Red Hat Product Errata RHSA-2026:13577 - Security Advisory Issued: 2026-05-05 Updated: 2026-05-05 RHSA-2026:13577 - Security Advisory Overview Updated Packages Synopsis Important: kernel security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): kernel: nvme: avoid double free special payload (CVE-2024-41073) kernel: net: qlogic/qede: fix potential out-of-bounds read in qede_tpa_cont() and qede_tpa_end() (CVE-2025-40252) kernel: crypto: asymmetric_keys - prevent overflow in asymmetric_key_generate_id (CVE-2025-68724) kernel: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache (CVE-2026-31402) kernel: Linux kernel KVM: Privilege escalation or denial of service due to improper shadow page table entry handling (CVE-2026-23401) kernel: crypto: algif_aead - Revert to operating out-of-place (CVE-2026-31431) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. Affected Products Red Hat Enterprise Linux for x86_64 8 x86_64 Red Hat Enterprise Linux for IBM z Systems 8 s390x Red Hat Enterprise Linux for Power, little endian 8 ppc64le Red Hat Enterprise Linux for ARM 64 8 aarch64 Red Hat CodeReady Linux Builder for x86_64 8 x86_64 Red Hat CodeReady Linux Builder for Power, little endian 8 ppc64le Red Hat CodeReady Linux Builder for ARM 64 8 aarch64 Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 8.10 x86_64 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 8.10 aarch64 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 8.10 ppc64le Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 8.10 s390x Fixes BZ - 2301637 - CVE-2024-41073 kernel: nvme: avoid double free special payload BZ - 2424886 - CVE-2025-68724 kernel: crypto: asymmetric_keys - prevent overflow in asymmetric_key_generate_id BZ - 2453803 - CVE-2026-23401 kernel: Linux kernel KVM: Privilege escalation or denial of service due to improper shadow page table entry handling BZ - 2454844 - CVE-2026-31402 kernel: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache BZ - 2460538 - CVE-2026-31431 kernel: crypto: algif_aead - Revert to operating out-of-place CVEs CVE-2024-41073 CVE-2025-40252 CVE-2025-68724 CVE-2026-23401 CVE-2026-31402 CVE-2026-31431 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 8 SRPM kernel-4.18.0-553.123.1.el8_10.src.rpm SHA-256: df8dfe753d475b4abe537f06821fbd60dcb59a4082b8039ed65d023b17a4cd3b x86_64 bpftool-4.18.0-553.123.1.el8_10.x86_64.rpm SHA-256: 5c7bd4f54f7ccb04d4dd810936e2402f11fca5d1b5832564f860d82ce078153c bpftool-debuginfo-4.18.0-553.123.1.el8_10.x86_64.rpm SHA-256: c8919ef96b55d6b699e04d955999e86eb494b582b54e5a4ebb0cefa29e2fea1d kernel-4.18.0-553.123.1.el8_10.x86_64.rpm SHA-256: 3073f98ee7fcf506b7d72d60a864d16ed0c7fcc063598e4ccddaebfd446a2db1 kernel-abi-stablelists-4.18.0-553.123.1.el8_10.noarch.rpm SHA-256: 60d3c23f6ac49da7eaca717e402df7ccc0b67077288354f820faa2c31d5bec8b kernel-core-4.18.0-553.123.1.el8_10.x86_64.rpm SHA-256: 805eb0b35f0021cd45e5277f8ffa15a124121c945d0f6beb2855eb6a15870315 kernel-cross-headers-4.18.0-553.123.1.el8_10.x86_64.rpm SHA-256: b11f3a009810ec184b3f1fb71fb5e479f3bdcf07f3e872eb7f9f4fb5efbc1589 kernel-debug-4.18.0-553.123.1.el8_10.x86_64.rpm SHA-256: 2bf518bb957f14d59b508bd9c93fc42d397cd2427d19369e89a418e0e7a10c58 kernel-debug-core-4.18.0-553.123.1.el8_10.x86_64.rpm SHA-256: c5cfb72d8c8a9ee457dd2f7aeb254f2b30c3da866926f5942035a7d7802a10cd kernel-debug-debuginfo-4.18.0-553.123.1.el8_10.x86_64.rpm SHA-256: d148cf6162547030d8cd0ed2663f9bc5c12d2bd102683672382488c9e60a116b kernel-debug-devel-4.18.0-553.123.1.el8_10.x86_64.rpm SHA-256: 4e97d2946c1cf25929a5e59f4d935527ba862a147b7a1af545848fd651a8ba25 kernel-debug-modules-4.18.0-553.123.1.el8_10.x86_64.rpm SHA-256: f22078907692a4cd34347e57755ce6c180b915f5c7c08a960dc39a49eab0fd30 kernel-debug-modules-extra-4.18.0-553.123.1.el8_10.x86_64.rpm SHA-256: 0a203903f731812c3c312283571784f5dd97abdbb8cca8ae85a3b032e045dc55 kernel-debuginfo-4.18.0-553.123.1.el8_10.x86_64.rpm SHA-256: dbef0f0e7be54b0db2947e2bdd3591f0eafa3f1f52b4575ddd2d0eff3809416b kernel-debuginfo-common-x86_64-4.18.0-553.123.1.el8_10.x86_64.rpm SHA-256: 40d571af43b5a6e739864b50206dc81bb3fee84cb09bb52f7262927d87852e17 kernel-devel-4.18.0-553.123.1.el8_10.x86_64.rpm SHA-256: 1ca0e0f69902e97758c2de03adc06b068f746084ca706165159f343654dae58d kernel-doc-4.18.0-553.123.1.el8_10.noarch.rpm SHA-256: 3c5c3eff293730e0c03271d693cfe839d81e2d4f0406bf6309e57f79a25ccd45 kernel-headers-4.18.0-553.123.1.el8_10.x86_64.rpm SHA-256: 09453e2ab2e0e8800bc3bd2ead4dc701fb441df5d37aa778c55a8429cb3e3796 kernel-modules-4.18.0-553.123.1.el8_10.x86_64.rpm SHA-256: eb8640b92e1953c3c9a95a616fa4fe67923a66f0d956969323d873dba9273d31 kernel-modules-extra-4.18.0-553.123.1.el8_10.x86_64.rpm SHA-256: fa8a18a8cbf6bc4a23e76f7affff55ffd40cde3246708ddf201a250b4939b2b2 kernel-tools-4.18.0-553.123.1.el8_10.x86_64.rpm SHA-256: 5bd9538f857afada494a7af195c5c95753c274553b7b18fb6d96c3761eb48cbc kernel-tools-debuginfo-4.18.0-553.123.1.el8_10.x86_64.rpm SHA-256: 96a08c3f03c2bb634a28eae6730a10ac45b0b0c43e0f44130f572513a73586ec kernel-tools-libs-4.18.0-553.123.1.el8_10.x86_64.rpm SHA-256: 4ce3710c5b2bce4f2308cdaf2061a9fceffcfbe84d19f445d3fc25394cb1097d perf-4.18.0-553.123.1.el8_10.x86_64.rpm SHA-256: 9e8ecb1c1b146d6bdc7ff6d5cac34450553698fa4a158f1a5fa6a0227df18d1b perf-debuginfo-4.18.0-553.123.1.el8_10.x86_64.rpm SHA-256: ad0f2facd078e1818bdac9e69cbd4800316332f7d9f7bb21c5fea4a0974e3f6d python3-perf-4.18.0-553.123.1.el8_10.x86_64.rpm SHA-256: e09a05518486a619c00034c5263e5207b6561b73a16140394cdec531aad6f588 python3-perf-debuginfo-4.18.0-553.123.1.el8_10.x86_64.rpm SHA-256: 049a79269e6142be727cdb2ad3a3a84dd4627827e28443ba84ca5ba36e0e6466 Red Hat Enterprise Linux for IBM z Systems 8 SRPM kernel-4.18.0-553.123.1.el8_10.src.rpm SHA-256: df8dfe753d475b4abe537f06821fbd60dcb59a4082b8039ed65d023b17a4cd3b s390x bpftool-4.18.0-553.123.1.el8_10.s390x.rpm SHA-256: a0894d0133b1060ffbda490db4cef4191194859cdf7d060191809805e407ca39 bpftool-debuginfo-4.18.0-553.123.1.el8_10.s390x.rpm SHA-256: a34a41ebbe514839948b734f5058550254160fbfea36ae536314f6ea70d0a884 kernel-4.18.0-553.123.1.el8_10.s390x.rpm SHA-256: 8969c2f02a15d0ace919b8e381e3562352d21f920203ee4fb7a20c022ce08f6a kernel-abi-stablelists-4.18.0-553.123.1.el8_10.noarch.rpm SHA-256: 60d3c23f6ac49da7eaca717e402df7ccc0b67077288354f820faa2c31d5bec8b kernel-core-4.18.0-553.123.1.el8_10.s390x.rpm SHA-256: a925b8c62794ab7eb2231eddd4ac71742b125121f71ca015fe1dcc45b197fd0c kernel-cross-headers-4.18.0-553.123.1.el8_10.s390x.rpm SHA-256: 666509ecd412f7bf437af30c717daa545c9b638b6b2ef803c3fba011a625c181 kernel-debug-4.18.0-553.123.1.el8_10.s390x.rpm SHA-256: 80b9fafb38a633e740258549aa479f3d8fd5cf3bbc856f2df604697660ba3d43 kernel-debug-core-4.18.0-553.123.1.el8_10.s390x.rpm SHA-256: 4b1dfd096f0ed75673050cc81beea2e38833df28304e2a30d4b7709c3c537572 kernel-debug-debuginfo-4.18.0-553.123.1.el8_10.s390x.rpm SHA-256: 9f7e49bf228da5f542803533fa2d08fbafc4ce23a630dd9a1fd3f0f9640d592e kernel-debug-devel-4.18.0-553.123.1.el8_10.s390x.rpm SHA-256: cf955d97d1eb738435f2ff918777cc1c4240a4c5ed81ebd578d0cf0d55b3d79c kernel-debug-modules-4.18.0-553.123.1.el8_10.s390x.rpm SHA-256: f5851293084ca2ba60be589b094717e4296fc61415436175326bc7a8ac38289f kernel-debug-modules-extra-4.18.0-553.123.1.el8_10.s390x.rpm SHA-256: d3a8dc37c45fc8e62eb970dc863227c91ffc74de67e8946b902d595d4575219e kernel-debuginfo-4.18.0-553.123.1.el8_10.s390x.rpm SHA-256: b0a954fb10322172bc98ddf7f631c055b56992c86fb4dbcb25b27beca67ee850 kernel-debuginfo-common-s390x-4.18.0-553.123.1.el8_10.s390x.rpm SHA-256: 8d092f49a41bd5647f7fa8f1028c1f5e9a9246d3323102ab6f6138d22a0cb920 kernel-devel-4.18.0-553.123.1.el8_10.s390x.rpm SHA-256: 00ea919af26bc9cea46e95860274a624a35ba02da93cd8c711c89eb0df67a5e7 kernel-doc-4.18.0-553.123.1.el8_10.noarch.rpm SHA-256: 3c5c3eff293730e0c03271d693cfe839d81e2d4f0406bf6309e57f79a25ccd45 kernel-headers-4.18.0-553.123.1.el8_10.s390x.rpm SHA-256: e1d43a73d05ebadea17f5d34b52deeb208289b9800984932956f3eb1f9e5e313 kernel-modules-4.18.0-553.123.1.el8_10.s390x.rpm SHA-256: 9b420e3789931ac771112f4074857cfae5b09bef426650664eee178a42f6ccbc kernel-modules-extra-4.18.0-553.123.1.el8_10.s390x.rpm SHA-256: 6bcf6f998a54c339e36b8c427b0c1dbe67f65bfe420aa36ec7482511f5f2ec1e kernel-tools-4.18.0-553.123.1.el8_10.s390x.rpm SHA-256: a3b9f3b5a30e4dde9a1faf7b77302f544fb26aa0c03115f95528901038b3e21d kernel-tools-debuginfo-4.18.0-553.123.1.el8_10.s390x.rpm SHA-256: 45f6e45cfa8f6dd36dc50312c65e2e6338e88d81379fa87785f0937576bf48a2 kernel-zfcpdump-4.18.0-553.123.1.el8_10.s390x.rpm SHA-256: 6876981dc68a71873b25b55f574516bff7e7be19f800ed2f8d1909713ec7eb66 kernel-zfcpdump-core-4.18.0-553.123.1.el8_10.s390x.rpm SHA-256: a780a258668b18df21405d02197b44e962c8d393f297cdd63285298aac202925 kernel-zfcpdump-debuginfo-4.18.0-553.123.1.el8_10.s390x.rpm SHA-256: c1373d85695473e041c7dbc296b823fb7a60083aa1fcc1b4847111e8e57beba3 kernel-zfcpdump-devel-4.18.0-553.123.1.el8_10.s390x.rpm SHA-256: fdc7d74f34