Red Hat Security Advisory: kernel security update
🔗 CVE IDs covered (19)
📋 Description
CVE-2025-37819 — kernel: Linux kernel: irqchip/gic-v2m use-after-free vulnerability CVE-2025-38022 — kernel: RDMA/core: Fix "KASAN: slab-use-after-free Read in ib_register_device" problem CVE-2025-38349 — kernel: Linux kernel use-after-free in eventpoll CVE-2025-38453 — kernel: io_uring/msg_ring: ensure io_kiocb freeing is deferred for RCU CVE-2025-38568 — kernel: net/sched: mqprio: fix stack out-of-bounds write in tc entry parsing CVE-2025-38731 — kernel: drm/xe: Fix vm_bind_ioctl double free bug CVE-2025-40135 — kernel: ipv6: use RCU in ip6_xmit() CVE-2025-40154 — kernel: ASoC: Intel: bytcr_rt5640: Fix invalid quirk input mapping CVE-2025-40158 — kernel: ipv6: use RCU in ip6_output() CVE-2025-40170 — kernel: net: use dst_dev_rcu() in sk_setup_caps() CVE-2025-40248 — kernel: Linux kernel: vsock vulnerability may lead to memory corruption CVE-2025-40251 — kernel: devlink: rate: Unset parent pointer in devl_rate_nodes_destroy CVE-2025-40258 — kernel: mptcp: fix race condition in mptcp_schedule_work() CVE-2025-40271 — kernel: Linux kernel: Use-after-free in proc_readdir_de() can lead to privilege escalation or denial of service. CVE-2025-40294 — kernel: Linux kernel: Out-of-bounds write in Bluetooth MGMT can lead to information disclosure and denial of service CVE-2025-40301 — kernel: Linux kernel: Information disclosure and denial of service in Bluetooth HCI event handling CVE-2025-40318 — kernel: Bluetooth: hci_sync: fix race in hci_cmd_sync_dequeue_once CVE-2025-68301 — kernel: net: atlantic: fix fragment overflow handling in RX path CVE-2025-68305 — kernel: Bluetooth: hci_sock: Prevent race in socket write iter and sock bind
🔗 References (22)
- selfhttps://access.redhat.com/errata/RHSA-2026:1690
- externalhttps://access.redhat.com/security/updates/classification/#important
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2365032
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2373326
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2381870
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2383516
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2389507
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2393488
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2414494
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2414506
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2414521
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2414523
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2418872
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2418876
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2418892
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2419837
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2419891
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2419896
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2419920
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2422836
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2422840
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_1690.json