RHSA-2026:3360HighCVSS 7.8

Red Hat Security Advisory: kernel security update

Published
February 25, 2026
Last Modified
June 29, 2026

🔗 CVE IDs covered (18)

📋 Description

CVE-2022-50673 — kernel: ext4: fix use-after-free in ext4_orphan_cleanup CVE-2022-50865 — kernel: tcp: fix a signed-integer-overflow bug in tcp_add_backlog() CVE-2023-53539 — kernel: RDMA/rxe: Fix incomplete state save in rxe_requester CVE-2023-53581 — kernel: net/mlx5e: Check for NOT_READY flag state after locking CVE-2023-53673 — kernel: Bluetooth: hci_event: call disconnect callback before deleting conn CVE-2023-53821 — kernel: ip6_vti: fix slab-use-after-free in decode_session6 CVE-2023-53827 — kernel: Bluetooth: L2CAP: Fix use-after-free in l2cap_disconnect_{req,rsp} CVE-2023-53833 — kernel: drm/i915: Fix NULL ptr deref by checking new_crtc_state CVE-2025-38022 — kernel: RDMA/core: Fix "KASAN: slab-use-after-free Read in ib_register_device" problem CVE-2025-38415 — kernel: Linux kernel: Memory corruption in Squashfs due to incorrect block size calculation CVE-2025-38459 — kernel: Linux kernel: Denial of Service in ATM CLIP module via infinite recursion CVE-2025-39760 — kernel: Linux kernel: Denial of Service via out-of-bounds read in USB configuration parsing CVE-2025-39933 — kernel: smb: client: let recv_done verify data_offset, data_length and remaining_data_length CVE-2025-40271 — kernel: Linux kernel: Use-after-free in proc_readdir_de() can lead to privilege escalation or denial of service. CVE-2025-40304 — kernel: Linux kernel: Out-of-bounds write in fbdev can lead to privilege escalation, information disclosure, or denial of service. CVE-2025-40322 — kernel: Linux kernel: Information disclosure and denial of service via out-of-bounds read in font glyph handling CVE-2025-68349 — kernel: NFSv4/pNFS: Clear NFS_INO_LAYOUTCOMMIT in pnfs_mark_layout_stateid_invalid CVE-2026-23074 — kernel: Linux kernel: Use-after-free in teql queueing discipline can lead to privilege escalation

🔗 References (21)