Out-of-bounds Read The advisory has been revoked - it doesn't affect any version of package kernel-rt-core (opens in a new tab)
Threat Intelligence
The probability is the direct output of the EPSS model, and conveys an overall sense of the threat of exploitation in the wild. The percentile measures the EPSS probability relative to all known EPSS scores. Note: This data is updated daily, relying on the latest available EPSS model version. Check out the EPSS documentation for more details.
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk IDSNYK-RHEL10-KERNELRTCORE-12091625
- published21 Aug 2025
- disclosed19 Aug 2025
Introduced: 19 Aug 2025
CVE-2025-38556 (opens in a new tab)Amendment
The Red Hat security team deemed this advisory irrelevant for RHEL:10.
NVD Description
Note: Versions mentioned in the description apply only to the upstream kernel-rt-core package and not the kernel-rt-core package as distributed by RHEL.
In the Linux kernel, the following vulnerability has been resolved:
HID: core: Harden s32ton() against conversion to 0 bits
Testing by the syzbot fuzzer showed that the HID core gets a shift-out-of-bounds exception when it tries to convert a 32-bit quantity to a 0-bit quantity. Ideally this should never occur, but there are buggy devices and some might have a report field with size set to zero; we shouldn't reject the report or the device just because of that.
Instead, harden the s32ton() routine so that it returns a reasonable result instead of crashing when it is called with the number of bits set to 0 -- the same as what snto32() does.
References
- https://bugzilla.redhat.com/show_bug.cgi?id=2389456
- https://access.redhat.com/security/cve/CVE-2025-38556
- https://access.redhat.com/errata/RHSA-2025:17776
- https://git.kernel.org/stable/c/865ad8469fa24de1559f247d9426ab01e5ce3a56
- https://git.kernel.org/stable/c/8b4a94b1510f6a46ec48494b52ee8f67eb4fc836
- https://git.kernel.org/stable/c/a6b87bfc2ab5bccb7ad953693c85d9062aef3fdd
- https://git.kernel.org/stable/c/d3b504146c111548ab60b6ef7aad00bfb1db05a2