RLSA-2025:12662

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

• kernel: padata: fix UAF in padata_reorder (CVE-2025-21727)

• kernel: HID: intel-ish-hid: Fix use-after-free issue in ishtphidremove() (CVE-2025-21928)

• kernel: HID: intel-ish-hid: Fix use-after-free issue in hidishtpcl_remove() (CVE-2025-21929)

• kernel: memstick: rtsxusbms: Fix slab-use-after-free in rtsxusbmsdrvremove (CVE-2025-22020)

• kernel: ext4: avoid journaling sb update on error if journal is destroying (CVE-2025-22113)

• kernel: RDMA/core: Fix use-after-free when rename device name (CVE-2025-22085)

• kernel: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc (CVE-2025-37890)

• kernel: net/tipc: fix slab-use-after-free Read in tipcaeadencrypt_done (CVE-2025-38052)

• kernel: net: ch9200: fix uninitialised access during miinwayrestart (CVE-2025-38086)

• kernel: net/sched: fix use-after-free in tapriodevnotifier (CVE-2025-38087)

• kernel: nvme-tcp: sanitize request list handling (CVE-2025-38264)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.