AlmaLinux 9 has recently received updates that address two critical security vulnerabilities: one related to the kernel and another concerning the libxslt library. These updates are essential for maintaining system integrity and security.
- Release Date: April 21, 2025
- Summary: This update involves the Linux kernel, which is fundamental to the operation of any Linux-based system.
- Security Fix: The update resolves an out-of-bounds read issue when identifying clock sources in USB audio devices, identified as CVE-2024-53150.
For more details, including the impact assessment and CVSS score, users can refer to the [CVE page](https://errata.almalinux.org/9/ALSA-2025-3937.html).
- Release Date: April 21, 2025
- Summary: LibXSLT is a library that enables the transformation of XML documents into various formats, including HTML and plain text, using the XSLT stylesheet transformation mechanism.
- Security Fix: This update addresses a use-after-free vulnerability in the libxslt function `xsltGetInheritedNsList`, cataloged as CVE-2024-55549.
For comprehensive details regarding the security issue, including potential impacts and further references, users can visit the [CVE page](https://errata.almalinux.org/9/ALSA-2025-4025.html).
Kernel Security Update (Moderate Severity)
- Update Reference: ALSA-2025:3937- Release Date: April 21, 2025
- Summary: This update involves the Linux kernel, which is fundamental to the operation of any Linux-based system.
- Security Fix: The update resolves an out-of-bounds read issue when identifying clock sources in USB audio devices, identified as CVE-2024-53150.
For more details, including the impact assessment and CVSS score, users can refer to the [CVE page](https://errata.almalinux.org/9/ALSA-2025-3937.html).
LibXSLT Security Update (Important Severity)
- Update Reference: ALSA-2025:4025- Release Date: April 21, 2025
- Summary: LibXSLT is a library that enables the transformation of XML documents into various formats, including HTML and plain text, using the XSLT stylesheet transformation mechanism.
- Security Fix: This update addresses a use-after-free vulnerability in the libxslt function `xsltGetInheritedNsList`, cataloged as CVE-2024-55549.
For comprehensive details regarding the security issue, including potential impacts and further references, users can visit the [CVE page](https://errata.almalinux.org/9/ALSA-2025-4025.html).
Additional Information
Users subscribed to AlmaLinux errata notifications will receive alerts such as this one. For any inquiries or to manage notification preferences, users can contact the AlmaLinux community or adjust settings through the provided links.Importance of Updates
Regular updates like these are vital in protecting systems against vulnerabilities that could be exploited by attackers. Users are encouraged to apply these updates promptly to ensure their systems remain secure and functionalKernel and LibXSLT updates for AlmaLinux 9
AlmaLinux 9 has been updated with two security enhancements: a kernel security update classified as moderate and a libxslt security update deemed important.
ALSA-2025:3937: kernel security update (Moderate)
ALSA-2025:4025: libxslt security update (Important)Kernel and LibXSLT updates for AlmaLinux 9 @ Linux Compatible
