RHSA-2026:2264MediumCVSS 7.5
Red Hat Security Advisory: kernel security update
🔗 CVE IDs covered (8)
📋 Description
CVE-2022-50673 — kernel: ext4: fix use-after-free in ext4_orphan_cleanup CVE-2025-38403 — kernel: Kernel: Privilege escalation via uninitialized data in vmci transport packet CVE-2025-40135 — kernel: ipv6: use RCU in ip6_xmit() CVE-2025-40158 — kernel: ipv6: use RCU in ip6_output() CVE-2025-40170 — kernel: net: use dst_dev_rcu() in sk_setup_caps() CVE-2025-40269 — kernel: Linux kernel ALSA USB audio driver: Buffer overflow leading to information disclosure and denial of service CVE-2025-68349 — kernel: NFSv4/pNFS: Clear NFS_INO_LAYOUTCOMMIT in pnfs_mark_layout_stateid_invalid CVE-2026-22998 — kernel: nvme-tcp: fix NULL pointer dereferences in nvmet_tcp_build_pdu_iovec
🔗 References (11)
- selfhttps://access.redhat.com/errata/RHSA-2026:2264
- externalhttps://access.redhat.com/security/updates/classification/#moderate
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2383421
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2414506
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2414521
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2414523
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2419919
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2420347
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2424880
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2432671
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_2264.json