This Red Hat kernel security update addresses two Important-rated vulnerabilities: CVE-2025-39766 in the CAKE network scheduler and CVE-2025-68741 in the qla2xxx SCSI driver. The CAKE vulnerability (CVSS 7.8 High) affects Linux kernel versions 4.19 through 6.6 across multiple branches, with fixes available in versions 5.4.297, 5.10.241, 5.15.190, 6.1.149, 6.6.103, 6.12.44, and 6.16.4. For Red Hat Enterprise Linux 10 systems, applying the provided kernel update and rebooting is the required remediation.
Red Hat Product Errata RHSA-2026:9264 - Security Advisory Issued: 2026-04-21 Updated: 2026-04-21 RHSA-2026:9264 - Security Advisory Overview Updated Packages Synopsis Important: kernel security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for kernel is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): kernel: net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit (CVE-2025-39766) kernel: scsi: qla2xxx: Fix improper freeing of purex item (CVE-2025-68741) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. Affected Products Red Hat Enterprise Linux for x86_64 10 x86_64 Red Hat Enterprise Linux for IBM z Systems 10 s390x Red Hat Enterprise Linux for Power, little endian 10 ppc64le Red Hat Enterprise Linux for ARM 64 10 aarch64 Red Hat CodeReady Linux Builder for x86_64 10 x86_64 Red Hat CodeReady Linux Builder for Power, little endian 10 ppc64le Red Hat CodeReady Linux Builder for ARM 64 10 aarch64 Red Hat CodeReady Linux Builder for IBM z Systems 10 s390x Fixes BZ - 2394648 - CVE-2025-39766 kernel: net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit BZ - 2425046 - CVE-2025-68741 kernel: scsi: qla2xxx: Fix improper freeing of purex item CVEs CVE-2025-39766 CVE-2025-68741 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 10 SRPM kernel-6.12.0-124.52.1.el10_1.src.rpm SHA-256: d2af6025e26b10f5249a10081078bab7b93118a3128050cc7fbb4f808fa82003 x86_64 kernel-6.12.0-124.52.1.el10_1.x86_64.rpm SHA-256: f4eb504fcfe10daa4889dcc14c4bd5f5d647d25beab7ebb4d7b7cee80cb647ec kernel-abi-stablelists-6.12.0-124.52.1.el10_1.noarch.rpm SHA-256: c4478a1aa0c4a274c1d8024c171cd9ca37eee635dd6c33d7e525c345be644241 kernel-core-6.12.0-124.52.1.el10_1.x86_64.rpm SHA-256: 5922eb847c0f30639df65fe672c821b34dc309a9af09997f956eb2e84a9f0077 kernel-debug-6.12.0-124.52.1.el10_1.x86_64.rpm SHA-256: 8f5249e11a37a811ff80bbc02a7990f2f7c8dad2bf59bbce077c788b53384f31 kernel-debug-core-6.12.0-124.52.1.el10_1.x86_64.rpm SHA-256: d7829e508dd7fd8dcb20933fa52b6b8171eb2a6b46fb3f88fc6644cf2d285c15 kernel-debug-debuginfo-6.12.0-124.52.1.el10_1.x86_64.rpm SHA-256: 76bf1be7a2983c35bad4904617aec862e2c23af5ef5c36e8d76eac076b6cc993 kernel-debug-debuginfo-6.12.0-124.52.1.el10_1.x86_64.rpm SHA-256: 76bf1be7a2983c35bad4904617aec862e2c23af5ef5c36e8d76eac076b6cc993 kernel-debug-debuginfo-6.12.0-124.52.1.el10_1.x86_64.rpm SHA-256: 76bf1be7a2983c35bad4904617aec862e2c23af5ef5c36e8d76eac076b6cc993 kernel-debug-debuginfo-6.12.0-124.52.1.el10_1.x86_64.rpm SHA-256: 76bf1be7a2983c35bad4904617aec862e2c23af5ef5c36e8d76eac076b6cc993 kernel-debug-devel-6.12.0-124.52.1.el10_1.x86_64.rpm SHA-256: e718cbe84b83a423fe6119c83eda3e3788f42d6fa2c350add5a67c028b52e49c kernel-debug-devel-matched-6.12.0-124.52.1.el10_1.x86_64.rpm SHA-256: bda79e98ad56825772401cfd18be741bdf5e9148eef317a06726a27a58616b32 kernel-debug-modules-6.12.0-124.52.1.el10_1.x86_64.rpm SHA-256: 7f321a217076c87386b67b6c9da0d37e1322e12ae15879b412271db1b3af17cd kernel-debug-modules-core-6.12.0-124.52.1.el10_1.x86_64.rpm SHA-256: 5bf758b7c5703ff2ea8e5cca8509a01dd5bf558a08b3824c6ff6bdfa2af59d7b kernel-debug-modules-extra-6.12.0-124.52.1.el10_1.x86_64.rpm SHA-256: f5e3e597c78c0c871ac3975b3f01158a8d2b2e761ff6f5197badbf5d3f1b5817 kernel-debug-uki-virt-6.12.0-124.52.1.el10_1.x86_64.rpm SHA-256: 7562d5d594ab9f55db0fdd49e3313c82a8d04fa8eabdf6ead221ece74681b9d8 kernel-debuginfo-6.12.0-124.52.1.el10_1.x86_64.rpm SHA-256: b91d117848610af3b7dd82055b60bff311332cf446ba7c178ec87fc38cf45173 kernel-debuginfo-6.12.0-124.52.1.el10_1.x86_64.rpm SHA-256: b91d117848610af3b7dd82055b60bff311332cf446ba7c178ec87fc38cf45173 kernel-debuginfo-6.12.0-124.52.1.el10_1.x86_64.rpm SHA-256: b91d117848610af3b7dd82055b60bff311332cf446ba7c178ec87fc38cf45173 kernel-debuginfo-6.12.0-124.52.1.el10_1.x86_64.rpm SHA-256: b91d117848610af3b7dd82055b60bff311332cf446ba7c178ec87fc38cf45173 kernel-debuginfo-common-x86_64-6.12.0-124.52.1.el10_1.x86_64.rpm SHA-256: 078d220c42b98d7fdeb8ea8ac4c03881b35d28df78c707fe427168e8e15a6caf kernel-debuginfo-common-x86_64-6.12.0-124.52.1.el10_1.x86_64.rpm SHA-256: 078d220c42b98d7fdeb8ea8ac4c03881b35d28df78c707fe427168e8e15a6caf kernel-debuginfo-common-x86_64-6.12.0-124.52.1.el10_1.x86_64.rpm SHA-256: 078d220c42b98d7fdeb8ea8ac4c03881b35d28df78c707fe427168e8e15a6caf kernel-debuginfo-common-x86_64-6.12.0-124.52.1.el10_1.x86_64.rpm SHA-256: 078d220c42b98d7fdeb8ea8ac4c03881b35d28df78c707fe427168e8e15a6caf kernel-devel-6.12.0-124.52.1.el10_1.x86_64.rpm SHA-256: 8649ab7f7a5ca49ba7c0c1e5634990c2932b17fd399fc186d5529e070f3eb481 kernel-devel-matched-6.12.0-124.52.1.el10_1.x86_64.rpm SHA-256: 707993f52ba1faab321d123399ee7d3e33be3d32132e605a2774d1b4dc83f04b kernel-doc-6.12.0-124.52.1.el10_1.noarch.rpm SHA-256: fb685872aea1c79ba003044cb3a3c31892399c27248c5fd64b8a12ea005d4d12 kernel-headers-6.12.0-124.52.1.el10_1.x86_64.rpm SHA-256: 21e2cb2b83e380778fed81cc0f274befed16dc27d9cdfb4d25945a412ebf2b14 kernel-modules-6.12.0-124.52.1.el10_1.x86_64.rpm SHA-256: 76b9066f4bbcbe0852c84a4ca2db812fd39bcb733d59974ac9347b00c93cd820 kernel-modules-core-6.12.0-124.52.1.el10_1.x86_64.rpm SHA-256: 35abd6f40e6c5893e104e1bf67ee5274162d411e221267d3c8014e07dd9061fc kernel-modules-extra-6.12.0-124.52.1.el10_1.x86_64.rpm SHA-256: 3923ddffe9e1ac6d9aa4a10d9e285f8f4de9eb405c3dfc3cff7e067dd71e5ae0 kernel-modules-extra-matched-6.12.0-124.52.1.el10_1.x86_64.rpm SHA-256: 169c3cfd8193f1e26b3c7aaffaf0f1fdc236011eb3615a6008d658f3e82904a4 kernel-rt-6.12.0-124.52.1.el10_1.x86_64.rpm SHA-256: 66ee5930ade8a0c097c9190f48423cca0fb57a7bde46831cac36a6312ac16e18 kernel-rt-6.12.0-124.52.1.el10_1.x86_64.rpm SHA-256: 66ee5930ade8a0c097c9190f48423cca0fb57a7bde46831cac36a6312ac16e18 kernel-rt-core-6.12.0-124.52.1.el10_1.x86_64.rpm SHA-256: 878a9135c1e2c776a62de32ed8c7fcad098080b97d5ec5db5c9da954c34a36b4 kernel-rt-core-6.12.0-124.52.1.el10_1.x86_64.rpm SHA-256: 878a9135c1e2c776a62de32ed8c7fcad098080b97d5ec5db5c9da954c34a36b4 kernel-rt-debug-6.12.0-124.52.1.el10_1.x86_64.rpm SHA-256: 11fd628e781787cc99174f7b65af28495e6bcbbfd04dd7456900ca1431f2eb5a kernel-rt-debug-6.12.0-124.52.1.el10_1.x86_64.rpm SHA-256: 11fd628e781787cc99174f7b65af28495e6bcbbfd04dd7456900ca1431f2eb5a kernel-rt-debug-core-6.12.0-124.52.1.el10_1.x86_64.rpm SHA-256: 5e016db290062a71f40311cbbf578c9b43dec4ff31e80594d1b98816c184a44b kernel-rt-debug-core-6.12.0-124.52.1.el10_1.x86_64.rpm SHA-256: 5e016db290062a71f40311cbbf578c9b43dec4ff31e80594d1b98816c184a44b kernel-rt-debug-debuginfo-6.12.0-124.52.1.el10_1.x86_64.rpm SHA-256: 3632ce0770d6718ed44d9121fda2e1a7ced0d7460d7073a3b00f4b01e95146eb kernel-rt-debug-debuginfo-6.12.0-124.52.1.el10_1.x86_64.rpm SHA-256: 3632ce0770d6718ed44d9121fda2e1a7ced0d7460d7073a3b00f4b01e95146eb kernel-rt-debug-debuginfo-6.12.0-124.52.1.el10_1.x86_64.rpm SHA-256: 3632ce0770d6718ed44d9121fda2e1a7ced0d7460d7073a3b00f4b01e95146eb kernel-rt-debug-debuginfo-6.12.0-124.52.1.el10_1.x86_64.rpm SHA-256: 3632ce0770d6718ed44d9121fda2e1a7ced0d7460d7073a3b00f4b01e95146eb kernel-rt-debug-devel-6.12.0-124.52.1.el10_1.x86_64.rpm SHA-256: 8154a44e01714114bc6434bdd6018c8e90b1776c9ae84167344d05b3d18e8f79 kernel-rt-debug-devel-6.12.0-124.52.1.el10_1.x86_64.rpm SHA-256: 8154a44e01714114bc6434bdd6018c8e90b1776c9ae84167344d05b3d18e8f79 kernel-rt-debug-modules-6.12.0-124.52.1.el10_1.x86_64.rpm SHA-256: 5352dca90a2fabf2674f7b36320e50ebd1f9fefeab958edd9ea3488d06ce0951 kernel-rt-debug-modules-6.12.0-124.52.1.el10_1.x86_64.rpm SHA-256: 5352dca90a2fabf2674f7b36320e50ebd1f9fefeab958edd9ea3488d06ce0951 kernel-rt-debug-modules-core-6.12.0-124.52.1.el10_1.x86_64.rpm SHA-256: 9a811d7efbee2c275cb2098ba888c6afbecd1fcb3890fd170d640ead416bb520 kernel-rt-debug-modules-core-6.12.0-124.52.1.el10_1.x86_64.rpm SHA-256: 9a811d7efbee2c275cb2098ba888c6afbecd1fcb3890fd170d640ead416bb520 kernel-rt-debug-modules-extra-6.12.0-124.52.1.el10_1.x86_64.rpm SHA-256: 5aabb1675594e01d5d491581bd9794e0daffd62ed5e41dbb9c3eb1b4bf471b2f kernel-rt-debug-modules-extra-6.12.0-124.52.1.el10_1.x86_64.rpm SHA-256: 5aabb1675594e01d5d491581bd9794e0daffd62ed5e41dbb9c3eb1b4bf471b2f kernel-rt-debuginfo-6.12.0-124.52.1.el10_1.x86_64.rpm SHA-256: b25c32f7fd61aaf95aaa7489847d2f8796a400efe899d83afe0e8868d06a9f42 kernel-rt-debuginfo-6.12.0-124.52.1.el10_1.x86_64.rpm SHA-256: b25c32f7fd61aaf95aaa7489847d2f8796a400efe899d83afe0e8868d06a9f42 kernel-rt-debuginfo-6.12.0-124.52.1.el10_1.x86_64.rpm SHA-256: b25c32f7fd61aaf95aaa7489847d2f8796a400efe899d83afe0e8868d06a9f42 kernel-rt-debuginfo-6.12.0-124.52.1.el10_1.x86_64.rpm SHA-256: b25c32f7fd61aaf95aaa7489847d2f8796a400efe899d83afe0e8868d06a9f42 kernel-rt-devel-6.12.0-124.52.1.el10_1.x86_64.rpm SHA-256: f0992636e37742a76581cd4c73fd121ca8c3809408f042b40001e325ba5c4a0f kernel-rt-devel-6.12.0-124.52.1.el10_1.x86_64.rpm SHA-256: f0992636e37742a76581cd4c73fd121ca8c3809408f042b40001e325ba5c4a0f kernel-rt-modules-6.12.0-124.52.1.el10_1.x86_64.rpm SHA-256: 8d77e80b6bce855c5a43adf46ded6433c8d779070ff3fa1d459e5368080e4a07 kernel-rt-modules-6.12.0-124.52.1.el10_1.x86_64.rpm SHA-256: 8d77e80b6bce855c5a43adf46