Red Hat Security Advisory: kernel security update
🔗 CVE IDs covered (9)
📋 Description
CVE-2025-68366 — kernel: nbd: defer config unlock in nbd_genl_connect CVE-2026-23270 — kernel: Linux kernel: Use-after-free in traffic control (act_ct) may lead to denial of service or privilege escalation CVE-2026-23392 — kernel: netfilter: nf_tables: release flowtable after rcu grace period on error CVE-2026-31607 — kernel: usbip: validate number_of_packets in usbip_pack_ret_submit() CVE-2026-31685 — kernel: netfilter: ip6t_eui64: reject invalid MAC header for all packets CVE-2026-31709 — kernel: smb: client: validate the whole DACL before rewriting it in cifsacl CVE-2026-43037 — kernel: ip6_tunnel: clear skb2->cb[] in ip4ip6_err() CVE-2026-43038 — kernel: ipv6: icmp: clear skb2->cb[] in ip6_err_gen_icmpv6_unreach() CVE-2026-43110 — kernel: wifi: brcmfmac: validate bsscfg indices in IF events
🔗 References (12)
- selfhttps://access.redhat.com/errata/RHSA-2026:24343
- externalhttps://access.redhat.com/security/updates/classification/#important
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2424881
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2448745
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2451218
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2461521
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2461759
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2464351
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2464397
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2464476
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2467014
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_24343.json