RHSA-2026:6954MediumCVSS 7.8
Red Hat Security Advisory: kernel security update
🔗 CVE IDs covered (7)
📋 Description
CVE-2025-38180 — kernel: Linux kernel: Use-After-Free vulnerability in ATM subsystem CVE-2025-38248 — kernel: Linux kernel:A use-after-free in bridge multicast in br_multicast_port_ctx_init CVE-2025-40064 — kernel: smc: Fix use-after-free in __pnet_find_base_ndev() CVE-2025-40168 — kernel: smc: Use __sk_dst_get() and dst_dev_rcu() in smc_clc_prfx_match() CVE-2025-71238 — kernel: Linux kernel (qla2xxx): Double free vulnerability leads to denial of service and potential privilege escalation. CVE-2026-23001 — kernel: macvlan: fix possible UAF in macvlan_forward_source() CVE-2026-23209 — kernel: macvlan: fix error recovery in macvlan_common_newlink()
🔗 References (10)
- selfhttps://access.redhat.com/errata/RHSA-2026:6954
- externalhttps://access.redhat.com/security/updates/classification/#moderate
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2376376
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2378981
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2406747
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2414482
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2432664
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2439900
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2444398
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_6954.json