",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2401510"
      },
      {
        "category": "external",
        "summary": "2402222",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2402222"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_22800.json"
      }
    ],
    "title": "Red Hat Security Advisory: kernel-rt security update",
    "tracking": {
      "current_release_date": "2026-03-25T06:06:16+00:00",
      "generator": {
        "date": "2026-03-25T06:06:16+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.7.3"
        }
      },
      "id": "RHSA-2025:22800",
      "initial_release_date": "2025-12-08T03:01:46+00:00",
      "revision_history": [
        {
          "date": "2025-12-08T03:01:46+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2025-12-08T03:01:46+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-03-25T06:06:16+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux NFV (v. 8)",
                "product": {
                  "name": "Red Hat Enterprise Linux NFV (v. 8)",
                  "product_id": "NFV-8.10.0.Z.MAIN.EUS",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:enterprise_linux:8::nfv"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux RT (v. 8)",
                "product": {
                  "name": "Red Hat Enterprise Linux RT (v. 8)",
                  "product_id": "RT-8.10.0.Z.MAIN.EUS",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:enterprise_linux:8::realtime"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-rt-0:4.18.0-553.89.1.rt7.430.el8_10.src",
                "product": {
                  "name": "kernel-rt-0:4.18.0-553.89.1.rt7.430.el8_10.src",
                  "product_id": "kernel-rt-0:4.18.0-553.89.1.rt7.430.el8_10.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt@4.18.0-553.89.1.rt7.430.el8_10?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-rt-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
                "product": {
                  "name": "kernel-rt-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
                  "product_id": "kernel-rt-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt@4.18.0-553.89.1.rt7.430.el8_10?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-core-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
                "product": {
                  "name": "kernel-rt-core-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
                  "product_id": "kernel-rt-core-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-core@4.18.0-553.89.1.rt7.430.el8_10?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debug-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
                "product": {
                  "name": "kernel-rt-debug-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
                  "product_id": "kernel-rt-debug-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debug@4.18.0-553.89.1.rt7.430.el8_10?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debug-core-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
                "product": {
                  "name": "kernel-rt-debug-core-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
                  "product_id": "kernel-rt-debug-core-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debug-core@4.18.0-553.89.1.rt7.430.el8_10?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debug-devel-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
                "product": {
                  "name": "kernel-rt-debug-devel-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
                  "product_id": "kernel-rt-debug-devel-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debug-devel@4.18.0-553.89.1.rt7.430.el8_10?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debug-kvm-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
                "product": {
                  "name": "kernel-rt-debug-kvm-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
                  "product_id": "kernel-rt-debug-kvm-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debug-kvm@4.18.0-553.89.1.rt7.430.el8_10?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debug-modules-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
                "product": {
                  "name": "kernel-rt-debug-modules-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
                  "product_id": "kernel-rt-debug-modules-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debug-modules@4.18.0-553.89.1.rt7.430.el8_10?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debug-modules-extra-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
                "product": {
                  "name": "kernel-rt-debug-modules-extra-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
                  "product_id": "kernel-rt-debug-modules-extra-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debug-modules-extra@4.18.0-553.89.1.rt7.430.el8_10?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-devel-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
                "product": {
                  "name": "kernel-rt-devel-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
                  "product_id": "kernel-rt-devel-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-devel@4.18.0-553.89.1.rt7.430.el8_10?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-kvm-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
                "product": {
                  "name": "kernel-rt-kvm-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
                  "product_id": "kernel-rt-kvm-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-kvm@4.18.0-553.89.1.rt7.430.el8_10?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-modules-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
                "product": {
                  "name": "kernel-rt-modules-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
                  "product_id": "kernel-rt-modules-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-modules@4.18.0-553.89.1.rt7.430.el8_10?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-modules-extra-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
                "product": {
                  "name": "kernel-rt-modules-extra-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
                  "product_id": "kernel-rt-modules-extra-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-modules-extra@4.18.0-553.89.1.rt7.430.el8_10?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debug-debuginfo-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
                "product": {
                  "name": "kernel-rt-debug-debuginfo-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
                  "product_id": "kernel-rt-debug-debuginfo-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@4.18.0-553.89.1.rt7.430.el8_10?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debuginfo-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
                "product": {
                  "name": "kernel-rt-debuginfo-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
                  "product_id": "kernel-rt-debuginfo-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debuginfo@4.18.0-553.89.1.rt7.430.el8_10?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
                "product": {
                  "name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
                  "product_id": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common-x86_64@4.18.0-553.89.1.rt7.430.el8_10?arch=x86_64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-0:4.18.0-553.89.1.rt7.430.el8_10.src as a component of Red Hat Enterprise Linux NFV (v. 8)",
          "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.89.1.rt7.430.el8_10.src"
        },
        "product_reference": "kernel-rt-0:4.18.0-553.89.1.rt7.430.el8_10.src",
        "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
          "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
        "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-core-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
          "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-core-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
        "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
          "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-debug-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
        "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-core-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
          "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-debug-core-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
        "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-debuginfo-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
          "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-debug-debuginfo-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
        "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-devel-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
          "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-debug-devel-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
        "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-kvm-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
          "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-debug-kvm-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
        "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-modules-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
          "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-debug-modules-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
        "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-modules-extra-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
          "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-debug-modules-extra-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
        "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debuginfo-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
          "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-debuginfo-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
        "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
          "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
        "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-devel-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
          "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-devel-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
        "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-kvm-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
          "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-kvm-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
        "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-modules-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
          "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-modules-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
        "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-modules-extra-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64 as a component of Red Hat Enterprise Linux NFV (v. 8)",
          "product_id": "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-modules-extra-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
        "relates_to_product_reference": "NFV-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-0:4.18.0-553.89.1.rt7.430.el8_10.src as a component of Red Hat Enterprise Linux RT (v. 8)",
          "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.89.1.rt7.430.el8_10.src"
        },
        "product_reference": "kernel-rt-0:4.18.0-553.89.1.rt7.430.el8_10.src",
        "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
          "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
        "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-core-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
          "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-core-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
        "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
          "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-debug-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
        "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-core-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
          "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-debug-core-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
        "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-debuginfo-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
          "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-debug-debuginfo-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
        "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-devel-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
          "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-debug-devel-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
        "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-kvm-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
          "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-debug-kvm-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
        "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-modules-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
          "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-debug-modules-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
        "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-modules-extra-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
          "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-debug-modules-extra-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
        "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debuginfo-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
          "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-debuginfo-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
        "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
          "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
        "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-devel-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
          "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-devel-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
        "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-kvm-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
          "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-kvm-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
        "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-modules-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
          "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-modules-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
        "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-modules-extra-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64 as a component of Red Hat Enterprise Linux RT (v. 8)",
          "product_id": "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64"
        },
        "product_reference": "kernel-rt-modules-extra-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
        "relates_to_product_reference": "RT-8.10.0.Z.MAIN.EUS"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2022-50543",
      "cwe": {
        "id": "CWE-1341",
        "name": "Multiple Releases of Same Resource or Handle"
      },
      "discovery_date": "2025-10-07T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2402222"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A double-free vulnerability was found in the Linux kernel RDMA RXE (soft-RoCE) driver\u0027s memory region handling. A local user with access to RDMA userspace verbs can register a memory region with parameters that cause initialization to fail, triggering error handling code that frees the mr-\u003emap structure twice, which leads to memory corruption and can result in denial of service via kernel crash or potentially privilege escalation through heap manipulation.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: RDMA/rxe: Fix mr-\u003emap double free",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The issue arises because of incorrect error handling in the memory region registration path. When rxe_reg_user_mr() calls rxe_mr_init_user() and initialization fails, the error path frees the mr-\u003emap structure. However, the cleanup then calls rxe_mr_cleanup() through __rxe_cleanup(), which attempts to free mr-\u003emap again, resulting in a double-free. This vulnerability was introduced when a previous fix for duplicate mapping tables was reverted, inadvertently reintroducing the double-free condition. Under normal circumstances, a local user with permissions to use RDMA verbs (typically requiring membership in the rdma group or CAP_IPC_LOCK capability) can trigger this by registering user memory regions with specific parameters that cause initialization failure. Double-free vulnerabilities are well-known memory corruption primitives; while direct exploitation for privilege escalation requires understanding kernel heap layout, they provide attackers with a foundation for more sophisticated attacks beyond simple denial of service.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.89.1.rt7.430.el8_10.src",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.89.1.rt7.430.el8_10.src",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-50543"
        },
        {
          "category": "external",
          "summary": "RHBZ#2402222",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2402222"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-50543",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-50543"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-50543",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-50543"
        },
        {
          "category": "external",
          "summary": "https://lore.kernel.org/linux-cve-announce/2025100756-CVE-2022-50543-597d@gregkh/T",
          "url": "https://lore.kernel.org/linux-cve-announce/2025100756-CVE-2022-50543-597d@gregkh/T"
        }
      ],
      "release_date": "2025-10-07T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-12-08T03:01:46+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
          "product_ids": [
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.89.1.rt7.430.el8_10.src",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.89.1.rt7.430.el8_10.src",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:22800"
        },
        {
          "category": "workaround",
          "details": "To mitigate this issue, prevent the rdma_rxe module from loading. See https://access.redhat.com/solutions/41278 for instructions on blacklisting kernel modules.",
          "product_ids": [
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.89.1.rt7.430.el8_10.src",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.89.1.rt7.430.el8_10.src",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.89.1.rt7.430.el8_10.src",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.89.1.rt7.430.el8_10.src",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "kernel: RDMA/rxe: Fix mr-\u003emap double free"
    },
    {
      "cve": "CVE-2023-53401",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "discovery_date": "2025-09-18T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2396417"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A null pointer dereference exists in the linux kernel such that in obj_stock_flush_required():stock-\u003ecached_objcg can be reset between the check and dereference, resulting in damage to the availability of the system.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: mm: kmem: fix a NULL pointer dereference in obj_stock_flush_required()",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "A race in the memcg/objcg accounting allowed stock-\u003ecached_objcg to change between check and use, leading to a NULL pointer dereference and kernel crash under concurrency. The fix uses READ_ONCE/WRITE_ONCE for all accesses to cached_objcg, eliminating the data race observed by KCSAN. Impact is a local kernel DoS",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.89.1.rt7.430.el8_10.src",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.89.1.rt7.430.el8_10.src",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-53401"
        },
        {
          "category": "external",
          "summary": "RHBZ#2396417",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2396417"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-53401",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-53401"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-53401",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53401"
        },
        {
          "category": "external",
          "summary": "https://lore.kernel.org/linux-cve-announce/2025091800-CVE-2023-53401-b668@gregkh/T",
          "url": "https://lore.kernel.org/linux-cve-announce/2025091800-CVE-2023-53401-b668@gregkh/T"
        }
      ],
      "release_date": "2025-09-18T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-12-08T03:01:46+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
          "product_ids": [
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.89.1.rt7.430.el8_10.src",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.89.1.rt7.430.el8_10.src",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:22800"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.89.1.rt7.430.el8_10.src",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.89.1.rt7.430.el8_10.src",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.89.1.rt7.430.el8_10.src",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.89.1.rt7.430.el8_10.src",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "kernel: mm: kmem: fix a NULL pointer dereference in obj_stock_flush_required()"
    },
    {
      "cve": "CVE-2023-53539",
      "discovery_date": "2025-10-04T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2401510"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "An incorrect state restoration flaw was found in the Linux kernel\u0027s RDMA rxe (soft-RoCE) driver in the requester packet transmission logic. \nA local user with access to RDMA devices can trigger this issue when network layer packet drops occur during RDMA send operations, causing the work queue element state to be incompletely saved and restored. This results in data corruption in resent packets, leading to denial of service or potential data integrity issues.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: RDMA/rxe: Fix incomplete state save in rxe_requester",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The vulnerability occurs when rxe_requester attempts to retransmit a packet after receiving -EAGAIN from the IP layer. The code saves work queue element state to enable retransmission, but fails to preserve the DMA structure that tracks scatter-gather list processing. Additionally, the state snapshot happens after packet construction has already modified the DMA fields. When heavy network stress causes packet drops\u2014particularly when a fast sender communicates with a slow receiver across multiple queue pairs\u2014the incomplete restoration causes retransmitted packets to carry corrupted payload data.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.89.1.rt7.430.el8_10.src",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.89.1.rt7.430.el8_10.src",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
          "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-53539"
        },
        {
          "category": "external",
          "summary": "RHBZ#2401510",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2401510"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-53539",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-53539"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-53539",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53539"
        },
        {
          "category": "external",
          "summary": "https://lore.kernel.org/linux-cve-announce/2025100443-CVE-2023-53539-4411@gregkh/T",
          "url": "https://lore.kernel.org/linux-cve-announce/2025100443-CVE-2023-53539-4411@gregkh/T"
        }
      ],
      "release_date": "2025-10-04T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-12-08T03:01:46+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
          "product_ids": [
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.89.1.rt7.430.el8_10.src",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.89.1.rt7.430.el8_10.src",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:22800"
        },
        {
          "category": "workaround",
          "details": "To mitigate this issue, prevent the rdma_rxe module from being loaded. See https://access.redhat.com/solutions/41278 for instructions on blacklisting kernel modules.",
          "product_ids": [
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.89.1.rt7.430.el8_10.src",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.89.1.rt7.430.el8_10.src",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.89.1.rt7.430.el8_10.src",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "NFV-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.89.1.rt7.430.el8_10.src",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64",
            "RT-8.10.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-553.89.1.rt7.430.el8_10.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "kernel: RDMA/rxe: Fix incomplete state save in rxe_requester"
    }
  ]
}

CVE-2022-50543 (GCVE-0-2022-50543)

Vulnerability from cvelistv5 – Published: 2025-10-07 15:21 – Updated: 2025-10-07 15:21

Title

RDMA/rxe: Fix mr->map double free

Summary

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix mr->map double free rxe_mr_cleanup() which tries to free mr->map again will be called when rxe_mr_init_user() fails: CPU: 0 PID: 4917 Comm: rdma_flush_serv Kdump: loaded Not tainted 6.1.0-rc1-roce-flush+ #25 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 Call Trace: <TASK> dump_stack_lvl+0x45/0x5d panic+0x19e/0x349 end_report.part.0+0x54/0x7c kasan_report.cold+0xa/0xf rxe_mr_cleanup+0x9d/0xf0 [rdma_rxe] __rxe_cleanup+0x10a/0x1e0 [rdma_rxe] rxe_reg_user_mr+0xb7/0xd0 [rdma_rxe] ib_uverbs_reg_mr+0x26a/0x480 [ib_uverbs] ib_uverbs_handler_UVERBS_METHOD_INVOKE_WRITE+0x1a2/0x250 [ib_uverbs] ib_uverbs_cmd_verbs+0x1397/0x15a0 [ib_uverbs] This issue was firstly exposed since commit b18c7da63fcb ("RDMA/rxe: Fix memory leak in error path code") and then we fixed it in commit 8ff5f5d9d8cf ("RDMA/rxe: Prevent double freeing rxe_map_set()") but this fix was reverted together at last by commit 1e75550648da (Revert "RDMA/rxe: Create duplicate mapping tables for FMRs") Simply let rxe_mr_cleanup() always handle freeing the mr->map once it is successfully allocated.

Severity ?

No CVSS data available.

Assigner

Linux

References

URL

Tags

	https://git.kernel.org/stable/c/6ce577f09013206e3…
	https://git.kernel.org/stable/c/06f73568f553b5be6…
	https://git.kernel.org/stable/c/7d984dac8f6bf4ebd…

Impacted products

Vendor

Product

Version

Linux

Affected: 1e75550648da1fa1cd1969e7597355de8fe8caf6 , < 6ce577f09013206e36e674cd27da3707b2278268 (git)
Affected: 1e75550648da1fa1cd1969e7597355de8fe8caf6 , < 06f73568f553b5be6ba7f6fe274d333ea29fc46d (git)
Affected: 1e75550648da1fa1cd1969e7597355de8fe8caf6 , < 7d984dac8f6bf4ebd3398af82b357e1d181ecaac (git)
Affected: e004a35e8148ad9fc438b0479884641acf382896 (git)

Linux

Affected: 6.0
Unaffected: 0 , < 6.0 (semver)
Unaffected: 6.0.16 , ≤ 6.0.* (semver)
Unaffected: 6.1.2 , ≤ 6.1.* (semver)
Unaffected: 6.2 , ≤ * (original_commit_for_fix)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/infiniband/sw/rxe/rxe_mr.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "6ce577f09013206e36e674cd27da3707b2278268",
              "status": "affected",
              "version": "1e75550648da1fa1cd1969e7597355de8fe8caf6",
              "versionType": "git"
            },
            {
              "lessThan": "06f73568f553b5be6ba7f6fe274d333ea29fc46d",
              "status": "affected",
              "version": "1e75550648da1fa1cd1969e7597355de8fe8caf6",
              "versionType": "git"
            },
            {
              "lessThan": "7d984dac8f6bf4ebd3398af82b357e1d181ecaac",
              "status": "affected",
              "version": "1e75550648da1fa1cd1969e7597355de8fe8caf6",
              "versionType": "git"
            },
            {
              "status": "affected",
              "version": "e004a35e8148ad9fc438b0479884641acf382896",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/infiniband/sw/rxe/rxe_mr.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "6.0"
            },
            {
              "lessThan": "6.0",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.0.*",
              "status": "unaffected",
              "version": "6.0.16",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.2",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.0.16",
                  "versionStartIncluding": "6.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.2",
                  "versionStartIncluding": "6.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.2",
                  "versionStartIncluding": "6.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionStartIncluding": "5.19.4",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/rxe: Fix mr-\u003emap double free\n\nrxe_mr_cleanup() which tries to free mr-\u003emap again will be called when\nrxe_mr_init_user() fails:\n\n   CPU: 0 PID: 4917 Comm: rdma_flush_serv Kdump: loaded Not tainted 6.1.0-rc1-roce-flush+ #25\n   Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014\n   Call Trace:\n    \u003cTASK\u003e\n    dump_stack_lvl+0x45/0x5d\n    panic+0x19e/0x349\n    end_report.part.0+0x54/0x7c\n    kasan_report.cold+0xa/0xf\n    rxe_mr_cleanup+0x9d/0xf0 [rdma_rxe]\n    __rxe_cleanup+0x10a/0x1e0 [rdma_rxe]\n    rxe_reg_user_mr+0xb7/0xd0 [rdma_rxe]\n    ib_uverbs_reg_mr+0x26a/0x480 [ib_uverbs]\n    ib_uverbs_handler_UVERBS_METHOD_INVOKE_WRITE+0x1a2/0x250 [ib_uverbs]\n    ib_uverbs_cmd_verbs+0x1397/0x15a0 [ib_uverbs]\n\nThis issue was firstly exposed since commit b18c7da63fcb (\"RDMA/rxe: Fix\nmemory leak in error path code\") and then we fixed it in commit\n8ff5f5d9d8cf (\"RDMA/rxe: Prevent double freeing rxe_map_set()\") but this\nfix was reverted together at last by commit 1e75550648da (Revert\n\"RDMA/rxe: Create duplicate mapping tables for FMRs\")\n\nSimply let rxe_mr_cleanup() always handle freeing the mr-\u003emap once it is\nsuccessfully allocated."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-10-07T15:21:07.939Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/6ce577f09013206e36e674cd27da3707b2278268"
        },
        {
          "url": "https://git.kernel.org/stable/c/06f73568f553b5be6ba7f6fe274d333ea29fc46d"
        },
        {
          "url": "https://git.kernel.org/stable/c/7d984dac8f6bf4ebd3398af82b357e1d181ecaac"
        }
      ],
      "title": "RDMA/rxe: Fix mr-\u003emap double free",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2022-50543",
    "datePublished": "2025-10-07T15:21:07.939Z",
    "dateReserved": "2025-10-07T15:15:38.667Z",
    "dateUpdated": "2025-10-07T15:21:07.939Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-53539 (GCVE-0-2023-53539)

Vulnerability from cvelistv5 – Published: 2025-10-04 15:16 – Updated: 2025-10-04 15:16

Title

RDMA/rxe: Fix incomplete state save in rxe_requester

Summary

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix incomplete state save in rxe_requester If a send packet is dropped by the IP layer in rxe_requester() the call to rxe_xmit_packet() can fail with err == -EAGAIN. To recover, the state of the wqe is restored to the state before the packet was sent so it can be resent. However, the routines that save and restore the state miss a significnt part of the variable state in the wqe, the dma struct which is used to process through the sge table. And, the state is not saved before the packet is built which modifies the dma struct. Under heavy stress testing with many QPs on a fast node sending large messages to a slow node dropped packets are observed and the resent packets are corrupted because the dma struct was not restored. This patch fixes this behavior and allows the test cases to succeed.

Severity ?

No CVSS data available.

Assigner

Linux

References

URL

Tags

	https://git.kernel.org/stable/c/70518f3aaf5a059b6…
	https://git.kernel.org/stable/c/2f2a6422287fe29f9…
	https://git.kernel.org/stable/c/255c0e60e1d16874f…
	https://git.kernel.org/stable/c/5d122db2ff80cd2ae…

Impacted products

Vendor

Product

Version

Linux

Affected: 3050b99850247695cb07a5c15265afcc08bcf400 , < 70518f3aaf5a059b691867d7d2d46b999319656a (git)
Affected: 3050b99850247695cb07a5c15265afcc08bcf400 , < 2f2a6422287fe29f9343247d77b645100ece0652 (git)
Affected: 3050b99850247695cb07a5c15265afcc08bcf400 , < 255c0e60e1d16874fc151358d94bc8df661600dd (git)
Affected: 3050b99850247695cb07a5c15265afcc08bcf400 , < 5d122db2ff80cd2aed4dcd630befb56b51ddf947 (git)

Linux

Affected: 4.8
Unaffected: 0 , < 4.8 (semver)
Unaffected: 6.1.53 , ≤ 6.1.* (semver)
Unaffected: 6.4.16 , ≤ 6.4.* (semver)
Unaffected: 6.5.3 , ≤ 6.5.* (semver)
Unaffected: 6.6 , ≤ * (original_commit_for_fix)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/infiniband/sw/rxe/rxe_req.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "70518f3aaf5a059b691867d7d2d46b999319656a",
              "status": "affected",
              "version": "3050b99850247695cb07a5c15265afcc08bcf400",
              "versionType": "git"
            },
            {
              "lessThan": "2f2a6422287fe29f9343247d77b645100ece0652",
              "status": "affected",
              "version": "3050b99850247695cb07a5c15265afcc08bcf400",
              "versionType": "git"
            },
            {
              "lessThan": "255c0e60e1d16874fc151358d94bc8df661600dd",
              "status": "affected",
              "version": "3050b99850247695cb07a5c15265afcc08bcf400",
              "versionType": "git"
            },
            {
              "lessThan": "5d122db2ff80cd2aed4dcd630befb56b51ddf947",
              "status": "affected",
              "version": "3050b99850247695cb07a5c15265afcc08bcf400",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/infiniband/sw/rxe/rxe_req.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.8"
            },
            {
              "lessThan": "4.8",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.53",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.4.*",
              "status": "unaffected",
              "version": "6.4.16",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.6",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.53",
                  "versionStartIncluding": "4.8",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.4.16",
                  "versionStartIncluding": "4.8",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.5.3",
                  "versionStartIncluding": "4.8",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6",
                  "versionStartIncluding": "4.8",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/rxe: Fix incomplete state save in rxe_requester\n\nIf a send packet is dropped by the IP layer in rxe_requester()\nthe call to rxe_xmit_packet() can fail with err == -EAGAIN.\nTo recover, the state of the wqe is restored to the state before\nthe packet was sent so it can be resent. However, the routines\nthat save and restore the state miss a significnt part of the\nvariable state in the wqe, the dma struct which is used to process\nthrough the sge table. And, the state is not saved before the packet\nis built which modifies the dma struct.\n\nUnder heavy stress testing with many QPs on a fast node sending\nlarge messages to a slow node dropped packets are observed and\nthe resent packets are corrupted because the dma struct was not\nrestored. This patch fixes this behavior and allows the test cases\nto succeed."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-10-04T15:16:49.379Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/70518f3aaf5a059b691867d7d2d46b999319656a"
        },
        {
          "url": "https://git.kernel.org/stable/c/2f2a6422287fe29f9343247d77b645100ece0652"
        },
        {
          "url": "https://git.kernel.org/stable/c/255c0e60e1d16874fc151358d94bc8df661600dd"
        },
        {
          "url": "https://git.kernel.org/stable/c/5d122db2ff80cd2aed4dcd630befb56b51ddf947"
        }
      ],
      "title": "RDMA/rxe: Fix incomplete state save in rxe_requester",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-53539",
    "datePublished": "2025-10-04T15:16:49.379Z",
    "dateReserved": "2025-10-04T15:14:15.919Z",
    "dateUpdated": "2025-10-04T15:16:49.379Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-53401 (GCVE-0-2023-53401)

Vulnerability from cvelistv5 – Published: 2025-09-18 13:33 – Updated: 2026-01-14 19:03

Title

mm: kmem: fix a NULL pointer dereference in obj_stock_flush_required()

Summary

In the Linux kernel, the following vulnerability has been resolved: mm: kmem: fix a NULL pointer dereference in obj_stock_flush_required() KCSAN found an issue in obj_stock_flush_required(): stock->cached_objcg can be reset between the check and dereference: ================================================================== BUG: KCSAN: data-race in drain_all_stock / drain_obj_stock write to 0xffff888237c2a2f8 of 8 bytes by task 19625 on cpu 0: drain_obj_stock+0x408/0x4e0 mm/memcontrol.c:3306 refill_obj_stock+0x9c/0x1e0 mm/memcontrol.c:3340 obj_cgroup_uncharge+0xe/0x10 mm/memcontrol.c:3408 memcg_slab_free_hook mm/slab.h:587 [inline] __cache_free mm/slab.c:3373 [inline] __do_kmem_cache_free mm/slab.c:3577 [inline] kmem_cache_free+0x105/0x280 mm/slab.c:3602 __d_free fs/dcache.c:298 [inline] dentry_free fs/dcache.c:375 [inline] __dentry_kill+0x422/0x4a0 fs/dcache.c:621 dentry_kill+0x8d/0x1e0 dput+0x118/0x1f0 fs/dcache.c:913 __fput+0x3bf/0x570 fs/file_table.c:329 ____fput+0x15/0x20 fs/file_table.c:349 task_work_run+0x123/0x160 kernel/task_work.c:179 resume_user_mode_work include/linux/resume_user_mode.h:49 [inline] exit_to_user_mode_loop+0xcf/0xe0 kernel/entry/common.c:171 exit_to_user_mode_prepare+0x6a/0xa0 kernel/entry/common.c:203 __syscall_exit_to_user_mode_work kernel/entry/common.c:285 [inline] syscall_exit_to_user_mode+0x26/0x140 kernel/entry/common.c:296 do_syscall_64+0x4d/0xc0 arch/x86/entry/common.c:86 entry_SYSCALL_64_after_hwframe+0x63/0xcd read to 0xffff888237c2a2f8 of 8 bytes by task 19632 on cpu 1: obj_stock_flush_required mm/memcontrol.c:3319 [inline] drain_all_stock+0x174/0x2a0 mm/memcontrol.c:2361 try_charge_memcg+0x6d0/0xd10 mm/memcontrol.c:2703 try_charge mm/memcontrol.c:2837 [inline] mem_cgroup_charge_skmem+0x51/0x140 mm/memcontrol.c:7290 sock_reserve_memory+0xb1/0x390 net/core/sock.c:1025 sk_setsockopt+0x800/0x1e70 net/core/sock.c:1525 udp_lib_setsockopt+0x99/0x6c0 net/ipv4/udp.c:2692 udp_setsockopt+0x73/0xa0 net/ipv4/udp.c:2817 sock_common_setsockopt+0x61/0x70 net/core/sock.c:3668 __sys_setsockopt+0x1c3/0x230 net/socket.c:2271 __do_sys_setsockopt net/socket.c:2282 [inline] __se_sys_setsockopt net/socket.c:2279 [inline] __x64_sys_setsockopt+0x66/0x80 net/socket.c:2279 do_syscall_x64 arch/x86/entry/common.c:50 [inline] do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80 entry_SYSCALL_64_after_hwframe+0x63/0xcd value changed: 0xffff8881382d52c0 -> 0xffff888138893740 Reported by Kernel Concurrency Sanitizer on: CPU: 1 PID: 19632 Comm: syz-executor.0 Not tainted 6.3.0-rc2-syzkaller-00387-g534293368afa #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023 Fix it by using READ_ONCE()/WRITE_ONCE() for all accesses to stock->cached_objcg.

Severity ?

4.7 (Medium)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-476 - NULL Pointer Dereference

Assigner

Linux

References

URL

Tags

	https://git.kernel.org/stable/c/33d9490b27e5d8da4…
	https://git.kernel.org/stable/c/33391c7e1a2ad612b…
	https://git.kernel.org/stable/c/3b8abb3239530c423…

Impacted products

Vendor

Product

Version

Linux

Affected: bf4f059954dcb221384b2f784677e19a13cd4bdb , < 33d9490b27e5d8da4444aefd714a4f50189db978 (git)
Affected: bf4f059954dcb221384b2f784677e19a13cd4bdb , < 33391c7e1a2ad612bf3922cc168cb09a46bbe236 (git)
Affected: bf4f059954dcb221384b2f784677e19a13cd4bdb , < 3b8abb3239530c423c0b97e42af7f7e856e1ee96 (git)

Linux

Affected: 5.9
Unaffected: 0 , < 5.9 (semver)
Unaffected: 6.1.45 , ≤ 6.1.* (semver)
Unaffected: 6.4.10 , ≤ 6.4.* (semver)
Unaffected: 6.5 , ≤ * (original_commit_for_fix)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "HIGH",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 4.7,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-53401",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-01-14T19:01:39.705657Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-476",
                "description": "CWE-476 NULL Pointer Dereference",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-01-14T19:03:06.936Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "mm/memcontrol.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "33d9490b27e5d8da4444aefd714a4f50189db978",
              "status": "affected",
              "version": "bf4f059954dcb221384b2f784677e19a13cd4bdb",
              "versionType": "git"
            },
            {
              "lessThan": "33391c7e1a2ad612bf3922cc168cb09a46bbe236",
              "status": "affected",
              "version": "bf4f059954dcb221384b2f784677e19a13cd4bdb",
              "versionType": "git"
            },
            {
              "lessThan": "3b8abb3239530c423c0b97e42af7f7e856e1ee96",
              "status": "affected",
              "version": "bf4f059954dcb221384b2f784677e19a13cd4bdb",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "mm/memcontrol.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.9"
            },
            {
              "lessThan": "5.9",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.45",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.4.*",
              "status": "unaffected",
              "version": "6.4.10",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.5",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.45",
                  "versionStartIncluding": "5.9",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.4.10",
                  "versionStartIncluding": "5.9",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.5",
                  "versionStartIncluding": "5.9",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: kmem: fix a NULL pointer dereference in obj_stock_flush_required()\n\nKCSAN found an issue in obj_stock_flush_required():\nstock-\u003ecached_objcg can be reset between the check and dereference:\n\n==================================================================\nBUG: KCSAN: data-race in drain_all_stock / drain_obj_stock\n\nwrite to 0xffff888237c2a2f8 of 8 bytes by task 19625 on cpu 0:\n drain_obj_stock+0x408/0x4e0 mm/memcontrol.c:3306\n refill_obj_stock+0x9c/0x1e0 mm/memcontrol.c:3340\n obj_cgroup_uncharge+0xe/0x10 mm/memcontrol.c:3408\n memcg_slab_free_hook mm/slab.h:587 [inline]\n __cache_free mm/slab.c:3373 [inline]\n __do_kmem_cache_free mm/slab.c:3577 [inline]\n kmem_cache_free+0x105/0x280 mm/slab.c:3602\n __d_free fs/dcache.c:298 [inline]\n dentry_free fs/dcache.c:375 [inline]\n __dentry_kill+0x422/0x4a0 fs/dcache.c:621\n dentry_kill+0x8d/0x1e0\n dput+0x118/0x1f0 fs/dcache.c:913\n __fput+0x3bf/0x570 fs/file_table.c:329\n ____fput+0x15/0x20 fs/file_table.c:349\n task_work_run+0x123/0x160 kernel/task_work.c:179\n resume_user_mode_work include/linux/resume_user_mode.h:49 [inline]\n exit_to_user_mode_loop+0xcf/0xe0 kernel/entry/common.c:171\n exit_to_user_mode_prepare+0x6a/0xa0 kernel/entry/common.c:203\n __syscall_exit_to_user_mode_work kernel/entry/common.c:285 [inline]\n syscall_exit_to_user_mode+0x26/0x140 kernel/entry/common.c:296\n do_syscall_64+0x4d/0xc0 arch/x86/entry/common.c:86\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nread to 0xffff888237c2a2f8 of 8 bytes by task 19632 on cpu 1:\n obj_stock_flush_required mm/memcontrol.c:3319 [inline]\n drain_all_stock+0x174/0x2a0 mm/memcontrol.c:2361\n try_charge_memcg+0x6d0/0xd10 mm/memcontrol.c:2703\n try_charge mm/memcontrol.c:2837 [inline]\n mem_cgroup_charge_skmem+0x51/0x140 mm/memcontrol.c:7290\n sock_reserve_memory+0xb1/0x390 net/core/sock.c:1025\n sk_setsockopt+0x800/0x1e70 net/core/sock.c:1525\n udp_lib_setsockopt+0x99/0x6c0 net/ipv4/udp.c:2692\n udp_setsockopt+0x73/0xa0 net/ipv4/udp.c:2817\n sock_common_setsockopt+0x61/0x70 net/core/sock.c:3668\n __sys_setsockopt+0x1c3/0x230 net/socket.c:2271\n __do_sys_setsockopt net/socket.c:2282 [inline]\n __se_sys_setsockopt net/socket.c:2279 [inline]\n __x64_sys_setsockopt+0x66/0x80 net/socket.c:2279\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nvalue changed: 0xffff8881382d52c0 -\u003e 0xffff888138893740\n\nReported by Kernel Concurrency Sanitizer on:\nCPU: 1 PID: 19632 Comm: syz-executor.0 Not tainted 6.3.0-rc2-syzkaller-00387-g534293368afa #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023\n\nFix it by using READ_ONCE()/WRITE_ONCE() for all accesses to\nstock-\u003ecached_objcg."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-09-18T13:33:41.076Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/33d9490b27e5d8da4444aefd714a4f50189db978"
        },
        {
          "url": "https://git.kernel.org/stable/c/33391c7e1a2ad612bf3922cc168cb09a46bbe236"
        },
        {
          "url": "https://git.kernel.org/stable/c/3b8abb3239530c423c0b97e42af7f7e856e1ee96"
        }
      ],
      "title": "mm: kmem: fix a NULL pointer dereference in obj_stock_flush_required()",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-53401",
    "datePublished": "2025-09-18T13:33:41.076Z",
    "dateReserved": "2025-09-17T14:54:09.738Z",
    "dateUpdated": "2026-01-14T19:03:06.936Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

RHSA-2025:22800

CVE-2022-50543 (GCVE-0-2022-50543)

CVE-2023-53539 (GCVE-0-2023-53539)

CVE-2023-53401 (GCVE-0-2023-53401)

Tags

Sightings

Nomenclature