Red Hat Product Errata RHSA-2026:19666 - Security Advisory Issued: 2026-05-20 Updated: 2026-05-20 RHSA-2026:19666 - Security Advisory Overview Updated Packages Synopsis Important: kernel security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): kernel: "Fragnesia" is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation (LPE) vulnerability in the Linux kernel (CVE-2026-46300) kernel: Read root-owned files as an unprivileged user (CVE-2026-46333) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. Affected Products Red Hat Enterprise Linux for x86_64 8 x86_64 Red Hat Enterprise Linux for IBM z Systems 8 s390x Red Hat Enterprise Linux for Power, little endian 8 ppc64le Red Hat Enterprise Linux for ARM 64 8 aarch64 Red Hat CodeReady Linux Builder for x86_64 8 x86_64 Red Hat CodeReady Linux Builder for Power, little endian 8 ppc64le Red Hat CodeReady Linux Builder for ARM 64 8 aarch64 Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 8.10 x86_64 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 8.10 aarch64 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 8.10 ppc64le Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 8.10 s390x Fixes BZ - 2477015 - CVE-2026-46300 kernel: "Fragnesia" is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation (LPE) vulnerability in the Linux kernel BZ - 2477802 - CVE-2026-46333 kernel: Read root-owned files as an unprivileged user CVEs CVE-2026-46300 CVE-2026-46333 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 8 SRPM kernel-4.18.0-553.125.1.el8_10.src.rpm SHA-256: 5c5caeba1b8a58bbc370cbc870b2ced3013fb5325217e9ae7af160428aedd166 x86_64 bpftool-4.18.0-553.125.1.el8_10.x86_64.rpm SHA-256: 6f9d2120d805200657123b6ea580b9981bb4ce113401eec7c4a00e137924098a bpftool-debuginfo-4.18.0-553.125.1.el8_10.x86_64.rpm SHA-256: 5dbb684d6580b89ac3ef2c1789d364f5a2a8b845823b2353b3f2ce264f216c62 kernel-4.18.0-553.125.1.el8_10.x86_64.rpm SHA-256: 88eafb7f213b6f238f2cb74df3e6b3aacda52af6339f4a41a6400cf65fb1d3c1 kernel-abi-stablelists-4.18.0-553.125.1.el8_10.noarch.rpm SHA-256: 5af9f52657841a48f0645a66431bcdc147080ada5c3e0fa3e419030467a17d19 kernel-core-4.18.0-553.125.1.el8_10.x86_64.rpm SHA-256: 1b813c7d4e5976325f301cc8457dbf9fd9bf105b61436574877056ddebf74a24 kernel-cross-headers-4.18.0-553.125.1.el8_10.x86_64.rpm SHA-256: 92a720ba03f3bbf7c423c9f6e8af5bb44c69b5b711ec65e6e59ddd84f7801aff kernel-debug-4.18.0-553.125.1.el8_10.x86_64.rpm SHA-256: 84d1dd753ec14cce66cae96c4aea7004380ab733ea0e21e03a4a8879cae3f2df kernel-debug-core-4.18.0-553.125.1.el8_10.x86_64.rpm SHA-256: f96623929972e81d60757cb933e9119cab028394378b703ebda2330ab8dcb4ab kernel-debug-debuginfo-4.18.0-553.125.1.el8_10.x86_64.rpm SHA-256: 0c63cec90cfaf3ab9c1f28e547e0df3e93ae1538648120ddbc52217d44c13f9b kernel-debug-devel-4.18.0-553.125.1.el8_10.x86_64.rpm SHA-256: 55fe5558717b279baf1de90d949741dcac9cb6c4d19b970a11b2ce70af90d20d kernel-debug-modules-4.18.0-553.125.1.el8_10.x86_64.rpm SHA-256: 3dc992d584c2a9451ad83883d751b03ffc24512a23afe2b970820d8521a0eb34 kernel-debug-modules-extra-4.18.0-553.125.1.el8_10.x86_64.rpm SHA-256: d9e17efc2f2fbb32994b9f879ea00d07cc3c76616cfa1b5bd9b0fe269b143ef3 kernel-debuginfo-4.18.0-553.125.1.el8_10.x86_64.rpm SHA-256: 63e9452f9f9b2d7f2194ec4cdbb4b3ef873a6d75222e1a7c1a0bac8cdd680412 kernel-debuginfo-common-x86_64-4.18.0-553.125.1.el8_10.x86_64.rpm SHA-256: a5f032346dfed11bc889628fa77d9dfdd03c3d02993d737348cd3a58f6b39e14 kernel-devel-4.18.0-553.125.1.el8_10.x86_64.rpm SHA-256: e0d02890da87f346f96da7483294b4b2a08cdebee42e05a3356b24f0e66163b4 kernel-doc-4.18.0-553.125.1.el8_10.noarch.rpm SHA-256: 3aed10b636805243454f9bdc96221133d983df0ff224a5d9a5bbc2ef9ea6e2a2 kernel-headers-4.18.0-553.125.1.el8_10.x86_64.rpm SHA-256: 9f218a24f613711e682ed5ff061670cc5c7cf61709217e2dbdd13c49ed942e84 kernel-modules-4.18.0-553.125.1.el8_10.x86_64.rpm SHA-256: 87d3ad8d70312f75d20157d0a1f37594504ed26d647b39e1b8b6c3b8e28eb1f1 kernel-modules-extra-4.18.0-553.125.1.el8_10.x86_64.rpm SHA-256: e9537d74f697b5b9df915edb474dd4d0897b2bc5f5c5a1e18a03ae651302663a kernel-tools-4.18.0-553.125.1.el8_10.x86_64.rpm SHA-256: e67308947d524c126a7cf051b4908e4a204b4ce51c7c12e6e9cb906601a0e584 kernel-tools-debuginfo-4.18.0-553.125.1.el8_10.x86_64.rpm SHA-256: 827e31d4cc5e88a2c29fac3fb20d0c7b80946ecee4e0f4e0bcd8973d058afb53 kernel-tools-libs-4.18.0-553.125.1.el8_10.x86_64.rpm SHA-256: e4578e825176dbe23ded46fd218017deee58ab1030b9768fc254fb7ba8511312 perf-4.18.0-553.125.1.el8_10.x86_64.rpm SHA-256: 3003e180e5ed826f8c981d55f90cde481f53010f9d7114a1d71a92330c998e3c perf-debuginfo-4.18.0-553.125.1.el8_10.x86_64.rpm SHA-256: b06ad9c0dc60781bcfe9b1ef94335a263695286ed52dfe9cf9e715490db5f0f9 python3-perf-4.18.0-553.125.1.el8_10.x86_64.rpm SHA-256: c63187bdd369108973c49f71ffe8083bb13520df50f3704081e08589f96e2cfb python3-perf-debuginfo-4.18.0-553.125.1.el8_10.x86_64.rpm SHA-256: 0efe8ceba4f92b4df2ed45096636a132c6868c09e1e4a641a3b5c5aef0f616c7 Red Hat Enterprise Linux for IBM z Systems 8 SRPM kernel-4.18.0-553.125.1.el8_10.src.rpm SHA-256: 5c5caeba1b8a58bbc370cbc870b2ced3013fb5325217e9ae7af160428aedd166 s390x bpftool-4.18.0-553.125.1.el8_10.s390x.rpm SHA-256: 6b06272bf4aa7fa67b6fb89a235b57075362122fbb43ca2106c21e640069dde4 bpftool-debuginfo-4.18.0-553.125.1.el8_10.s390x.rpm SHA-256: 3cbb860af6423a9f4aca9c69024a181bfe2008b779b81314c6c26dff043ecb68 kernel-4.18.0-553.125.1.el8_10.s390x.rpm SHA-256: 9f21fee2eb064480063130e289825fb44f228a65c7af9b4cfd055fa0a5d8bda9 kernel-abi-stablelists-4.18.0-553.125.1.el8_10.noarch.rpm SHA-256: 5af9f52657841a48f0645a66431bcdc147080ada5c3e0fa3e419030467a17d19 kernel-core-4.18.0-553.125.1.el8_10.s390x.rpm SHA-256: f32674422be393decb44bbdd12d5319d86c0fda2d343bb31d05dbea8819a855e kernel-cross-headers-4.18.0-553.125.1.el8_10.s390x.rpm SHA-256: 83f7526dbbafa04f59ccd247c23cd6e8540ed0eb4df3f2ec35ccdd91bd1a66bf kernel-debug-4.18.0-553.125.1.el8_10.s390x.rpm SHA-256: cbafeb5311ca4b83adc003f88a280ed63100099db0c380526683c84abc05d090 kernel-debug-core-4.18.0-553.125.1.el8_10.s390x.rpm SHA-256: d46c6c922b3913cf3a064180f88e87c2f1e0a44e53a8f43a8a65a8e097162aab kernel-debug-debuginfo-4.18.0-553.125.1.el8_10.s390x.rpm SHA-256: 007f42759191d1870d796594e1a9c1260e1d970ab4ef285611639ee780f68355 kernel-debug-devel-4.18.0-553.125.1.el8_10.s390x.rpm SHA-256: af7110521454003ec0da05501e7701f80979008ab5cce1f3ca66d5d779a93ce6 kernel-debug-modules-4.18.0-553.125.1.el8_10.s390x.rpm SHA-256: af3f2e5afe5ec7724fefddf6fef7cf9c19ce686ab3636c168d2e721d932e6066 kernel-debug-modules-extra-4.18.0-553.125.1.el8_10.s390x.rpm SHA-256: e72d2f9919d757df43a97853c49d6e86513686a568cd76c6376b281f251484d6 kernel-debuginfo-4.18.0-553.125.1.el8_10.s390x.rpm SHA-256: 0632a8ba58ec06aab5a8a848181d74398d55d88602b7e85d5e9ce12359d8a291 kernel-debuginfo-common-s390x-4.18.0-553.125.1.el8_10.s390x.rpm SHA-256: 7894455dcef235bef4141546dbfd972c8ce7ed28dd07026a68ee329f2b9a58d5 kernel-devel-4.18.0-553.125.1.el8_10.s390x.rpm SHA-256: 8a68415596a6eb679c358c08c070751feb3209de307b1592a08298e4f5cc9813 kernel-doc-4.18.0-553.125.1.el8_10.noarch.rpm SHA-256: 3aed10b636805243454f9bdc96221133d983df0ff224a5d9a5bbc2ef9ea6e2a2 kernel-headers-4.18.0-553.125.1.el8_10.s390x.rpm SHA-256: 02a4e0c0c22398d79f4c048c3681f2c400d522fc506738350b84dc7ce9c01940 kernel-modules-4.18.0-553.125.1.el8_10.s390x.rpm SHA-256: 71b1504a6f0e7f698617f2ea2dc3943af506ec31ff94532aba15f25ad130e908 kernel-modules-extra-4.18.0-553.125.1.el8_10.s390x.rpm SHA-256: 0cb72cb7b9c995e71e43f7bdc972e8adab74e0300fd13392734df2af959f3446 kernel-tools-4.18.0-553.125.1.el8_10.s390x.rpm SHA-256: 7ae7243726159206a414bc111212ee3e356dd9249d8bd9aaf162cad8f196da4c kernel-tools-debuginfo-4.18.0-553.125.1.el8_10.s390x.rpm SHA-256: 4808da24c99749f36b01728838b03f459ed652ff03910b511228612d84bcd26c kernel-zfcpdump-4.18.0-553.125.1.el8_10.s390x.rpm SHA-256: d1a72c3baff5a429a5ce68e5cd978e166783c59a9e14a96ccb9deca7fb5453e1 kernel-zfcpdump-core-4.18.0-553.125.1.el8_10.s390x.rpm SHA-256: e57f06a281e0e7022006c847c5492e8c336eea5256bf70dd9d74550e578a2f48 kernel-zfcpdump-debuginfo-4.18.0-553.125.1.el8_10.s390x.rpm SHA-256: 87e2ff85da2134c2d0de7dae6fe25461d0da0237116f18b3ec6acce97b318d8a kernel-zfcpdump-devel-4.18.0-553.125.1.el8_10.s390x.rpm SHA-256: 355f9243b06f2c9adc4b3214b8b5e9d0956b8b961683bcebd20ca8cc115bb3d8 kernel-zfcpdump-modules-4.18.0-553.125.1.el8_10.s390x.rpm SHA-256: edc49e3922cb29c0ce11e77ee901cf3f111ce682e3da080a86b6df2ade24cacf kernel-zfcpdump-modules-extra-4.18.0-553.125.1.el8_10.s390x.rpm SHA-256: 5edb538ac417ddb42e1735a6dc84c02d7f3aa1963dd33f925291346025cfa542 perf-4.18.0-553.125.1.el8_10.s390x.rpm SHA-256: 2a1706543bcb480b7942e450066da43ab5623afe33bebd64ed6041b1cae23c0c perf-debuginfo-4.18.0-553.125.1.el8_10.s390x.rpm SHA-256: 9af12d791ff2e250b9f08e1685b26e743f162d5b042c2910cab50e5b7b92f5b7 python3-perf-4.18.0-553.125.1.el8_10.s390x.rpm SHA-256: f7cc8983efcbcf4e76