Security News

Cybersecurity news aggregator

🐧
HIGH Updates Red Hat Errata

RHSA-2026:20054: Important: kernel security update

cve-2026-1234red-hatlinuxcve-2026-46300cve-2026-46333
This Red Hat security advisory addresses two Important-severity Linux kernel vulnerabilities: CVE-2026-46300 ("Fragnesia"), a local privilege escalation flaw in the ESP/XFRM subsystem, and CVE-2026-46333, which allows an unprivileged user to read root-owned files, with the latter having a CVSS 3.1 score of 7.1 (High). The update applies to Red Hat Enterprise Linux 9.4 Extended Update Support and related variants. Affected systems must apply the provided kernel update via the referenced Red Hat channels and be rebooted for the patch to take effect.
Read Full Article →

Red Hat Product Errata RHSA-2026:20054 - Security Advisory Issued: 2026-05-21 Updated: 2026-05-21 RHSA-2026:20054 - Security Advisory Overview Updated Packages Synopsis Important: kernel security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for kernel is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): kernel: "Fragnesia" is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation (LPE) vulnerability in the Linux kernel (CVE-2026-46300) kernel: Read root-owned files as an unprivileged user (CVE-2026-46333) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. Affected Products Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4 x86_64 Red Hat Enterprise Linux Server - AUS 9.4 x86_64 Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.4 s390x Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.4 ppc64le Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.4 aarch64 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.4 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.4 x86_64 Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 9.4 x86_64 Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 9.4 ppc64le Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 9.4 s390x Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 9.4 aarch64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.4 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.4 s390x Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.4 x86_64 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.4 aarch64 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.4 ppc64le Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.4 s390x Fixes BZ - 2477015 - CVE-2026-46300 kernel: "Fragnesia" is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation (LPE) vulnerability in the Linux kernel BZ - 2477802 - CVE-2026-46333 kernel: Read root-owned files as an unprivileged user CVEs CVE-2026-46300 CVE-2026-46333 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4 SRPM kernel-5.14.0-427.126.1.el9_4.src.rpm SHA-256: c50d892c93a3d1b6c1798f569f1d02c9e5b3bcb166b13de5213dead4458e3bb9 Download x86_64 bpftool-7.3.0-427.126.1.el9_4.x86_64.rpm SHA-256: 95637940341b908727b83540a12cd75c7adcdc306c6f26f2628e9f2705e64331 Download bpftool-debuginfo-7.3.0-427.126.1.el9_4.x86_64.rpm SHA-256: c75c24e389e225b9526e1b0f8e99b53a2c8cf57e45fec81c94d20bc5d9f8c013 Download bpftool-debuginfo-7.3.0-427.126.1.el9_4.x86_64.rpm SHA-256: c75c24e389e225b9526e1b0f8e99b53a2c8cf57e45fec81c94d20bc5d9f8c013 Download bpftool-debuginfo-7.3.0-427.126.1.el9_4.x86_64.rpm SHA-256: c75c24e389e225b9526e1b0f8e99b53a2c8cf57e45fec81c94d20bc5d9f8c013 Download bpftool-debuginfo-7.3.0-427.126.1.el9_4.x86_64.rpm SHA-256: c75c24e389e225b9526e1b0f8e99b53a2c8cf57e45fec81c94d20bc5d9f8c013 Download kernel-5.14.0-427.126.1.el9_4.x86_64.rpm SHA-256: ecd08b26e3d2bc58b5047b6dd369ff9e0a9bcf3904144d03c5ce2a9ddfd8e41d Download kernel-abi-stablelists-5.14.0-427.126.1.el9_4.noarch.rpm SHA-256: 601badd6c99cc515e984ffd6144a6e257b225ea8df49e802a2328ffe87352ec5 Download kernel-core-5.14.0-427.126.1.el9_4.x86_64.rpm SHA-256: 645a393dbf8b964cdafab4da716cfb89040a9d80a8821c582dfc64a2beca527f Download kernel-debug-5.14.0-427.126.1.el9_4.x86_64.rpm SHA-256: 54b58c3d2a85e89418b4fe12db55dafda9a7ffe68435b229585846ca316ce3c6 Download kernel-debug-core-5.14.0-427.126.1.el9_4.x86_64.rpm SHA-256: 0f0f3ebbb27813ec857309772ad51ec4179618a6a3aec37accccf321c3938115 Download kernel-debug-debuginfo-5.14.0-427.126.1.el9_4.x86_64.rpm SHA-256: 7cc6308d8dfb64038cc487dd6ca445235b90ff547c86311fe51e6096d1c901be Download kernel-debug-debuginfo-5.14.0-427.126.1.el9_4.x86_64.rpm SHA-256: 7cc6308d8dfb64038cc487dd6ca445235b90ff547c86311fe51e6096d1c901be Download kernel-debug-debuginfo-5.14.0-427.126.1.el9_4.x86_64.rpm SHA-256: 7cc6308d8dfb64038cc487dd6ca445235b90ff547c86311fe51e6096d1c901be Download kernel-debug-debuginfo-5.14.0-427.126.1.el9_4.x86_64.rpm SHA-256: 7cc6308d8dfb64038cc487dd6ca445235b90ff547c86311fe51e6096d1c901be Download kernel-debug-devel-5.14.0-427.126.1.el9_4.x86_64.rpm SHA-256: b49cbb72fbdca782ac48ff9e056be123b06545d8df11e151d88fbdb0adfe36ff Download kernel-debug-devel-matched-5.14.0-427.126.1.el9_4.x86_64.rpm SHA-256: 317fb133f22d028dc6a337c8f2d3e36fe9af371a68c985f1f3296ca21fe50218 Download kernel-debug-modules-5.14.0-427.126.1.el9_4.x86_64.rpm SHA-256: dc4a63ee8b01646771ed417aa1ef0ea1301f3d0cb54d5d1cfd124651a7c11f9e Download kernel-debug-modules-core-5.14.0-427.126.1.el9_4.x86_64.rpm SHA-256: ebf64f37391b726d9be76105f5c986ffd8407b9c7097281c483786713ae2377a Download kernel-debug-modules-extra-5.14.0-427.126.1.el9_4.x86_64.rpm SHA-256: 27493bbd2344da849dced477483f9e3000e723e935b4584e4105835335bdfabe Download kernel-debug-uki-virt-5.14.0-427.126.1.el9_4.x86_64.rpm SHA-256: 79c63d1d08cb3b7b8942495e82b8a0224ce0aead565a5d3ecb198ad8e4a41da0 Download kernel-debuginfo-5.14.0-427.126.1.el9_4.x86_64.rpm SHA-256: 93d597b59bb35045ad415f9e304141e2a37ec9b6a9e9f197100030a98854ce06 Download kernel-debuginfo-5.14.0-427.126.1.el9_4.x86_64.rpm SHA-256: 93d597b59bb35045ad415f9e304141e2a37ec9b6a9e9f197100030a98854ce06 Download kernel-debuginfo-5.14.0-427.126.1.el9_4.x86_64.rpm SHA-256: 93d597b59bb35045ad415f9e304141e2a37ec9b6a9e9f197100030a98854ce06 Download kernel-debuginfo-5.14.0-427.126.1.el9_4.x86_64.rpm SHA-256: 93d597b59bb35045ad415f9e304141e2a37ec9b6a9e9f197100030a98854ce06 Download kernel-debuginfo-common-x86_64-5.14.0-427.126.1.el9_4.x86_64.rpm SHA-256: f1e201a713bc0dedab39cac5da5904de99b47581f4028176e08e9c0bd920ad94 Download kernel-debuginfo-common-x86_64-5.14.0-427.126.1.el9_4.x86_64.rpm SHA-256: f1e201a713bc0dedab39cac5da5904de99b47581f4028176e08e9c0bd920ad94 Download kernel-debuginfo-common-x86_64-5.14.0-427.126.1.el9_4.x86_64.rpm SHA-256: f1e201a713bc0dedab39cac5da5904de99b47581f4028176e08e9c0bd920ad94 Download kernel-debuginfo-common-x86_64-5.14.0-427.126.1.el9_4.x86_64.rpm SHA-256: f1e201a713bc0dedab39cac5da5904de99b47581f4028176e08e9c0bd920ad94 Download kernel-devel-5.14.0-427.126.1.el9_4.x86_64.rpm SHA-256: 27e04d8a2429dee3f310f3ac8f836ca13f40fbbf6c383b1fa4f42db065bf4512 Download kernel-devel-matched-5.14.0-427.126.1.el9_4.x86_64.rpm SHA-256: 320ace679fd7e6264a52f4a9ff17ecc77c5804408bd1725c835c5f7e251e9466 Download kernel-doc-5.14.0-427.126.1.el9_4.noarch.rpm SHA-256: db2f4e3c1025cb467c35a572d96c7c688be1f3f9f601a0766c7b988bd50d9a81 Download kernel-headers-5.14.0-427.126.1.el9_4.x86_64.rpm SHA-256: f452e761179132e79e845811956c27d04e22bdda57cff040012871af0fa886b8 Download kernel-modules-5.14.0-427.126.1.el9_4.x86_64.rpm SHA-256: 851b60088f3a6a4e3caa059f61bf7ad09714eb1dd22d8942e9dc800f069fef7e Download kernel-modules-core-5.14.0-427.126.1.el9_4.x86_64.rpm SHA-256: 6dd0be09d9222e3f4ee8fed812110c7cace4a1a85fe6681680701110dcbc01d6 Download kernel-modules-extra-5.14.0-427.126.1.el9_4.x86_64.rpm SHA-256: ce5c6ae5da703f8dcdeeb91bdfabea08d1439985e95919d56afc8722cad697ec Download kernel-rt-5.14.0-427.126.1.el9_4.x86_64.rpm SHA-256: d81e6d6f3c0bc04373d573046df318873a59dbe1b2c2ec980df102c99e341426 Download kernel-rt-5.14.0-427.126.1.el9_4.x86_64.rpm SHA-256: d81e6d6f3c0bc04373d573046df318873a59dbe1b2c2ec980df102c99e341426 Download kernel-rt-core-5.14.0-427.126.1.el9_4.x86_64.rpm SHA-256: d3f6745a32ae63a46292963b6879967ccb48f11c4ceb23116e573ebaee430857 Download kernel-rt-core-5.14.0-427.126.1.el9_4.x86_64.rpm SHA-256: d3f6745a32ae63a46292963b6879967ccb48f11c4ceb23116e573ebaee430857 Download kernel-rt-debug-5.14.0-427.126.1.el9_4.x86_64.rpm SHA-256: 807583558afb1122942c67079c4c2f413388eb75723519e1e29ca92d5876c8a9 Download kernel-rt-debug-5.14.0-427.126.1.el9_4.x86_64.rpm SHA-256: 807583558afb1122942c67079c4c2f413388eb75723519e1e29ca92d5876c8a9 Download kernel-rt-debug-core-5.14.0-427.126.1.el9_4.x86_64.rpm SHA-256: 6d0796023635334e27d37bb4851888bb340a89247aaf06c86629cb76a0b2f91c Download kernel-rt-debug-core-5.14.0-427.126.1.el9_4.x86_64.rpm SHA-256: 6d0796023635334e27d37bb4851888bb340a89247aaf06c86629cb76a0b2f91c Download kernel-rt-debug-debuginfo-5.14.0-427.126.1.el9_4.x86_64.rpm SHA-256: cad3bf19bfe167ebca1955e9944b73bcd9298bdce95213b60022151a4544a9e2 Download kernel-rt-debug-debuginfo-5.14.0-427.126.1.el9_4.x86_64.rpm SHA-256: cad3bf19bfe167ebca1955e9944b73bcd9298bdce95213b60022151a4544a9e2 Download kernel-rt-debug-debuginfo-5.14.0-427.126.1.el9_4.x86_64.rpm SHA-256: cad3bf19bfe167ebca1955e9944b73bcd9298bdce95213b60022151a4544a9e2 Download kernel-rt-debug-debuginfo-5.14.0-427.126.1.el9_4.x86_64.rpm SHA-256: cad3bf19bfe167ebca1955e9944b73bcd9298bdce95213b60022151a4544a9e2 Download kernel-rt-debug-devel-5.14.0-427.126.1.el9_4.x86_64.rpm

Related Articles

HIGH RHSA-2026:20299: Important: kernel security update Red Hat Errata HIGH RHSA-2026:19666: Important: kernel security update Red Hat Errata HIGH RHSA-2026:19705: Important: kernel security update Red Hat Errata HIGH RHSA-2026:19875: Important: kernel-rt security update Red Hat Errata
Read Full Article → ← Back to News

Share this article

Twitter Facebook LinkedIn