ALSA-2025:17509: open-vm-tools security update (Important)
ALSA-2025:17397: kernel security update (Moderate)
ALSA-2025:17398: kernel-rt security update (Moderate)
ALSA-2025:17415: gnutls security, bug fix, and enhancement update (Moderate)
ALSA-2025:17509: open-vm-tools security update (Important)
Hi,
You are receiving an AlmaLinux Security update email because you subscribed to receive errata notifications from AlmaLinux.
AlmaLinux: 8
Type: Security
Severity: Important
Release date: 2025-10-08
Summary:
The Open Virtual Machine Tools are the open source implementation of the VMware Tools. They are a set of guest operating system virtualization components that enhance performance and user experience of virtual machines.
Security Fix(es):
* open-vm-tools: Local privilege escalation in open-vm-tools (CVE-2025-41244)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Full details, updated packages, references, and other related information: https://errata.almalinux.org/8/ALSA-2025-17509.html
This message is automatically generated, please don’t reply. For further questions, please, contact us via the AlmaLinux community chat: https://chat.almalinux.org/.
Want to change your notification settings? Sign in and manage mailing lists on https://lists.almalinux.org.
Kind regards,
AlmaLinux Team
ALSA-2025:17397: kernel security update (Moderate)
Hi,
You are receiving an AlmaLinux Security update email because you subscribed to receive errata notifications from AlmaLinux.
AlmaLinux: 8
Type: Security
Severity: Moderate
Release date: 2025-10-08
Summary:
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
* kernel: smb: client: fix use-after-free in cifs_oplock_break (CVE-2025-38527)
* kernel: NFS: Fix filehandle bounds checking in nfs_fh_to_dentry() (CVE-2025-39730)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Full details, updated packages, references, and other related information: https://errata.almalinux.org/8/ALSA-2025-17397.html
This message is automatically generated, please don’t reply. For further questions, please, contact us via the AlmaLinux community chat: https://chat.almalinux.org/.
Want to change your notification settings? Sign in and manage mailing lists on https://lists.almalinux.org.
Kind regards,
AlmaLinux Team
ALSA-2025:17398: kernel-rt security update (Moderate)
Hi,
You are receiving an AlmaLinux Security update email because you subscribed to receive errata notifications from AlmaLinux.
AlmaLinux: 8
Type: Security
Severity: Moderate
Release date: 2025-10-08
Summary:
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
* kernel: smb: client: fix use-after-free in cifs_oplock_break (CVE-2025-38527)
* kernel: NFS: Fix filehandle bounds checking in nfs_fh_to_dentry() (CVE-2025-39730)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Full details, updated packages, references, and other related information: https://errata.almalinux.org/8/ALSA-2025-17398.html
This message is automatically generated, please don’t reply. For further questions, please, contact us via the AlmaLinux community chat: https://chat.almalinux.org/.
Want to change your notification settings? Sign in and manage mailing lists on https://lists.almalinux.org.
Kind regards,
AlmaLinux Team
ALSA-2025:17415: gnutls security, bug fix, and enhancement update (Moderate)
Hi,
You are receiving an AlmaLinux Security update email because you subscribed to receive errata notifications from AlmaLinux.
AlmaLinux: 8
Type: Security
Severity: Moderate
Release date: 2025-10-08
Summary:
The gnutls packages provide the GNU Transport Layer Security (GnuTLS) library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS.
Security Fix(es):
* gnutls: Vulnerability in GnuTLS certtool template parsing (CVE-2025-32990)
* gnutls: Vulnerability in GnuTLS otherName SAN export (CVE-2025-32988)
* gnutls: NULL pointer dereference in _gnutls_figure_common_ciphersuite() (CVE-2025-6395)
Bug Fix(es) and Enhancement(s):
* gnutls: Vulnerability in GnuTLS certtool template parsing (BZ#2359620)
* gnutls: Vulnerability in GnuTLS otherName SAN export (BZ#2359622)
* gnutls: NULL pointer dereference in _gnutls_figure_common_ciphersuite() (BZ#2376755)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Full details, updated packages, references, and other related information: https://errata.almalinux.org/8/ALSA-2025-17415.html
This message is automatically generated, please don’t reply. For further questions, please, contact us via the AlmaLinux community chat: https://chat.almalinux.org/.
Want to change your notification settings? Sign in and manage mailing lists on https://lists.almalinux.org.
Kind regards,
AlmaLinux Team
