Red Hat Product Errata RHSA-2026:21557 - Security Advisory Issued: 2026-05-28 Updated: 2026-05-28 RHSA-2026:21557 - Security Advisory Overview Updated Packages Synopsis Important: kernel security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for kernel is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): kernel: can: j1939: j1939_session_new(): fix skb reference counting (CVE-2024-56645) kernel: ima: don't clear IMA_DIGSIG flag when setting or removing non-IMA xattr (CVE-2025-68183) kernel: mm: thp: deny THP for files on anonymous inodes (CVE-2026-23375) kernel: netfilter: nf_tables: release flowtable after rcu grace period on error (CVE-2026-23392) kernel: netfilter: nf_conntrack_h323: check for zero length in DecodeQ931() (CVE-2026-23455) kernel: net: sched: act_csum: validate nested VLAN headers (CVE-2026-31684) kernel: netfilter: ip6t_eui64: reject invalid MAC header for all packets (CVE-2026-31685) kernel: netfilter: nf_conntrack_helper: pass helper to expect cleanup (CVE-2026-43027) kernel: io_uring/rsrc: reject zero-length fixed buffer import (CVE-2026-43006) kernel: Bluetooth: MGMT: validate LTK enc_size on load (CVE-2026-43020) kernel: HID: wacom: fix out-of-bounds read in wacom_intuos_bt_irq (CVE-2026-43051) kernel: Bluetooth: SCO: fix race conditions in sco_sock_connect() (CVE-2026-43023) kernel: netfilter: ctnetlink: ensure safe access to master conntrack (CVE-2026-43116) kernel: wifi: brcmfmac: validate bsscfg indices in IF events (CVE-2026-43110) kernel: netfilter: xt_tcpmss: check remaining length before reading optlen (CVE-2026-43190) kernel: Linux kernel dpaa2-switch: Kernel memory corruption via out-of-bounds write (CVE-2026-43205) kernel: xfs: fix freemap adjustments when adding xattrs to leaf blocks (CVE-2026-43158) kernel: mm/page_alloc: clear page->private in free_pages_prepare() (CVE-2026-43303) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. Affected Products Red Hat Enterprise Linux for x86_64 10 x86_64 Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.2 x86_64 Red Hat Enterprise Linux for IBM z Systems 10 s390x Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.2 s390x Red Hat Enterprise Linux for Power, little endian 10 ppc64le Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.2 ppc64le Red Hat Enterprise Linux for ARM 64 10 aarch64 Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.2 aarch64 Red Hat CodeReady Linux Builder for x86_64 10 x86_64 Red Hat CodeReady Linux Builder for Power, little endian 10 ppc64le Red Hat CodeReady Linux Builder for ARM 64 10 aarch64 Red Hat CodeReady Linux Builder for IBM z Systems 10 s390x Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 10.2 x86_64 Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 10.2 ppc64le Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 10.2 s390x Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 10.2 aarch64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 10.2 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 10.2 s390x Red Hat Enterprise Linux for Power, little endian - 4 years of support 10.2 ppc64le Red Hat Enterprise Linux for x86_64 - 4 years of updates 10.2 x86_64 Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 10.2 x86_64 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 10.2 aarch64 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 10.2 ppc64le Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 10.2 s390x Fixes BZ - 2334560 - CVE-2024-56645 kernel: can: j1939: j1939_session_new(): fix skb reference counting BZ - 2422699 - CVE-2025-68183 kernel: ima: don't clear IMA_DIGSIG flag when setting or removing non-IMA xattr BZ - 2451199 - CVE-2026-23375 kernel: mm: thp: deny THP for files on anonymous inodes BZ - 2451218 - CVE-2026-23392 kernel: netfilter: nf_tables: release flowtable after rcu grace period on error BZ - 2454810 - CVE-2026-23455 kernel: netfilter: nf_conntrack_h323: check for zero length in DecodeQ931() BZ - 2461757 - CVE-2026-31684 kernel: net: sched: act_csum: validate nested VLAN headers BZ - 2461759 - CVE-2026-31685 kernel: netfilter: ip6t_eui64: reject invalid MAC header for all packets BZ - 2464369 - CVE-2026-43027 kernel: netfilter: nf_conntrack_helper: pass helper to expect cleanup BZ - 2464402 - CVE-2026-43006 kernel: io_uring/rsrc: reject zero-length fixed buffer import BZ - 2464455 - CVE-2026-43020 kernel: Bluetooth: MGMT: validate LTK enc_size on load BZ - 2464462 - CVE-2026-43051 kernel: HID: wacom: fix out-of-bounds read in wacom_intuos_bt_irq BZ - 2464496 - CVE-2026-43023 kernel: Bluetooth: SCO: fix race conditions in sco_sock_connect() BZ - 2467005 - CVE-2026-43116 kernel: netfilter: ctnetlink: ensure safe access to master conntrack BZ - 2467014 - CVE-2026-43110 kernel: wifi: brcmfmac: validate bsscfg indices in IF events BZ - 2467064 - CVE-2026-43190 kernel: netfilter: xt_tcpmss: check remaining length before reading optlen BZ - 2467090 - CVE-2026-43205 kernel: Linux kernel dpaa2-switch: Kernel memory corruption via out-of-bounds write BZ - 2467210 - CVE-2026-43158 kernel: xfs: fix freemap adjustments when adding xattrs to leaf blocks BZ - 2468091 - CVE-2026-43303 kernel: mm/page_alloc: clear page->private in free_pages_prepare() CVEs CVE-2024-56645 CVE-2025-68183 CVE-2026-23375 CVE-2026-23392 CVE-2026-23455 CVE-2026-31684 CVE-2026-31685 CVE-2026-43006 CVE-2026-43020 CVE-2026-43023 CVE-2026-43027 CVE-2026-43051 CVE-2026-43110 CVE-2026-43116 CVE-2026-43158 CVE-2026-43190 CVE-2026-43205 CVE-2026-43303 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 10 SRPM kernel-6.12.0-211.18.1.el10_2.src.rpm SHA-256: b1b1abb4a408430f7e5ed05dfb1761a397f9e2a5ecc1341888821c88adceacc6 x86_64 kernel-6.12.0-211.18.1.el10_2.x86_64.rpm SHA-256: c923bf584f2309ff57a95e1417ac8ab0d78796363cead0377215c410afb7c13f kernel-abi-stablelists-6.12.0-211.18.1.el10_2.noarch.rpm SHA-256: afb530dfa633e759a74a4a6330bd64c5bbe732d27588db3c9ceda91dd96fbae7 kernel-core-6.12.0-211.18.1.el10_2.x86_64.rpm SHA-256: 22aae20256ff7ca92388624be5f45055074a502b3be3071aa4aa378326418646 kernel-debug-6.12.0-211.18.1.el10_2.x86_64.rpm SHA-256: f66a276b0eca3e002e008dc03137cea0774c81202f06172b1622046c5bad1259 kernel-debug-core-6.12.0-211.18.1.el10_2.x86_64.rpm SHA-256: ea023184f969f5d9d46c9fb897bcbca0d767f1d65b84b9294169726ed822ab89 kernel-debug-debuginfo-6.12.0-211.18.1.el10_2.x86_64.rpm SHA-256: 563ba47c2ea38dc9e914143555f88ce60faa656671f75d5d49c7fe4d9eb1bf0c kernel-debug-debuginfo-6.12.0-211.18.1.el10_2.x86_64.rpm SHA-256: 563ba47c2ea38dc9e914143555f88ce60faa656671f75d5d49c7fe4d9eb1bf0c kernel-debug-debuginfo-6.12.0-211.18.1.el10_2.x86_64.rpm SHA-256: 563ba47c2ea38dc9e914143555f88ce60faa656671f75d5d49c7fe4d9eb1bf0c kernel-debug-debuginfo-6.12.0-211.18.1.el10_2.x86_64.rpm SHA-256: 563ba47c2ea38dc9e914143555f88ce60faa656671f75d5d49c7fe4d9eb1bf0c kernel-debug-devel-6.12.0-211.18.1.el10_2.x86_64.rpm SHA-256: bf0ca585c1bc7dedecff84a2e5b771a0a9caadcd5d53b498b412ed46301141cb kernel-debug-devel-matched-6.12.0-211.18.1.el10_2.x86_64.rpm SHA-256: 3b4efe1a2edbb8f853d9eada92ab8384221b49d6725804ddf37c80a4c05d43e2 kernel-debug-modules-6.12.0-211.18.1.el10_2.x86_64.rpm SHA-256: afe30fa822430bbde636c698825e53e3ff09c9e863b1c477ff8ae36030c6c70f kernel-debug-modules-core-6.12.0-211.18.1.el10_2.x86_64.rpm SHA-256: 5d2554c3d923390cf471b00f17048753434ec18d9203619ab02000475705e624 kernel-debug-modules-extra-6.12.0-211.18.1.el10_2.x86_64.rpm SHA-256: 19805f17c6b55d93bc4b7fb3e33d0574b8ba47900eb16393e4ea9111efcbc28e kernel-debug-uki-virt-6.12.0-211.18.1.el10_2.x86_64.rpm SHA-256: 9cbd6a76a4274258a7b8320d0b6f3cad523b5ec9dc2d004c61e47b0105dbd293 kernel-debuginfo-6.12.0-211.18.1.el10_2.x86_64.rpm SHA-256: 285becbbad99d33e36c8c18ada2cdbb056d609524a0014cda52fc6ba79ab1fc3 kernel-debuginfo-6.12.0-211.18.1.el10_2.x86_64.rpm SHA-256: 285becbbad99d33e36c8c18ada2cdbb056d609524a0014cda52fc6ba79ab1fc3 kernel-debuginfo-6.12.0-211.18.1.el10_2.x86_64.rpm SHA-256: 285becbbad99d33e36c8c18ada2cdbb056d609524a0014cda52fc6ba79ab1fc3 kernel-debuginfo-6.12.0-211.18.1.el10_2.x86_64.rpm SHA-256: 285becbbad99d33e36c8c18ada2cdbb056d609524a0014cda52fc6ba79ab1fc3 kernel-debuginfo-common-x86_64-6.12.0-211.18.1.el10_2.x86_64.rpm SHA-256: 2f5c83787896e36401cdaee6846706223e3bfc879ea85f24965bf64d79a6c02a kernel-debuginfo-common-x86_64-6.12.0-211.18.1.el10_2.x86_64.rpm SHA-256: 2f5c83787896e36401cdaee6846706223e3bfc879ea85f24965bf64d79a6c02a kernel-debuginfo-common-x86_64-6.12.0-211.18.1.el10_2.x86_64.rpm SHA-256: 2f5c83787896e36401cdaee6846706223e3bfc879ea85f24965bf64d79a6c02a kernel-debuginfo-common-x86_64-6.12.0-211.18.1.el10_2.x86_64.rpm SHA-256: 2f5c83787896e36401cdaee6846706223e3bfc879ea85f24965bf64d79a6c02a kernel-devel-6.12.0-211.18.1.el10_2.x86_64.rpm SHA-256: 43f7494528cb5d21bbe5dc0e5b37ce440670bc27da715cf0c5679266631e60e