Red Hat Security Advisory: kernel security update

CVE-2025-39766 — kernel: net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit CVE-2026-23270 — kernel: Linux kernel: Use-after-free in traffic control (act_ct) may lead to denial of service or privilege escalation CVE-2026-31419 — kernel: Linux kernel: Use-after-free in bonding driver leads to denial of service CVE-2026-31709 — kernel: smb: client: validate the whole DACL before rewriting it in cifsacl CVE-2026-43037 — kernel: ip6_tunnel: clear skb2->cb[] in ip4ip6_err() CVE-2026-43038 — kernel: ipv6: icmp: clear skb2->cb[] in ip6_err_gen_icmpv6_unreach() CVE-2026-43163 — kernel: md/bitmap: fix GPF in write_page caused by resize race