ALSA-2025:12662

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

• kernel: padata: fix UAF in padata_reorder (CVE-2025-21727)
• kernel: HID: intel-ish-hid: Fix use-after-free issue in ishtphidremove() (CVE-2025-21928)
• kernel: HID: intel-ish-hid: Fix use-after-free issue in hidishtpcl_remove() (CVE-2025-21929)
• kernel: memstick: rtsxusbms: Fix slab-use-after-free in rtsxusbmsdrvremove (CVE-2025-22020)
• kernel: ext4: avoid journaling sb update on error if journal is destroying (CVE-2025-22113)
• kernel: RDMA/core: Fix use-after-free when rename device name (CVE-2025-22085)
• kernel: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc (CVE-2025-37890)
• kernel: net/tipc: fix slab-use-after-free Read in tipcaeadencrypt_done (CVE-2025-38052)
• kernel: net: ch9200: fix uninitialised access during miinwayrestart (CVE-2025-38086)
• kernel: net/sched: fix use-after-free in tapriodevnotifier (CVE-2025-38087)
• kernel: nvme-tcp: sanitize request list handling (CVE-2025-38264)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.