Skip to content

chore(deps): rpm updates [security] #2323

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

chore(deps): rpm updates [security] #2323

wants to merge 1 commit into from

Conversation

red-hat-konflux[bot]
Copy link
Contributor

@red-hat-konflux red-hat-konflux bot commented Aug 4, 2025
edited
Loading

This PR contains the following updates:

Package Update Change
glibc patch 2.28-251.el8_10.22 -> 2.28-251.el8_10.25
glibc-all-langpacks patch 2.28-251.el8_10.22 -> 2.28-251.el8_10.25
glibc-common patch 2.28-251.el8_10.22 -> 2.28-251.el8_10.25
glibc-devel patch 2.28-251.el8_10.22 -> 2.28-251.el8_10.25
glibc-gconv-extra patch 2.28-251.el8_10.22 -> 2.28-251.el8_10.25
glibc-headers patch 2.28-251.el8_10.22 -> 2.28-251.el8_10.25
kernel-headers patch 4.18.0-553.64.1.el8_10 -> 4.18.0-553.70.1.el8_10
libxml2 patch 2.9.7-21.el8_10.2 -> 2.9.7-21.el8_10.3

glibc: Double free in glibc

CVE-2025-8058

More information

Severity

Moderate

References

glibc: buffer overflow in the GNU C Library's assert()

CVE-2025-0395

More information

Severity

Moderate

References

glibc: static setuid binary dlopen may incorrectly search LD_LIBRARY_PATH

CVE-2025-4802

More information

Severity

Moderate

References

glibc: Vector register overwrite bug in glibc

CVE-2025-5702

More information

Severity

Moderate

References

kernel: ext4: avoid resizing to a partial cluster size

CVE-2022-50020

More information

Severity

Important

References

kernel: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc

CVE-2025-37890

More information

Severity

Important

References

kernel: HID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove()

CVE-2025-21928

More information

Severity

Important

References

kernel: net/tipc: fix slab-use-after-free Read in tipc_aead_encrypt_done

CVE-2025-38052

More information

Severity

Important

References

kernel: memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove

CVE-2025-22020

More information

Severity

Important

References

kernel: crypto: algif_hash - fix double free in hash_accept

CVE-2025-38079

More information

Severity

Important

References

kernel: can: peak_usb: fix use after free bugs

CVE-2021-47670

More information

Severity

Moderate

References

kernel: padata: fix UAF in padata_reorder

CVE-2025-21727

More information

Severity

Moderate

References

kernel: ipv6: mcast: extend RCU protection in igmp6_send()

CVE-2025-21759

More information

Severity

Moderate

References

kernel: mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race

CVE-2025-38085

More information

Severity

Moderate

References

kernel: net/ipv6: release expired exception dst cached in socket

CVE-2024-56644

More information

Severity

Moderate

References

kernel: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds

CVE-2025-38159

More information

Severity

Moderate

References

kernel: net_sched: ets: Fix double list add in class with netem as child qdisc

CVE-2025-37914

More information

Severity

Important

References

kernel: drm/vkms: Fix use after free and double free on init error

CVE-2025-22097

More information

Severity

Important

References

kernel: Bluetooth: hci_core: Fix use-after-free in vhci_flush()

CVE-2025-38250

More information

Severity

Important

References

kernel: i2c/designware: Fix an initialization issue

CVE-2025-38380

More information

Severity

Important

References

kernel: nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu()

CVE-2025-21927

More information

Severity

Important

References

kernel: netfilter: ipset: add missing range check in bitmap_ip_uadt

CVE-2024-53141

More information

Severity

Important

References

kernel: vsock: Keep the binding until socket destruction

CVE-2025-21756

More information

Severity

Important

References

kernel: mt76: fix use-after-free by removing a non-RCU wcid pointer

CVE-2022-49328

More information

Severity

Moderate

References

kernel: ndisc: use RCU protection in ndisc_alloc_skb()

CVE-2025-21764

More information

Severity

Moderate

References

kernel: tipc: fix use-after-free Read in tipc_named_reinit

CVE-2022-49696

More information

Severity

Moderate

References

kernel: blk-mq: don't touch ->tagset in blk_mq_get_sq_hctx

CVE-2022-49377

More information

Severity

Moderate

References

kernel: dlm: fix plock invalid read

CVE-2022-49407

More information

Severity

Moderate

References

kernel: Bluetooth: Fix use after free in hci_send_acl

CVE-2022-49111

More information

Severity

Moderate

References

Kernel: use-after-free in nfsd4_ssc_setup_dul in fs/nfsd/nfs4proc.c

CVE-2023-1652

More information

Severity

Moderate

References

kernel: scsi: libfc: Fix use after free in fc_exch_abts_resp()

CVE-2022-49114

More information

Severity

Moderate

References

kernel: udf: Fix a slab-out-of-bounds write bug in udf_find_entry()

CVE-2022-49846

More information

Severity

Important

References

kernel: ibmvnic: Use kernel helpers for hex dumps

CVE-2025-22104

More information

Severity

Important

References

kernel: um: Fix out-of-bounds read in LDT setup

CVE-2022-49395

More information

Severity

Important

References

kernel: ext4: ignore xattrs past end

CVE-2025-37738

More information

Severity

Important

References

kernel: ext4: fix out-of-bound read in ext4_xattr_inode_dec_ref_all()

CVE-2025-22121

More information

Severity

Important

References

kernel: Squashfs: fix handling and sanity checking of xattr_ids count

CVE-2023-52933

More information

Severity

Important

References

kernel: net: atm: fix use after free in lec_send()

CVE-2025-22004

More information

Severity

Important

References

kernel: ipv6: mcast: extend RCU protection in igmp6_send()

CVE-2025-21759

More information

Severity

Important

References

kernel: dm ioctl: prevent potential spectre v1 gadget

CVE-2022-49122

More information

Severity

Important

References

kernel: net: atlantic: fix aq_vec index out of range error

CVE-2022-50066

More information

Severity

Important

References

kernel: media: uvcvideo: Fix double free in error path

CVE-2024-57980

More information

Severity

Moderate

References

kernel: wifi: iwlwifi: limit printed string from FW file

CVE-2025-21905

More information

Severity

Moderate

References

kernel: ext4: avoid journaling sb update on error if journal is destroying

CVE-2025-22113

More information

Severity

Moderate

References

kernel: writeback: avoid use-after-free after removing device

CVE-2022-49995

More information

Severity

Moderate

References

kernel: mm/huge_memory: fix dereferencing invalid pmd migration entry

CVE-2025-37958

More information

Severity

Moderate

References

kernel: ext4: fix off-by-one error in do_split

CVE-2025-23150

More information

Severity

Moderate

References

kernel: cifs: potential buffer overflow in handling symlinks

CVE-2022-49058

More information

Severity

Important

References

kernel: media: uvcvideo: Remove dangling pointers

CVE-2024-58002

More information

Severity

Important

References

kernel: misc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram()

CVE-2022-49788

More information

Severity

Important

References

kernel: vsock: Keep the binding until socket destruction

CVE-2025-21756

More information

Severity

Moderate

References

kernel: mm: call the security_mmap_file() LSM hook in remap_file_pages()

CVE-2024-47745

More information

Severity

Moderate

References

kernel: veth: Fix use after free in XDP_REDIRECT

CVE-2023-53107

More information

Severity

Important

References

kernel: xsk: fix OOB map writes when deleting elements

CVE-2024-56614

More information

Severity

Moderate

References

kernel: bpf: fix OOB devmap writes when deleting elements

CVE-2024-56615

More information

Severity

Moderate

References

kernel: md: fix mddev uaf while iterating all_mddevs list

CVE-2025-22126

More information

Severity

Moderate

References

Kernel: use-after-free in nfsd4_ssc_setup_dul in fs/nfsd/nfs4proc.c

CVE-2023-1652

More information

Severity

Important

References

kernel: um: Fix out-of-bounds read in LDT setup

CVE-2022-49395

More information

Severity

Moderate

References

kernel: Squashfs: fix handling and sanity checking of xattr_ids count

CVE-2023-52933

More information

Severity

Moderate

References

kernel: udmabuf: fix a buf size overflow issue during udmabuf creation

CVE-2025-37803

More information

Severity

Important

References

net/http: Request smuggling due to acceptance of invalid chunked data in net/http

CVE-2025-22871

More information

Severity

Moderate

References

kernel: ext4: fix off-by-one error in do_split

CVE-2025-23150

More information

Severity

Important

References

kernel: mm/huge_memory: fix dereferencing invalid pmd migration entry

CVE-2025-37958

More information

Severity

Important

References

kernel: media: uvcvideo: Fix double free in error path

CVE-2024-57980

More information

Severity

Important

References

kernel: net_sched: hfsc: Address reentrant enqueue adding class to eltree twice

CVE-2025-38001

More information

Severity

Important

References

kernel: wifi: iwlwifi: limit printed string from FW file

CVE-2025-21905

More information

Severity

Important

References

kernel: ext4: avoid journaling sb update on error if journal is destroying

CVE-2025-22113

More information

Severity

Important

References

kernel: media: uvcvideo: Remove dangling pointers

CVE-2024-58002

More information

Severity

Moderate

References

kernel: memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove

CVE-2025-22020

More information

Severity

Moderate

References

kernel: selinux: Add boundary check in put_entry()

CVE-2022-50200

More information

Severity

Moderate

References

kernel: net: ch9200: fix uninitialised access during mii_nway_restart

CVE-2025-38086

More information

Severity

Moderate

References

  • [https://access.redhat.com/sec

@red-hat-konflux red-hat-konflux bot requested review from rhacs-bot and a team as code owners August 4, 2025 17:22
@red-hat-konflux red-hat-konflux bot enabled auto-merge (squash) August 4, 2025 17:23
rhacs-bot
rhacs-bot approved these changes Aug 4, 2025
View reviewed changes
Copy link
Contributor

@rhacs-bot rhacs-bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Auto-approved by automation.

@red-hat-konflux red-hat-konflux bot force-pushed the konflux/mintmaker/release-3.21/rpm-updates branch 8 times, most recently from e12aed7 to ac47dd5 Compare August 12, 2025 12:26
@red-hat-konflux red-hat-konflux bot force-pushed the konflux/mintmaker/release-3.21/rpm-updates branch 2 times, most recently from a86e1e8 to cc258ad Compare August 15, 2025 08:29
@red-hat-konflux
chore(deps): rpm updates [security]
60c059c 
Signed-off-by: red-hat-konflux <126015336+red-hat-konflux[bot]@users.noreply.github.com>
@red-hat-konflux red-hat-konflux bot force-pushed the konflux/mintmaker/release-3.21/rpm-updates branch from cc258ad to 60c059c Compare August 18, 2025 04:28
@msugakov
Copy link
Contributor

Closing to have MintMaker reopen a rebased PR.

@msugakov msugakov closed this Aug 18, 2025
auto-merge was automatically disabled August 18, 2025 11:26

Pull request was closed

@msugakov msugakov deleted the konflux/mintmaker/release-3.21/rpm-updates branch August 18, 2025 11:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rhacs-bot rhacs-bot rhacs-bot approved these changes

Assignees
No one assigned
Labels
auto-approve build-builder-image rebuild-test-container Rebuild the collector-tests container.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@msugakov @rhacs-bot