Red Hat Product Errata RHSA-2026:13936 - Security Advisory Issued: 2026-05-06 Updated: 2026-05-06 RHSA-2026:13936 - Security Advisory Overview Updated Packages Synopsis Important: kernel security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for kernel is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): kernel: scsi: mpi3mr: Synchronous access b/w reset and tm thread for reply queue (CVE-2025-37861) kernel: Linux kernel: Denial of Service due to a deadlock in hugetlb folio migration (CVE-2026-23097) kernel: scsi: target: iscsi: Fix use-after-free in iscsit_dec_session_usage_count() (CVE-2026-23193) kernel: ALSA: aloop: Fix racy access at PCM trigger (CVE-2026-23191) kernel: Linux kernel: Denial of service and memory corruption in RDMA umad (CVE-2026-23243) kernel: Linux kernel KVM: Privilege escalation or denial of service due to improper shadow page table entry handling (CVE-2026-23401) kernel: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache (CVE-2026-31402) kernel: crypto: algif_aead - Revert to operating out-of-place (CVE-2026-31431) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. Affected Products Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0 x86_64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.0 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.0 s390x Fixes BZ - 2365256 - CVE-2025-37861 kernel: scsi: mpi3mr: Synchronous access b/w reset and tm thread for reply queue BZ - 2436802 - CVE-2026-23097 kernel: Linux kernel: Denial of Service due to a deadlock in hugetlb folio migration BZ - 2439887 - CVE-2026-23193 kernel: scsi: target: iscsi: Fix use-after-free in iscsit_dec_session_usage_count() BZ - 2439947 - CVE-2026-23191 kernel: ALSA: aloop: Fix racy access at PCM trigger BZ - 2448594 - CVE-2026-23243 kernel: Linux kernel: Denial of service and memory corruption in RDMA umad BZ - 2453803 - CVE-2026-23401 kernel: Linux kernel KVM: Privilege escalation or denial of service due to improper shadow page table entry handling BZ - 2454844 - CVE-2026-31402 kernel: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache BZ - 2460538 - CVE-2026-31431 kernel: crypto: algif_aead - Revert to operating out-of-place CVEs CVE-2025-37861 CVE-2026-23097 CVE-2026-23191 CVE-2026-23193 CVE-2026-23243 CVE-2026-23401 CVE-2026-31402 CVE-2026-31431 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0 SRPM kernel-5.14.0-70.178.1.el9_0.src.rpm SHA-256: 2166e02725d3b5d87c40efa5d06228d005c40cd7943803f5ac6efd52430ff709 ppc64le bpftool-5.14.0-70.178.1.el9_0.ppc64le.rpm SHA-256: 81798b84be4fdfb1679178fe7b5f9795546a81c1d4a6e16d32a70ad1823399bd bpftool-debuginfo-5.14.0-70.178.1.el9_0.ppc64le.rpm SHA-256: b379325e4a5ec4461b526c72760a23d2308caedfeb90ae386845afcc9e88a039 bpftool-debuginfo-5.14.0-70.178.1.el9_0.ppc64le.rpm SHA-256: b379325e4a5ec4461b526c72760a23d2308caedfeb90ae386845afcc9e88a039 kernel-5.14.0-70.178.1.el9_0.ppc64le.rpm SHA-256: cd5df9fb43cc64920f4c5dc0ad10e0af27860439169fe9412e7bab3a246e0f9f kernel-abi-stablelists-5.14.0-70.178.1.el9_0.noarch.rpm SHA-256: 492829f34777c91d159663dd9d4b2b3c18519322437d60b4bf78666a8ba9177d kernel-core-5.14.0-70.178.1.el9_0.ppc64le.rpm SHA-256: b23995840aacfc01ca00a1c1f780178763a676a5e0a4ec960a75e37d322af535 kernel-debug-5.14.0-70.178.1.el9_0.ppc64le.rpm SHA-256: 5c246dd046fd590a0e3898e74a86261946380901164315db08cb0aa9020302ce kernel-debug-core-5.14.0-70.178.1.el9_0.ppc64le.rpm SHA-256: 33a8ca3d8d4375a7a576e18ecd4736c356608162d01641aae2c4f898db08c651 kernel-debug-debuginfo-5.14.0-70.178.1.el9_0.ppc64le.rpm SHA-256: 05c73c0a7a130697a7b9e451cc86bf0d50c2ca8df564e161d203c613c3b98a04 kernel-debug-debuginfo-5.14.0-70.178.1.el9_0.ppc64le.rpm SHA-256: 05c73c0a7a130697a7b9e451cc86bf0d50c2ca8df564e161d203c613c3b98a04 kernel-debug-devel-5.14.0-70.178.1.el9_0.ppc64le.rpm SHA-256: e3ac35a966d960b98a9f04ed60fef9fa8a1e73807fd8f790a802b64b9c10a346 kernel-debug-devel-matched-5.14.0-70.178.1.el9_0.ppc64le.rpm SHA-256: c82326792f6a6ad2baaff49fa09c0703808408d1e48909bf4bbe982e70fe6df5 kernel-debug-modules-5.14.0-70.178.1.el9_0.ppc64le.rpm SHA-256: ea9a94d9c34fc0c2a337a67563483530a0617f34373027a62411b9ddaf6df29c kernel-debug-modules-extra-5.14.0-70.178.1.el9_0.ppc64le.rpm SHA-256: 917def2923298e59cc363ee77758892bd3404a01ef24d65bd703f2874719e25b kernel-debuginfo-5.14.0-70.178.1.el9_0.ppc64le.rpm SHA-256: 4bb0a89eb2c86862b93d3f8fcc46810495c6cd26fbff0db0ca2ad71511e66ffc kernel-debuginfo-5.14.0-70.178.1.el9_0.ppc64le.rpm SHA-256: 4bb0a89eb2c86862b93d3f8fcc46810495c6cd26fbff0db0ca2ad71511e66ffc kernel-debuginfo-common-ppc64le-5.14.0-70.178.1.el9_0.ppc64le.rpm SHA-256: 5a7ecc30f0a2f1c7e7b4fa480bdcf3db1a850ae49c4e3a95c539ee2d391640c0 kernel-debuginfo-common-ppc64le-5.14.0-70.178.1.el9_0.ppc64le.rpm SHA-256: 5a7ecc30f0a2f1c7e7b4fa480bdcf3db1a850ae49c4e3a95c539ee2d391640c0 kernel-devel-5.14.0-70.178.1.el9_0.ppc64le.rpm SHA-256: a76f910d180fc125070fb2c27b3a50032390cacd1c9f105ef43c55cf15f84cdd kernel-devel-matched-5.14.0-70.178.1.el9_0.ppc64le.rpm SHA-256: f2a643b0415e527a210895b580d693ee6b90e12ab526b35003c89ef28b465a7d kernel-doc-5.14.0-70.178.1.el9_0.noarch.rpm SHA-256: 9ed8733c9bfd6bb39b22ca75af568d19ef3bd049cda1f09f8997b9896b5afcfc kernel-headers-5.14.0-70.178.1.el9_0.ppc64le.rpm SHA-256: 7beab94f030f3826980713b25b5b55457d14b3f49e545132b7a44083fa366c45 kernel-modules-5.14.0-70.178.1.el9_0.ppc64le.rpm SHA-256: e23a27fd0159c18606d18b6da40e622d5b1e00cff2e95232d77a0b5b0c9e0e8e kernel-modules-extra-5.14.0-70.178.1.el9_0.ppc64le.rpm SHA-256: 36f8e824695283c9220e4a0da8c7f8600653bf0820153dedca3756543a6a2b64 kernel-tools-5.14.0-70.178.1.el9_0.ppc64le.rpm SHA-256: be7f2dad3ea5515b93f8dffc70d7a0777fdd1a0437e3c54a53eea49063f68e03 kernel-tools-debuginfo-5.14.0-70.178.1.el9_0.ppc64le.rpm SHA-256: 135fb5aa2f11b1ecd1316c6b4bd44b5ba805ec039b6309fd70460263015906b4 kernel-tools-debuginfo-5.14.0-70.178.1.el9_0.ppc64le.rpm SHA-256: 135fb5aa2f11b1ecd1316c6b4bd44b5ba805ec039b6309fd70460263015906b4 kernel-tools-libs-5.14.0-70.178.1.el9_0.ppc64le.rpm SHA-256: 8b50dad700320bcc787ea8818d0ca3aa6a8b8ad26f421b9c5f837096f639b2ed perf-5.14.0-70.178.1.el9_0.ppc64le.rpm SHA-256: ce070eb9e444cd08524cf32373842b5cd61a58b0f4ed01e39b4bc3c4390a4d75 perf-debuginfo-5.14.0-70.178.1.el9_0.ppc64le.rpm SHA-256: 4322922429994d23f892cffd299903492655ee17b74874e2a5199d2bf2806a37 perf-debuginfo-5.14.0-70.178.1.el9_0.ppc64le.rpm SHA-256: 4322922429994d23f892cffd299903492655ee17b74874e2a5199d2bf2806a37 python3-perf-5.14.0-70.178.1.el9_0.ppc64le.rpm SHA-256: dda6b921812e9fc693603bb9497464370d8c4acab78fb89b43f8fbf2eb0e44fc python3-perf-debuginfo-5.14.0-70.178.1.el9_0.ppc64le.rpm SHA-256: 1b1eb74d30ccdd712bb9f30190051c77c26c48b2dad950ed61e4f9c8a9122be6 python3-perf-debuginfo-5.14.0-70.178.1.el9_0.ppc64le.rpm SHA-256: 1b1eb74d30ccdd712bb9f30190051c77c26c48b2dad950ed61e4f9c8a9122be6 Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0 SRPM kernel-5.14.0-70.178.1.el9_0.src.rpm SHA-256: 2166e02725d3b5d87c40efa5d06228d005c40cd7943803f5ac6efd52430ff709 x86_64 bpftool-5.14.0-70.178.1.el9_0.x86_64.rpm SHA-256: e5b4b846ec3868d2d64b14f11300d85fe71f0949366f9354c797249efa6aec5d bpftool-debuginfo-5.14.0-70.178.1.el9_0.x86_64.rpm SHA-256: 1b3767abaea2f79b79e66dd43d502e449972620312ceca2e6cdaedc5fc8c0e9f bpftool-debuginfo-5.14.0-70.178.1.el9_0.x86_64.rpm SHA-256: 1b3767abaea2f79b79e66dd43d502e449972620312ceca2e6cdaedc5fc8c0e9f kernel-5.14.0-70.178.1.el9_0.x86_64.rpm SHA-256: cbb7885bc49e5d6c16da428e248b26584e7bbf0b513c98aff4fe3247a52e5792 kernel-abi-stablelists-5.14.0-70.178.1.el9_0.noarch.rpm SHA-256: 492829f34777c91d159663dd9d4b2b3c18519322437d60b4bf78666a8ba9177d kernel-core-5.14.0-70.178.1.el9_0.x86_64.rpm SHA-256: 2ec4ae0c6a9e4f92c541c27f8eefb6466bdab066aebae2cadc22d95d60f99fbb kernel-debug-5.14.0-70.178.1.el9_0.x86_64.rpm SHA-256: c7505edfa39386a9fe7ff61b35df9e0576866b11d26810f9d54d992d12eb6b45 kernel-debug-core-5.14.0-70.178.1.el9_0.x86_64.rpm SHA-256: 5879af0ad7622f374c3a94603a51a1a3811d3b873cc49ec7ea442d155710019d kernel-debug-debuginfo-5.14.0-70.178.1.el9_0.x86_64.rpm SHA-256: c44e44fce6919213b6486fd3bf35a50d0454659e134b362c1d6afb55c1e2ff7e kernel-debug-debuginfo-5.14.0-70.178.1.el9_0.x86_64.rpm SHA-256: c44e44fce6919213b6486fd3bf35a50d0454659e134b362c1d6afb55c1e2ff7e kernel-debug-devel-5.14.0-70.178.1.el9_0.x86_64.rpm SHA-256: 0cbd0c75dd105c5cf84b06febd02fa2799b6efdf08d846a42e92c11966fa19f8 kernel-debug-devel-matched-5.14.0-70.178.1.el9_0.x86_64.rpm SHA-256: 1f656aac8b2c19f607f3c158dca7d7d2ce97d42c1225a3dad17ded8ae214d0aa kernel-debug-modules-5.14.0-70.178.1.el9_0.x86_64.rpm SHA-256: 7e43b59523311beadf5c19d8bb1e0b349c478637561120fe7b35cb452b071876 kernel-debug-modules-extra-5.14.0-70.178.1.el9_0.x86_64.rpm SHA-256: 469f0ca4bb4f2e54a676a226a3e5195b48670f3dc1d9e0ab8d2c6394cd331a92 kernel-debuginfo-5.14.