Jann Horn discovered that the watch_queue event notification subsystem in
the Linux kernel contained an out-of-bounds write vulnerability. A local
attacker could use this to cause a denial of service (system crash) or
escalate their privileges. (CVE-2022-0995)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
– Network drivers;
– File systems infrastructure;
– NTFS3 file system;
– Ethernet bridge;
– Ethtool driver;
– IPv6 networking;
– Network traffic control;
– VMware vSockets driver;
(CVE-2024-56651, CVE-2025-21756, CVE-2024-26837, CVE-2025-21700,
CVE-2024-46826, CVE-2024-50256, CVE-2024-50248, CVE-2025-21993,
CVE-2025-21702, CVE-2025-21701, CVE-2025-21703)
Jann Horn discovered that the watch_queue event notification subsystem in
the Linux kernel contained an out-of-bounds write vulnerability. A local
attacker could use this to cause a denial of service (system crash) or
escalate their privileges. (CVE-2022-0995)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
– Network drivers;
– File systems infrastructure;
– NTFS3 file system;
– Ethernet bridge;
– Ethtool driver;
– IPv6 networking;
– Network traffic control;
– VMware vSockets driver;
(CVE-2024-26837, CVE-2025-21993, CVE-2025-21702, CVE-2025-21700,
CVE-2025-21701, CVE-2024-50248, CVE-2024-56651, CVE-2024-46826,
CVE-2024-50256, CVE-2025-21756, CVE-2025-21703)
Jann Horn discovered that the watch_queue event notification subsystem in
the Linux kernel contained an out-of-bounds write vulnerability. A local
attacker could use this to cause a denial of service (system crash) or
escalate their privileges. (CVE-2022-0995)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
– Network drivers;
– File systems infrastructure;
– NTFS3 file system;
– Ethernet bridge;
– Ethtool driver;
– IPv6 networking;
– Network traffic control;
– VMware vSockets driver;
(CVE-2025-21703, CVE-2024-56651, CVE-2024-50248, CVE-2025-21701,
CVE-2024-26837, CVE-2024-46826, CVE-2025-21993, CVE-2025-21702,
CVE-2024-50256, CVE-2025-21756, CVE-2025-21700)
Upgrade urgency SECURITY: This release includes security fixes we recommend you
apply as soon as possible.
Bug fixes
Optimize RDB load performance and fix cluster mode resizing on replica side (#1199)
Fix memory leak in forgotten node ping ext code path (#1574)
Fix cluster info sent stats for message with light header (#1563)
Fix module LatencyAddSample still work when latency-monitor-threshold is 0 (#1541)
Fix potential crash in radix tree recompression of huge keys (#1722)
Fix error “SSL routines::bad length” when connTLSWrite is called second time with smaller buffer (#1737)
Fix temp file leak druing replication error handling (#1721)
Fix ACL LOAD crash on replica since the primary client don’t has a user (#1842)
Fix RANDOMKEY infinite loop during CLIENT PAUSE (#1850)
fix: add samples to stream object consumer trees (#1825)
Fix cluster slot stats assertion during promotion of replica (#1950)
Fix panic in primary when blocking shutdown after previous block with timeout (#1948)
Ignore stale gossip packets that arrive out of order (#1777)
Fix incorrect lag reported in XINFO GROUPS (#1952)
Avoid shard id update of replica if not matching with primary shard id (#573)
Security fixes
CVE-2025-21605 Limit output buffer for unauthenticated clients (#1993)
