Red Hat Product Errata RHSA-2026:9112 - Security Advisory Issued: 2026-04-20 Updated: 2026-04-20 RHSA-2026:9112 - Security Advisory Overview Updated Packages Synopsis Moderate: kernel security update Type/Severity Security Advisory: Moderate Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for kernel is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): kernel: Linux kernel: Denial of Service via unsafe requeue in rxrpc_recvmsg (CVE-2026-23066) kernel: Kernel: Privilege escalation or denial of service in nf_tables via inverted element activity check (CVE-2026-23111) kernel: Linux kernel: Local denial of service and memory leak in DAMON sysfs via setup failure (CVE-2026-23144) kernel: Linux kernel: Use-after-free in bonding module can cause system crash or arbitrary code execution (CVE-2026-23171) kernel: scsi: target: iscsi: Fix use-after-free in iscsit_dec_session_usage_count() (CVE-2026-23193) kernel: net/sched: cls_u32: use skb_header_pointer_careful() (CVE-2026-23204) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. Affected Products Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6 x86_64 Red Hat Enterprise Linux Server - AUS 9.6 x86_64 Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6 s390x Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6 ppc64le Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6 aarch64 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6 x86_64 Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 9.6 x86_64 Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 9.6 ppc64le Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 9.6 s390x Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 9.6 aarch64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6 s390x Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.6 x86_64 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.6 aarch64 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.6 ppc64le Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.6 s390x Fixes BZ - 2436805 - CVE-2026-23066 kernel: Linux kernel: Denial of Service via unsafe requeue in rxrpc_recvmsg BZ - 2439687 - CVE-2026-23111 kernel: Kernel: Privilege escalation or denial of service in nf_tables via inverted element activity check BZ - 2439872 - CVE-2026-23144 kernel: Linux kernel: Local denial of service and memory leak in DAMON sysfs via setup failure BZ - 2439886 - CVE-2026-23171 kernel: Linux kernel: Use-after-free in bonding module can cause system crash or arbitrary code execution BZ - 2439887 - CVE-2026-23193 kernel: scsi: target: iscsi: Fix use-after-free in iscsit_dec_session_usage_count() BZ - 2439931 - CVE-2026-23204 kernel: net/sched: cls_u32: use skb_header_pointer_careful() CVEs CVE-2026-23066 CVE-2026-23111 CVE-2026-23144 CVE-2026-23171 CVE-2026-23193 CVE-2026-23204 References https://access.redhat.com/security/updates/classification/#moderate Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6 SRPM kernel-5.14.0-570.108.1.el9_6.src.rpm SHA-256: 72803d7ea77ced48eafd63b4eedf6631b744241b1e1cd2b81dbbfc9e4ed2dd07 x86_64 kernel-5.14.0-570.108.1.el9_6.x86_64.rpm SHA-256: d382ee27f6ba2de19399032a006e7960704300ab23046ae8fde10243f9c0d6fd kernel-abi-stablelists-5.14.0-570.108.1.el9_6.noarch.rpm SHA-256: 0d86da20d8830286fe4ccc1c9ed1d410c324af11fbbf5737930b57aed41fe847 kernel-core-5.14.0-570.108.1.el9_6.x86_64.rpm SHA-256: af4fc31291156dc2b13134c94ab81c502ce85b2a7fdc21f2cfce90c17a5d3e6b kernel-debug-5.14.0-570.108.1.el9_6.x86_64.rpm SHA-256: 0859a25313c8e7430752dfb4b87a3a46b832450125d6d926817d9fb497c5b81b kernel-debug-core-5.14.0-570.108.1.el9_6.x86_64.rpm SHA-256: d6b11dbf977948cf7499af38ea1879ae2ee5421a23764b3342a981f85bcc6733 kernel-debug-debuginfo-5.14.0-570.108.1.el9_6.x86_64.rpm SHA-256: 9021788b9aa720c8f6494d4ee0304828c5c0ed513700a49c5b0d8e150278778e kernel-debug-debuginfo-5.14.0-570.108.1.el9_6.x86_64.rpm SHA-256: 9021788b9aa720c8f6494d4ee0304828c5c0ed513700a49c5b0d8e150278778e kernel-debug-debuginfo-5.14.0-570.108.1.el9_6.x86_64.rpm SHA-256: 9021788b9aa720c8f6494d4ee0304828c5c0ed513700a49c5b0d8e150278778e kernel-debug-debuginfo-5.14.0-570.108.1.el9_6.x86_64.rpm SHA-256: 9021788b9aa720c8f6494d4ee0304828c5c0ed513700a49c5b0d8e150278778e kernel-debug-devel-5.14.0-570.108.1.el9_6.x86_64.rpm SHA-256: bc710f8cfc864d4dec8f7f7d3fee99d19e6d1f97bf1aa874e2f1867b9dd1281b kernel-debug-devel-matched-5.14.0-570.108.1.el9_6.x86_64.rpm SHA-256: 390c7b79fa213b6fb36e04ba570a64c5426169cf9ddc7561b810e2cf719cc46e kernel-debug-modules-5.14.0-570.108.1.el9_6.x86_64.rpm SHA-256: 34eddf502b3470bb7d9a7e2422f28302748fc12e4947f690cb0f337ae88a42af kernel-debug-modules-core-5.14.0-570.108.1.el9_6.x86_64.rpm SHA-256: 3f86565007025f2d792195d11e5ed8c1f28009c9f57db5f5d3dcf9c504790051 kernel-debug-modules-extra-5.14.0-570.108.1.el9_6.x86_64.rpm SHA-256: 024ae50c1fa4b921bba2fea277fb84c9dd8eda6134d847a63e12ba0726a9fdb9 kernel-debug-uki-virt-5.14.0-570.108.1.el9_6.x86_64.rpm SHA-256: 42bc4080998badbd0c465a35d7226bfb8900520e380d4d146122f47b565ff9e3 kernel-debuginfo-5.14.0-570.108.1.el9_6.x86_64.rpm SHA-256: e65bef7f9378e6532fe71365d7790688b5ba450f2d51c385027def1a04e58574 kernel-debuginfo-5.14.0-570.108.1.el9_6.x86_64.rpm SHA-256: e65bef7f9378e6532fe71365d7790688b5ba450f2d51c385027def1a04e58574 kernel-debuginfo-5.14.0-570.108.1.el9_6.x86_64.rpm SHA-256: e65bef7f9378e6532fe71365d7790688b5ba450f2d51c385027def1a04e58574 kernel-debuginfo-5.14.0-570.108.1.el9_6.x86_64.rpm SHA-256: e65bef7f9378e6532fe71365d7790688b5ba450f2d51c385027def1a04e58574 kernel-debuginfo-common-x86_64-5.14.0-570.108.1.el9_6.x86_64.rpm SHA-256: 7f6979293f3f00e79aebbef880b265f39a19a7eaead55d08b6a4006b25ba9c89 kernel-debuginfo-common-x86_64-5.14.0-570.108.1.el9_6.x86_64.rpm SHA-256: 7f6979293f3f00e79aebbef880b265f39a19a7eaead55d08b6a4006b25ba9c89 kernel-debuginfo-common-x86_64-5.14.0-570.108.1.el9_6.x86_64.rpm SHA-256: 7f6979293f3f00e79aebbef880b265f39a19a7eaead55d08b6a4006b25ba9c89 kernel-debuginfo-common-x86_64-5.14.0-570.108.1.el9_6.x86_64.rpm SHA-256: 7f6979293f3f00e79aebbef880b265f39a19a7eaead55d08b6a4006b25ba9c89 kernel-devel-5.14.0-570.108.1.el9_6.x86_64.rpm SHA-256: 87dc8dee38ad5cae675d731b8b729d400f94b275720defcec85dd7c1ee3d6226 kernel-devel-matched-5.14.0-570.108.1.el9_6.x86_64.rpm SHA-256: dc788e3d386004c1440296e6bfcd96bb77aa9ff88793ae987456966a68f6e934 kernel-doc-5.14.0-570.108.1.el9_6.noarch.rpm SHA-256: b2f3522e6b6557d935207d24df093abaa3ba94fedfac7881fb2d8a71e938131a kernel-headers-5.14.0-570.108.1.el9_6.x86_64.rpm SHA-256: 0d58847b7bef734a9fca8fac0db03dfa3201aa891e145af4f75a58c5403728d5 kernel-modules-5.14.0-570.108.1.el9_6.x86_64.rpm SHA-256: 7536a4ab60321aa1a1f697e1a482b1b49015f8c6bb9e61ceffae812d101db284 kernel-modules-core-5.14.0-570.108.1.el9_6.x86_64.rpm SHA-256: c54a55f33f8f0498893c9d021cf4ec1c25fe9df23595edfce3ad7df5fb477c59 kernel-modules-extra-5.14.0-570.108.1.el9_6.x86_64.rpm SHA-256: 0b680152c608432301caad5f6b0e467f74fa254327faf433a03b123123e82f1a kernel-rt-5.14.0-570.108.1.el9_6.x86_64.rpm SHA-256: 37fe793ac831f163f762428fa7d7f04a76a2439bc6d950a31d505b020e48a86a kernel-rt-5.14.0-570.108.1.el9_6.x86_64.rpm SHA-256: 37fe793ac831f163f762428fa7d7f04a76a2439bc6d950a31d505b020e48a86a kernel-rt-core-5.14.0-570.108.1.el9_6.x86_64.rpm SHA-256: 939016701505527b641e2d973a30ce583a4cf2511f6fdb2ad3d8f553811f2563 kernel-rt-core-5.14.0-570.108.1.el9_6.x86_64.rpm SHA-256: 939016701505527b641e2d973a30ce583a4cf2511f6fdb2ad3d8f553811f2563 kernel-rt-debug-5.14.0-570.108.1.el9_6.x86_64.rpm SHA-256: 3fcea430401d73b5c4b5d57f60650f2527d5a6969351d833185571e55392d2d3 kernel-rt-debug-5.14.0-570.108.1.el9_6.x86_64.rpm SHA-256: 3fcea430401d73b5c4b5d57f60650f2527d5a6969351d833185571e55392d2d3 kernel-rt-debug-core-5.14.0-570.108.1.el9_6.x86_64.rpm SHA-256: 9fe9dc8f91c492dbacbc3610de8cb9fcda4c9e90b3261a9b2c3a250dccae8552 kernel-rt-debug-core-5.14.0-570.108.1.el9_6.x86_64.rpm SHA-256: 9fe9dc8f91c492dbacbc3610de8cb9fcda4c9e90b3261a9b2c3a250dccae8552 kernel-rt-debug-debuginfo-5.14.0-570.108.1.el9_6.x86_64.rpm SHA-256: 5028ff4eaa8f4e868be00ba234b935661f69b7cc08c41e50289c8ff94c17a36a kernel-rt-debug-debuginfo-5.14.0-570.108.1.el9_6.x86_64.rpm SHA-256: 5028ff4eaa8f4e868be00ba234b935661f69b7cc08c41e50289c8ff94c17a36a kernel-rt-debug-debuginfo-5.14.0-570.108.1.el9_6.x86_64.rpm SHA-256: 5028ff4eaa8f4e868be00ba234b935661f69b7cc08c41e50289c8ff94c17a36a kernel-rt-debug-debuginfo-5.14.0-570.108.1.el9_6.x86_64.rpm SHA-256: 5028ff4eaa8f4e868be00ba234b935661f69b7cc08c41e50289c8ff94c17a36a kernel-rt-debug-devel-5.14.0-570.108.1.el9_6.x86_64.rpm SHA-256: b9c6e8ba29bbe1683e3d2ec11a1813464a2dd9a3cd00b8057200dff92d21d8a8 kernel-rt-debug-devel-5.14.0-570.108.1.el9_6.x86_64.rpm SHA-256: b9c6e8ba29bbe1683e3d2ec11a