Red Hat Product Errata RHSA-2026:15883 - Security Advisory Issued: 2026-05-11 Updated: 2026-05-11 RHSA-2026:15883 - Security Advisory Overview Updated Packages Synopsis Important: kernel security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for kernel is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): kernel: Linux kernel: Denial of Service due to a deadlock in hugetlb folio migration (CVE-2026-23097) kernel: netfilter: nf_conncount: update last_gc only when GC has been performed (CVE-2026-23139) kernel: Linux kernel: Denial of service and memory corruption in RDMA umad (CVE-2026-23243) kernel: Linux kernel KVM: Privilege escalation or denial of service due to improper shadow page table entry handling (CVE-2026-23401) kernel: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache (CVE-2026-31402) kernel: can: raw: fix ro->uniq use-after-free in raw_rcv() (CVE-2026-31532) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. Affected Products Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.0 x86_64 Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.0 s390x Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.0 ppc64le Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.0 aarch64 Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 10.0 x86_64 Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 10.0 ppc64le Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 10.0 s390x Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 10.0 aarch64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 10.0 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 10.0 s390x Red Hat Enterprise Linux for Power, little endian - 4 years of support 10.0 ppc64le Red Hat Enterprise Linux for x86_64 - 4 years of updates 10.0 x86_64 Fixes BZ - 2436802 - CVE-2026-23097 kernel: Linux kernel: Denial of Service due to a deadlock in hugetlb folio migration BZ - 2439874 - CVE-2026-23139 kernel: netfilter: nf_conncount: update last_gc only when GC has been performed BZ - 2448594 - CVE-2026-23243 kernel: Linux kernel: Denial of service and memory corruption in RDMA umad BZ - 2453803 - CVE-2026-23401 kernel: Linux kernel KVM: Privilege escalation or denial of service due to improper shadow page table entry handling BZ - 2454844 - CVE-2026-31402 kernel: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache BZ - 2461107 - CVE-2026-31532 kernel: can: raw: fix ro->uniq use-after-free in raw_rcv() CVEs CVE-2026-23097 CVE-2026-23139 CVE-2026-23243 CVE-2026-23401 CVE-2026-31402 CVE-2026-31532 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.0 SRPM kernel-6.12.0-55.72.1.el10_0.src.rpm SHA-256: 70a216bfe1445019696bd458a7c70763e89b4dc770e6564e27233ed141eb17c4 x86_64 kernel-6.12.0-55.72.1.el10_0.x86_64.rpm SHA-256: f716d41bce302e66f9cda0fff81c8eab7b64a8237f2db3f19db862c5dcb0a35a kernel-abi-stablelists-6.12.0-55.72.1.el10_0.noarch.rpm SHA-256: 56d28990702ae2b72e0ed2163c642f87c9a83e6c1306a8ff9cadb03ae416b5af kernel-core-6.12.0-55.72.1.el10_0.x86_64.rpm SHA-256: 19dd13481e452e0f2a065aa6840d6ece23320caa569d0ed4b422f359099bc214 kernel-debug-6.12.0-55.72.1.el10_0.x86_64.rpm SHA-256: 41ec4900e9ef3d575dbdec43735a7396334658f34a42307ed4395a7e015941fc kernel-debug-core-6.12.0-55.72.1.el10_0.x86_64.rpm SHA-256: 8f3d8ddd33662f5350bef751b892aa3873aad6e20ffbc6358f1b13bc4e5794a2 kernel-debug-debuginfo-6.12.0-55.72.1.el10_0.x86_64.rpm SHA-256: cbf69f4344d0e36f761026d5aeefc3323734dc87c8c80e0f6236c7ae6166cc4a kernel-debug-debuginfo-6.12.0-55.72.1.el10_0.x86_64.rpm SHA-256: cbf69f4344d0e36f761026d5aeefc3323734dc87c8c80e0f6236c7ae6166cc4a kernel-debug-debuginfo-6.12.0-55.72.1.el10_0.x86_64.rpm SHA-256: cbf69f4344d0e36f761026d5aeefc3323734dc87c8c80e0f6236c7ae6166cc4a kernel-debug-debuginfo-6.12.0-55.72.1.el10_0.x86_64.rpm SHA-256: cbf69f4344d0e36f761026d5aeefc3323734dc87c8c80e0f6236c7ae6166cc4a kernel-debug-devel-6.12.0-55.72.1.el10_0.x86_64.rpm SHA-256: 602c535bae037dc010e81b44e461d8effb27f14b2de6240bf418ef47c90896d5 kernel-debug-devel-matched-6.12.0-55.72.1.el10_0.x86_64.rpm SHA-256: 593364cea9c4ef570a1673fc52909abc5552da099fc19ed3169c3c4ea9158946 kernel-debug-modules-6.12.0-55.72.1.el10_0.x86_64.rpm SHA-256: ee2421dc782236f5ea2f2822433cc894e8a8210f025d92b77cbfd5c8ff44a9b9 kernel-debug-modules-core-6.12.0-55.72.1.el10_0.x86_64.rpm SHA-256: 3dc06f8e975a23868fb7bdf1e3f63dfabd28ed6874420c0dd8bf9ced47e49bfc kernel-debug-modules-extra-6.12.0-55.72.1.el10_0.x86_64.rpm SHA-256: 0773d32d41540b54b8b279d4c46492c02c2f2b061e15959df3b3aaf31caaebdd kernel-debug-uki-virt-6.12.0-55.72.1.el10_0.x86_64.rpm SHA-256: d804ac336c7ae26115b68a9af3944ccd0a6b7431e4593d74aa256b8d2fce1f52 kernel-debuginfo-6.12.0-55.72.1.el10_0.x86_64.rpm SHA-256: ea825040a8529ff974302b047e4164bae0a468c47780853ff4c093e137eae715 kernel-debuginfo-6.12.0-55.72.1.el10_0.x86_64.rpm SHA-256: ea825040a8529ff974302b047e4164bae0a468c47780853ff4c093e137eae715 kernel-debuginfo-6.12.0-55.72.1.el10_0.x86_64.rpm SHA-256: ea825040a8529ff974302b047e4164bae0a468c47780853ff4c093e137eae715 kernel-debuginfo-6.12.0-55.72.1.el10_0.x86_64.rpm SHA-256: ea825040a8529ff974302b047e4164bae0a468c47780853ff4c093e137eae715 kernel-debuginfo-common-x86_64-6.12.0-55.72.1.el10_0.x86_64.rpm SHA-256: 5bd6f3d2927625ac6ebd898ccaf0b1c1f0a768f0271b3ada8d9e4c00c83d3ad6 kernel-debuginfo-common-x86_64-6.12.0-55.72.1.el10_0.x86_64.rpm SHA-256: 5bd6f3d2927625ac6ebd898ccaf0b1c1f0a768f0271b3ada8d9e4c00c83d3ad6 kernel-debuginfo-common-x86_64-6.12.0-55.72.1.el10_0.x86_64.rpm SHA-256: 5bd6f3d2927625ac6ebd898ccaf0b1c1f0a768f0271b3ada8d9e4c00c83d3ad6 kernel-debuginfo-common-x86_64-6.12.0-55.72.1.el10_0.x86_64.rpm SHA-256: 5bd6f3d2927625ac6ebd898ccaf0b1c1f0a768f0271b3ada8d9e4c00c83d3ad6 kernel-devel-6.12.0-55.72.1.el10_0.x86_64.rpm SHA-256: cddd13d8e952d0f57e9ef032a5dfeac20964e33de5568dee49b144796faaf81b kernel-devel-matched-6.12.0-55.72.1.el10_0.x86_64.rpm SHA-256: a213fb72d947c53f652fac9def9e420fefc289f551f70797e28a7fc3d0e1e9a8 kernel-doc-6.12.0-55.72.1.el10_0.noarch.rpm SHA-256: 94f8835adea76fda4b4ec5086903d3cc026a6e9201631310c78658afc8b18c70 kernel-headers-6.12.0-55.72.1.el10_0.x86_64.rpm SHA-256: 054318abdc5a20e15a80d49d6bb51d29580c51230f7888c528acfb5ed40dc505 kernel-modules-6.12.0-55.72.1.el10_0.x86_64.rpm SHA-256: b47ec776f91d872f383473dab8c5c38bc85294dc285bdc8f9c22adf9cfbc7968 kernel-modules-core-6.12.0-55.72.1.el10_0.x86_64.rpm SHA-256: 3959fb179a05e2a831a9b4ac203cced25ff40c6694c7d5aff1ec1acb157c5e62 kernel-modules-extra-6.12.0-55.72.1.el10_0.x86_64.rpm SHA-256: 450eff1d78ac8517de429d2bbc19733d59eba2767095a04accc2d53592ab4f6b kernel-rt-6.12.0-55.72.1.el10_0.x86_64.rpm SHA-256: 2535ff700c498f8878b46f2440ff4d3af600c9d0ee4af8a8f93c4e607dff2d6a kernel-rt-6.12.0-55.72.1.el10_0.x86_64.rpm SHA-256: 2535ff700c498f8878b46f2440ff4d3af600c9d0ee4af8a8f93c4e607dff2d6a kernel-rt-core-6.12.0-55.72.1.el10_0.x86_64.rpm SHA-256: d4024e3120a3eea21c60e3b96b6d72bcef51dd1bb47364c0acbffcf0027a448c kernel-rt-core-6.12.0-55.72.1.el10_0.x86_64.rpm SHA-256: d4024e3120a3eea21c60e3b96b6d72bcef51dd1bb47364c0acbffcf0027a448c kernel-rt-debug-6.12.0-55.72.1.el10_0.x86_64.rpm SHA-256: 8d690fc354b51358974bbdf93dc4fe1735c591a8b1e5af9bcbef001f5ac12fd3 kernel-rt-debug-6.12.0-55.72.1.el10_0.x86_64.rpm SHA-256: 8d690fc354b51358974bbdf93dc4fe1735c591a8b1e5af9bcbef001f5ac12fd3 kernel-rt-debug-core-6.12.0-55.72.1.el10_0.x86_64.rpm SHA-256: 9212d8d3ebf0cedae938cc47219fbcabb76d5421aa19090dba5b06bebcfa01bb kernel-rt-debug-core-6.12.0-55.72.1.el10_0.x86_64.rpm SHA-256: 9212d8d3ebf0cedae938cc47219fbcabb76d5421aa19090dba5b06bebcfa01bb kernel-rt-debug-debuginfo-6.12.0-55.72.1.el10_0.x86_64.rpm SHA-256: 0c7d813a959416d877a65b8fe906bfe02f540dd39ebd74eb879f90b4c1977a01 kernel-rt-debug-debuginfo-6.12.0-55.72.1.el10_0.x86_64.rpm SHA-256: 0c7d813a959416d877a65b8fe906bfe02f540dd39ebd74eb879f90b4c1977a01 kernel-rt-debug-debuginfo-6.12.0-55.72.1.el10_0.x86_64.rpm SHA-256: 0c7d813a959416d877a65b8fe906bfe02f540dd39ebd74eb879f90b4c1977a01 kernel-rt-debug-debuginfo-6.12.0-55.72.1.el10_0.x86_64.rpm SHA-256: 0c7d813a959416d877a65b8fe906bfe02f540dd39ebd74eb879f90b4c1977a01 kernel-rt-debug-devel-6.12.0-55.72.1.el10_0.x86_64.rpm SHA-256: 736c1ca07b05132300526828b3c0d1bc012da5addf1b661b2737ffdd4eb78293 kernel-rt-debug-devel-6.12.0-55.72.1.el10_0.x86_64.rpm SHA-256: 736c1ca07b05132300526828b3c0d1bc012da5addf1b661b2737ffdd4eb78293 kernel-rt-debug-kvm-6.12.0-55.72.1.el10_0.x86_64.rpm SHA-256: 3d030a5668e6bb8bbce5be382f14e77746b3390f8237632897f7f115c1c8a459 kernel-rt-debug-modules-6.12.0-55.72.1.el10_0.x86_64.rpm SHA-256: c9ff7c41cb6bc679e8cfb4d257ba73ed264d1c051ff87ef6fa1c2f36898477b4 kernel-rt-debug-modules-6.12.0-55.72.1.el10_0.x86_64.rpm SHA-256: c9ff7c41cb6bc679e8cfb4d257ba73ed264d1c051ff87ef6fa1c2f36898477b4 kernel-rt-debug-modules-core-6.12.0-55.72.1.el10_0.x86_64.rpm SHA-256: d2