Red Hat Product Errata RHSA-2026:19569 - Security Advisory Issued: 2026-05-20 Updated: 2026-05-20 RHSA-2026:19569 - Security Advisory Overview Updated Packages Synopsis Important: kernel security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for kernel is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): kernel: net: af_can: do not leave a dangling sk pointer in can_create() (CVE-2024-56603) kernel: net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit (CVE-2025-39766) kernel: crypto: asymmetric_keys - prevent overflow in asymmetric_key_generate_id (CVE-2025-68724) kernel: scsi: qla2xxx: Fix improper freeing of purex item (CVE-2025-68741) kernel: Linux kernel: Use-after-free in traffic control (act_ct) may lead to denial of service or privilege escalation (CVE-2026-23270) kernel: Linux kernel KVM: Privilege escalation or denial of service due to improper shadow page table entry handling (CVE-2026-23401) kernel: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache (CVE-2026-31402) kernel: Bluetooth: SCO: Fix use-after-free in sco_recv_frame() due to missing sock_hold (CVE-2026-31408) kernel: usbip: validate number_of_packets in usbip_pack_ret_submit() (CVE-2026-31607) kernel: RDMA/umem: Fix double dma_buf_unpin in failure path (CVE-2026-43128) kernel: "Dirty Frag" is a new universal Local Privilege Escalation (LPE) vulnerability in the Linux kernel (CVE-2026-43284) kernel: "Fragnesia" is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation (LPE) vulnerability in the Linux kernel (CVE-2026-46300) kernel: Read root-owned files as an unprivileged user (CVE-2026-46333) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. Affected Products Red Hat Enterprise Linux for x86_64 10 x86_64 Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.2 x86_64 Red Hat Enterprise Linux for IBM z Systems 10 s390x Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.2 s390x Red Hat Enterprise Linux for Power, little endian 10 ppc64le Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.2 ppc64le Red Hat Enterprise Linux for ARM 64 10 aarch64 Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.2 aarch64 Red Hat CodeReady Linux Builder for x86_64 10 x86_64 Red Hat CodeReady Linux Builder for Power, little endian 10 ppc64le Red Hat CodeReady Linux Builder for ARM 64 10 aarch64 Red Hat CodeReady Linux Builder for IBM z Systems 10 s390x Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 10.2 x86_64 Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 10.2 ppc64le Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 10.2 s390x Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 10.2 aarch64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 10.2 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 10.2 s390x Red Hat Enterprise Linux for Power, little endian - 4 years of support 10.2 ppc64le Red Hat Enterprise Linux for x86_64 - 4 years of updates 10.2 x86_64 Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 10.2 x86_64 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 10.2 aarch64 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 10.2 ppc64le Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 10.2 s390x Fixes BZ - 2334439 - CVE-2024-56603 kernel: net: af_can: do not leave a dangling sk pointer in can_create() BZ - 2394648 - CVE-2025-39766 kernel: net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit BZ - 2424886 - CVE-2025-68724 kernel: crypto: asymmetric_keys - prevent overflow in asymmetric_key_generate_id BZ - 2425046 - CVE-2025-68741 kernel: scsi: qla2xxx: Fix improper freeing of purex item BZ - 2448745 - CVE-2026-23270 kernel: Linux kernel: Use-after-free in traffic control (act_ct) may lead to denial of service or privilege escalation BZ - 2453803 - CVE-2026-23401 kernel: Linux kernel KVM: Privilege escalation or denial of service due to improper shadow page table entry handling BZ - 2454844 - CVE-2026-31402 kernel: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache BZ - 2455334 - CVE-2026-31408 kernel: Bluetooth: SCO: Fix use-after-free in sco_recv_frame() due to missing sock_hold BZ - 2461521 - CVE-2026-31607 kernel: usbip: validate number_of_packets in usbip_pack_ret_submit() BZ - 2467144 - CVE-2026-43128 kernel: RDMA/umem: Fix double dma_buf_unpin in failure path BZ - 2467771 - CVE-2026-43284 kernel: "Dirty Frag" ESP XFRM variant is a new universal Local Privilege Escalation (LPE) vulnerability in the Linux kernel BZ - 2477015 - CVE-2026-46300 kernel: "Fragnesia" is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation (LPE) vulnerability in the Linux kernel BZ - 2477802 - CVE-2026-46333 kernel: Read root-owned files as an unprivileged user RHEL-169354 - Backport DRM MST/TBT fixes for Dell CVEs CVE-2024-56603 CVE-2025-39766 CVE-2025-68724 CVE-2025-68741 CVE-2026-23270 CVE-2026-23401 CVE-2026-31402 CVE-2026-31408 CVE-2026-31607 CVE-2026-43128 CVE-2026-43284 CVE-2026-46300 CVE-2026-46333 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 10 SRPM kernel-6.12.0-211.16.1.el10_2.src.rpm SHA-256: ee6ae44bc0e4288b6b60ad5bd89716c68568e7e762779ce954a75c8d00e08c02 x86_64 kernel-6.12.0-211.16.1.el10_2.x86_64.rpm SHA-256: 254a7b45cb83d2d16a39f37bbb7ad3a80f7963766312af70a22a1057ebd12a0a kernel-abi-stablelists-6.12.0-211.16.1.el10_2.noarch.rpm SHA-256: 7e8a68fd1ab2d03fef4f0899f7938363aae909c2a52671fdb9e75e4afacd1f97 kernel-core-6.12.0-211.16.1.el10_2.x86_64.rpm SHA-256: 3fcb9f83d44c59c96e5bea7deb9cf33c3d6d8aef566476e5b0425ec242f4ab08 kernel-debug-6.12.0-211.16.1.el10_2.x86_64.rpm SHA-256: 8c94a05802cc3480da2b70aff35945acd25433748a10b83183d7e3461c195050 kernel-debug-core-6.12.0-211.16.1.el10_2.x86_64.rpm SHA-256: 03bf4d4ff4352a7f30eab710bc5d2cab7e1db3b2d302c069d79778e63cf6e666 kernel-debug-debuginfo-6.12.0-211.16.1.el10_2.x86_64.rpm SHA-256: 8561d290606c2907922b5147b887178ed47bb952cc762b36fdeef83ce6687efb kernel-debug-debuginfo-6.12.0-211.16.1.el10_2.x86_64.rpm SHA-256: 8561d290606c2907922b5147b887178ed47bb952cc762b36fdeef83ce6687efb kernel-debug-debuginfo-6.12.0-211.16.1.el10_2.x86_64.rpm SHA-256: 8561d290606c2907922b5147b887178ed47bb952cc762b36fdeef83ce6687efb kernel-debug-debuginfo-6.12.0-211.16.1.el10_2.x86_64.rpm SHA-256: 8561d290606c2907922b5147b887178ed47bb952cc762b36fdeef83ce6687efb kernel-debug-devel-6.12.0-211.16.1.el10_2.x86_64.rpm SHA-256: 6f01cef9c460c008befb168ec3b393355bbb6d74a2efc0e7227534d806618d2f kernel-debug-devel-matched-6.12.0-211.16.1.el10_2.x86_64.rpm SHA-256: 762fb50ca3983c9ee84a6fdf162fafae3e4ab9b10c0c63a9139e4fecbc9bde30 kernel-debug-modules-6.12.0-211.16.1.el10_2.x86_64.rpm SHA-256: 32b032119ecd1abc4af9d61079f835ba8109e69725af9da770a1c33f8100be1f kernel-debug-modules-core-6.12.0-211.16.1.el10_2.x86_64.rpm SHA-256: 5cb1ae8b2fc8399066137097698523d65de154b2ca79fe7cc10f5c11960a6b74 kernel-debug-modules-extra-6.12.0-211.16.1.el10_2.x86_64.rpm SHA-256: c7dc2be8a9c6ab539e2ef5001799148a69768aa9c8f63664ad7884b12bfe4dc1 kernel-debug-uki-virt-6.12.0-211.16.1.el10_2.x86_64.rpm SHA-256: 65b6320a0db960466e5aab61d2ca837243c8177dd9c463fba06070efab04cdeb kernel-debuginfo-6.12.0-211.16.1.el10_2.x86_64.rpm SHA-256: 4af3763c61a23358089da39acdfaefed1ca49b90599f637c44efe9033d57b116 kernel-debuginfo-6.12.0-211.16.1.el10_2.x86_64.rpm SHA-256: 4af3763c61a23358089da39acdfaefed1ca49b90599f637c44efe9033d57b116 kernel-debuginfo-6.12.0-211.16.1.el10_2.x86_64.rpm SHA-256: 4af3763c61a23358089da39acdfaefed1ca49b90599f637c44efe9033d57b116 kernel-debuginfo-6.12.0-211.16.1.el10_2.x86_64.rpm SHA-256: 4af3763c61a23358089da39acdfaefed1ca49b90599f637c44efe9033d57b116 kernel-debuginfo-common-x86_64-6.12.0-211.16.1.el10_2.x86_64.rpm SHA-256: 4fafcb5c8abfc4787309805a9c2f45759857a712c1ca24031a63b5dc7f4351c2 kernel-debuginfo-common-x86_64-6.12.0-211.16.1.el10_2.x86_64.rpm SHA-256: 4fafcb5c8abfc4787309805a9c2f45759857a712c1ca24031a63b5dc7f4351c2 kernel-debuginfo-common-x86_64-6.12.0-211.16.1.el10_2.x86_64.rpm SHA-256: 4fafcb5c8abfc4787309805a9c2f45759857a712c1ca24031a63b5dc7f4351c2 kernel-debuginfo-common-x86_64-6.12.0-211.16.1.el10_2.x86_64.rpm SHA-256: 4fafcb5c8abfc4787309805a9c2f45759857a712c1ca24031a63b5dc7f4351c2 kernel-devel-6.12.0-211.16.1.el10_2.x86_64.rpm SHA-256: 8da018d78daf73426ba687142d32140a381da9506bd52595cbe5859e24cbeedf kernel-devel-matched-6.12.0-211.16.1.el10_2.x86_64.rpm SHA-256: 066d398590d5f1772c757a2201bf8cc59ab85397cfda143cb7a02c25ef31db9a kernel-doc-6.12.0-211.16.1.el10_2.noarch.rpm SHA-256: b068dfe2e29b77aca41c2617b30ce777dc661435b258fffdf31067f5e23c2fac kernel-headers-6.12.0-211.16.1.el10_2.x86_64.rpm SHA-256: 4b8282e1f33d3719f9c049e034ab6110a3913c972503e67f5234533d4d1f34c1 kernel-modules-6.12.0-211.16.1.el10_2.x86_64.rpm SHA-256: 5b97b7043744d8eff4da22fba36af9458202de66363fbec1