RHSA-2026:19569HighCVSS 8.1

Red Hat Security Advisory: kernel security update

Published
May 20, 2026
Last Modified
May 29, 2026

🔗 CVE IDs covered (13)

CVE-2025-68724CVE-2026-23270CVE-2026-31408CVE-2026-46300CVE-2026-46333CVE-2024-56603CVE-2025-39766CVE-2025-68741CVE-2026-23401CVE-2026-31402CVE-2026-31607CVE-2026-43128CVE-2026-43284

📋 Description

CVE-2024-56603 — kernel: net: af_can: do not leave a dangling sk pointer in can_create() CVE-2025-39766 — kernel: net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit CVE-2025-68724 — kernel: crypto: asymmetric_keys - prevent overflow in asymmetric_key_generate_id CVE-2025-68741 — kernel: scsi: qla2xxx: Fix improper freeing of purex item CVE-2026-23270 — kernel: Linux kernel: Use-after-free in traffic control (act_ct) may lead to denial of service or privilege escalation CVE-2026-23401 — kernel: Linux kernel KVM: Privilege escalation or denial of service due to improper shadow page table entry handling CVE-2026-31402 — kernel: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache CVE-2026-31408 — kernel: Bluetooth: SCO: Fix use-after-free in sco_recv_frame() due to missing sock_hold CVE-2026-31607 — kernel: usbip: validate number_of_packets in usbip_pack_ret_submit() CVE-2026-43128 — kernel: RDMA/umem: Fix double dma_buf_unpin in failure path CVE-2026-43284 — kernel: "Dirty Frag" ESP XFRM variant is a new universal Local Privilege Escalation (LPE) vulnerability in the Linux kernel CVE-2026-46300 — kernel: "Fragnesia" is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation (LPE) vulnerability in the Linux kernel CVE-2026-46333 — kernel: Read root-owned files as an unprivileged user

🔗 References (17)