Red Hat Security Advisory: kernel security update
🔗 CVE IDs covered (10)
📋 Description
CVE-2022-50673 — kernel: ext4: fix use-after-free in ext4_orphan_cleanup CVE-2022-50865 — kernel: tcp: fix a signed-integer-overflow bug in tcp_add_backlog() CVE-2023-53821 — kernel: ip6_vti: fix slab-use-after-free in decode_session6 CVE-2025-38415 — kernel: Linux kernel: Memory corruption in Squashfs due to incorrect block size calculation CVE-2025-38459 — kernel: Linux kernel: Denial of Service in ATM CLIP module via infinite recursion CVE-2025-39760 — kernel: Linux kernel: Denial of Service via out-of-bounds read in USB configuration parsing CVE-2025-39933 — kernel: smb: client: let recv_done verify data_offset, data_length and remaining_data_length CVE-2025-40271 — kernel: Linux kernel: Use-after-free in proc_readdir_de() can lead to privilege escalation or denial of service. CVE-2025-68349 — kernel: NFSv4/pNFS: Clear NFS_INO_LAYOUTCOMMIT in pnfs_mark_layout_stateid_invalid CVE-2026-23074 — kernel: Linux kernel: Use-after-free in teql queueing discipline can lead to privilege escalation
🔗 References (13)
- selfhttps://access.redhat.com/errata/RHSA-2026:3277
- externalhttps://access.redhat.com/security/updates/classification/#important
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2383404
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2383487
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2394601
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2401432
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2419837
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2420329
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2420347
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2424880
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2426226
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2436791
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_3277.json