Red Hat alert RHSA-2025:10829-01 (kernel-rt)

An update for kernel-rt is now available for Red Hat Enterprise Linux 9.0
Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact of
Important. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

The kernel-rt packages provide the Real Time Linux Kernel, which enables
fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

* kernel: um: Fix out-of-bounds read in LDT setup (CVE-2022-49395)

* kernel: dm ioctl: prevent potential spectre v1 gadget (CVE-2022-49122)

* kernel: ipv6: mcast: extend RCU protection in igmp6_send() (CVE-2025-21759)

* kernel: Squashfs: fix handling and sanity checking of xattr_ids count
(CVE-2023-52933)

* kernel: net: atm: fix use after free in lec_send() (CVE-2025-22004)

* kernel: ext4: fix out-of-bound read in ext4_xattr_inode_dec_ref_all()
(CVE-2025-22121)

* kernel: ibmvnic: Use kernel helpers for hex dumps (CVE-2025-22104)

* kernel: ext4: ignore xattrs past end (CVE-2025-37738)

* kernel: udf: Fix a slab-out-of-bounds write bug in udf_find_entry()
(CVE-2022-49846)

* kernel: net: atlantic: fix aq_vec index out of range error (CVE-2022-50066)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

This content is licensed under the Creative Commons Attribution 4.0
International License (https://creativecommons.org/licenses/by/4.0/). If you
distribute this content, or a modified version of it, you must provide
attribution to Red Hat Inc. and provide a link to the original.

Original: https://access.redhat.com/security/data/csaf/v2/advisories/2025/rhsa-2025_10829.json