Red Hat Product Errata RHSA-2026:9643 - Security Advisory Issued: 2026-04-22 Updated: 2026-04-22 RHSA-2026:9643 - Security Advisory Overview Updated Packages Synopsis Moderate: kernel security update Type/Severity Security Advisory: Moderate Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for kernel is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): kernel: smc: Fix use-after-free in __pnet_find_base_ndev() (CVE-2025-40064) kernel: smc: Use __sk_dst_get() and dst_dev_rcu() in smc_clc_prfx_match() (CVE-2025-40168) kernel: net/sched: cls_u32: use skb_header_pointer_careful() (CVE-2026-23204) kernel: kernel: Privilege escalation or denial of service via use-after-free in nf_tables_addchain() (CVE-2026-23231) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. Affected Products Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.4 x86_64 Red Hat Enterprise Linux Server - AUS 8.4 x86_64 Fixes BZ - 2406747 - CVE-2025-40064 kernel: smc: Fix use-after-free in __pnet_find_base_ndev() BZ - 2414482 - CVE-2025-40168 kernel: smc: Use __sk_dst_get() and dst_dev_rcu() in smc_clc_prfx_match() BZ - 2439931 - CVE-2026-23204 kernel: net/sched: cls_u32: use skb_header_pointer_careful() BZ - 2444376 - CVE-2026-23231 kernel: kernel: Privilege escalation or denial of service via use-after-free in nf_tables_addchain() CVEs CVE-2025-40064 CVE-2025-40168 CVE-2026-23204 CVE-2026-23231 References https://access.redhat.com/security/updates/classification/#moderate Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.4 SRPM kernel-4.18.0-305.189.1.el8_4.src.rpm SHA-256: 64faf4596b4ac0ef7a7e3cddbb48d92c8bfe9cb8af41fe0c8fb108bc2460f66a x86_64 bpftool-4.18.0-305.189.1.el8_4.x86_64.rpm SHA-256: ddf6e3665bd1903d1552a85f24679e354911ee2dc931466611ddbd69bd19d7f9 bpftool-debuginfo-4.18.0-305.189.1.el8_4.x86_64.rpm SHA-256: 9a9bf1527cc3b1d47155ac8d5dbf1c7dd56062076d905274a02e795b94b26a0b kernel-4.18.0-305.189.1.el8_4.x86_64.rpm SHA-256: 9a7c05770885be2f12079510aeba723a5a9dc35cdb3a9e784fa980662c5953ca kernel-abi-stablelists-4.18.0-305.189.1.el8_4.noarch.rpm SHA-256: d2cddcdc5b1ea3f9191b8e3b670e27e24eeac330ee6f5111467c03e59345d8ff kernel-core-4.18.0-305.189.1.el8_4.x86_64.rpm SHA-256: ad305dfeb4a95bf05e3543c4d5682731b1437b5d6b9af605a77301c269cef09a kernel-cross-headers-4.18.0-305.189.1.el8_4.x86_64.rpm SHA-256: d0e3a40abea2996fdecc2cd3a277607890c3a0465aabefab5289174af3067327 kernel-debug-4.18.0-305.189.1.el8_4.x86_64.rpm SHA-256: a2b6e0214cef49193320ae93c7ea8a39924ab7d7b7fdff910e250a718972282d kernel-debug-core-4.18.0-305.189.1.el8_4.x86_64.rpm SHA-256: 992c476fe089faae1eb1cd3b396f63f8f1843c5067cbcb808293d6ab2232f7a4 kernel-debug-debuginfo-4.18.0-305.189.1.el8_4.x86_64.rpm SHA-256: b297e2cb72dc14720c58d9e2aee59dab3eb997b58e61bdb3734c584997e2f57d kernel-debug-devel-4.18.0-305.189.1.el8_4.x86_64.rpm SHA-256: 9eebcd06b29508365ddcf213c91aae3e1b1361c5041a638d44e96390cd8d13f6 kernel-debug-modules-4.18.0-305.189.1.el8_4.x86_64.rpm SHA-256: de6a4d30e5eea542a893ed14bf9d288ff15cbc40c21fd5faa38064170a0cbb8c kernel-debug-modules-extra-4.18.0-305.189.1.el8_4.x86_64.rpm SHA-256: ac31872d16aff3bccfe31e2439cef19f52a63b5a549f0a8e5cfc5041f61f2d37 kernel-debuginfo-4.18.0-305.189.1.el8_4.x86_64.rpm SHA-256: 496667d694e16036d0b6e7ded4e5beaa57f7b5cd89e6efb45e99a88b8d21084c kernel-debuginfo-common-x86_64-4.18.0-305.189.1.el8_4.x86_64.rpm SHA-256: 9ba37439965abbcc57d5284d24603aec8f8108a80abf5521bf3392a20140d0ab kernel-devel-4.18.0-305.189.1.el8_4.x86_64.rpm SHA-256: 7e1b5a466ca5a2aadd57b1c3b7c33ca80ebb01b10795caa1fa047052ad8b2af1 kernel-doc-4.18.0-305.189.1.el8_4.noarch.rpm SHA-256: 0859b85d42b45f81e1e5f8c4626d582553f27e902bd78424a9895cf8ed643aab kernel-headers-4.18.0-305.189.1.el8_4.x86_64.rpm SHA-256: 410eff12b992bed020ffc90ccc8cbf74a34b8c83a0c46ac47877ae1d209b8029 kernel-modules-4.18.0-305.189.1.el8_4.x86_64.rpm SHA-256: 6a64e81647ddd45bfe8b90a3951201f4accac86cbe45cb735382b6e19628a7fc kernel-modules-extra-4.18.0-305.189.1.el8_4.x86_64.rpm SHA-256: dd2e50e689bca7212ae1c0b6b6eb320a9df4b9bfd6b06b88195242394c37d8a8 kernel-tools-4.18.0-305.189.1.el8_4.x86_64.rpm SHA-256: 4fcc03969bdfc9efe1ff223910381ae28d145ff58869fcf8736154a18d7f48f1 kernel-tools-debuginfo-4.18.0-305.189.1.el8_4.x86_64.rpm SHA-256: 6f8a419d9bf14ccd69891b1b737faccc8b0ca21a08118feb241338f179d66cc1 kernel-tools-libs-4.18.0-305.189.1.el8_4.x86_64.rpm SHA-256: 68f0da7619dbc258f51c9c80838c206aeec08be0df513766f0de2f7b726d108a perf-4.18.0-305.189.1.el8_4.x86_64.rpm SHA-256: 8d72d55c1b628a54d87cb71669fb923bcc37354b8a2c21c91be8095ed05a73c5 perf-debuginfo-4.18.0-305.189.1.el8_4.x86_64.rpm SHA-256: 55ad8353be672bc93b3bbd3cde1dd430a481cbbd057c614034e69d1ed920cc08 python3-perf-4.18.0-305.189.1.el8_4.x86_64.rpm SHA-256: ee0542b541062e55d11361fb69f86b1816863f2f6f68ebfba98c68d6d41ab615 python3-perf-debuginfo-4.18.0-305.189.1.el8_4.x86_64.rpm SHA-256: 5ebb8534391f85741037977441f470563a9f48a52d9b0a503f825ae2029182da Red Hat Enterprise Linux Server - AUS 8.4 SRPM kernel-4.18.0-305.189.1.el8_4.src.rpm SHA-256: 64faf4596b4ac0ef7a7e3cddbb48d92c8bfe9cb8af41fe0c8fb108bc2460f66a x86_64 bpftool-4.18.0-305.189.1.el8_4.x86_64.rpm SHA-256: ddf6e3665bd1903d1552a85f24679e354911ee2dc931466611ddbd69bd19d7f9 bpftool-debuginfo-4.18.0-305.189.1.el8_4.x86_64.rpm SHA-256: 9a9bf1527cc3b1d47155ac8d5dbf1c7dd56062076d905274a02e795b94b26a0b kernel-4.18.0-305.189.1.el8_4.x86_64.rpm SHA-256: 9a7c05770885be2f12079510aeba723a5a9dc35cdb3a9e784fa980662c5953ca kernel-abi-stablelists-4.18.0-305.189.1.el8_4.noarch.rpm SHA-256: d2cddcdc5b1ea3f9191b8e3b670e27e24eeac330ee6f5111467c03e59345d8ff kernel-core-4.18.0-305.189.1.el8_4.x86_64.rpm SHA-256: ad305dfeb4a95bf05e3543c4d5682731b1437b5d6b9af605a77301c269cef09a kernel-cross-headers-4.18.0-305.189.1.el8_4.x86_64.rpm SHA-256: d0e3a40abea2996fdecc2cd3a277607890c3a0465aabefab5289174af3067327 kernel-debug-4.18.0-305.189.1.el8_4.x86_64.rpm SHA-256: a2b6e0214cef49193320ae93c7ea8a39924ab7d7b7fdff910e250a718972282d kernel-debug-core-4.18.0-305.189.1.el8_4.x86_64.rpm SHA-256: 992c476fe089faae1eb1cd3b396f63f8f1843c5067cbcb808293d6ab2232f7a4 kernel-debug-debuginfo-4.18.0-305.189.1.el8_4.x86_64.rpm SHA-256: b297e2cb72dc14720c58d9e2aee59dab3eb997b58e61bdb3734c584997e2f57d kernel-debug-devel-4.18.0-305.189.1.el8_4.x86_64.rpm SHA-256: 9eebcd06b29508365ddcf213c91aae3e1b1361c5041a638d44e96390cd8d13f6 kernel-debug-modules-4.18.0-305.189.1.el8_4.x86_64.rpm SHA-256: de6a4d30e5eea542a893ed14bf9d288ff15cbc40c21fd5faa38064170a0cbb8c kernel-debug-modules-extra-4.18.0-305.189.1.el8_4.x86_64.rpm SHA-256: ac31872d16aff3bccfe31e2439cef19f52a63b5a549f0a8e5cfc5041f61f2d37 kernel-debuginfo-4.18.0-305.189.1.el8_4.x86_64.rpm SHA-256: 496667d694e16036d0b6e7ded4e5beaa57f7b5cd89e6efb45e99a88b8d21084c kernel-debuginfo-common-x86_64-4.18.0-305.189.1.el8_4.x86_64.rpm SHA-256: 9ba37439965abbcc57d5284d24603aec8f8108a80abf5521bf3392a20140d0ab kernel-devel-4.18.0-305.189.1.el8_4.x86_64.rpm SHA-256: 7e1b5a466ca5a2aadd57b1c3b7c33ca80ebb01b10795caa1fa047052ad8b2af1 kernel-doc-4.18.0-305.189.1.el8_4.noarch.rpm SHA-256: 0859b85d42b45f81e1e5f8c4626d582553f27e902bd78424a9895cf8ed643aab kernel-headers-4.18.0-305.189.1.el8_4.x86_64.rpm SHA-256: 410eff12b992bed020ffc90ccc8cbf74a34b8c83a0c46ac47877ae1d209b8029 kernel-modules-4.18.0-305.189.1.el8_4.x86_64.rpm SHA-256: 6a64e81647ddd45bfe8b90a3951201f4accac86cbe45cb735382b6e19628a7fc kernel-modules-extra-4.18.0-305.189.1.el8_4.x86_64.rpm SHA-256: dd2e50e689bca7212ae1c0b6b6eb320a9df4b9bfd6b06b88195242394c37d8a8 kernel-tools-4.18.0-305.189.1.el8_4.x86_64.rpm SHA-256: 4fcc03969bdfc9efe1ff223910381ae28d145ff58869fcf8736154a18d7f48f1 kernel-tools-debuginfo-4.18.0-305.189.1.el8_4.x86_64.rpm SHA-256: 6f8a419d9bf14ccd69891b1b737faccc8b0ca21a08118feb241338f179d66cc1 kernel-tools-libs-4.18.0-305.189.1.el8_4.x86_64.rpm SHA-256: 68f0da7619dbc258f51c9c80838c206aeec08be0df513766f0de2f7b726d108a perf-4.18.0-305.189.1.el8_4.x86_64.rpm SHA-256: 8d72d55c1b628a54d87cb71669fb923bcc37354b8a2c21c91be8095ed05a73c5 perf-debuginfo-4.18.0-305.189.1.el8_4.x86_64.rpm SHA-256: 55ad8353be672bc93b3bbd3cde1dd430a481cbbd057c614034e69d1ed920cc08 python3-perf-4.18.0-305.189.1.el8_4.x86_64.rpm SHA-256: ee0542b541062e55d11361fb69f86b1816863f2f6f68ebfba98c68d6d41ab615 python3-perf-debuginfo-4.18.0-305.189.1.el8_4.x86_64.rpm SHA-256: 5ebb8534391f85741037977441f470563a9f48a52d9b0a503f825ae2029182da The Red Hat security contact is secalert@redhat.com . More contact details at https://access.redhat.com/security/team/contact/ .