Red Hat Product Errata RHSA-2026:14925 - Security Advisory Issued: 2026-05-07 Updated: 2026-05-07 RHSA-2026:14925 - Security Advisory Overview Updated Packages Synopsis Important: kernel security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for kernel is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): kernel: out-of-bound read in memcpy_fromiovecend() (CVE-2018-16885) kernel: sctp: avoid NULL dereference when chunk data buffer is missing (CVE-2025-40240) kernel: ALSA: aloop: Fix racy access at PCM trigger (CVE-2026-23191) kernel: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache (CVE-2026-31402) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. Affected Products Red Hat Enterprise Linux Server - Extended Life Cycle Support 7 x86_64 Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 7 s390x Red Hat Enterprise Linux Server - Extended Life Cycle Support for IBM Power, big endian 7 ppc64 Red Hat Enterprise Linux Server - Extended Life Cycle Support for IBM Power, little endian 7 ppc64le Fixes BZ - 1661503 - CVE-2018-16885 kernel: out-of-bound read in memcpy_fromiovecend() BZ - 2418832 - CVE-2025-40240 kernel: sctp: avoid NULL dereference when chunk data buffer is missing BZ - 2439947 - CVE-2026-23191 kernel: ALSA: aloop: Fix racy access at PCM trigger BZ - 2454844 - CVE-2026-31402 kernel: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache CVEs CVE-2018-16885 CVE-2025-40240 CVE-2026-23191 CVE-2026-31402 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux Server - Extended Life Cycle Support 7 SRPM kernel-3.10.0-1160.149.1.el7.src.rpm SHA-256: 904c25d53e36340f8b8ce99f62d84577fa9aef6a79f37fee5e918a30e1f44f7a x86_64 bpftool-3.10.0-1160.149.1.el7.x86_64.rpm SHA-256: c80f4dc3c356688b8f1fae0fa0291c5fc8fc4e36404dc45e99b57718d62790ad bpftool-debuginfo-3.10.0-1160.149.1.el7.x86_64.rpm SHA-256: 56dcbca7c8759c3338e3c7713e097ed8105b6a3b650f852ab9200fb2746037c0 bpftool-debuginfo-3.10.0-1160.149.1.el7.x86_64.rpm SHA-256: 56dcbca7c8759c3338e3c7713e097ed8105b6a3b650f852ab9200fb2746037c0 kernel-3.10.0-1160.149.1.el7.x86_64.rpm SHA-256: 9a41901cde644c77c6ff9f6a4f664d1fa26d327adb4fd893727ce00c5b14d6e4 kernel-abi-whitelists-3.10.0-1160.149.1.el7.noarch.rpm SHA-256: 082ce57a65a341faf36a7bdad392c793d65fb2bdae82cd379917baeec42aa221 kernel-debug-3.10.0-1160.149.1.el7.x86_64.rpm SHA-256: 4077f85c1eac356405942244d84e9435ec2021a6dec95743f59c281da64d4f8f kernel-debug-debuginfo-3.10.0-1160.149.1.el7.x86_64.rpm SHA-256: bfba382ff723a2f1a131d40879ddd97eb146b0d9522b3848402753fd9a94287d kernel-debug-debuginfo-3.10.0-1160.149.1.el7.x86_64.rpm SHA-256: bfba382ff723a2f1a131d40879ddd97eb146b0d9522b3848402753fd9a94287d kernel-debug-devel-3.10.0-1160.149.1.el7.x86_64.rpm SHA-256: 2906116f18531395aaea03656eebdaa64ebb0121aa14f2320353ba8caa11a935 kernel-debuginfo-3.10.0-1160.149.1.el7.x86_64.rpm SHA-256: 9f0a8187f1decb0bc5dda9d86c5cc2828634dc4677edcad4bc2daf5e0867b75b kernel-debuginfo-3.10.0-1160.149.1.el7.x86_64.rpm SHA-256: 9f0a8187f1decb0bc5dda9d86c5cc2828634dc4677edcad4bc2daf5e0867b75b kernel-debuginfo-common-x86_64-3.10.0-1160.149.1.el7.x86_64.rpm SHA-256: d7041f8f0351a08097240d5ec2ed78b0d9a3e08cb5dc60ae8710c85bd363ceaa kernel-debuginfo-common-x86_64-3.10.0-1160.149.1.el7.x86_64.rpm SHA-256: d7041f8f0351a08097240d5ec2ed78b0d9a3e08cb5dc60ae8710c85bd363ceaa kernel-devel-3.10.0-1160.149.1.el7.x86_64.rpm SHA-256: 58ea44d48be13aad1b842abe5048de655641f7786ea7bb6b7bea616facc47364 kernel-doc-3.10.0-1160.149.1.el7.noarch.rpm SHA-256: 230ef1c957f8e0a61eed56c66d15c5d309ad78d377f8cc41109f3b11ea80734b kernel-headers-3.10.0-1160.149.1.el7.x86_64.rpm SHA-256: fee8d8ab3c324bef9679b5d1e7b578a22a6dbc668ad79c5518372b95f8729c62 kernel-tools-3.10.0-1160.149.1.el7.x86_64.rpm SHA-256: 8291adc095f36d88d816730b7747a82251efbcc097da2e9957053e1600e71946 kernel-tools-debuginfo-3.10.0-1160.149.1.el7.x86_64.rpm SHA-256: 5d3bbb5a898e599f0e761e013568174806fb93727d8073b733bae754ca1d5da6 kernel-tools-debuginfo-3.10.0-1160.149.1.el7.x86_64.rpm SHA-256: 5d3bbb5a898e599f0e761e013568174806fb93727d8073b733bae754ca1d5da6 kernel-tools-libs-3.10.0-1160.149.1.el7.x86_64.rpm SHA-256: 82f7cfed6bbd25250cb62c76fe34229ef379a18a732bbf32498a05bb396db31c kernel-tools-libs-devel-3.10.0-1160.149.1.el7.x86_64.rpm SHA-256: b3e9ff0c42a527d8c476bf81287b872b5ed835d9ceff5cb04a07b8963c8a69ba perf-3.10.0-1160.149.1.el7.x86_64.rpm SHA-256: 7d5e0c7059b0dc8a619da4556ba9c78541ac095f038d740802a39eec35f1c313 perf-debuginfo-3.10.0-1160.149.1.el7.x86_64.rpm SHA-256: 7db6d11d103fc4b3df87aa5ee05a256b2007892f6c9a4bea751e5465785527be perf-debuginfo-3.10.0-1160.149.1.el7.x86_64.rpm SHA-256: 7db6d11d103fc4b3df87aa5ee05a256b2007892f6c9a4bea751e5465785527be python-perf-3.10.0-1160.149.1.el7.x86_64.rpm SHA-256: 71cc4d38c76455d89184706d1d8f8d98f7464493a2da9f82d68998c53be187f9 python-perf-debuginfo-3.10.0-1160.149.1.el7.x86_64.rpm SHA-256: 65abefb61074d3fa16c8869473084fe08d43ce1808b9177811059f7d688c5d1d python-perf-debuginfo-3.10.0-1160.149.1.el7.x86_64.rpm SHA-256: 65abefb61074d3fa16c8869473084fe08d43ce1808b9177811059f7d688c5d1d Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 7 SRPM kernel-3.10.0-1160.149.1.el7.src.rpm SHA-256: 904c25d53e36340f8b8ce99f62d84577fa9aef6a79f37fee5e918a30e1f44f7a s390x bpftool-3.10.0-1160.149.1.el7.s390x.rpm SHA-256: 8183731ce738490287a6cedcb2f4e182c9876ca084816f708043ad971cc6c0c8 bpftool-debuginfo-3.10.0-1160.149.1.el7.s390x.rpm SHA-256: f09f8d0da634a2868b617e6347a35fab8e1f52c877b30f2b0bc777329e2421b0 kernel-3.10.0-1160.149.1.el7.s390x.rpm SHA-256: 79abe695761bdde3f0619f86615089575f5b12d30ca5230cb4534201df4e10bb kernel-abi-whitelists-3.10.0-1160.149.1.el7.noarch.rpm SHA-256: 082ce57a65a341faf36a7bdad392c793d65fb2bdae82cd379917baeec42aa221 kernel-debug-3.10.0-1160.149.1.el7.s390x.rpm SHA-256: 1fa68d48580c136543e3eb923dd3e032693e8702d4e2a7fa1ac5e8963a87f6d6 kernel-debug-debuginfo-3.10.0-1160.149.1.el7.s390x.rpm SHA-256: 9d12a4289b52273fec2357341b6573c65dbc69b0512e3f510ab60a9db6eec13d kernel-debug-devel-3.10.0-1160.149.1.el7.s390x.rpm SHA-256: 43a6c2f7aafcdfa125a62806f05460146255b7702459f24e9999253f28577b21 kernel-debuginfo-3.10.0-1160.149.1.el7.s390x.rpm SHA-256: 0ecc5e2de18cf23b307b51403be1eb0102fc1e1b287274638d1fd5192b89aeaa kernel-debuginfo-common-s390x-3.10.0-1160.149.1.el7.s390x.rpm SHA-256: 56a1af4586d61ed252ee4113f375ec4e06fdbc8f47b7c832285d14aa88dc096f kernel-devel-3.10.0-1160.149.1.el7.s390x.rpm SHA-256: c2079b4a8bf0592a6a6e23a21635593d469aa70b567b28b27cdf82e748f0f818 kernel-doc-3.10.0-1160.149.1.el7.noarch.rpm SHA-256: 230ef1c957f8e0a61eed56c66d15c5d309ad78d377f8cc41109f3b11ea80734b kernel-headers-3.10.0-1160.149.1.el7.s390x.rpm SHA-256: 39fe9a4470b7d5745bb89bf34832e68ebb76fafe7a9d42beab576e8a0dba91ba kernel-kdump-3.10.0-1160.149.1.el7.s390x.rpm SHA-256: eff84ca1b54053c081f865e2e55b4cf89425384fd9ea2bf4be748ae253ad41f6 kernel-kdump-debuginfo-3.10.0-1160.149.1.el7.s390x.rpm SHA-256: 6a78aa6770e783ad452980ee175eb1cfd855d2ca56a87fa267bba1393a2aca62 kernel-kdump-devel-3.10.0-1160.149.1.el7.s390x.rpm SHA-256: 153ebf2c86284861d6c05136d5c47e034454dcb92975173f0a8557f5b1477867 perf-3.10.0-1160.149.1.el7.s390x.rpm SHA-256: a65a195032389984b67644c8019738e44ba400e65b915c5faebd78ba1719f285 perf-debuginfo-3.10.0-1160.149.1.el7.s390x.rpm SHA-256: 3cbd65fbe628209f92ec5aca9475f18d92b786cb8140e6093e798c653e490c61 python-perf-3.10.0-1160.149.1.el7.s390x.rpm SHA-256: e3d9ed1680ea12877b394f52e8efec56734609615a3c5bbc19b521c77603fc37 python-perf-debuginfo-3.10.0-1160.149.1.el7.s390x.rpm SHA-256: ee5f7f94d96926da02e1ef39f2bd41cde30665cf0bd6c58c1c02991000872365 Red Hat Enterprise Linux Server - Extended Life Cycle Support for IBM Power, big endian 7 SRPM kernel-3.10.0-1160.149.1.el7.src.rpm SHA-256: 904c25d53e36340f8b8ce99f62d84577fa9aef6a79f37fee5e918a30e1f44f7a ppc64 bpftool-3.10.0-1160.149.1.el7.ppc64.rpm SHA-256: 2fdff40f009c621e75eb21b58b1fd09d0c2ad4a7cf2f36af18f7266157075401 bpftool-debuginfo-3.10.0-1160.149.1.el7.ppc64.rpm SHA-256: a94038aeb999415bc3ddd9d93f72c572de39aa15c3c6cf91df11fb8363fa8da1 bpftool-debuginfo-3.10.0-1160.149.1.el7.ppc64.rpm SHA-256: a94038aeb999415bc3ddd9d93f72c572de39aa15c3c6cf91df11fb8363fa8da1 kernel-3.10.0-1160.149.1.el7.ppc64.rpm SHA-256: 0b545d3dc61d25551325797c097a6d86155f232e0a500200e359a681eb86b673 kernel-abi-whitelists-3.10.0-1160.149.1.el7.noarch.rpm SHA-256: 082ce57a65a341faf36a7bdad392c793d65fb2bdae82cd379917baeec42aa221 kernel-bootwrapper-3.10.0-1160.149.1.el7.ppc64.rpm SHA-256: fe35e0e5987459dc82f01c951a514f2a5f6ee22d4f1c33332ba822936370b879 kernel-debug-3.10.0-1160.149.1.el7.ppc64.rpm SHA-256: 361213100639d7f189d69dcf808adeab7c1d3b53d3fef9d82633fb4a2db93276 kernel-debug-debuginfo-3.10.0-1160.149.1.el7.ppc64.rpm SHA-256: 8fd2b596f8d6c34dce565bbe63624d865dd3207f0d92600f42eada950e863c8f kernel-debug-debuginfo-3.10.0-1160.149.1.el7.ppc64.rpm SHA-256: 8fd2b596f8d6c34dce565bbe63624d865dd3207f0d92600f42eada950e863c8f kernel-debug-devel-3.10.0-1160.149.1.el7.ppc64.rpm SHA-256: