Red Hat Security Advisory: kernel security update
🔗 CVE IDs covered (17)
📋 Description
CVE-2025-39766 — kernel: net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit CVE-2025-68741 — kernel: scsi: qla2xxx: Fix improper freeing of purex item CVE-2025-71116 — kernel: libceph: make decode_pool() more resilient against corrupted osdmaps CVE-2026-22984 — kernel: libceph: prevent potential out-of-bounds reads in handle_auth_done() CVE-2026-22990 — kernel: libceph: replace overzealous BUG_ON in osdmap_apply_incremental() CVE-2026-23136 — kernel: Linux kernel: Denial of Service in libceph OSD client due to unreset sparse-read state CVE-2026-23204 — kernel: net/sched: cls_u32: use skb_header_pointer_careful() CVE-2026-23270 — kernel: Linux kernel: Use-after-free in traffic control (act_ct) may lead to denial of service or privilege escalation CVE-2026-23401 — kernel: Linux kernel KVM: Privilege escalation or denial of service due to improper shadow page table entry handling CVE-2026-31402 — kernel: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache CVE-2026-31532 — kernel: can: raw: fix ro->uniq use-after-free in raw_rcv() CVE-2026-31607 — kernel: usbip: validate number_of_packets in usbip_pack_ret_submit() CVE-2026-43128 — kernel: RDMA/umem: Fix double dma_buf_unpin in failure path CVE-2026-43163 — kernel: md/bitmap: fix GPF in write_page caused by resize race CVE-2026-43284 — kernel: "Dirty Frag" ESP XFRM variant is a new universal Local Privilege Escalation (LPE) vulnerability in the Linux kernel CVE-2026-46300 — kernel: "Fragnesia" is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation (LPE) vulnerability in the Linux kernel CVE-2026-46333 — kernel: Read root-owned files as an unprivileged user
🔗 References (20)
- selfhttps://access.redhat.com/errata/RHSA-2026:19568
- externalhttps://access.redhat.com/security/updates/classification/#important
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2394648
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2425046
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2429602
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2432389
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2432400
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2439852
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2439931
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2448745
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2453803
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2454844
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2461107
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2461521
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2467059
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2467144
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2467771
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2477015
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2477802
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_19568.json