Red Hat Product Errata RHSA-2026:9836 - Security Advisory Issued: 2026-04-22 Updated: 2026-04-22 RHSA-2026:9836 - Security Advisory Overview Updated Packages Synopsis Moderate: kernel security update Type/Severity Security Advisory: Moderate Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for kernel is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): kernel: macvlan: fix possible UAF in macvlan_forward_source() (CVE-2026-23001) kernel: net/sched: cls_u32: use skb_header_pointer_careful() (CVE-2026-23204) kernel: kernel: Privilege escalation or denial of service via use-after-free in nf_tables_addchain() (CVE-2026-23231) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. Affected Products Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0 x86_64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.0 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.0 s390x Fixes BZ - 2432664 - CVE-2026-23001 kernel: macvlan: fix possible UAF in macvlan_forward_source() BZ - 2439931 - CVE-2026-23204 kernel: net/sched: cls_u32: use skb_header_pointer_careful() BZ - 2444376 - CVE-2026-23231 kernel: kernel: Privilege escalation or denial of service via use-after-free in nf_tables_addchain() CVEs CVE-2026-23001 CVE-2026-23204 CVE-2026-23231 References https://access.redhat.com/security/updates/classification/#moderate Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0 SRPM kernel-5.14.0-70.175.1.el9_0.src.rpm SHA-256: 1da6bb7d5aaed12981145c682f12ceb51c4d835f7061a7cbc48f3fccbe4be76f ppc64le bpftool-5.14.0-70.175.1.el9_0.ppc64le.rpm SHA-256: affde298988d300ca97bf8f1501d48d69ccfa935f476ac605393c49ae6f5591b bpftool-debuginfo-5.14.0-70.175.1.el9_0.ppc64le.rpm SHA-256: 61c1c752189ea950ff10556fea2794813fa01856d7f1b9f41b14f01793773991 bpftool-debuginfo-5.14.0-70.175.1.el9_0.ppc64le.rpm SHA-256: 61c1c752189ea950ff10556fea2794813fa01856d7f1b9f41b14f01793773991 kernel-5.14.0-70.175.1.el9_0.ppc64le.rpm SHA-256: 5cc0fb8f38dcd5fc61623cecedeb3b795e99474c8af47a5809119a55a8b398fb kernel-abi-stablelists-5.14.0-70.175.1.el9_0.noarch.rpm SHA-256: 825929026ca3aa89c3e938f450a1bede54b5f49a6088018ec6f8d235e47df72e kernel-core-5.14.0-70.175.1.el9_0.ppc64le.rpm SHA-256: 06862b58c3aa22f522fcb59f8dfd3e668ec357659f0b1920876fba817e83bc84 kernel-debug-5.14.0-70.175.1.el9_0.ppc64le.rpm SHA-256: ee378073d1399606ed6526b50d4d94ae0d10086f2508e0a6513eabf609e15cf7 kernel-debug-core-5.14.0-70.175.1.el9_0.ppc64le.rpm SHA-256: a058306fca04c8f370964b0ece3a9bb869c9d8c35672fbb8005416b4d7bc65fd kernel-debug-debuginfo-5.14.0-70.175.1.el9_0.ppc64le.rpm SHA-256: 54ff222e2271df6b68f60ee45349b31cdbf479cc68ad91c2294bf98863641fde kernel-debug-debuginfo-5.14.0-70.175.1.el9_0.ppc64le.rpm SHA-256: 54ff222e2271df6b68f60ee45349b31cdbf479cc68ad91c2294bf98863641fde kernel-debug-devel-5.14.0-70.175.1.el9_0.ppc64le.rpm SHA-256: 9dc7874aaf63557e602ec23b1636e3e9feca14465b930acd0012c16f54f76d53 kernel-debug-devel-matched-5.14.0-70.175.1.el9_0.ppc64le.rpm SHA-256: fb57460e10787c6da18359232083fa1745ae2a40a547d84dad7de5cb563a4096 kernel-debug-modules-5.14.0-70.175.1.el9_0.ppc64le.rpm SHA-256: bbab5eb570ead2695fcd4500726ae94f4ff536df41f67c623b9b3312735f1092 kernel-debug-modules-extra-5.14.0-70.175.1.el9_0.ppc64le.rpm SHA-256: 04f61614fe899c1b437c1130eb75e221d96bb8334c64e7505d40cd22cf893da2 kernel-debuginfo-5.14.0-70.175.1.el9_0.ppc64le.rpm SHA-256: 2d61f8589fd708700dfb6251b358c02676934369a18619549d957f5e6d8e1229 kernel-debuginfo-5.14.0-70.175.1.el9_0.ppc64le.rpm SHA-256: 2d61f8589fd708700dfb6251b358c02676934369a18619549d957f5e6d8e1229 kernel-debuginfo-common-ppc64le-5.14.0-70.175.1.el9_0.ppc64le.rpm SHA-256: bb0771139d1ac9f868f395e049992c0a1eced874bf672ed8212ab4b3e5c433dd kernel-debuginfo-common-ppc64le-5.14.0-70.175.1.el9_0.ppc64le.rpm SHA-256: bb0771139d1ac9f868f395e049992c0a1eced874bf672ed8212ab4b3e5c433dd kernel-devel-5.14.0-70.175.1.el9_0.ppc64le.rpm SHA-256: d1d28d8cbaabde44ecdc4730bbad5f48cf0f2303197f579fddd80c853078c229 kernel-devel-matched-5.14.0-70.175.1.el9_0.ppc64le.rpm SHA-256: 2696684498e9c324209db4938dee308e3063fc6cc52a5fdad690b95cbe46b908 kernel-doc-5.14.0-70.175.1.el9_0.noarch.rpm SHA-256: 2a738b0af27704f1dda31d26c8db05402eb57dd4b3f4f4f2911bf65424be46dd kernel-headers-5.14.0-70.175.1.el9_0.ppc64le.rpm SHA-256: a3626b707206a3ff0e77537e7bd60cf01ed7af3472feadc928863beb95c4c7b5 kernel-modules-5.14.0-70.175.1.el9_0.ppc64le.rpm SHA-256: 5125d190103aa847855dfed231efa13ea7f31ec9b34a9e897a6848709bf8a255 kernel-modules-extra-5.14.0-70.175.1.el9_0.ppc64le.rpm SHA-256: 9e5360ff9a9339b4eb294fc0f717f2e2b75b0a4703252d5510a1f1a5fbcf292a kernel-tools-5.14.0-70.175.1.el9_0.ppc64le.rpm SHA-256: 3b1c92fcc60aebba5eb21ac6b4c86ad492f02d61a74d666b75213666f86ca023 kernel-tools-debuginfo-5.14.0-70.175.1.el9_0.ppc64le.rpm SHA-256: 9a0219341993be66de2839c92576077afc6f541d6ba3ce51611fe59e95516f20 kernel-tools-debuginfo-5.14.0-70.175.1.el9_0.ppc64le.rpm SHA-256: 9a0219341993be66de2839c92576077afc6f541d6ba3ce51611fe59e95516f20 kernel-tools-libs-5.14.0-70.175.1.el9_0.ppc64le.rpm SHA-256: de493ca3fbfcce1c70c2f0590eb2f5772eed080602234ffed7fdb6b95c1a3448 perf-5.14.0-70.175.1.el9_0.ppc64le.rpm SHA-256: b8c3d90c8906681e023853705b245860b7fce61520e4a23ea90fad15b65ecaf8 perf-debuginfo-5.14.0-70.175.1.el9_0.ppc64le.rpm SHA-256: a1c23ca8e01d571d96fb405a02f7956bcdf451142fe43a557d60a5c3de6720cb perf-debuginfo-5.14.0-70.175.1.el9_0.ppc64le.rpm SHA-256: a1c23ca8e01d571d96fb405a02f7956bcdf451142fe43a557d60a5c3de6720cb python3-perf-5.14.0-70.175.1.el9_0.ppc64le.rpm SHA-256: 6344f2653d3c5c7ef1fe40dfd6c62408466cc8b8bf8a6eb92f80da0434fc0203 python3-perf-debuginfo-5.14.0-70.175.1.el9_0.ppc64le.rpm SHA-256: daab98c103b5c2b4d37b2fe95b224226f0d95e4e4f618087c845000064823f3d python3-perf-debuginfo-5.14.0-70.175.1.el9_0.ppc64le.rpm SHA-256: daab98c103b5c2b4d37b2fe95b224226f0d95e4e4f618087c845000064823f3d Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0 SRPM kernel-5.14.0-70.175.1.el9_0.src.rpm SHA-256: 1da6bb7d5aaed12981145c682f12ceb51c4d835f7061a7cbc48f3fccbe4be76f x86_64 bpftool-5.14.0-70.175.1.el9_0.x86_64.rpm SHA-256: 0ea52d4987eff38ec4ebd22d5fddf8acd3b36c6e094c36aef33f0c70e148dc9e bpftool-debuginfo-5.14.0-70.175.1.el9_0.x86_64.rpm SHA-256: 4d7395a4e563742c764ca9d761e9f39e518b892f0924733c02c6d567fe0dd3d2 bpftool-debuginfo-5.14.0-70.175.1.el9_0.x86_64.rpm SHA-256: 4d7395a4e563742c764ca9d761e9f39e518b892f0924733c02c6d567fe0dd3d2 kernel-5.14.0-70.175.1.el9_0.x86_64.rpm SHA-256: be3605db308e8c7fc15d2173d4c9c10d08fb59fe48257cdf7d9cfd755de29a9a kernel-abi-stablelists-5.14.0-70.175.1.el9_0.noarch.rpm SHA-256: 825929026ca3aa89c3e938f450a1bede54b5f49a6088018ec6f8d235e47df72e kernel-core-5.14.0-70.175.1.el9_0.x86_64.rpm SHA-256: 752c60892b943631c4025011475e81e72e44776a3acca0f032016409e41e74e0 kernel-debug-5.14.0-70.175.1.el9_0.x86_64.rpm SHA-256: 26ea0d0ce2b4f82d4ba548eba0528edd656ddb74f312c04b93829c294e1add9c kernel-debug-core-5.14.0-70.175.1.el9_0.x86_64.rpm SHA-256: d4b8e20328c03188c0f05674c668a0d82be4b06e3478ae7ac88a101fb1c0a3ab kernel-debug-debuginfo-5.14.0-70.175.1.el9_0.x86_64.rpm SHA-256: ebc291f2c966659a23f7b4e966001b29afee969ffe93ad48e2d41973df55802c kernel-debug-debuginfo-5.14.0-70.175.1.el9_0.x86_64.rpm SHA-256: ebc291f2c966659a23f7b4e966001b29afee969ffe93ad48e2d41973df55802c kernel-debug-devel-5.14.0-70.175.1.el9_0.x86_64.rpm SHA-256: 5252938c6748a56bc5f415554a159fa0281d1997d4b19bfeadd6dfebc617a5da kernel-debug-devel-matched-5.14.0-70.175.1.el9_0.x86_64.rpm SHA-256: 3f9d7280370df23ddaf4eff2b2b20f110965b03fe167d871b7a0186a79102154 kernel-debug-modules-5.14.0-70.175.1.el9_0.x86_64.rpm SHA-256: a3dfdc4a727b40500b1088b078a9a78ee270b1e317d0a023dd657072e6296184 kernel-debug-modules-extra-5.14.0-70.175.1.el9_0.x86_64.rpm SHA-256: b768a3364cf9b49ab90199c5349f3dc319056b9bb10b8b01babf615371d37580 kernel-debuginfo-5.14.0-70.175.1.el9_0.x86_64.rpm SHA-256: d3ec38e04329030b07f36760fce97d02e9e74200b52374f2616f03f31c5f3677 kernel-debuginfo-5.14.0-70.175.1.el9_0.x86_64.rpm SHA-256: d3ec38e04329030b07f36760fce97d02e9e74200b52374f2616f03f31c5f3677 kernel-debuginfo-common-x86_64-5.14.0-70.175.1.el9_0.x86_64.rpm SHA-256: 5a4bd5211937aa488385af7969b89b4ebeb2505dcb44a5b50b958b174ab5dd4d kernel-debuginfo-common-x86_64-5.14.0-70.175.1.el9_0.x86_64.rpm SHA-256: 5a4bd5211937aa488385af7969b89b4ebeb2505dcb44a5b50b958b174ab5dd4d kernel-devel-5.14.0-70.175.1.el9_0.x86_64.rpm SHA-256: e8d58df678d57cee09be3d811fbae223926bcfe7345649e9c36c72633ccf9c49 kernel-devel-matched-5.14.0-70.175.1.el9_0.x86_64.rpm SHA-256: fbd762ad024857a608405d23d80ba8e14bb0b92e9c84a3ddca6b7b699fbb8c13 kernel-doc-5.14.0-70.175.1.el9_0.noarch.rpm SHA-256: 2a738b0af27704f1dda31d26c8db05402eb57dd4b3f4f4f2911bf65424be46dd kernel-headers-5.14.0-70.175.1.el9_0.x86_64.rpm SHA-256: 54fdaa2e002280e1572495321e2f2a081030ff40e7edcbd7944b9cad301ba1e1 kernel-modules-5.14.0-70.175.1.el9_0.x86_64.rpm SHA-256: 67803d7b61b63082cf40d3087d50d71d21aa0617eddc400e642142c