SB2025120934 - Red Hat Enterprise Linux 7 Extended Lifecycle Support update for kernel-rt 

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2025120934

SB2025120934 - Red Hat Enterprise Linux 7 Extended Lifecycle Support update for kernel-rt

Published: December 9, 2025

Security Bulletin ID SB2025120934
Severity
Medium
Patch available
YES
Number of vulnerabilities 7
Exploitation vector Physical access
Highest impact Code execution

Breakdown by Severity

Medium 14% Low 86%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 7 secuirty vulnerabilities.


1) Use-after-free (CVE-ID: CVE-2022-3640)

The vulnerability allows an attacker to compromise the affected system.

The vulnerability exists due to a use-after-free error in the 2cap_conn_del() function in net/bluetooth/l2cap_core.c in Linux kernel. An attacker with physical proximity to device can trigger a use-after-free error and execute arbitrary code on the system.



2) Improper locking (CVE-ID: CVE-2025-38718)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the sctp_rcv() function in net/sctp/input.c. A local user can perform a denial of service (DoS) attack.


3) Use-after-free (CVE-ID: CVE-2023-53305)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the l2cap_le_command_rej() function in net/bluetooth/l2cap_core.c. A local user can escalate privileges on the system.


4) Buffer overflow (CVE-ID: CVE-2022-50341)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the fill_transform_hdr() and crypt_message() functions in fs/cifs/smb2ops.c. A local user can escalate privileges on the system.


5) Improper locking (CVE-ID: CVE-2023-53365)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the ip6mr_cache_report() function in net/ipv6/ip6mr.c. A local user can perform a denial of service (DoS) attack.


6) Use-after-free (CVE-ID: CVE-2022-50386)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the l2cap_connect_create_rsp() function in net/bluetooth/l2cap_core.c. A local user can escalate privileges on the system.


7) Use-after-free (CVE-ID: CVE-2022-50408)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the brcmf_netdev_start_xmit() function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/core.c. A local user can escalate privileges on the system.


Remediation

Install update from vendor's website.

References