A critical Red Hat kernel security update addresses multiple vulnerabilities, including a heap overflow in NFSv4.0 LOCK replay cache (CVE-2026-31402, CVSS 9.8) and a use-after-free in iSCSI target code (CVE-2026-23193, CVSS 8.8), which can lead to denial of service or privilege escalation. The vulnerabilities affect a wide range of Linux kernel versions; for example, CVE-2026-23193 affects kernels from 3.1 up to but excluding 5.10.250, 5.11 up to 5.15.200, and similarly through several major version ranges. The fixed kernel versions for RHEL 8.4 Extended Update Support are provided in the advisory, and a system reboot is required after applying the update.
Red Hat Product Errata RHSA-2026:14165 - Security Advisory Issued: 2026-05-06 Updated: 2026-05-06 RHSA-2026:14165 - Security Advisory Overview Updated Packages Synopsis Important: kernel security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for kernel is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): kernel: scsi: target: iscsi: Fix use-after-free in iscsit_dec_session_usage_count() (CVE-2026-23193) kernel: Linux kernel (qla2xxx): Double free vulnerability leads to denial of service and potential privilege escalation. (CVE-2025-71238) kernel: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache (CVE-2026-31402) kernel: crypto: algif_aead - Revert to operating out-of-place (CVE-2026-31431) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. Affected Products Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.4 x86_64 Red Hat Enterprise Linux Server - AUS 8.4 x86_64 Fixes BZ - 2439887 - CVE-2026-23193 kernel: scsi: target: iscsi: Fix use-after-free in iscsit_dec_session_usage_count() BZ - 2444398 - CVE-2025-71238 kernel: Linux kernel (qla2xxx): Double free vulnerability leads to denial of service and potential privilege escalation. BZ - 2454844 - CVE-2026-31402 kernel: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache BZ - 2460538 - CVE-2026-31431 kernel: crypto: algif_aead - Revert to operating out-of-place CVEs CVE-2025-71238 CVE-2026-23193 CVE-2026-31402 CVE-2026-31431 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.4 SRPM kernel-4.18.0-305.190.1.el8_4.src.rpm SHA-256: b3bce762a1bbae78dff5d20d5e6d7e27a547cc371719047ef51e44d630fca395 x86_64 bpftool-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: 57e2f9d59a3ebc445f8a2ad2dcdb543ef7ade7648b3a5e58c50b84e0db3dc1d2 bpftool-debuginfo-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: 58a09d99c3dd2f741638cf36e0ebd98249428b72b3a32b3f43907310b09b4d5b kernel-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: 18a6757a18e80e783c70dfb6c9b2b6378fc83cf0dcf6d87c85fabcc6c375e956 kernel-abi-stablelists-4.18.0-305.190.1.el8_4.noarch.rpm SHA-256: 28dd2f3a164bc2f264a148ac1d849e21cf5ec261b438cda2cec092ea6ea06f2a kernel-core-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: 619dd5afc3d4c636ae6eeea43865f0ab57a9363cf2ecf6c1688f14e7944b2710 kernel-cross-headers-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: a67aaa53d8bdd3a24bed2fbecbad2fa79245382d6cfef318a15378b8290e9c2d kernel-debug-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: 1acdb0e55ec11585819797e5a2d2df3d6365a54be940d6c4204c5b3081d69e83 kernel-debug-core-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: ad9b88a9f8116c24c88c9f1402d01b138a806d534929084e0c68695de98fc720 kernel-debug-debuginfo-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: 02b23b4c4312d40848bf17f413d478fa9d475e82cd39b2830a0a0211260f58de kernel-debug-devel-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: a80df787580886005dc836ff067917b2afc57d02ca81026a1d5ceab5514e130f kernel-debug-modules-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: 3ad80966b5fd5c9fe0868284586da2e2181abfadf62b5cf25fcdc969c2220c68 kernel-debug-modules-extra-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: e020601c39cc23fad9faedbcaf3d3109b513d748d2fa519c50dafc80f4b5e022 kernel-debuginfo-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: ea4355aa908f12ff8f6fa07a5e87b22eb09ff31fca420a3571a9a55a57cd82eb kernel-debuginfo-common-x86_64-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: e5152e86de85e693103bb129840810055a777c91cee09e2cabd845cb466bf7e8 kernel-devel-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: 6a081b0bc0fdbf971ee3934ebdd9131dc56d192751a3750195a1655256c93e9f kernel-doc-4.18.0-305.190.1.el8_4.noarch.rpm SHA-256: 9b8f2d9a607cc3dde5349890f9314b9e20f5870177845adca55fb2f5e2b47e75 kernel-headers-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: 3d23306574aac9bc2d5a6e686bdf44c215cabd4d09ad0f14b34c7dffced9d97b kernel-modules-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: 2f555b15a99c0015624acfc9a6ee40cc14c5810641b1608d571d5a8055f5639e kernel-modules-extra-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: 92e2cc5b1cd5e441ab26462ca6f68cbf0eac37985ad0dd74085a4975a976001a kernel-tools-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: 102c8fc558b48bd58a9fc93b30acedaf70c6e7c4c01c9514d6b772ae593423f5 kernel-tools-debuginfo-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: 6ad754217a011d776c2d92d109614ce9e5887da73f467bbcb844d57b291e691c kernel-tools-libs-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: c991c9a2d9580701f441c76ed3b99ca83c67cd52d4f931afc4851e5202a3ff69 perf-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: 86d38fc9bad31f555f4bbd04715494c917b62cf57043e85bbbdf821af789c2dd perf-debuginfo-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: 1d4420921d930515b7e47ba90629856f259ca33a8770fe9b2439baa9b31370ee python3-perf-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: c65d283251921ae98019c5d9fe2ecf6c64d3883995f9fbf6da98324fe9de893a python3-perf-debuginfo-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: 740c594c94e4b895f4181fd1f4a4710d5ccd2164b02e114d7770bd159b2a9ea6 Red Hat Enterprise Linux Server - AUS 8.4 SRPM kernel-4.18.0-305.190.1.el8_4.src.rpm SHA-256: b3bce762a1bbae78dff5d20d5e6d7e27a547cc371719047ef51e44d630fca395 x86_64 bpftool-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: 57e2f9d59a3ebc445f8a2ad2dcdb543ef7ade7648b3a5e58c50b84e0db3dc1d2 bpftool-debuginfo-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: 58a09d99c3dd2f741638cf36e0ebd98249428b72b3a32b3f43907310b09b4d5b kernel-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: 18a6757a18e80e783c70dfb6c9b2b6378fc83cf0dcf6d87c85fabcc6c375e956 kernel-abi-stablelists-4.18.0-305.190.1.el8_4.noarch.rpm SHA-256: 28dd2f3a164bc2f264a148ac1d849e21cf5ec261b438cda2cec092ea6ea06f2a kernel-core-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: 619dd5afc3d4c636ae6eeea43865f0ab57a9363cf2ecf6c1688f14e7944b2710 kernel-cross-headers-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: a67aaa53d8bdd3a24bed2fbecbad2fa79245382d6cfef318a15378b8290e9c2d kernel-debug-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: 1acdb0e55ec11585819797e5a2d2df3d6365a54be940d6c4204c5b3081d69e83 kernel-debug-core-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: ad9b88a9f8116c24c88c9f1402d01b138a806d534929084e0c68695de98fc720 kernel-debug-debuginfo-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: 02b23b4c4312d40848bf17f413d478fa9d475e82cd39b2830a0a0211260f58de kernel-debug-devel-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: a80df787580886005dc836ff067917b2afc57d02ca81026a1d5ceab5514e130f kernel-debug-modules-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: 3ad80966b5fd5c9fe0868284586da2e2181abfadf62b5cf25fcdc969c2220c68 kernel-debug-modules-extra-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: e020601c39cc23fad9faedbcaf3d3109b513d748d2fa519c50dafc80f4b5e022 kernel-debuginfo-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: ea4355aa908f12ff8f6fa07a5e87b22eb09ff31fca420a3571a9a55a57cd82eb kernel-debuginfo-common-x86_64-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: e5152e86de85e693103bb129840810055a777c91cee09e2cabd845cb466bf7e8 kernel-devel-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: 6a081b0bc0fdbf971ee3934ebdd9131dc56d192751a3750195a1655256c93e9f kernel-doc-4.18.0-305.190.1.el8_4.noarch.rpm SHA-256: 9b8f2d9a607cc3dde5349890f9314b9e20f5870177845adca55fb2f5e2b47e75 kernel-headers-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: 3d23306574aac9bc2d5a6e686bdf44c215cabd4d09ad0f14b34c7dffced9d97b kernel-modules-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: 2f555b15a99c0015624acfc9a6ee40cc14c5810641b1608d571d5a8055f5639e kernel-modules-extra-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: 92e2cc5b1cd5e441ab26462ca6f68cbf0eac37985ad0dd74085a4975a976001a kernel-tools-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: 102c8fc558b48bd58a9fc93b30acedaf70c6e7c4c01c9514d6b772ae593423f5 kernel-tools-debuginfo-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: 6ad754217a011d776c2d92d109614ce9e5887da73f467bbcb844d57b291e691c kernel-tools-libs-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: c991c9a2d9580701f441c76ed3b99ca83c67cd52d4f931afc4851e5202a3ff69 perf-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: 86d38fc9bad31f555f4bbd04715494c917b62cf57043e85bbbdf821af789c2dd perf-debuginfo-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: 1d4420921d930515b7e47ba90629856f259ca33a8770fe9b2439baa9b31370ee python3-perf-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: c65d283251921ae98019c5d9fe2ecf6c64d3883995f9fbf6da98324fe9de893a python3-perf-debuginfo-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: 740c594c94e4b895f4181fd1f4a4710d5ccd2164b02e114d7770bd159b2a9ea6 The Red Hat security contact is secalert@redhat.com . More contact details at https://access.redhat.com/security/team/contact/ .