RHSA-2025:2490

Description

Red Hat Security Advisory: kernel security update

CVSS Metrics

• v3.1•HIGH•Score: 7.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Systems

• redhat•bpftool

  < 0:7.3.0-427.59.1.el9_4 | < 0:7.3.0-427.59.1.el9_4 | < 0:7.3.0-427.59.1.el9_4 | < 0:7.3.0-427.59.1.el9_4 | < 0:7.3.0-427.59.1.el9_4

• redhat•bpftool-debuginfo

  < 0:7.3.0-427.59.1.el9_4 | < 0:7.3.0-427.59.1.el9_4 | < 0:7.3.0-427.59.1.el9_4 | < 0:7.3.0-427.59.1.el9_4 | < 0:7.3.0-427.59.1.el9_4

• redhat•kernel

  < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4

• redhat•kernel-64k

  < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4

• redhat•kernel-64k-core

  < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4

• redhat•kernel-64k-debug

  < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4

• redhat•kernel-64k-debug-core

  < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4

• redhat•kernel-64k-debug-debuginfo

  < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4

• redhat•kernel-64k-debug-devel

  < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4

• redhat•kernel-64k-debug-devel-matched

  < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4

• redhat•kernel-64k-debug-modules

  < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4

• redhat•kernel-64k-debug-modules-core

  < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4

• redhat•kernel-64k-debug-modules-extra

  < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4

• redhat•kernel-64k-debuginfo

  < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4

• redhat•kernel-64k-devel

  < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4

• redhat•kernel-64k-devel-matched

  < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4

• redhat•kernel-64k-modules

  < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4

• redhat•kernel-64k-modules-core

  < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4

• redhat•kernel-64k-modules-extra

  < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4

• redhat•kernel-abi-stablelists

  < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4

• redhat•kernel-core

  < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4

• redhat•kernel-debug

  < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4

• redhat•kernel-debug-core

  < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4

• redhat•kernel-debug-debuginfo

  < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4

• redhat•kernel-debug-devel

  < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4

• redhat•kernel-debug-devel-matched

  < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4

• redhat•kernel-debug-modules

  < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4

• redhat•kernel-debug-modules-core

  < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4

• redhat•kernel-debug-modules-extra

  < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4

• redhat•kernel-debug-uki-virt

  < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4

• redhat•kernel-debuginfo

  < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4

• redhat•kernel-debuginfo-common-aarch64

  < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4

• redhat•kernel-debuginfo-common-ppc64le

  < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4

• redhat•kernel-debuginfo-common-s390x

  < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4

• redhat•kernel-debuginfo-common-x86_64

  < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4

• redhat•kernel-devel

  < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4

• redhat•kernel-devel-matched

  < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4

• redhat•kernel-doc

  < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4

• redhat•kernel-modules

  < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4

• redhat•kernel-modules-core

  < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4

• redhat•kernel-modules-extra

  < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4

• redhat•kernel-rt

  < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4

• redhat•kernel-rt-core

  < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4

• redhat•kernel-rt-debug

  < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4

• redhat•kernel-rt-debug-core

  < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4

• redhat•kernel-rt-debug-debuginfo

  < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4

• redhat•kernel-rt-debug-devel

  < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4

• redhat•kernel-rt-debug-kvm

  < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4

• redhat•kernel-rt-debug-modules

  < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4

• redhat•kernel-rt-debug-modules-core

  < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4 | < 0:5.14.0-427.59.1.el9_4

Showing first 50 affected entries in server-rendered view.

References (55)

• https://access.redhat.com/errata/RHSA-2025:2490
• https://access.redhat.com/security/updates/classification/#important
• https://bugzilla.redhat.com/show_bug.cgi?id=2265833
• https://bugzilla.redhat.com/show_bug.cgi?id=2267797
• https://bugzilla.redhat.com/show_bug.cgi?id=2270093
• https://bugzilla.redhat.com/show_bug.cgi?id=2273260
• https://bugzilla.redhat.com/show_bug.cgi?id=2281235
• https://bugzilla.redhat.com/show_bug.cgi?id=2282918
• https://bugzilla.redhat.com/show_bug.cgi?id=2327169
• https://bugzilla.redhat.com/show_bug.cgi?id=2329370
• https://bugzilla.redhat.com/show_bug.cgi?id=2334412
• https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_2490.json
• https://access.redhat.com/security/cve/CVE-2021-47497
• https://www.cve.org/CVERecord?id=CVE-2021-47497
• https://nvd.nist.gov/vuln/detail/CVE-2021-47497
• https://lore.kernel.org/linux-cve-announce/2024052242-CVE-2021-47497-449e@gregkh/T
• https://access.redhat.com/security/cve/CVE-2023-52520
• https://www.cve.org/CVERecord?id=CVE-2023-52520
• https://nvd.nist.gov/vuln/detail/CVE-2023-52520
• https://lore.kernel.org/linux-cve-announce/2024030252-CVE-2023-52520-0a4e@gregkh/T/#u
• https://access.redhat.com/security/cve/CVE-2023-52615
• https://www.cve.org/CVERecord?id=CVE-2023-52615
• https://nvd.nist.gov/vuln/detail/CVE-2023-52615
• https://lore.kernel.org/linux-cve-announce/20240318101458.2835626-10-lee@kernel.org/T
• https://access.redhat.com/security/cve/CVE-2023-52922
• https://www.cve.org/CVERecord?id=CVE-2023-52922
• https://nvd.nist.gov/vuln/detail/CVE-2023-52922
• https://lore.kernel.org/linux-cve-announce/2024112856-CVE-2023-52922-39e1@gregkh/T
• https://access.redhat.com/security/cve/CVE-2024-26603
• https://www.cve.org/CVERecord?id=CVE-2024-26603
• https://nvd.nist.gov/vuln/detail/CVE-2024-26603
• https://lore.kernel.org/linux-cve-announce/2024022415-CVE-2024-26603-42c2@gregkh/T/#u
• https://access.redhat.com/security/cve/CVE-2024-26744
• https://www.cve.org/CVERecord?id=CVE-2024-26744
• https://nvd.nist.gov/vuln/detail/CVE-2024-26744
• https://lore.kernel.org/linux-cve-announce/2024040301-CVE-2024-26744-d344@gregkh/T
• https://access.redhat.com/security/cve/CVE-2024-35801
• https://www.cve.org/CVERecord?id=CVE-2024-35801
• https://nvd.nist.gov/vuln/detail/CVE-2024-35801
• https://lore.kernel.org/linux-cve-announce/2024051738-CVE-2024-35801-8038@gregkh/T
• https://access.redhat.com/security/cve/CVE-2024-43830
• https://bugzilla.redhat.com/show_bug.cgi?id=2305488
• https://www.cve.org/CVERecord?id=CVE-2024-43830
• https://nvd.nist.gov/vuln/detail/CVE-2024-43830
• https://lore.kernel.org/linux-cve-announce/2024081727-CVE-2024-43830-3b85@gregkh/T
• https://access.redhat.com/security/cve/CVE-2024-50302
• https://www.cve.org/CVERecord?id=CVE-2024-50302
• https://nvd.nist.gov/vuln/detail/CVE-2024-50302
• https://lore.kernel.org/linux-cve-announce/2024111908-CVE-2024-50302-f677@gregkh/T
• https://securitylab.amnesty.org/latest/2025/02/cellebrite-zero-day-exploit-used-to-target-phone-of-serbian-student-activist/
• https://www.cisa.gov/known-exploited-vulnerabilities-catalog
• https://access.redhat.com/security/cve/CVE-2024-53197
• https://www.cve.org/CVERecord?id=CVE-2024-53197
• https://nvd.nist.gov/vuln/detail/CVE-2024-53197
• https://lore.kernel.org/linux-cve-announce/2024122725-CVE-2024-53197-6aef@gregkh/T