Red Hat Security Advisory: kernel security, bug fix, and enhancement update
🔗 CVE IDs covered (9)
📋 Description
CVE-2025-71116 — kernel: libceph: make decode_pool() more resilient against corrupted osdmaps CVE-2026-22984 — kernel: libceph: prevent potential out-of-bounds reads in handle_auth_done() CVE-2026-22990 — kernel: libceph: replace overzealous BUG_ON in osdmap_apply_incremental() CVE-2026-23455 — kernel: netfilter: nf_conntrack_h323: check for zero length in DecodeQ931() CVE-2026-43125 — kernel: dlm: validate length in dlm_search_rsb_tree CVE-2026-43329 — kernel: netfilter: flowtable: strictly check for maximum number of actions CVE-2026-45852 — kernel: RDMA/rxe: Fix double free in rxe_srq_from_init CVE-2026-46090 — kernel: ALSA: aloop: Fix peer runtime UAF during format-change stop CVE-2026-46227 — kernel: sctp: revalidate list cursor after sctp_sendmsg_to_asoc() in SCTP_SENDALL
🔗 References (12)
- selfhttps://access.redhat.com/errata/RHSA-2026:33899
- externalhttps://access.redhat.com/security/updates/classification/#important
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2429602
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2432389
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2432400
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2454810
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2467234
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2468124
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2481980
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2482166
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2482564
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_33899.json