Red Hat Security Advisory: kernel security update
🔗 CVE IDs covered (10)
📋 Description
CVE-2025-38106 — kernel: Linux kernel io_uring: Local privilege escalation, information disclosure, or denial of service via use-after-free CVE-2025-38141 — kernel: Linux kernel: Use-after-free in device mapper due to race condition in zone reporting CVE-2025-38703 — kernel: drm/xe: Make dma-fences compliant with the safe access rules CVE-2025-39760 — kernel: Linux kernel: Denial of Service via out-of-bounds read in USB configuration parsing CVE-2025-39818 — kernel: HID: intel-thc-hid: intel-thc: Fix incorrect pointer arithmetic in I2C regs save CVE-2025-40249 — kernel: Kernel: Use-after-free in GPIO character device allows privilege escalation or denial of service CVE-2025-71085 — kernel: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() CVE-2026-23001 — kernel: macvlan: fix possible UAF in macvlan_forward_source() CVE-2026-23097 — kernel: Linux kernel: Denial of Service due to a deadlock in hugetlb folio migration CVE-2026-23156 — kernel: Linux kernel: Information disclosure in efivarfs via incorrect error propagation
🔗 References (13)
- selfhttps://access.redhat.com/errata/RHSA-2026:4012
- externalhttps://access.redhat.com/security/updates/classification/#moderate
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2376052
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2376077
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2393157
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2394601
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2395797
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2418886
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2429026
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2432664
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2436802
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2439951
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_4012.json