{"id":"ALSA-2025:16904","summary":"Moderate: kernel security update","details":"The kernel packages contain the Linux kernel, the core of any Linux operating system.  \n\nSecurity Fix(es):  \n\n  * kernel: fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass (CVE-2025-38396)\n  * kernel: smb: client: fix use-after-free in cifs_oplock_break (CVE-2025-38527)\n  * kernel: cifs: Fix the smbd_response slab to allow usercopy (CVE-2025-38523)\n  * kernel: tls: fix handling of zero-length records on the rx_list (CVE-2025-39682)\n  * kernel: io_uring/futex: ensure io_futex_wait() cleans up properly on failure (CVE-2025-39698)\n  * kernel: s390/sclp: Fix SCCB present check (CVE-2025-39694)\n\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n","modified":"2026-02-04T03:42:14.342614Z","published":"2025-09-29T00:00:00Z","related":["CVE-2025-38396","CVE-2025-38523","CVE-2025-38527","CVE-2025-39682","CVE-2025-39694","CVE-2025-39698"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:16904"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2025-38396"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2025-38523"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2025-38527"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2025-39682"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2025-39694"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2025-39698"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2383441"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2388928"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2388948"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2393511"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2393519"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2393534"},{"type":"ADVISORY","url":"https://errata.almalinux.org/10/ALSA-2025-16904.html"}],"affected":[{"package":{"name":"kernel-abi-stablelists","ecosystem":"AlmaLinux:10","purl":"pkg:rpm/almalinux/kernel-abi-stablelists"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"6.12.0-55.37.1.el10_0"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2025:16904.json"}},{"package":{"name":"kernel-doc","ecosystem":"AlmaLinux:10","purl":"pkg:rpm/almalinux/kernel-doc"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"6.12.0-55.37.1.el10_0"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2025:16904.json"}}],"schema_version":"1.7.3"}