Red Hat Product Errata RHSA-2026:9870 - Security Advisory Issued: 2026-04-22 Updated: 2026-04-22 RHSA-2026:9870 - Security Advisory Overview Updated Packages Synopsis Moderate: kernel security update Type/Severity Security Advisory: Moderate Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for kernel is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): kernel: Linux kernel: RDMA/rxe use-after-free vulnerability leading to potential arbitrary code execution (CVE-2025-38024) kernel: iavf: Fix reset error handling (CVE-2022-50053) kernel: Linux kernel: Use-After-Free vulnerability in ATM subsystem (CVE-2025-38180) kernel: RDMA/rxe: Fix incomplete state save in rxe_requester (CVE-2023-53539) kernel: scsi: target: iscsi: Fix use-after-free in iscsit_dec_session_usage_count() (CVE-2026-23193) kernel: net/sched: cls_u32: use skb_header_pointer_careful() (CVE-2026-23204) kernel: scsi: target: iscsi: Fix use-after-free in iscsit_dec_conn_usage_count() (CVE-2026-23216) kernel: kernel: Privilege escalation or denial of service via use-after-free in nf_tables_addchain() (CVE-2026-23231) kernel: Linux kernel (qla2xxx): Double free vulnerability leads to denial of service and potential privilege escalation. (CVE-2025-71238) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. Affected Products Red Hat Enterprise Linux Server - Extended Life Cycle Support 7 x86_64 Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 7 s390x Red Hat Enterprise Linux Server - Extended Life Cycle Support for IBM Power, big endian 7 ppc64 Red Hat Enterprise Linux Server - Extended Life Cycle Support for IBM Power, little endian 7 ppc64le Fixes BZ - 2373354 - CVE-2025-38024 kernel: Linux kernel: RDMA/rxe use-after-free vulnerability leading to potential arbitrary code execution BZ - 2373553 - CVE-2022-50053 kernel: iavf: Fix reset error handling BZ - 2376376 - CVE-2025-38180 kernel: Linux kernel: Use-After-Free vulnerability in ATM subsystem BZ - 2401510 - CVE-2023-53539 kernel: RDMA/rxe: Fix incomplete state save in rxe_requester BZ - 2439887 - CVE-2026-23193 kernel: scsi: target: iscsi: Fix use-after-free in iscsit_dec_session_usage_count() BZ - 2439931 - CVE-2026-23204 kernel: net/sched: cls_u32: use skb_header_pointer_careful() BZ - 2440630 - CVE-2026-23216 kernel: scsi: target: iscsi: Fix use-after-free in iscsit_dec_conn_usage_count() BZ - 2444376 - CVE-2026-23231 kernel: kernel: Privilege escalation or denial of service via use-after-free in nf_tables_addchain() BZ - 2444398 - CVE-2025-71238 kernel: Linux kernel (qla2xxx): Double free vulnerability leads to denial of service and potential privilege escalation. CVEs CVE-2022-50053 CVE-2023-53539 CVE-2025-38024 CVE-2025-38180 CVE-2025-71238 CVE-2026-23193 CVE-2026-23204 CVE-2026-23216 CVE-2026-23231 References https://access.redhat.com/security/updates/classification/#moderate Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux Server - Extended Life Cycle Support 7 SRPM kernel-3.10.0-1160.148.1.el7.src.rpm SHA-256: 83cbfc6df31073a6fc4b889b12ea0e4e4c15739e9e1b83759a5aae45c2a42502 x86_64 bpftool-3.10.0-1160.148.1.el7.x86_64.rpm SHA-256: 97fccc41c6239d5783b18c3e1deae6955e99eea06ecbca60cee14036c9f1e7d1 bpftool-debuginfo-3.10.0-1160.148.1.el7.x86_64.rpm SHA-256: ed1f5ef86fb696c4f22d991df74060b861991baa74fb62728b6f2c36206dc261 bpftool-debuginfo-3.10.0-1160.148.1.el7.x86_64.rpm SHA-256: ed1f5ef86fb696c4f22d991df74060b861991baa74fb62728b6f2c36206dc261 kernel-3.10.0-1160.148.1.el7.x86_64.rpm SHA-256: f85ebebbe62326b2bdc5997c859e886d8232ec201cc5812831a45615e6548383 kernel-abi-whitelists-3.10.0-1160.148.1.el7.noarch.rpm SHA-256: d56e4267b72fcdbe2af495a9fdabfdd184c18c51323b25c08942d4762242e9bb kernel-debug-3.10.0-1160.148.1.el7.x86_64.rpm SHA-256: 16193d47b255df9248e8027cfdc799f6809c20646b14a504bb6f448e4fcaef83 kernel-debug-debuginfo-3.10.0-1160.148.1.el7.x86_64.rpm SHA-256: bd9e572853e35b339aef852d0d35760cbf0fd5857e94c9a6f8d8afb25e8d7ac2 kernel-debug-debuginfo-3.10.0-1160.148.1.el7.x86_64.rpm SHA-256: bd9e572853e35b339aef852d0d35760cbf0fd5857e94c9a6f8d8afb25e8d7ac2 kernel-debug-devel-3.10.0-1160.148.1.el7.x86_64.rpm SHA-256: 3d738b6487e703b6a20afda08235c64dd35174e7da049a4b54850efe3c882921 kernel-debuginfo-3.10.0-1160.148.1.el7.x86_64.rpm SHA-256: c1bb2db7d4bcb5047af17e8dbe435a10790e498973ee12b607d9cdcdc9386d20 kernel-debuginfo-3.10.0-1160.148.1.el7.x86_64.rpm SHA-256: c1bb2db7d4bcb5047af17e8dbe435a10790e498973ee12b607d9cdcdc9386d20 kernel-debuginfo-common-x86_64-3.10.0-1160.148.1.el7.x86_64.rpm SHA-256: f4ce5c074847dcbb2c2f2d56a5425f978bc98ebefba9a7e4fcacc17babb04a42 kernel-debuginfo-common-x86_64-3.10.0-1160.148.1.el7.x86_64.rpm SHA-256: f4ce5c074847dcbb2c2f2d56a5425f978bc98ebefba9a7e4fcacc17babb04a42 kernel-devel-3.10.0-1160.148.1.el7.x86_64.rpm SHA-256: d600501dcaff30fc3b3c01b9ca5ec4d6438a76ae9b7438db46159fcb2e2dbc29 kernel-doc-3.10.0-1160.148.1.el7.noarch.rpm SHA-256: 2327c1126eb1b9aa06abb728f7278fd5dba37efcb127ace8269d679c0756c2de kernel-headers-3.10.0-1160.148.1.el7.x86_64.rpm SHA-256: d37ceac9b9b0d232c7184c89d78805726febef112c958a671586d99527364776 kernel-tools-3.10.0-1160.148.1.el7.x86_64.rpm SHA-256: ffe5bbc6aab103f930a8b2cacf92e13bf76909072d4ceab253a4196462ef0d1f kernel-tools-debuginfo-3.10.0-1160.148.1.el7.x86_64.rpm SHA-256: f5d75b57a7bf6ebc73915ad9d15f3cb03f48695b4dd98352ba677f6688dae72a kernel-tools-debuginfo-3.10.0-1160.148.1.el7.x86_64.rpm SHA-256: f5d75b57a7bf6ebc73915ad9d15f3cb03f48695b4dd98352ba677f6688dae72a kernel-tools-libs-3.10.0-1160.148.1.el7.x86_64.rpm SHA-256: 0e0e61729824d46e2b58acb991175c765cb1b2a7668ffdfc179a7be625c71526 kernel-tools-libs-devel-3.10.0-1160.148.1.el7.x86_64.rpm SHA-256: 0dc96cda207e2d1898b0e97f7513dff5b02b9f8d1da8b33654e6346be5fba32e perf-3.10.0-1160.148.1.el7.x86_64.rpm SHA-256: be7701ab235417b811e81871bea326ef89dcfed4c913fc0a01c9c08248aeea72 perf-debuginfo-3.10.0-1160.148.1.el7.x86_64.rpm SHA-256: 11d6e67e736058f8d38b700a09caf1ddf2382fca32b8373ceec44dee1e481bc3 perf-debuginfo-3.10.0-1160.148.1.el7.x86_64.rpm SHA-256: 11d6e67e736058f8d38b700a09caf1ddf2382fca32b8373ceec44dee1e481bc3 python-perf-3.10.0-1160.148.1.el7.x86_64.rpm SHA-256: 71b1c12ffe7074669238851ff78aff15dc11148f80dd28dd7fbf864cc347c604 python-perf-debuginfo-3.10.0-1160.148.1.el7.x86_64.rpm SHA-256: 8800da61bd395566716659e24154cf55eb64d96d3dc10ef6e70a8dd0f272a9ad python-perf-debuginfo-3.10.0-1160.148.1.el7.x86_64.rpm SHA-256: 8800da61bd395566716659e24154cf55eb64d96d3dc10ef6e70a8dd0f272a9ad Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 7 SRPM kernel-3.10.0-1160.148.1.el7.src.rpm SHA-256: 83cbfc6df31073a6fc4b889b12ea0e4e4c15739e9e1b83759a5aae45c2a42502 s390x bpftool-3.10.0-1160.148.1.el7.s390x.rpm SHA-256: 284c0761f5639621a510553cfc17202341c745fec9604484267f5e63f9b89db0 bpftool-debuginfo-3.10.0-1160.148.1.el7.s390x.rpm SHA-256: 15e1432422023f252ca1cb45cb56cfa4c85d88255b030a644a5f8b3cf60246b5 kernel-3.10.0-1160.148.1.el7.s390x.rpm SHA-256: 8c99c0042bee2cb727bdd5404a58ea306b57c410df8f6d4355926fd5adf72879 kernel-abi-whitelists-3.10.0-1160.148.1.el7.noarch.rpm SHA-256: d56e4267b72fcdbe2af495a9fdabfdd184c18c51323b25c08942d4762242e9bb kernel-debug-3.10.0-1160.148.1.el7.s390x.rpm SHA-256: 48ab912c06b0836709547e34d4a244d6bac31c3e0819451a9d948b23aa4a8c8f kernel-debug-debuginfo-3.10.0-1160.148.1.el7.s390x.rpm SHA-256: b69003854dd303c21d4827953d48adfef05d8d98b0a5b031de9967cff3283def kernel-debug-devel-3.10.0-1160.148.1.el7.s390x.rpm SHA-256: a76b1f6c832f46194451146388355fc86fa6ddf272d9bcdddf2822ef208a97fb kernel-debuginfo-3.10.0-1160.148.1.el7.s390x.rpm SHA-256: b786a3ed60b3b0930e35aec7531d4d95f946ce1ddc08c27c6369adedcb6f6a12 kernel-debuginfo-common-s390x-3.10.0-1160.148.1.el7.s390x.rpm SHA-256: 92e71a2260eab93d734b7879b12125b239063ed1665c7a9139d54e0eadbc298c kernel-devel-3.10.0-1160.148.1.el7.s390x.rpm SHA-256: da3027752ef5e7e5654bd7bc98140f7be461d26d71b1599d8f2d5ffa55e3849a kernel-doc-3.10.0-1160.148.1.el7.noarch.rpm SHA-256: 2327c1126eb1b9aa06abb728f7278fd5dba37efcb127ace8269d679c0756c2de kernel-headers-3.10.0-1160.148.1.el7.s390x.rpm SHA-256: 08438ca5ffabbf9c3e37c3c0f9f12c778fa6b9643be5aced6fb2da71cba8e821 kernel-kdump-3.10.0-1160.148.1.el7.s390x.rpm SHA-256: f626077e2c6f1759ceedd1a620b15a2cb5accd4ca7821a6ae2f477aabc8e4e3e kernel-kdump-debuginfo-3.10.0-1160.148.1.el7.s390x.rpm SHA-256: b06bb2a412064e812dcf1717f45e0db57c7774af15bbc148186f69403ae7a40e kernel-kdump-devel-3.10.0-1160.148.1.el7.s390x.rpm SHA-256: 8e0342dfeb99867dcae62f6717a4998f9671849b6a27abe9fce647be292df67e perf-3.10.0-1160.148.1.el7.s390x.rpm SHA-256: 052cce8d1284bdf850d7f2c72bb27e4c962d4451e0124918e89355da70828513 perf-debuginfo-3.10.0-1160.148.1.el7.s390x.rpm SHA-256: 5c043d64eb3c8fbbce3dc79d04afe003ecae9d5587a4085d222977d8254d9f61 python-perf-3.10.0-1160.148.1.el7.s390x.rpm SHA-256: 4bc10de0d55b3178a911803e69595bb1e6820f58104391c3dba7b901c5e6d93d python-perf-debuginfo-3.10.0-1160.148.1.el7.s390x.rpm SHA-256: 3fa6e486696cb11a61a0421c9609c293d86396f3c273c0965db7c4765267d41b Red Hat Enterprise Linux Server - Extended Life Cycle Support for IBM Power, big endian 7 SRPM kerne