Security News

Cybersecurity news aggregator

🔄
HIGH Updates Red Hat Errata

RHSA-2026:19521: Important: kernel security update

rhelrdmacve-2025-38024cve-2026-23191cve-2026-23243
This Red Hat security advisory addresses multiple Important-severity vulnerabilities in the Linux kernel for RHEL 8.8 Update Services, including use-after-free flaws in RDMA/rxe (CVE-2025-38024, CVSS 7.8) and the bonding driver, a local privilege escalation via the ESP/XFRM subsystem ("Fragnesia", CVE-2026-46300), and a KVM shadow page table handling issue leading to privilege escalation or denial of service (CVE-2026-23401). The specific affected kernel version ranges and fixed versions for each CVE are detailed in the provided NVD data, such as CVE-2025-38024 affecting kernel versions 4.8 through 5.4.293 and fixed in 5.4.294. A system reboot is required after applying the update.
Read Full Article →

Red Hat Product Errata RHSA-2026:19521 - Security Advisory Issued: 2026-05-20 Updated: 2026-05-20 RHSA-2026:19521 - Security Advisory Overview Updated Packages Synopsis Important: kernel security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for kernel is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): kernel: Linux kernel: RDMA/rxe use-after-free vulnerability leading to potential arbitrary code execution (CVE-2025-38024) kernel: ALSA: aloop: Fix racy access at PCM trigger (CVE-2026-23191) kernel: Linux kernel: Denial of service and memory corruption in RDMA umad (CVE-2026-23243) kernel: Linux kernel KVM: Privilege escalation or denial of service due to improper shadow page table entry handling (CVE-2026-23401) kernel: Linux kernel: Use-after-free in bonding driver leads to denial of service (CVE-2026-31419) kernel: can: raw: fix ro->uniq use-after-free in raw_rcv() (CVE-2026-31532) kernel: "Fragnesia" is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation (LPE) vulnerability in the Linux kernel (CVE-2026-46300) kernel: Read root-owned files as an unprivileged user (CVE-2026-46333) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. Affected Products Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.8 x86_64 Red Hat Enterprise Linux Server - TUS 8.8 x86_64 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.8 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8 x86_64 Fixes BZ - 2373354 - CVE-2025-38024 kernel: Linux kernel: RDMA/rxe use-after-free vulnerability leading to potential arbitrary code execution BZ - 2439947 - CVE-2026-23191 kernel: ALSA: aloop: Fix racy access at PCM trigger BZ - 2448594 - CVE-2026-23243 kernel: Linux kernel: Denial of service and memory corruption in RDMA umad BZ - 2453803 - CVE-2026-23401 kernel: Linux kernel KVM: Privilege escalation or denial of service due to improper shadow page table entry handling BZ - 2457829 - CVE-2026-31419 kernel: Linux kernel: Use-after-free in bonding driver leads to denial of service BZ - 2461107 - CVE-2026-31532 kernel: can: raw: fix ro->uniq use-after-free in raw_rcv() BZ - 2477015 - CVE-2026-46300 kernel: "Fragnesia" is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation (LPE) vulnerability in the Linux kernel BZ - 2477802 - CVE-2026-46333 kernel: Read root-owned files as an unprivileged user CVEs CVE-2025-38024 CVE-2026-23191 CVE-2026-23243 CVE-2026-23401 CVE-2026-31419 CVE-2026-31532 CVE-2026-46300 CVE-2026-46333 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.8 SRPM kernel-4.18.0-477.143.1.el8_8.src.rpm SHA-256: 83c4ced7f1a483f5409dae95621be1b2e3eeaa442f82f5623967626779b04923 x86_64 bpftool-4.18.0-477.143.1.el8_8.x86_64.rpm SHA-256: 4674f302b56d1c96118ba7a0137322cba7d6e61efe22b729db189c06a8525e68 bpftool-debuginfo-4.18.0-477.143.1.el8_8.x86_64.rpm SHA-256: df6e284258bc78bdadf7749f240ff42bb594edc195188e879ac7ed1285dc9fa3 kernel-4.18.0-477.143.1.el8_8.x86_64.rpm SHA-256: 88d4f3afce673e0a17d0d09fac4c91fb442922694ad5b7d86beff6b55002f854 kernel-abi-stablelists-4.18.0-477.143.1.el8_8.noarch.rpm SHA-256: ea7e6eeac59a70dcd1921d311614cb3773881f298917da7dd931cef5f4b78dc5 kernel-core-4.18.0-477.143.1.el8_8.x86_64.rpm SHA-256: 0011fc930dc455d1d103c002682a052361eb5d365baa952109cd20e6acaeba2a kernel-cross-headers-4.18.0-477.143.1.el8_8.x86_64.rpm SHA-256: 49909dcd8dd929bbe14030cf32559ed92fc946224f6ecfc954d1fb63eb87533f kernel-debug-4.18.0-477.143.1.el8_8.x86_64.rpm SHA-256: b9d5a6aa9c237dccbac485da2d3adb0ddaf33a77d4cee36e6a2022adee93e279 kernel-debug-core-4.18.0-477.143.1.el8_8.x86_64.rpm SHA-256: 0b7e4be9015aa60f969fbd6f109d0eccdfc01ef2b6d97d97040ceab1e189d88b kernel-debug-debuginfo-4.18.0-477.143.1.el8_8.x86_64.rpm SHA-256: 0f6183edbc89e5ff340362de708b1481bb6d88e85484a82d570df68931c5e83f kernel-debug-devel-4.18.0-477.143.1.el8_8.x86_64.rpm SHA-256: 1df044a4faf2af6c64cfbc61eff65d5cd5ac320ca75b7e5d3b8b90c074513aee kernel-debug-modules-4.18.0-477.143.1.el8_8.x86_64.rpm SHA-256: 039a7ab1d95c8edd5f329a3c96009515d5465822bc8a33a181f2745d496ab074 kernel-debug-modules-extra-4.18.0-477.143.1.el8_8.x86_64.rpm SHA-256: a943d07f076ab880a8f7550e80280d4a48009a0eb90f72f86c8a1dcf08c1add2 kernel-debuginfo-4.18.0-477.143.1.el8_8.x86_64.rpm SHA-256: afbdc6a15747bed57d4230c6212855e51954c8904ce811ed8283d38ca3199679 kernel-debuginfo-common-x86_64-4.18.0-477.143.1.el8_8.x86_64.rpm SHA-256: 9848a9e93ed534425652d2c60cb07308bfa9b5ae1624dfea337c55b8f2fc77ac kernel-devel-4.18.0-477.143.1.el8_8.x86_64.rpm SHA-256: b0779c7c148fa5364c33ced1ab0da0a3d0963263538e7af43b63ef52bc40e221 kernel-doc-4.18.0-477.143.1.el8_8.noarch.rpm SHA-256: 94a6871b0e456dad9a253b088a650b5dc583dd3da62107a5a5f32b7a2807c6ab kernel-headers-4.18.0-477.143.1.el8_8.x86_64.rpm SHA-256: 67cdf8aada563bd294aaf06b9ed49faf61df7d1baf8a0ff15b0b1545ae18ed04 kernel-modules-4.18.0-477.143.1.el8_8.x86_64.rpm SHA-256: 94b7e4e025e4e08a98f583b4f2de6ef1c1443b8a2adb466aec3a88f58a5e6d4e kernel-modules-extra-4.18.0-477.143.1.el8_8.x86_64.rpm SHA-256: 44f436f0a16bbd6b1024b31b222abf281c17847b2c3c44de5fa9ebe425f1c746 kernel-tools-4.18.0-477.143.1.el8_8.x86_64.rpm SHA-256: 8b5c0e600cc1b6dbd0394a39d763c7edf5fb8522da04da00664fe46c23d9e468 kernel-tools-debuginfo-4.18.0-477.143.1.el8_8.x86_64.rpm SHA-256: 2ccd2d052016a2ff8125ab393948b033dde9668b6cd124752a7cc44ac5881d80 kernel-tools-libs-4.18.0-477.143.1.el8_8.x86_64.rpm SHA-256: a06d035976d7beea225af311754d1632f2ab1ea003db6eec9184b500e893dead perf-4.18.0-477.143.1.el8_8.x86_64.rpm SHA-256: 7fd19174def2d995e884d498eda7a023dac1a5e34c6d2823dafa93edfa5dc98f perf-debuginfo-4.18.0-477.143.1.el8_8.x86_64.rpm SHA-256: d213daaae488e0e70b522bd9037edf33a4a99ed15c985155de33ace70bfa4799 python3-perf-4.18.0-477.143.1.el8_8.x86_64.rpm SHA-256: 2355e43f6585f2134fb6801ec9e2849d1b833fb478686ad4fa6d8fbeffa0295b python3-perf-debuginfo-4.18.0-477.143.1.el8_8.x86_64.rpm SHA-256: 13d91fb95cdef55599f1749468c43acaa88e8e610a0d6d1a812ab8b4b4ced984 Red Hat Enterprise Linux Server - TUS 8.8 SRPM kernel-4.18.0-477.143.1.el8_8.src.rpm SHA-256: 83c4ced7f1a483f5409dae95621be1b2e3eeaa442f82f5623967626779b04923 x86_64 bpftool-4.18.0-477.143.1.el8_8.x86_64.rpm SHA-256: 4674f302b56d1c96118ba7a0137322cba7d6e61efe22b729db189c06a8525e68 bpftool-debuginfo-4.18.0-477.143.1.el8_8.x86_64.rpm SHA-256: df6e284258bc78bdadf7749f240ff42bb594edc195188e879ac7ed1285dc9fa3 kernel-4.18.0-477.143.1.el8_8.x86_64.rpm SHA-256: 88d4f3afce673e0a17d0d09fac4c91fb442922694ad5b7d86beff6b55002f854 kernel-abi-stablelists-4.18.0-477.143.1.el8_8.noarch.rpm SHA-256: ea7e6eeac59a70dcd1921d311614cb3773881f298917da7dd931cef5f4b78dc5 kernel-core-4.18.0-477.143.1.el8_8.x86_64.rpm SHA-256: 0011fc930dc455d1d103c002682a052361eb5d365baa952109cd20e6acaeba2a kernel-cross-headers-4.18.0-477.143.1.el8_8.x86_64.rpm SHA-256: 49909dcd8dd929bbe14030cf32559ed92fc946224f6ecfc954d1fb63eb87533f kernel-debug-4.18.0-477.143.1.el8_8.x86_64.rpm SHA-256: b9d5a6aa9c237dccbac485da2d3adb0ddaf33a77d4cee36e6a2022adee93e279 kernel-debug-core-4.18.0-477.143.1.el8_8.x86_64.rpm SHA-256: 0b7e4be9015aa60f969fbd6f109d0eccdfc01ef2b6d97d97040ceab1e189d88b kernel-debug-debuginfo-4.18.0-477.143.1.el8_8.x86_64.rpm SHA-256: 0f6183edbc89e5ff340362de708b1481bb6d88e85484a82d570df68931c5e83f kernel-debug-devel-4.18.0-477.143.1.el8_8.x86_64.rpm SHA-256: 1df044a4faf2af6c64cfbc61eff65d5cd5ac320ca75b7e5d3b8b90c074513aee kernel-debug-modules-4.18.0-477.143.1.el8_8.x86_64.rpm SHA-256: 039a7ab1d95c8edd5f329a3c96009515d5465822bc8a33a181f2745d496ab074 kernel-debug-modules-extra-4.18.0-477.143.1.el8_8.x86_64.rpm SHA-256: a943d07f076ab880a8f7550e80280d4a48009a0eb90f72f86c8a1dcf08c1add2 kernel-debuginfo-4.18.0-477.143.1.el8_8.x86_64.rpm SHA-256: afbdc6a15747bed57d4230c6212855e51954c8904ce811ed8283d38ca3199679 kernel-debuginfo-common-x86_64-4.18.0-477.143.1.el8_8.x86_64.rpm SHA-256: 9848a9e93ed534425652d2c60cb07308bfa9b5ae1624dfea337c55b8f2fc77ac kernel-devel-4.18.0-477.143.1.el8_8.x86_64.rpm SHA-256: b0779c7c148fa5364c33ced1ab0da0a3d0963263538e7af43b63ef52bc40e221 kernel-doc-4.18.0-477.143.1.el8_8.noarch.rpm SHA-256: 94a6871b0e456dad9a253b088a650b5dc583dd3da62107a5a5f32b7a2807c6ab kernel-headers-4.18.0-477.143.1.el8_8.x86_64.rpm SHA-256: 67cdf8aada563bd294aaf06b9ed49faf61df7d1baf8a0ff15b0b1545ae18ed04 kernel-modules-4.18.0-477.143.1.el8_8.x86_64.rpm SHA-256: 94b7e4e025e4e08a98f583b4f2de6ef1c1443b8a2adb466aec3a88f58a5e6d4e kernel-modules-extra-4.18.0-477.143.1.el8_8.x86_64.rpm SHA-256: 44f436f0a16bbd6b1024b31b222abf281c17847b2c3c44de5fa9ebe425f1c746 kernel-tools-4.18.0-477.143.1.el8_8.x86_64.rpm SHA-256: 8b5c0e600cc1b6dbd0394a39d763c7edf5fb8522da04da00664fe46c23d9e468 kernel-tools-debuginfo-4.18.0-477.143.1.el8_8.x86_64.rpm SHA-256: 2ccd2d052016a2ff8125ab393948b033dde9668b6cd124752a7cc44ac5881d80 k

Related Articles

HIGH Multiples vulnérabilités dans le noyau Linux de Red Hat (22 mai 2026) CERT-FR (ANSSI) HIGH RHSA-2026:20593: Important: kernel security update Red Hat Errata HIGH RHSA-2026:19875: Important: kernel-rt security update Red Hat Errata CRITICAL Multiples vulnérabilités dans le noyau Linux de Red Hat (15 mai 2026) CERT-FR (ANSSI)
Read Full Article → ← Back to News

Share this article

Twitter Facebook LinkedIn