Kernel Update for AlmaLinux 10: Important Security Fixes
A significant security update has been released for AlmaLinux 10, addressing multiple vulnerabilities in the Linux kernel. This update specifically targets issues related to drm/vkms, udmabuf, net/sched, and drm/gem components, which include critical vulnerabilities such as use-after-free and double-free errors, buffer size overflows, and failure to pass notifications when child classes become empty. The vulnerabilities are identified by the following CVEs: CVE-2025-22097, CVE-2025-37803, CVE-2025-38350, and CVE-2025-38449.
Update Details: Important Security Notice (ALSA-2025:15447)
- Release Date: September 15, 2025
- Severity: Important
Security Fixes Include:
- drm/vkms: Resolved use-after-free and double-free issues occurring during initialization (CVE-2025-22097).
- udmabuf: Addressed a buffer size overflow vulnerability during the creation of udmabuf (CVE-2025-37803).
- net/sched: Ensured that notifications are consistently passed when a child class transitions to an empty state (CVE-2025-38350).
- drm/gem: Implemented a mechanism to acquire references on GEM handles for framebuffers (CVE-2025-38449).
For an in-depth analysis of these security issues, including their potential impact and CVSS scores, users are encouraged to refer to the CVE pages linked in the update.
Additional Information:
For full details, updated packages, and related resources, please visit: [AlmaLinux Errata](https://errata.almalinux.org/10/ALSA-2025-15447.html).
This notification is generated automatically. For any further inquiries, please reach out via the AlmaLinux community chat at [AlmaLinux Chat](https://chat.almalinux.org/). To modify your notification preferences, visit [AlmaLinux Mailing Lists](https://lists.almalinux.org).
Conclusion:
It is crucial for AlmaLinux 10 users to promptly apply this kernel update to secure their systems against these identified vulnerabilities. Regular updates and maintenance ensure the integrity and security of the operating system, ultimately safeguarding user data and system performance
A significant security update has been released for AlmaLinux 10, addressing multiple vulnerabilities in the Linux kernel. This update specifically targets issues related to drm/vkms, udmabuf, net/sched, and drm/gem components, which include critical vulnerabilities such as use-after-free and double-free errors, buffer size overflows, and failure to pass notifications when child classes become empty. The vulnerabilities are identified by the following CVEs: CVE-2025-22097, CVE-2025-37803, CVE-2025-38350, and CVE-2025-38449.
Update Details: Important Security Notice (ALSA-2025:15447)
- Release Date: September 15, 2025
- Severity: Important
Security Fixes Include:
- drm/vkms: Resolved use-after-free and double-free issues occurring during initialization (CVE-2025-22097).
- udmabuf: Addressed a buffer size overflow vulnerability during the creation of udmabuf (CVE-2025-37803).
- net/sched: Ensured that notifications are consistently passed when a child class transitions to an empty state (CVE-2025-38350).
- drm/gem: Implemented a mechanism to acquire references on GEM handles for framebuffers (CVE-2025-38449).
For an in-depth analysis of these security issues, including their potential impact and CVSS scores, users are encouraged to refer to the CVE pages linked in the update.
Additional Information:
For full details, updated packages, and related resources, please visit: [AlmaLinux Errata](https://errata.almalinux.org/10/ALSA-2025-15447.html).
This notification is generated automatically. For any further inquiries, please reach out via the AlmaLinux community chat at [AlmaLinux Chat](https://chat.almalinux.org/). To modify your notification preferences, visit [AlmaLinux Mailing Lists](https://lists.almalinux.org).
Conclusion:
It is crucial for AlmaLinux 10 users to promptly apply this kernel update to secure their systems against these identified vulnerabilities. Regular updates and maintenance ensure the integrity and security of the operating system, ultimately safeguarding user data and system performance
Kernel update for AlmaLinux 10
A security update has been released for AlmaLinux 10, which addresses several vulnerabilities in the Linux kernel. The update fixes issues with drm/vkms, udmabuf, net/sched, and drm/gem, including use-after-free and double-free errors, buffer size overflows, and notifications not being passed when child classes become empty. The CVEs for these vulnerabilities are CVE-2025-22097, CVE-2025-37803, CVE-2025-38350, and CVE-2025-38449.
ALSA-2025:15447: kernel security update (Important)
