Security News

Cybersecurity news aggregator

🔄
HIGH Updates Red Hat Errata

RHSA-2026:22900: Important: kernel-rt security update

rhelkernelcve-2025-39766cve-2026-23270cve-2026-31419
This Red Hat security advisory addresses multiple high-severity vulnerabilities (CVSS 7.8) in the Real Time Linux kernel, including use-after-free flaws in traffic control and the bonding driver that can lead to denial of service or privilege escalation, and a buffer management issue in the CAKE queueing discipline. The affected versions are specific to Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions, and the resolution requires applying the provided kernel-rt update and rebooting the system.
Read Full Article →

Red Hat Product Errata RHSA-2026:22900 - Security Advisory Issued: 2026-06-03 Updated: 2026-06-03 RHSA-2026:22900 - Security Advisory Overview Updated Packages Synopsis Important: kernel-rt security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es): kernel: net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit (CVE-2025-39766) kernel: Linux kernel: Use-after-free in traffic control (act_ct) may lead to denial of service or privilege escalation (CVE-2026-23270) kernel: Linux kernel: Use-after-free in bonding driver leads to denial of service (CVE-2026-31419) kernel: ip6_tunnel: clear skb2->cb[] in ip4ip6_err() (CVE-2026-43037) kernel: ipv6: icmp: clear skb2->cb[] in ip6_err_gen_icmpv6_unreach() (CVE-2026-43038) kernel: smb: client: validate the whole DACL before rewriting it in cifsacl (CVE-2026-31709) kernel: md/bitmap: fix GPF in write_page caused by resize race (CVE-2026-43163) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. Affected Products Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2 x86_64 Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.2 x86_64 Fixes BZ - 2394648 - CVE-2025-39766 kernel: net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit BZ - 2448745 - CVE-2026-23270 kernel: Linux kernel: Use-after-free in traffic control (act_ct) may lead to denial of service or privilege escalation BZ - 2457829 - CVE-2026-31419 kernel: Linux kernel: Use-after-free in bonding driver leads to denial of service BZ - 2464351 - CVE-2026-43037 kernel: ip6_tunnel: clear skb2->cb[] in ip4ip6_err() BZ - 2464397 - CVE-2026-43038 kernel: ipv6: icmp: clear skb2->cb[] in ip6_err_gen_icmpv6_unreach() BZ - 2464476 - CVE-2026-31709 kernel: smb: client: validate the whole DACL before rewriting it in cifsacl BZ - 2467059 - CVE-2026-43163 kernel: md/bitmap: fix GPF in write_page caused by resize race CVEs CVE-2025-39766 CVE-2026-23270 CVE-2026-31419 CVE-2026-31709 CVE-2026-43037 CVE-2026-43038 CVE-2026-43163 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2 SRPM kernel-rt-5.14.0-284.174.1.rt14.459.el9_2.src.rpm SHA-256: 13775c70aa1611c1807afa0c3e55cc9d392638b8e746fecc47f1e611c74a8c45 x86_64 kernel-rt-5.14.0-284.174.1.rt14.459.el9_2.x86_64.rpm SHA-256: 3de3901e59711943e2559b9c162ffa4c827b86f4b338364bdd4f415835deaeb0 kernel-rt-5.14.0-284.174.1.rt14.459.el9_2.x86_64.rpm SHA-256: 3de3901e59711943e2559b9c162ffa4c827b86f4b338364bdd4f415835deaeb0 kernel-rt-core-5.14.0-284.174.1.rt14.459.el9_2.x86_64.rpm SHA-256: db425ef9e19cd12220f7b11484b78fd79792b5abc43014f4b60b3c60e8d182a7 kernel-rt-core-5.14.0-284.174.1.rt14.459.el9_2.x86_64.rpm SHA-256: db425ef9e19cd12220f7b11484b78fd79792b5abc43014f4b60b3c60e8d182a7 kernel-rt-debug-5.14.0-284.174.1.rt14.459.el9_2.x86_64.rpm SHA-256: 52394f44c1972bf5dc29d74dc1e07d23062fdb23f3f80de652315713c3057c55 kernel-rt-debug-5.14.0-284.174.1.rt14.459.el9_2.x86_64.rpm SHA-256: 52394f44c1972bf5dc29d74dc1e07d23062fdb23f3f80de652315713c3057c55 kernel-rt-debug-core-5.14.0-284.174.1.rt14.459.el9_2.x86_64.rpm SHA-256: c6dc1ad57d2104675f302c4efc486fa954e02f576fa729a3e0c8d111c6941a84 kernel-rt-debug-core-5.14.0-284.174.1.rt14.459.el9_2.x86_64.rpm SHA-256: c6dc1ad57d2104675f302c4efc486fa954e02f576fa729a3e0c8d111c6941a84 kernel-rt-debug-debuginfo-5.14.0-284.174.1.rt14.459.el9_2.x86_64.rpm SHA-256: ca5129a5c476d58e307518b0052d6f7f8b5530173f324763f7ce5ba7e44d3203 kernel-rt-debug-debuginfo-5.14.0-284.174.1.rt14.459.el9_2.x86_64.rpm SHA-256: ca5129a5c476d58e307518b0052d6f7f8b5530173f324763f7ce5ba7e44d3203 kernel-rt-debug-devel-5.14.0-284.174.1.rt14.459.el9_2.x86_64.rpm SHA-256: 49d1d95978d1d1844e3b75d1edbfa00266c7ee1958cbeb46f73bbce14a542f7e kernel-rt-debug-devel-5.14.0-284.174.1.rt14.459.el9_2.x86_64.rpm SHA-256: 49d1d95978d1d1844e3b75d1edbfa00266c7ee1958cbeb46f73bbce14a542f7e kernel-rt-debug-kvm-5.14.0-284.174.1.rt14.459.el9_2.x86_64.rpm SHA-256: 45ff2ae774e7bcf30e418cec612cd19b0c4ad5e8afd243c0436398635cbb2187 kernel-rt-debug-modules-5.14.0-284.174.1.rt14.459.el9_2.x86_64.rpm SHA-256: 595e4e8fcfd52d8f1ff3fedf670974029b16e006a835d77440134771ad869d0b kernel-rt-debug-modules-5.14.0-284.174.1.rt14.459.el9_2.x86_64.rpm SHA-256: 595e4e8fcfd52d8f1ff3fedf670974029b16e006a835d77440134771ad869d0b kernel-rt-debug-modules-core-5.14.0-284.174.1.rt14.459.el9_2.x86_64.rpm SHA-256: e9a6c7517ac632d9c122140479ca19f7ad0e68e484e7b6e43a5b78368aae1be3 kernel-rt-debug-modules-core-5.14.0-284.174.1.rt14.459.el9_2.x86_64.rpm SHA-256: e9a6c7517ac632d9c122140479ca19f7ad0e68e484e7b6e43a5b78368aae1be3 kernel-rt-debug-modules-extra-5.14.0-284.174.1.rt14.459.el9_2.x86_64.rpm SHA-256: a6fb10a781306ece5fde8018b04fbb838e97cebf8bb557586932e0bf548987b3 kernel-rt-debug-modules-extra-5.14.0-284.174.1.rt14.459.el9_2.x86_64.rpm SHA-256: a6fb10a781306ece5fde8018b04fbb838e97cebf8bb557586932e0bf548987b3 kernel-rt-debuginfo-5.14.0-284.174.1.rt14.459.el9_2.x86_64.rpm SHA-256: c4f3506ebcc0d76bca928f0c9ace78ed88c20c977b0005a13fc8fe94cc24e28c kernel-rt-debuginfo-5.14.0-284.174.1.rt14.459.el9_2.x86_64.rpm SHA-256: c4f3506ebcc0d76bca928f0c9ace78ed88c20c977b0005a13fc8fe94cc24e28c kernel-rt-debuginfo-common-x86_64-5.14.0-284.174.1.rt14.459.el9_2.x86_64.rpm SHA-256: 822d47b9b90404def3e60a1a4d54981daac54929d9cf10d98f331503db1e64eb kernel-rt-debuginfo-common-x86_64-5.14.0-284.174.1.rt14.459.el9_2.x86_64.rpm SHA-256: 822d47b9b90404def3e60a1a4d54981daac54929d9cf10d98f331503db1e64eb kernel-rt-devel-5.14.0-284.174.1.rt14.459.el9_2.x86_64.rpm SHA-256: ba6c8674774a89fa957042b008e87f77b9d9df29e77f596bf14a360df9a621e3 kernel-rt-devel-5.14.0-284.174.1.rt14.459.el9_2.x86_64.rpm SHA-256: ba6c8674774a89fa957042b008e87f77b9d9df29e77f596bf14a360df9a621e3 kernel-rt-kvm-5.14.0-284.174.1.rt14.459.el9_2.x86_64.rpm SHA-256: 43a91eecd9a2ac5b137c62928215588950037222daed5fb3f8ae960a4a584e5f kernel-rt-modules-5.14.0-284.174.1.rt14.459.el9_2.x86_64.rpm SHA-256: e45fa2f0c944170c0a40736b671c9905a5e8fcf008f31a8167f80184d12e72c3 kernel-rt-modules-5.14.0-284.174.1.rt14.459.el9_2.x86_64.rpm SHA-256: e45fa2f0c944170c0a40736b671c9905a5e8fcf008f31a8167f80184d12e72c3 kernel-rt-modules-core-5.14.0-284.174.1.rt14.459.el9_2.x86_64.rpm SHA-256: c0906bda273784e342ba8f634fc55e5f0895f0718454ecedd46885c0c6b5d25d kernel-rt-modules-core-5.14.0-284.174.1.rt14.459.el9_2.x86_64.rpm SHA-256: c0906bda273784e342ba8f634fc55e5f0895f0718454ecedd46885c0c6b5d25d kernel-rt-modules-extra-5.14.0-284.174.1.rt14.459.el9_2.x86_64.rpm SHA-256: c4c04ac09acc4fd138bde78a58f7dc5ce8eea17f3b54788a749e9018d9f8c299 kernel-rt-modules-extra-5.14.0-284.174.1.rt14.459.el9_2.x86_64.rpm SHA-256: c4c04ac09acc4fd138bde78a58f7dc5ce8eea17f3b54788a749e9018d9f8c299 Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.2 SRPM kernel-rt-5.14.0-284.174.1.rt14.459.el9_2.src.rpm SHA-256: 13775c70aa1611c1807afa0c3e55cc9d392638b8e746fecc47f1e611c74a8c45 x86_64 kernel-rt-5.14.0-284.174.1.rt14.459.el9_2.x86_64.rpm SHA-256: 3de3901e59711943e2559b9c162ffa4c827b86f4b338364bdd4f415835deaeb0 kernel-rt-5.14.0-284.174.1.rt14.459.el9_2.x86_64.rpm SHA-256: 3de3901e59711943e2559b9c162ffa4c827b86f4b338364bdd4f415835deaeb0 kernel-rt-core-5.14.0-284.174.1.rt14.459.el9_2.x86_64.rpm SHA-256: db425ef9e19cd12220f7b11484b78fd79792b5abc43014f4b60b3c60e8d182a7 kernel-rt-core-5.14.0-284.174.1.rt14.459.el9_2.x86_64.rpm SHA-256: db425ef9e19cd12220f7b11484b78fd79792b5abc43014f4b60b3c60e8d182a7 kernel-rt-debug-5.14.0-284.174.1.rt14.459.el9_2.x86_64.rpm SHA-256: 52394f44c1972bf5dc29d74dc1e07d23062fdb23f3f80de652315713c3057c55 kernel-rt-debug-5.14.0-284.174.1.rt14.459.el9_2.x86_64.rpm SHA-256: 52394f44c1972bf5dc29d74dc1e07d23062fdb23f3f80de652315713c3057c55 kernel-rt-debug-core-5.14.0-284.174.1.rt14.459.el9_2.x86_64.rpm SHA-256: c6dc1ad57d2104675f302c4efc486fa954e02f576fa729a3e0c8d111c6941a84 kernel-rt-debug-core-5.14.0-284.174.1.rt14.459.el9_2.x86_64.rpm SHA-256: c6dc1ad57d2104675f302c4efc486fa954e02f576fa729a3e0c8d111c6941a84 kernel-rt-debug-debuginfo-5.14.0-284.174.1.rt14.459.el9_2.x86_64.rpm SHA-256: ca5129a5c476d58e307518b0052d6f7f8b5530173f324763f7ce5ba7e44d3203 kernel-rt-debug-debuginfo-5.14.0-284.174.1.rt14.459.el9_2.x86_64.rpm SHA-256: ca5129a5c476d58e307518b0052d6f7f8b5530173f324763f7ce5ba7e44d3203 kernel-rt-debug-devel-5.14.0-284.174.1.rt14.459.el9_2.x86_64.rpm SHA-256: 49d1d95978d1d1844e3b75d1edbfa00266c7ee1958cbeb46f73bbce14a542f7e kernel-rt-debug-devel-5.14.0-284.174.1.rt14.459.el9_2.x86_64.rpm SHA-256: 49d1d95978d1d1844e3b75d1edbfa00266c7ee1958cbeb46f73bbce14a542f7e kernel-rt-debug-kvm-5.14.0-284.174.1.rt14.459.el9_2.x86_64.rpm SHA-256: 45ff2ae774e7bcf30e418cec612cd19b0c4ad5e8afd243c0436398635cbb2187 kernel-rt-debug-modules-5.14.0-284.174.1.rt14.459.el9_2.x86_64.rpm SHA-256: 595e4e8fcfd52d8f1ff3fedf670974029b16e006a835d77440134771ad869d0b kernel-rt-debug-modules-5.14.0-284.174.1.rt14.459

Related Articles

INFO RHSA-2026:22940: Important: kernel security update Red Hat Errata HIGH Multiples vulnérabilités dans le noyau Linux de Red Hat (29 mai 2026) CERT-FR (ANSSI) HIGH RHSA-2026:21209: Important: kernel security update Red Hat Errata CRITICAL DSA-6243-1 linux - security update Debian Security
Read Full Article → ← Back to News

Share this article

Twitter Facebook LinkedIn