RHSA-2026:14137
Vulnerability from csaf_redhat - Published: 2026-05-06 13:41 - Updated: 2026-05-06 21:25Summary
Red Hat Security Advisory: kernel-rt security update
Severity
Important
Notes
Topic: An update for kernel-rt is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
* kernel: scsi: mpi3mr: Synchronous access b/w reset and tm thread for reply queue (CVE-2025-37861)
* kernel: Linux kernel: Denial of Service due to a deadlock in hugetlb folio migration (CVE-2026-23097)
* kernel: scsi: target: iscsi: Fix use-after-free in iscsit_dec_session_usage_count() (CVE-2026-23193)
* kernel: ALSA: aloop: Fix racy access at PCM trigger (CVE-2026-23191)
* kernel: Linux kernel: Denial of service and memory corruption in RDMA umad (CVE-2026-23243)
* kernel: Linux kernel KVM: Privilege escalation or denial of service due to improper shadow page table entry handling (CVE-2026-23401)
* kernel: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache (CVE-2026-31402)
* kernel: crypto: algif_aead - Revert to operating out-of-place (CVE-2026-31431)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Synchronous access b/w reset and tm thread for reply queue When the task management thread processes reply queues while the reset thread resets them, the task management thread accesses an invalid queue ID (0xFFFF), set by the reset thread, which points to unallocated memory, causing a crash. Add flag 'io_admin_reset_sync' to synchronize access between the reset, I/O, and admin threads. Before a reset, the reset handler sets this flag to block I/O and admin processing threads. If any thread bypasses the initial check, the reset thread waits up to 10 seconds for processing to finish. If the wait exceeds 10 seconds, the controller is marked as unrecoverable.
6.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2026:14137
A flaw was found in the Linux kernel. A local attacker could exploit a deadlock vulnerability due to incorrect lock ordering between folio_lock and i_mmap_rwsem when migrating hugetlb file-backed folios. This could lead to hung tasks and potential system-wide stalls, resulting in a Denial of Service (DoS).
7.3 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2026:14137
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
In the Linux kernel, the following vulnerability has been resolved: ALSA: aloop: Fix racy access at PCM trigger The PCM trigger callback of aloop driver tries to check the PCM state and stop the stream of the tied substream in the corresponding cable. Since both check and stop operations are performed outside the cable lock, this may result in UAF when a program attempts to trigger frequently while opening/closing the tied stream, as spotted by fuzzers. For addressing the UAF, this patch changes two things: - It covers the most of code in loopback_check_format() with cable->lock spinlock, and add the proper NULL checks. This avoids already some racy accesses. - In addition, now we try to check the state of the capture PCM stream that may be stopped in this function, which was the major pain point leading to UAF.
7.1 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2026:14137
In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsi: Fix use-after-free in iscsit_dec_session_usage_count() In iscsit_dec_session_usage_count(), the function calls complete() while holding the sess->session_usage_lock. Similar to the connection usage count logic, the waiter signaled by complete() (e.g., in the session release path) may wake up and free the iscsit_session structure immediately. This creates a race condition where the current thread may attempt to execute spin_unlock_bh() on a session structure that has already been deallocated, resulting in a KASAN slab-use-after-free. To resolve this, release the session_usage_lock before calling complete() to ensure all dereferences of the sess pointer are finished before the waiter is allowed to proceed with deallocation.
7.1 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2026:14137
Workaround
To mitigate this issue, prevent module iscsi_target_mod from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.
A flaw was found in the Linux kernel's Remote Direct Memory Access (RDMA) `umad` (User Mode Access Device) component. A local user can exploit this vulnerability by manipulating input, causing an integer underflow that leads to an out-of-bounds memory write. This memory corruption can result in a denial of service (DoS) by crashing the system, and may also lead to limited information disclosure or data integrity issues.
7.3 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2026:14137
Workaround
To mitigate this issue, prevent module ib_umad from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.
A flaw was found in the Linux kernel's Kernel-based Virtual Machine (KVM) component. A local attacker with privileges on the host system could exploit a vulnerability in how KVM handles shadow page table entries (SPTEs) during memory-mapped I/O (MMIO) operations. By manipulating guest page table entries (gPTEs) from host userspace, an attacker could cause KVM to install an MMIO SPTE without properly removing an existing shadow-present SPTE. This improper handling could lead to a kernel warning, resulting in a denial of service or potentially allowing for privilege escalation or information disclosure.
8.1 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2026:14137
A flaw was found in the Linux kernel's NFSv4.0 server (nfsd). A remote, unauthenticated attacker can exploit this heap overflow vulnerability in the NFSv4.0 LOCK replay cache. By using two cooperating NFSv4.0 clients, where one sets a lock with a large owner string and another requests a conflicting lock, the attacker can trigger a slab-out-of-bounds write. This corruption of adjacent heap memory could lead to arbitrary code execution or a denial of service.
7.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2026:14137
Workaround
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in the Linux kernel's algif_aead cryptographic algorithm interface. An incorrect 'in-place operation' was introduced, where the source and destination data mappings were different. This could lead to unexpected behavior or data integrity issues during cryptographic operations, potentially impacting the reliability of encrypted communications.
7.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2026:14137
Workaround
Individual articles, with specific advice, are available for a number of products:
* Red Hat Enterprise Linux https://access.redhat.com/solutions/7141931
* OpenShift 4 https://access.redhat.com/solutions/7141979
* ROSA Classic and OpenShift Dedicated https://access.redhat.com/articles/7141989
* ARO https://access.redhat.com/solutions/7141990
* Advanced Cluster Management Governance Policy https://access.redhat.com/solutions/7142032
* ROSA HCP: https://access.redhat.com/solutions/7141996
General guidance which is applicable to many products is below. Warning: there may be performance impacts for modifying functionality that uses kernel cryptographic functions. Though the affected module cannot be blacklisted, the affected functions themselves can be using the following boot arguments:
```
initcall_blacklist=algif_aead_init
```
Alternatively, the af_alg interface itself can be blocked:
```
initcall_blacklist=af_alg_init
```
As a further alternative, the affected algorithm can be blocked:
```
initcall_blacklist=crypto_authenc_esn_module_init
```
A mitigation that does not require a reboot using eBPF is available for Red Hat OpenShift Container Platform. This mitigation is only applicable to AMD64 nodes. Specific instructions are included in the linked articles.
References
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for kernel-rt is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es):\n\n* kernel: scsi: mpi3mr: Synchronous access b/w reset and tm thread for reply queue (CVE-2025-37861)\n\n* kernel: Linux kernel: Denial of Service due to a deadlock in hugetlb folio migration (CVE-2026-23097)\n\n* kernel: scsi: target: iscsi: Fix use-after-free in iscsit_dec_session_usage_count() (CVE-2026-23193)\n\n* kernel: ALSA: aloop: Fix racy access at PCM trigger (CVE-2026-23191)\n\n* kernel: Linux kernel: Denial of service and memory corruption in RDMA umad (CVE-2026-23243)\n\n* kernel: Linux kernel KVM: Privilege escalation or denial of service due to improper shadow page table entry handling (CVE-2026-23401)\n\n* kernel: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache (CVE-2026-31402)\n\n* kernel: crypto: algif_aead - Revert to operating out-of-place (CVE-2026-31431)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:14137",
"url": "https://access.redhat.com/errata/RHSA-2026:14137"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2365256",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2365256"
},
{
"category": "external",
"summary": "2436802",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2436802"
},
{
"category": "external",
"summary": "2439887",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439887"
},
{
"category": "external",
"summary": "2439947",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439947"
},
{
"category": "external",
"summary": "2448594",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2448594"
},
{
"category": "external",
"summary": "2453803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453803"
},
{
"category": "external",
"summary": "2454844",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2454844"
},
{
"category": "external",
"summary": "2460538",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460538"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_14137.json"
}
],
"title": "Red Hat Security Advisory: kernel-rt security update",
"tracking": {
"current_release_date": "2026-05-06T21:25:05+00:00",
"generator": {
"date": "2026-05-06T21:25:05+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.9"
}
},
"id": "RHSA-2026:14137",
"initial_release_date": "2026-05-06T13:41:11+00:00",
"revision_history": [
{
"date": "2026-05-06T13:41:11+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-05-06T13:41:11+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-06T21:25:05+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product": {
"name": "Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_e4s:9.0::nfv"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product": {
"name": "Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_e4s:9.0::realtime"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.src",
"product": {
"name": "kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.src",
"product_id": "kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@5.14.0-70.178.1.rt21.250.el9_0?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"product": {
"name": "kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"product_id": "kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@5.14.0-70.178.1.rt21.250.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"product": {
"name": "kernel-rt-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"product_id": "kernel-rt-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-core@5.14.0-70.178.1.rt21.250.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"product": {
"name": "kernel-rt-debug-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"product_id": "kernel-rt-debug-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug@5.14.0-70.178.1.rt21.250.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"product": {
"name": "kernel-rt-debug-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"product_id": "kernel-rt-debug-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-core@5.14.0-70.178.1.rt21.250.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"product": {
"name": "kernel-rt-debug-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"product_id": "kernel-rt-debug-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-devel@5.14.0-70.178.1.rt21.250.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"product": {
"name": "kernel-rt-debug-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"product_id": "kernel-rt-debug-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-kvm@5.14.0-70.178.1.rt21.250.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"product": {
"name": "kernel-rt-debug-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"product_id": "kernel-rt-debug-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-modules@5.14.0-70.178.1.rt21.250.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"product": {
"name": "kernel-rt-debug-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"product_id": "kernel-rt-debug-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-modules-extra@5.14.0-70.178.1.rt21.250.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"product": {
"name": "kernel-rt-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"product_id": "kernel-rt-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-devel@5.14.0-70.178.1.rt21.250.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"product": {
"name": "kernel-rt-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"product_id": "kernel-rt-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-kvm@5.14.0-70.178.1.rt21.250.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"product": {
"name": "kernel-rt-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"product_id": "kernel-rt-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-modules@5.14.0-70.178.1.rt21.250.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"product": {
"name": "kernel-rt-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"product_id": "kernel-rt-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-modules-extra@5.14.0-70.178.1.rt21.250.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"product": {
"name": "kernel-rt-debug-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"product_id": "kernel-rt-debug-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@5.14.0-70.178.1.rt21.250.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"product": {
"name": "kernel-rt-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"product_id": "kernel-rt-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo@5.14.0-70.178.1.rt21.250.el9_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"product": {
"name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"product_id": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common-x86_64@5.14.0-70.178.1.rt21.250.el9_0?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.src as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.src"
},
"product_reference": "kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.src",
"relates_to_product_reference": "NFV-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64"
},
"product_reference": "kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"relates_to_product_reference": "NFV-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64"
},
"product_reference": "kernel-rt-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"relates_to_product_reference": "NFV-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64"
},
"product_reference": "kernel-rt-debug-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"relates_to_product_reference": "NFV-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64"
},
"product_reference": "kernel-rt-debug-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"relates_to_product_reference": "NFV-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64"
},
"product_reference": "kernel-rt-debug-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"relates_to_product_reference": "NFV-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64"
},
"product_reference": "kernel-rt-debug-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"relates_to_product_reference": "NFV-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64"
},
"product_reference": "kernel-rt-debug-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"relates_to_product_reference": "NFV-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64"
},
"product_reference": "kernel-rt-debug-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"relates_to_product_reference": "NFV-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64"
},
"product_reference": "kernel-rt-debug-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"relates_to_product_reference": "NFV-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64"
},
"product_reference": "kernel-rt-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"relates_to_product_reference": "NFV-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64"
},
"product_reference": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"relates_to_product_reference": "NFV-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64"
},
"product_reference": "kernel-rt-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"relates_to_product_reference": "NFV-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64"
},
"product_reference": "kernel-rt-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"relates_to_product_reference": "NFV-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64"
},
"product_reference": "kernel-rt-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"relates_to_product_reference": "NFV-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64 as a component of Red Hat Enterprise Linux NFV E4S (v.9.0)",
"product_id": "NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64"
},
"product_reference": "kernel-rt-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"relates_to_product_reference": "NFV-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.src as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.src"
},
"product_reference": "kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.src",
"relates_to_product_reference": "RT-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64"
},
"product_reference": "kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"relates_to_product_reference": "RT-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64"
},
"product_reference": "kernel-rt-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"relates_to_product_reference": "RT-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64"
},
"product_reference": "kernel-rt-debug-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"relates_to_product_reference": "RT-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64"
},
"product_reference": "kernel-rt-debug-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"relates_to_product_reference": "RT-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64"
},
"product_reference": "kernel-rt-debug-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"relates_to_product_reference": "RT-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64"
},
"product_reference": "kernel-rt-debug-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"relates_to_product_reference": "RT-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64"
},
"product_reference": "kernel-rt-debug-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"relates_to_product_reference": "RT-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64"
},
"product_reference": "kernel-rt-debug-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"relates_to_product_reference": "RT-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64"
},
"product_reference": "kernel-rt-debug-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"relates_to_product_reference": "RT-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64"
},
"product_reference": "kernel-rt-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"relates_to_product_reference": "RT-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64"
},
"product_reference": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"relates_to_product_reference": "RT-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64"
},
"product_reference": "kernel-rt-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"relates_to_product_reference": "RT-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64"
},
"product_reference": "kernel-rt-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"relates_to_product_reference": "RT-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64"
},
"product_reference": "kernel-rt-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"relates_to_product_reference": "RT-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"product_id": "RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64"
},
"product_reference": "kernel-rt-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"relates_to_product_reference": "RT-9.0.0.Z.E4S"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-37861",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2025-05-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2365256"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: mpi3mr: Synchronous access b/w reset and tm thread for reply queue\n\nWhen the task management thread processes reply queues while the reset\nthread resets them, the task management thread accesses an invalid queue ID\n(0xFFFF), set by the reset thread, which points to unallocated memory,\ncausing a crash.\n\nAdd flag \u0027io_admin_reset_sync\u0027 to synchronize access between the reset,\nI/O, and admin threads. Before a reset, the reset handler sets this flag to\nblock I/O and admin processing threads. If any thread bypasses the initial\ncheck, the reset thread waits up to 10 seconds for processing to finish. If\nthe wait exceeds 10 seconds, the controller is marked as unrecoverable.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: scsi: mpi3mr: Synchronous access b/w reset and tm thread for reply queue",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Moderate impact flaw in the Linux kernel\u0027s `mpi3mr` SCSI driver module. In this flaw a local attacker with a special group privilege leads to a system crash due to a synchronization problem during a resets the controller\u0027s operations. With the available usecase, this flaw does not cause to an integrate threat.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-37861"
},
{
"category": "external",
"summary": "RHBZ#2365256",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2365256"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-37861",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37861"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-37861",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-37861"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025050922-CVE-2025-37861-ab7f@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025050922-CVE-2025-37861-ab7f@gregkh/T"
}
],
"release_date": "2025-05-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-06T13:41:11+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:14137"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: scsi: mpi3mr: Synchronous access b/w reset and tm thread for reply queue"
},
{
"cve": "CVE-2026-23097",
"cwe": {
"id": "CWE-833",
"name": "Deadlock"
},
"discovery_date": "2026-02-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2436802"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel. A local attacker could exploit a deadlock vulnerability due to incorrect lock ordering between folio_lock and i_mmap_rwsem when migrating hugetlb file-backed folios. This could lead to hung tasks and potential system-wide stalls, resulting in a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Linux kernel: Denial of Service due to a deadlock in hugetlb folio migration",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "A deadlock can occur when migrating hugetlb file backed folios due to incorrect lock ordering between folio_lock and the mapping i_mmap_rwsem. One task in the migration path can hold folio_lock and then block on i_mmap_lock_read. Another task such as hugetlbfs fallocate or punch hole can hold i_mmap_lock_write and then block on folio_lock. This ABBA pattern can hang tasks indefinitely and lead to a denial of service. For the CVSS the PR is N because the involved operations can be triggered by normal users who can access hugetlbfs and run memory pressure and file operations. The issue is not network reachable. Impact is denial of service due to hung tasks and potential system wide stalls.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-23097"
},
{
"category": "external",
"summary": "RHBZ#2436802",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2436802"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-23097",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23097"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-23097",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23097"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2026020427-CVE-2026-23097-a591@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2026020427-CVE-2026-23097-a591@gregkh/T"
}
],
"release_date": "2026-02-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-06T13:41:11+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:14137"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Linux kernel: Denial of Service due to a deadlock in hugetlb folio migration"
},
{
"cve": "CVE-2026-23191",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"discovery_date": "2026-02-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2439947"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: aloop: Fix racy access at PCM trigger\n\nThe PCM trigger callback of aloop driver tries to check the PCM state\nand stop the stream of the tied substream in the corresponding cable.\nSince both check and stop operations are performed outside the cable\nlock, this may result in UAF when a program attempts to trigger\nfrequently while opening/closing the tied stream, as spotted by\nfuzzers.\n\nFor addressing the UAF, this patch changes two things:\n- It covers the most of code in loopback_check_format() with\n cable-\u003elock spinlock, and add the proper NULL checks. This avoids\n already some racy accesses.\n- In addition, now we try to check the state of the capture PCM stream\n that may be stopped in this function, which was the major pain point\n leading to UAF.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: ALSA: aloop: Fix racy access at PCM trigger",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-23191"
},
{
"category": "external",
"summary": "RHBZ#2439947",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439947"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-23191",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23191"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-23191",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23191"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2026021433-CVE-2026-23191-f990@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2026021433-CVE-2026-23191-f990@gregkh/T"
}
],
"release_date": "2026-02-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-06T13:41:11+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:14137"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: ALSA: aloop: Fix racy access at PCM trigger"
},
{
"cve": "CVE-2026-23193",
"cwe": {
"id": "CWE-364",
"name": "Signal Handler Race Condition"
},
"discovery_date": "2026-02-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2439887"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: target: iscsi: Fix use-after-free in iscsit_dec_session_usage_count()\n\nIn iscsit_dec_session_usage_count(), the function calls complete() while\nholding the sess-\u003esession_usage_lock. Similar to the connection usage count\nlogic, the waiter signaled by complete() (e.g., in the session release\npath) may wake up and free the iscsit_session structure immediately.\n\nThis creates a race condition where the current thread may attempt to\nexecute spin_unlock_bh() on a session structure that has already been\ndeallocated, resulting in a KASAN slab-use-after-free.\n\nTo resolve this, release the session_usage_lock before calling complete()\nto ensure all dereferences of the sess pointer are finished before the\nwaiter is allowed to proceed with deallocation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: scsi: target: iscsi: Fix use-after-free in iscsit_dec_session_usage_count()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "A use after free can occur in the iSCSI target session usage count logic because iscsit_dec_session_usage_count can call complete while holding session_usage_lock. A waiting thread in the session release path can wake up and free the session structure immediately after the completion is signaled. The current thread may then attempt to unlock or otherwise access fields in a session object that has already been deallocated which can trigger a slab use after free and crash the kernel. The attack surface is adjacent network because iSCSI targets are typically reachable only inside storage or data center networks. Impact can be denial of service. A conservative assessment also considers potential confidentiality and integrity impact due to kernel memory corruption from a use after free.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-23193"
},
{
"category": "external",
"summary": "RHBZ#2439887",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439887"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-23193",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23193"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-23193",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23193"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2026021434-CVE-2026-23193-2c6c@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2026021434-CVE-2026-23193-2c6c@gregkh/T"
}
],
"release_date": "2026-02-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-06T13:41:11+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:14137"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent module iscsi_target_mod from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: scsi: target: iscsi: Fix use-after-free in iscsit_dec_session_usage_count()"
},
{
"cve": "CVE-2026-23243",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"discovery_date": "2026-03-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2448594"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u0027s Remote Direct Memory Access (RDMA) `umad` (User Mode Access Device) component. A local user can exploit this vulnerability by manipulating input, causing an integer underflow that leads to an out-of-bounds memory write. This memory corruption can result in a denial of service (DoS) by crashing the system, and may also lead to limited information disclosure or data integrity issues.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Linux kernel: Denial of service and memory corruption in RDMA umad",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This bug is a kernel out-of-bounds write in the RDMA umad write path caused by a user-controlled length calculation that could underflow and pass an invalid data_len into MAD send buffer creation.\nA local user with access to the umad interface can trigger the issue by supplying mismatched MAD and RMPP header sizes, which leads to an out-of-bounds memset in the send MAD allocation path and can corrupt kernel memory.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-23243"
},
{
"category": "external",
"summary": "RHBZ#2448594",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2448594"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-23243",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23243"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-23243",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23243"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2026031816-CVE-2026-23243-b88e@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2026031816-CVE-2026-23243-b88e@gregkh/T"
}
],
"release_date": "2026-03-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-06T13:41:11+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:14137"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent module ib_umad from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Linux kernel: Denial of service and memory corruption in RDMA umad"
},
{
"cve": "CVE-2026-23401",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2026-04-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2453803"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u0027s Kernel-based Virtual Machine (KVM) component. A local attacker with privileges on the host system could exploit a vulnerability in how KVM handles shadow page table entries (SPTEs) during memory-mapped I/O (MMIO) operations. By manipulating guest page table entries (gPTEs) from host userspace, an attacker could cause KVM to install an MMIO SPTE without properly removing an existing shadow-present SPTE. This improper handling could lead to a kernel warning, resulting in a denial of service or potentially allowing for privilege escalation or information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Linux kernel KVM: Privilege escalation or denial of service due to improper shadow page table entry handling",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important impact vulnerability. A flaw in the KVM\u0027s x86/mmu component in the Linux kernel could allow a privileged guest user to trigger a host denial of service. This issue occurs when host userspace modifies a shadowed gPTE to switch from a memslot to emulated MMIO, leading to a missing SPTE zap. Red Hat Enterprise Linux 8, 9, and 10, and Red Hat In-Vehicle OS are affected. Red Hat Enterprise Linux 6 and 7 are not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-23401"
},
{
"category": "external",
"summary": "RHBZ#2453803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453803"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-23401",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23401"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-23401",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23401"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2026040108-CVE-2026-23401-956d@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2026040108-CVE-2026-23401-956d@gregkh/T"
}
],
"release_date": "2026-04-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-06T13:41:11+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:14137"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: Linux kernel KVM: Privilege escalation or denial of service due to improper shadow page table entry handling"
},
{
"cve": "CVE-2026-31402",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2026-04-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2454844"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u0027s NFSv4.0 server (nfsd). A remote, unauthenticated attacker can exploit this heap overflow vulnerability in the NFSv4.0 LOCK replay cache. By using two cooperating NFSv4.0 clients, where one sets a lock with a large owner string and another requests a conflicting lock, the attacker can trigger a slab-out-of-bounds write. This corruption of adjacent heap memory could lead to arbitrary code execution or a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Important flaw in the Linux kernel\u0027s NFSv4.0 server (nfsd) allows a heap overflow. In this flaw a local attacker can trigger this by orchestrating two NFSv4.0 clients to create a conflicting lock with an oversized owner string.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-31402"
},
{
"category": "external",
"summary": "RHBZ#2454844",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2454844"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-31402",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31402"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-31402",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-31402"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2026040327-CVE-2026-31402-3e6a@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2026040327-CVE-2026-31402-3e6a@gregkh/T"
}
],
"release_date": "2026-04-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-06T13:41:11+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:14137"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache"
},
{
"cve": "CVE-2026-31431",
"cwe": {
"id": "CWE-1288",
"name": "Improper Validation of Consistency within Input"
},
"discovery_date": "2026-04-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2460538"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u0027s algif_aead cryptographic algorithm interface. An incorrect \u0027in-place operation\u0027 was introduced, where the source and destination data mappings were different. This could lead to unexpected behavior or data integrity issues during cryptographic operations, potentially impacting the reliability of encrypted communications.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: crypto: algif_aead - Revert to operating out-of-place",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This local privilege escalation is rated as Important severity. Part of the Linux kernel\u0027s cryptographic interface contains an incorrect in-place operation, where source and destination data mappings differ. This could lead to data integrity issues, including the escalation to root privileges.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-31431"
},
{
"category": "external",
"summary": "RHBZ#2460538",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460538"
},
{
"category": "external",
"summary": "RHSB-2026-02",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2026-02"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-31431",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31431"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-31431",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-31431"
},
{
"category": "external",
"summary": "https://access.redhat.com/articles/7141989",
"url": "https://access.redhat.com/articles/7141989"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/7141931",
"url": "https://access.redhat.com/solutions/7141931"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/7141979",
"url": "https://access.redhat.com/solutions/7141979"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/7141990",
"url": "https://access.redhat.com/solutions/7141990"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/7141996",
"url": "https://access.redhat.com/solutions/7141996"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/7142032",
"url": "https://access.redhat.com/solutions/7142032"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/html/managing_monitoring_and_updating_the_kernel/configuring-kernel-command-line-parameters_managing-monitoring-and-updating-the-kernel",
"url": "https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/html/managing_monitoring_and_updating_the_kernel/configuring-kernel-command-line-parameters_managing-monitoring-and-updating-the-kernel"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2026042214-CVE-2026-31431-3d65@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2026042214-CVE-2026-31431-3d65@gregkh/T"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2026-04-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-06T13:41:11+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:14137"
},
{
"category": "workaround",
"details": "Individual articles, with specific advice, are available for a number of products:\n* Red Hat Enterprise Linux https://access.redhat.com/solutions/7141931\n* OpenShift 4 https://access.redhat.com/solutions/7141979\n* ROSA Classic and OpenShift Dedicated https://access.redhat.com/articles/7141989\n* ARO https://access.redhat.com/solutions/7141990\n* Advanced Cluster Management Governance Policy https://access.redhat.com/solutions/7142032\n* ROSA HCP: https://access.redhat.com/solutions/7141996\n\nGeneral guidance which is applicable to many products is below. Warning: there may be performance impacts for modifying functionality that uses kernel cryptographic functions. Though the affected module cannot be blacklisted, the affected functions themselves can be using the following boot arguments:\n```\ninitcall_blacklist=algif_aead_init\n```\n\nAlternatively, the af_alg interface itself can be blocked:\n```\ninitcall_blacklist=af_alg_init\n```\n\nAs a further alternative, the affected algorithm can be blocked:\n```\ninitcall_blacklist=crypto_authenc_esn_module_init\n```\n\nA mitigation that does not require a reboot using eBPF is available for Red Hat OpenShift Container Platform. This mitigation is only applicable to AMD64 nodes. Specific instructions are included in the linked articles.",
"product_ids": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.src",
"NFV-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"NFV-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.src",
"RT-9.0.0.Z.E4S:kernel-rt-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-devel-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-kvm-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64",
"RT-9.0.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-70.178.1.rt21.250.el9_0.x86_64"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2026-05-01T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: crypto: algif_aead - Revert to operating out-of-place"
}
]
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…