RHSA-2026:25533CriticalCVSS 8.8

Red Hat Security Advisory: kernel security update

Published
June 12, 2026
Last Modified
June 17, 2026

🔗 CVE IDs covered (16)

CVE-2026-23001CVE-2025-40158CVE-2025-40170CVE-2025-68724CVE-2025-71089CVE-2026-23216CVE-2026-31532CVE-2026-43110CVE-2023-53372CVE-2025-68366CVE-2026-43190CVE-2026-31685CVE-2026-43037CVE-2026-43038CVE-2024-41073CVE-2025-40135

📋 Description

CVE-2023-53372 — kernel: sctp: fix a potential overflow in sctp_ifwdtsn_skip CVE-2024-41073 — kernel: nvme: avoid double free special payload CVE-2025-40135 — kernel: ipv6: use RCU in ip6_xmit() CVE-2025-40158 — kernel: ipv6: use RCU in ip6_output() CVE-2025-40170 — kernel: net: use dst_dev_rcu() in sk_setup_caps() CVE-2025-68366 — kernel: nbd: defer config unlock in nbd_genl_connect CVE-2025-68724 — kernel: crypto: asymmetric_keys - prevent overflow in asymmetric_key_generate_id CVE-2025-71089 — kernel: iommu: disable SVA when CONFIG_X86 is set CVE-2026-23001 — kernel: macvlan: fix possible UAF in macvlan_forward_source() CVE-2026-23216 — kernel: scsi: target: iscsi: Fix use-after-free in iscsit_dec_conn_usage_count() CVE-2026-31532 — kernel: can: raw: fix ro->uniq use-after-free in raw_rcv() CVE-2026-31685 — kernel: netfilter: ip6t_eui64: reject invalid MAC header for all packets CVE-2026-43037 — kernel: ip6_tunnel: clear skb2->cb[] in ip4ip6_err() CVE-2026-43038 — kernel: ipv6: icmp: clear skb2->cb[] in ip6_err_gen_icmpv6_unreach() CVE-2026-43110 — kernel: wifi: brcmfmac: validate bsscfg indices in IF events CVE-2026-43190 — kernel: netfilter: xt_tcpmss: check remaining length before reading optlen

🔗 References (19)