Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2026-46333 (GCVE-0-2026-46333)
Vulnerability from cvelistv5 – Published: 2026-05-15 12:58 – Updated: 2026-07-01 12:05- CWE-269 - Improper Privilege Management
| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
bfedb589252c01fa505ac9f6f2a3d5d68d707ef4 , < 93d4ba49d18e3d7fb41a9927c2d0cca5e9dfefd6
(git)
Affected: bfedb589252c01fa505ac9f6f2a3d5d68d707ef4 , < 15b828a46f305ae9f05a7c16914b3ce273474205 (git) Affected: bfedb589252c01fa505ac9f6f2a3d5d68d707ef4 , < 4709234fd1b95136ceb789f639b1e7ea5de1b181 (git) Affected: bfedb589252c01fa505ac9f6f2a3d5d68d707ef4 , < 8f907d345bae8f4b3f004c5abc56bf2dfb851ea7 (git) Affected: bfedb589252c01fa505ac9f6f2a3d5d68d707ef4 , < 6e5b51e74a40d377bcd3081dd33fbaa0e1aa7e3d (git) Affected: bfedb589252c01fa505ac9f6f2a3d5d68d707ef4 , < 2a93a4fac7b6051d3be7cd1b015fe7320cd0404d (git) Affected: bfedb589252c01fa505ac9f6f2a3d5d68d707ef4 , < 01363cb3fbd0238ffdeb09f53e9039c9edf8a730 (git) Affected: bfedb589252c01fa505ac9f6f2a3d5d68d707ef4 , < 31e62c2ebbfdc3fe3dbdf5e02c92a9dc67087a3a (git) Affected: d5b3e840dbf6dd2c0f30b5982b6f5ecd49e46b12 (git) Affected: 03eed7afbc09e061f66b448daf7863174c3dc3f3 (git) Affected: e45692fa1aea06676449b63ef3c2b6e1e72b7578 (git) Affected: 694a95fa6dae4991f16cda333d897ea063021fed (git) Affected: 3.16.52 , < 3.17 (semver) Affected: 4.4.40 , < 4.5 (semver) Affected: 4.8.16 , < 4.9 (semver) Affected: 4.9.1 , < 4.10 (semver) |
|
| Linux | Linux |
Affected:
4.10
Unaffected: 0 , < 4.10 (semver) Unaffected: 5.10.256 , ≤ 5.10.* (semver) Unaffected: 5.15.207 , ≤ 5.15.* (semver) Unaffected: 6.1.173 , ≤ 6.1.* (semver) Unaffected: 6.6.139 , ≤ 6.6.* (semver) Unaffected: 6.12.89 , ≤ 6.12.* (semver) Unaffected: 6.18.31 , ≤ 6.18.* (semver) Unaffected: 7.0.8 , ≤ 7.0.* (semver) Unaffected: 7.1 , ≤ * (original_commit_for_fix) |
|
| Red Hat | NVIDIA for RHEL 10 |
cpe:/a:redhat:enterprise_linux_nvidia:10::el10 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.20 |
cpe:/a:redhat:openshift:4.20::el8 cpe:/a:redhat:openshift:4.20::el9 |
|
| Red Hat | Red Hat Enterprise Linux AppStream EUS (v. 10.0) |
cpe:/o:redhat:enterprise_linux_eus:10.0 |
|
| Red Hat | Red Hat Enterprise Linux AppStream (v. 10) |
cpe:/o:redhat:enterprise_linux:10.2 |
|
| Red Hat | Red Hat Enterprise Linux AppStream E4S (v.9.0) |
cpe:/a:redhat:rhel_e4s:9.0::appstream |
|
| Red Hat | Red Hat Enterprise Linux AppStream E4S (v.9.2) |
cpe:/a:redhat:rhel_e4s:9.2::appstream |
|
| Red Hat | Red Hat Enterprise Linux AppStream EUS (v.9.4) |
cpe:/a:redhat:rhel_eus:9.4::appstream |
|
| Red Hat | Red Hat Enterprise Linux AppStream EUS (v.9.6) |
cpe:/a:redhat:rhel_eus:9.6::appstream |
|
| Red Hat | Red Hat Enterprise Linux AppStream (v. 9) |
cpe:/a:redhat:enterprise_linux:9::appstream |
|
| Red Hat | Red Hat Enterprise Linux BaseOS EUS (v. 10.0) |
cpe:/o:redhat:enterprise_linux_eus:10.0 |
|
| Red Hat | Red Hat Enterprise Linux BaseOS (v. 10) |
cpe:/o:redhat:enterprise_linux:10.2 |
|
| Red Hat | Red Hat Enterprise Linux BaseOS (v. 8) |
cpe:/o:redhat:enterprise_linux:8::baseos |
|
| Red Hat | Red Hat Enterprise Linux BaseOS AUS (v.8.4) |
cpe:/o:redhat:rhel_aus:8.4::baseos |
|
| Red Hat | Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4) |
cpe:/o:redhat:rhel_eus_long_life:8.4::baseos |
|
| Red Hat | Red Hat Enterprise Linux BaseOS AUS (v.8.6) |
cpe:/o:redhat:rhel_aus:8.6::baseos |
|
| Red Hat | Red Hat Enterprise Linux BaseOS E4S (v.8.6) |
cpe:/o:redhat:rhel_e4s:8.6::baseos |
|
| Red Hat | Red Hat Enterprise Linux BaseOS TUS (v.8.6) |
cpe:/o:redhat:rhel_tus:8.6::baseos |
|
| Red Hat | Red Hat Enterprise Linux BaseOS E4S (v.8.8) |
cpe:/o:redhat:rhel_e4s:8.8::baseos |
|
| Red Hat | Red Hat Enterprise Linux BaseOS TUS (v.8.8) |
cpe:/o:redhat:rhel_tus:8.8::baseos |
|
| Red Hat | Red Hat Enterprise Linux BaseOS E4S (v.9.0) |
cpe:/o:redhat:rhel_e4s:9.0::baseos |
|
| Red Hat | Red Hat Enterprise Linux BaseOS E4S (v.9.2) |
cpe:/o:redhat:rhel_e4s:9.2::baseos |
|
| Red Hat | Red Hat Enterprise Linux BaseOS E4S (v.9.4) |
cpe:/o:redhat:rhel_e4s:9.4::baseos |
|
| Red Hat | Red Hat Enterprise Linux BaseOS EUS (v.9.4) |
cpe:/o:redhat:rhel_eus:9.4::baseos |
|
| Red Hat | Red Hat Enterprise Linux BaseOS EUS (v.9.6) |
cpe:/o:redhat:rhel_eus:9.6::baseos |
|
| Red Hat | Red Hat Enterprise Linux BaseOS (v. 9) |
cpe:/o:redhat:enterprise_linux:9::baseos |
|
| Red Hat | Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0) |
cpe:/o:redhat:enterprise_linux_eus:10.0 |
|
| Red Hat | Red Hat Enterprise Linux CodeReady Linux Builder (v. 10) |
cpe:/o:redhat:enterprise_linux:10.2 |
|
| Red Hat | Red Hat Enterprise Linux CRB (v. 8) |
cpe:/a:redhat:enterprise_linux:8::crb |
|
| Red Hat | Red Hat CodeReady Linux Builder EUS (v.9.4) |
cpe:/a:redhat:rhel_eus:9.4::crb |
|
| Red Hat | Red Hat CodeReady Linux Builder EUS (v.9.6) |
cpe:/a:redhat:rhel_eus:9.6::crb |
|
| Red Hat | Red Hat Enterprise Linux CodeReady Linux Builder (v. 9) |
cpe:/a:redhat:enterprise_linux:9::crb |
|
| Red Hat | Red Hat Enterprise Linux Real Time for NFV EUS (v. 10.0) |
cpe:/o:redhat:enterprise_linux_eus:10.0 |
|
| Red Hat | Red Hat Enterprise Linux Real Time for NFV (v. 10) |
cpe:/o:redhat:enterprise_linux:10.2 |
|
| Red Hat | Red Hat Enterprise Linux NFV (v. 8) |
cpe:/a:redhat:enterprise_linux:8::nfv |
|
| Red Hat | Red Hat Enterprise Linux NFV E4S (v.9.0) |
cpe:/a:redhat:rhel_e4s:9.0::nfv |
|
| Red Hat | Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2) |
cpe:/a:redhat:rhel_e4s:9.2::nfv |
|
| Red Hat | Red Hat Enterprise Linux Real Time for NFV EUS (v.9.4) |
cpe:/a:redhat:rhel_eus:9.4::nfv |
|
| Red Hat | Red Hat Enterprise Linux Real Time for NFV EUS (v.9.6) |
cpe:/a:redhat:rhel_eus:9.6::nfv |
|
| Red Hat | Red Hat Enterprise Linux Real Time for NFV (v. 9) |
cpe:/a:redhat:enterprise_linux:9::nfv |
|
| Red Hat | Red Hat Enterprise Linux Real Time EUS (v. 10.0) |
cpe:/o:redhat:enterprise_linux_eus:10.0 |
|
| Red Hat | Red Hat Enterprise Linux Real Time (v. 10) |
cpe:/o:redhat:enterprise_linux:10.2 |
|
| Red Hat | Red Hat Enterprise Linux RT (v. 8) |
cpe:/a:redhat:enterprise_linux:8::realtime |
|
| Red Hat | Red Hat Enterprise Linux Real Time E4S (v.9.0) |
cpe:/a:redhat:rhel_e4s:9.0::realtime |
|
| Red Hat | Red Hat Enterprise Linux Real Time E4S (v.9.2) |
cpe:/a:redhat:rhel_e4s:9.2::realtime |
|
| Red Hat | Red Hat Enterprise Linux Real Time EUS (v.9.4) |
cpe:/a:redhat:rhel_eus:9.4::realtime |
|
| Red Hat | Red Hat Enterprise Linux Real Time EUS (v.9.6) |
cpe:/a:redhat:rhel_eus:9.6::realtime |
|
| Red Hat | Red Hat Enterprise Linux Real Time (v. 9) |
cpe:/a:redhat:enterprise_linux:9::realtime |
|
| Red Hat | Red Hat OpenShift Container Platform 4 |
cpe:/a:redhat:openshift:4 |
|
| Red Hat | Red Hat Enterprise Linux 6 |
cpe:/o:redhat:enterprise_linux:6 |
|
| Red Hat | Red Hat Enterprise Linux 7 |
cpe:/o:redhat:enterprise_linux:7 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2026-05-20T18:47:13.604Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2026/05/15/9"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2026/05/msg00032.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2026/05/msg00035.html"
},
{
"url": "http://www.openwall.com/lists/oss-security/2026/05/20/14"
},
{
"url": "http://www.openwall.com/lists/oss-security/2026/05/20/16"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-46333",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-21T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-22T03:55:24.391Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/0xdeadbeefnetwork/ssh-keysign-pwn/"
}
],
"title": "CISA ADP Vulnrichment"
},
{
"affected": [
{
"cpes": [
"cpe:/a:redhat:enterprise_linux_nvidia:10::el10"
],
"defaultStatus": "affected",
"product": "NVIDIA for RHEL 10",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift:4.20::el8",
"cpe:/a:redhat:openshift:4.20::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Container Platform 4.20",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux_eus:10.0"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:10.2"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream (v. 10)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_e4s:9.0::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_e4s:9.2::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_eus:9.4::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_eus:9.6::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:enterprise_linux:9::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream (v. 9)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux_eus:10.0"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux BaseOS EUS (v. 10.0)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:10.2"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux BaseOS (v. 10)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:8::baseos"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux BaseOS (v. 8)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:rhel_aus:8.4::baseos"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:rhel_eus_long_life:8.4::baseos"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:rhel_aus:8.6::baseos"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux BaseOS AUS (v.8.6)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:rhel_e4s:8.6::baseos"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:rhel_tus:8.6::baseos"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux BaseOS TUS (v.8.6)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:rhel_e4s:8.8::baseos"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:rhel_tus:8.8::baseos"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux BaseOS TUS (v.8.8)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:rhel_e4s:9.0::baseos"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:rhel_e4s:9.2::baseos"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:rhel_e4s:9.4::baseos"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux BaseOS E4S (v.9.4)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:rhel_eus:9.4::baseos"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:rhel_eus:9.6::baseos"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:9::baseos"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux BaseOS (v. 9)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux_eus:10.0"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:10.2"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:enterprise_linux:8::crb"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux CRB (v. 8)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_eus:9.4::crb"
],
"defaultStatus": "affected",
"product": "Red Hat CodeReady Linux Builder EUS (v.9.4)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_eus:9.6::crb"
],
"defaultStatus": "affected",
"product": "Red Hat CodeReady Linux Builder EUS (v.9.6)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:enterprise_linux:9::crb"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux_eus:10.0"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux Real Time for NFV EUS (v. 10.0)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:10.2"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux Real Time for NFV (v. 10)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:enterprise_linux:8::nfv"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux NFV (v. 8)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_e4s:9.0::nfv"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux NFV E4S (v.9.0)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_e4s:9.2::nfv"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_eus:9.4::nfv"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux Real Time for NFV EUS (v.9.4)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_eus:9.6::nfv"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux Real Time for NFV EUS (v.9.6)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:enterprise_linux:9::nfv"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux Real Time for NFV (v. 9)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux_eus:10.0"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux Real Time EUS (v. 10.0)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:10.2"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux Real Time (v. 10)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:enterprise_linux:8::realtime"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux RT (v. 8)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_e4s:9.0::realtime"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux Real Time E4S (v.9.0)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_e4s:9.2::realtime"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_eus:9.4::realtime"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux Real Time EUS (v.9.4)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_eus:9.6::realtime"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux Real Time EUS (v.9.6)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:enterprise_linux:9::realtime"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux Real Time (v. 9)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:6"
],
"defaultStatus": "unaffected",
"product": "Red Hat Enterprise Linux 6",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
],
"defaultStatus": "unaffected",
"product": "Red Hat Enterprise Linux 7",
"vendor": "Red Hat"
}
],
"datePublic": "2026-05-15T05:55:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in the Linux kernel that allows an unprivileged local user to read sensitive files normally restricted to the root user. The flaw occurs during process exit, where a brief window allows an attacker to intercept file access from a privileged process before it fully terminates. Successful exploitation may lead to the disclosure of sensitive data such as SSH host private keys or /etc/shadow contents."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Important"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-01T12:05:06.860Z",
"orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
"shortName": "redhat-SADP"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2026-46333"
},
{
"name": "RHBZ#2477802",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477802"
},
{
"tags": [
"x_sadp-csaf-vex"
],
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-46333.json"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19540"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:33486"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:21701"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:21702"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:20299"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19569"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19705"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:20593"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:20054"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:20129"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19568"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19666"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:23470"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:20130"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:20051"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19521"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:23471"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:23469"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:24814"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:23468"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19664"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19711"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19875"
}
],
"solutions": [
{
"lang": "en",
"value": "RHSA-2026:19540: NVIDIA for RHEL 10"
},
{
"lang": "en",
"value": "RHSA-2026:33486: NVIDIA for RHEL 10"
},
{
"lang": "en",
"value": "RHSA-2026:21701: Red Hat OpenShift Container Platform 4.20"
},
{
"lang": "en",
"value": "RHSA-2026:21702: Red Hat OpenShift Container Platform 4.20"
},
{
"lang": "en",
"value": "RHSA-2026:20299: Red Hat Enterprise Linux AppStream EUS (v. 10.0), Red Hat Enterprise Linux BaseOS EUS (v. 10.0), Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0), Red Hat Enterprise Linux Real Time EUS (v. 10.0), Red Hat Enterprise Linux Real Time for NFV EUS (v. 10.0)"
},
{
"lang": "en",
"value": "RHSA-2026:19569: Red Hat Enterprise Linux AppStream (v. 10), Red Hat Enterprise Linux BaseOS (v. 10), Red Hat Enterprise Linux CodeReady Linux Builder (v. 10), Red Hat Enterprise Linux Real Time (v. 10), Red Hat Enterprise Linux Real Time for NFV (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:19705: Red Hat Enterprise Linux AppStream E4S (v.9.0), Red Hat Enterprise Linux BaseOS E4S (v.9.0)"
},
{
"lang": "en",
"value": "RHSA-2026:20593: Red Hat Enterprise Linux AppStream E4S (v.9.2), Red Hat Enterprise Linux BaseOS E4S (v.9.2)"
},
{
"lang": "en",
"value": "RHSA-2026:20054: Red Hat CodeReady Linux Builder EUS (v.9.4), Red Hat Enterprise Linux AppStream EUS (v.9.4), Red Hat Enterprise Linux BaseOS EUS (v.9.4), Red Hat Enterprise Linux Real Time EUS (v.9.4), Red Hat Enterprise Linux Real Time for NFV EUS (v.9.4)"
},
{
"lang": "en",
"value": "RHSA-2026:20129: Red Hat CodeReady Linux Builder EUS (v.9.6), Red Hat Enterprise Linux AppStream EUS (v.9.6), Red Hat Enterprise Linux BaseOS EUS (v.9.6), Red Hat Enterprise Linux Real Time EUS (v.9.6), Red Hat Enterprise Linux Real Time for NFV EUS (v.9.6)"
},
{
"lang": "en",
"value": "RHSA-2026:19568: Red Hat Enterprise Linux AppStream (v. 9), Red Hat Enterprise Linux BaseOS (v. 9), Red Hat Enterprise Linux CodeReady Linux Builder (v. 9), Red Hat Enterprise Linux Real Time (v. 9), Red Hat Enterprise Linux Real Time for NFV (v. 9)"
},
{
"lang": "en",
"value": "RHSA-2026:19666: Red Hat Enterprise Linux BaseOS (v. 8), Red Hat Enterprise Linux CRB (v. 8)"
},
{
"lang": "en",
"value": "RHSA-2026:23470: Red Hat Enterprise Linux BaseOS (v. 8)"
},
{
"lang": "en",
"value": "RHSA-2026:20130: Red Hat Enterprise Linux BaseOS AUS (v.8.4), Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)"
},
{
"lang": "en",
"value": "RHSA-2026:20051: Red Hat Enterprise Linux BaseOS AUS (v.8.6), Red Hat Enterprise Linux BaseOS E4S (v.8.6), Red Hat Enterprise Linux BaseOS TUS (v.8.6)"
},
{
"lang": "en",
"value": "RHSA-2026:19521: Red Hat Enterprise Linux BaseOS E4S (v.8.8), Red Hat Enterprise Linux BaseOS TUS (v.8.8)"
},
{
"lang": "en",
"value": "RHSA-2026:23471: Red Hat Enterprise Linux BaseOS E4S (v.8.8)"
},
{
"lang": "en",
"value": "RHSA-2026:23469: Red Hat Enterprise Linux BaseOS E4S (v.9.2)"
},
{
"lang": "en",
"value": "RHSA-2026:24814: Red Hat Enterprise Linux BaseOS E4S (v.9.4)"
},
{
"lang": "en",
"value": "RHSA-2026:23468: Red Hat Enterprise Linux BaseOS EUS (v.9.6)"
},
{
"lang": "en",
"value": "RHSA-2026:19664: Red Hat Enterprise Linux NFV (v. 8), Red Hat Enterprise Linux RT (v. 8)"
},
{
"lang": "en",
"value": "RHSA-2026:19711: Red Hat Enterprise Linux NFV E4S (v.9.0), Red Hat Enterprise Linux Real Time E4S (v.9.0)"
},
{
"lang": "en",
"value": "RHSA-2026:19875: Red Hat Enterprise Linux Real Time E4S (v.9.2), Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-05-15T08:27:21.590Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2026-05-15T05:55:00.000Z",
"value": "Made public."
}
],
"title": "kernel: Read root-owned files as an unprivileged user",
"workarounds": [
{
"lang": "en",
"value": "See the security bulletin for a detailed mitigation procedure."
}
],
"x_adpType": "supplier",
"x_generator": {
"engine": "sadp-cli 1.0.0"
}
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"include/linux/sched.h",
"kernel/exit.c",
"kernel/ptrace.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "93d4ba49d18e3d7fb41a9927c2d0cca5e9dfefd6",
"status": "affected",
"version": "bfedb589252c01fa505ac9f6f2a3d5d68d707ef4",
"versionType": "git"
},
{
"lessThan": "15b828a46f305ae9f05a7c16914b3ce273474205",
"status": "affected",
"version": "bfedb589252c01fa505ac9f6f2a3d5d68d707ef4",
"versionType": "git"
},
{
"lessThan": "4709234fd1b95136ceb789f639b1e7ea5de1b181",
"status": "affected",
"version": "bfedb589252c01fa505ac9f6f2a3d5d68d707ef4",
"versionType": "git"
},
{
"lessThan": "8f907d345bae8f4b3f004c5abc56bf2dfb851ea7",
"status": "affected",
"version": "bfedb589252c01fa505ac9f6f2a3d5d68d707ef4",
"versionType": "git"
},
{
"lessThan": "6e5b51e74a40d377bcd3081dd33fbaa0e1aa7e3d",
"status": "affected",
"version": "bfedb589252c01fa505ac9f6f2a3d5d68d707ef4",
"versionType": "git"
},
{
"lessThan": "2a93a4fac7b6051d3be7cd1b015fe7320cd0404d",
"status": "affected",
"version": "bfedb589252c01fa505ac9f6f2a3d5d68d707ef4",
"versionType": "git"
},
{
"lessThan": "01363cb3fbd0238ffdeb09f53e9039c9edf8a730",
"status": "affected",
"version": "bfedb589252c01fa505ac9f6f2a3d5d68d707ef4",
"versionType": "git"
},
{
"lessThan": "31e62c2ebbfdc3fe3dbdf5e02c92a9dc67087a3a",
"status": "affected",
"version": "bfedb589252c01fa505ac9f6f2a3d5d68d707ef4",
"versionType": "git"
},
{
"status": "affected",
"version": "d5b3e840dbf6dd2c0f30b5982b6f5ecd49e46b12",
"versionType": "git"
},
{
"status": "affected",
"version": "03eed7afbc09e061f66b448daf7863174c3dc3f3",
"versionType": "git"
},
{
"status": "affected",
"version": "e45692fa1aea06676449b63ef3c2b6e1e72b7578",
"versionType": "git"
},
{
"status": "affected",
"version": "694a95fa6dae4991f16cda333d897ea063021fed",
"versionType": "git"
},
{
"lessThan": "3.17",
"status": "affected",
"version": "3.16.52",
"versionType": "semver"
},
{
"lessThan": "4.5",
"status": "affected",
"version": "4.4.40",
"versionType": "semver"
},
{
"lessThan": "4.9",
"status": "affected",
"version": "4.8.16",
"versionType": "semver"
},
{
"lessThan": "4.10",
"status": "affected",
"version": "4.9.1",
"versionType": "semver"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"include/linux/sched.h",
"kernel/exit.c",
"kernel/ptrace.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.10"
},
{
"lessThan": "4.10",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.256",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.207",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.173",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.139",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"version": "6.12.89",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.18.*",
"status": "unaffected",
"version": "6.18.31",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.*",
"status": "unaffected",
"version": "7.0.8",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "7.1",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.256",
"versionStartIncluding": "4.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.207",
"versionStartIncluding": "4.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.173",
"versionStartIncluding": "4.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.139",
"versionStartIncluding": "4.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.12.89",
"versionStartIncluding": "4.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.18.31",
"versionStartIncluding": "4.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.0.8",
"versionStartIncluding": "4.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.1",
"versionStartIncluding": "4.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.16.52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.4.40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.8.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.9.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nptrace: slightly saner \u0027get_dumpable()\u0027 logic\n\nThe \u0027dumpability\u0027 of a task is fundamentally about the memory image of\nthe task - the concept comes from whether it can core dump or not - and\nmakes no sense when you don\u0027t have an associated mm.\n\nAnd almost all users do in fact use it only for the case where the task\nhas a mm pointer.\n\nBut we have one odd special case: ptrace_may_access() uses \u0027dumpable\u0027 to\ncheck various other things entirely independently of the MM (typically\nexplicitly using flags like PTRACE_MODE_READ_FSCREDS). Including for\nthreads that no longer have a VM (and maybe never did, like most kernel\nthreads).\n\nIt\u0027s not what this flag was designed for, but it is what it is.\n\nThe ptrace code does check that the uid/gid matches, so you do have to\nbe uid-0 to see kernel thread details, but this means that the\ntraditional \"drop capabilities\" model doesn\u0027t make any difference for\nthis all.\n\nMake it all make a *bit* more sense by saying that if you don\u0027t have a\nMM pointer, we\u0027ll use a cached \"last dumpability\" flag if the thread\never had a MM (it will be zero for kernel threads since it is never\nset), and require a proper CAP_SYS_PTRACE capability to override."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-14T18:09:28.322Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/93d4ba49d18e3d7fb41a9927c2d0cca5e9dfefd6"
},
{
"url": "https://git.kernel.org/stable/c/15b828a46f305ae9f05a7c16914b3ce273474205"
},
{
"url": "https://git.kernel.org/stable/c/4709234fd1b95136ceb789f639b1e7ea5de1b181"
},
{
"url": "https://git.kernel.org/stable/c/8f907d345bae8f4b3f004c5abc56bf2dfb851ea7"
},
{
"url": "https://git.kernel.org/stable/c/6e5b51e74a40d377bcd3081dd33fbaa0e1aa7e3d"
},
{
"url": "https://git.kernel.org/stable/c/2a93a4fac7b6051d3be7cd1b015fe7320cd0404d"
},
{
"url": "https://git.kernel.org/stable/c/01363cb3fbd0238ffdeb09f53e9039c9edf8a730"
},
{
"url": "https://git.kernel.org/stable/c/31e62c2ebbfdc3fe3dbdf5e02c92a9dc67087a3a"
}
],
"title": "ptrace: slightly saner \u0027get_dumpable()\u0027 logic",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2026-46333",
"datePublished": "2026-05-15T12:58:44.599Z",
"dateReserved": "2026-05-13T15:03:33.113Z",
"dateUpdated": "2026-07-01T12:05:06.860Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2026-46333",
"date": "2026-07-01",
"epss": "0.0138",
"percentile": "0.68747"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2026-46333\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2026-05-15T14:16:35.793\",\"lastModified\":\"2026-07-01T13:17:36.713\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nptrace: slightly saner \u0027get_dumpable()\u0027 logic\\n\\nThe \u0027dumpability\u0027 of a task is fundamentally about the memory image of\\nthe task - the concept comes from whether it can core dump or not - and\\nmakes no sense when you don\u0027t have an associated mm.\\n\\nAnd almost all users do in fact use it only for the case where the task\\nhas a mm pointer.\\n\\nBut we have one odd special case: ptrace_may_access() uses \u0027dumpable\u0027 to\\ncheck various other things entirely independently of the MM (typically\\nexplicitly using flags like PTRACE_MODE_READ_FSCREDS). Including for\\nthreads that no longer have a VM (and maybe never did, like most kernel\\nthreads).\\n\\nIt\u0027s not what this flag was designed for, but it is what it is.\\n\\nThe ptrace code does check that the uid/gid matches, so you do have to\\nbe uid-0 to see kernel thread details, but this means that the\\ntraditional \\\"drop capabilities\\\" model doesn\u0027t make any difference for\\nthis all.\\n\\nMake it all make a *bit* more sense by saying that if you don\u0027t have a\\nMM pointer, we\u0027ll use a cached \\\"last dumpability\\\" flag if the thread\\never had a MM (it will be zero for kernel threads since it is never\\nset), and require a proper CAP_SYS_PTRACE capability to override.\"}],\"affected\":[{\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"affectedData\":[{\"vendor\":\"Linux\",\"product\":\"Linux\",\"defaultStatus\":\"unaffected\",\"programFiles\":[\"include/linux/sched.h\",\"kernel/exit.c\",\"kernel/ptrace.c\"],\"repo\":\"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\",\"versions\":[{\"version\":\"bfedb589252c01fa505ac9f6f2a3d5d68d707ef4\",\"lessThan\":\"93d4ba49d18e3d7fb41a9927c2d0cca5e9dfefd6\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"bfedb589252c01fa505ac9f6f2a3d5d68d707ef4\",\"lessThan\":\"15b828a46f305ae9f05a7c16914b3ce273474205\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"bfedb589252c01fa505ac9f6f2a3d5d68d707ef4\",\"lessThan\":\"4709234fd1b95136ceb789f639b1e7ea5de1b181\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"bfedb589252c01fa505ac9f6f2a3d5d68d707ef4\",\"lessThan\":\"8f907d345bae8f4b3f004c5abc56bf2dfb851ea7\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"bfedb589252c01fa505ac9f6f2a3d5d68d707ef4\",\"lessThan\":\"6e5b51e74a40d377bcd3081dd33fbaa0e1aa7e3d\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"bfedb589252c01fa505ac9f6f2a3d5d68d707ef4\",\"lessThan\":\"2a93a4fac7b6051d3be7cd1b015fe7320cd0404d\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"bfedb589252c01fa505ac9f6f2a3d5d68d707ef4\",\"lessThan\":\"01363cb3fbd0238ffdeb09f53e9039c9edf8a730\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"bfedb589252c01fa505ac9f6f2a3d5d68d707ef4\",\"lessThan\":\"31e62c2ebbfdc3fe3dbdf5e02c92a9dc67087a3a\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"d5b3e840dbf6dd2c0f30b5982b6f5ecd49e46b12\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"03eed7afbc09e061f66b448daf7863174c3dc3f3\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"e45692fa1aea06676449b63ef3c2b6e1e72b7578\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"694a95fa6dae4991f16cda333d897ea063021fed\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"3.16.52\",\"lessThan\":\"3.17\",\"versionType\":\"semver\",\"status\":\"affected\"},{\"version\":\"4.4.40\",\"lessThan\":\"4.5\",\"versionType\":\"semver\",\"status\":\"affected\"},{\"version\":\"4.8.16\",\"lessThan\":\"4.9\",\"versionType\":\"semver\",\"status\":\"affected\"},{\"version\":\"4.9.1\",\"lessThan\":\"4.10\",\"versionType\":\"semver\",\"status\":\"affected\"}]},{\"vendor\":\"Linux\",\"product\":\"Linux\",\"defaultStatus\":\"affected\",\"programFiles\":[\"include/linux/sched.h\",\"kernel/exit.c\",\"kernel/ptrace.c\"],\"repo\":\"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\",\"versions\":[{\"version\":\"4.10\",\"status\":\"affected\"},{\"version\":\"0\",\"lessThan\":\"4.10\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"5.10.256\",\"lessThanOrEqual\":\"5.10.*\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"5.15.207\",\"lessThanOrEqual\":\"5.15.*\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"6.1.173\",\"lessThanOrEqual\":\"6.1.*\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"6.6.139\",\"lessThanOrEqual\":\"6.6.*\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"6.12.89\",\"lessThanOrEqual\":\"6.12.*\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"6.18.31\",\"lessThanOrEqual\":\"6.18.*\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"7.0.8\",\"lessThanOrEqual\":\"7.0.*\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"7.1\",\"lessThanOrEqual\":\"*\",\"versionType\":\"original_commit_for_fix\",\"status\":\"unaffected\"}]}]},{\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"affectedData\":[{\"vendor\":\"Red Hat\",\"product\":\"NVIDIA for RHEL 10\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:enterprise_linux_nvidia:10::el10\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Container Platform 4.20\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift:4.20::el8\",\"cpe:/a:redhat:openshift:4.20::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AppStream EUS (v. 10.0)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux_eus:10.0\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AppStream (v. 10)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:10.2\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AppStream E4S (v.9.0)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhel_e4s:9.0::appstream\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AppStream E4S (v.9.2)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhel_e4s:9.2::appstream\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AppStream EUS (v.9.4)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhel_eus:9.4::appstream\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AppStream EUS (v.9.6)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhel_eus:9.6::appstream\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AppStream (v. 9)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:enterprise_linux:9::appstream\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux BaseOS EUS (v. 10.0)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux_eus:10.0\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux BaseOS (v. 10)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:10.2\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux BaseOS (v. 8)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:8::baseos\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux BaseOS AUS (v.8.4)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:rhel_aus:8.4::baseos\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:rhel_eus_long_life:8.4::baseos\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux BaseOS AUS (v.8.6)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:rhel_aus:8.6::baseos\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux BaseOS E4S (v.8.6)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:rhel_e4s:8.6::baseos\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux BaseOS TUS (v.8.6)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:rhel_tus:8.6::baseos\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux BaseOS E4S (v.8.8)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:rhel_e4s:8.8::baseos\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux BaseOS TUS (v.8.8)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:rhel_tus:8.8::baseos\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux BaseOS E4S (v.9.0)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:rhel_e4s:9.0::baseos\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux BaseOS E4S (v.9.2)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:rhel_e4s:9.2::baseos\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux BaseOS E4S (v.9.4)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:rhel_e4s:9.4::baseos\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux BaseOS EUS (v.9.4)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:rhel_eus:9.4::baseos\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux BaseOS EUS (v.9.6)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:rhel_eus:9.6::baseos\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux BaseOS (v. 9)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:9::baseos\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux_eus:10.0\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:10.2\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux CRB (v. 8)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:enterprise_linux:8::crb\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat CodeReady Linux Builder EUS (v.9.4)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhel_eus:9.4::crb\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat CodeReady Linux Builder EUS (v.9.6)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhel_eus:9.6::crb\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:enterprise_linux:9::crb\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux Real Time for NFV EUS (v. 10.0)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux_eus:10.0\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux Real Time for NFV (v. 10)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:10.2\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux NFV (v. 8)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:enterprise_linux:8::nfv\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux NFV E4S (v.9.0)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhel_e4s:9.0::nfv\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhel_e4s:9.2::nfv\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux Real Time for NFV EUS (v.9.4)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhel_eus:9.4::nfv\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux Real Time for NFV EUS (v.9.6)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhel_eus:9.6::nfv\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux Real Time for NFV (v. 9)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:enterprise_linux:9::nfv\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux Real Time EUS (v. 10.0)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux_eus:10.0\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux Real Time (v. 10)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:10.2\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux RT (v. 8)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:enterprise_linux:8::realtime\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux Real Time E4S (v.9.0)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhel_e4s:9.0::realtime\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux Real Time E4S (v.9.2)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhel_e4s:9.2::realtime\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux Real Time EUS (v.9.4)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhel_eus:9.4::realtime\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux Real Time EUS (v.9.6)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhel_eus:9.6::realtime\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux Real Time (v. 9)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:enterprise_linux:9::realtime\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Container Platform 4\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift:4\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux 6\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:6\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux 7\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:7\"]}]}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N\",\"baseScore\":7.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.8,\"impactScore\":5.2},{\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2026-05-21T00:00:00+00:00\",\"id\":\"CVE-2026-46333\",\"options\":[{\"exploitation\":\"poc\"},{\"automatable\":\"no\"},{\"technicalImpact\":\"total\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"weaknesses\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-269\"}]},{\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-269\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.16.52\",\"versionEndExcluding\":\"3.17\",\"matchCriteriaId\":\"05033BFD-A5E6-4D50-861A-0DFC71F68928\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.4.40\",\"versionEndExcluding\":\"4.5\",\"matchCriteriaId\":\"D0CD5855-59A4-434F-8866-C0AC310B1C1E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.8.16\",\"versionEndExcluding\":\"4.9\",\"matchCriteriaId\":\"66431BA1-01B5-476A-B483-AE4E7B830BA7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.9.1\",\"versionEndExcluding\":\"5.10.256\",\"matchCriteriaId\":\"32DDB850-6C00-4D4F-9C55-D74244D1F5CC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.11\",\"versionEndExcluding\":\"5.15.207\",\"matchCriteriaId\":\"9255E454-FB3D-46B1-9414-3EA5B65EEEA2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.16\",\"versionEndExcluding\":\"6.1.173\",\"matchCriteriaId\":\"2AD4A50D-D0DC-4970-8942-AC086C66B4CA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.2\",\"versionEndExcluding\":\"6.6.139\",\"matchCriteriaId\":\"62B22414-1CA8-4470-95F1-F9D5C1DFB1DC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.7\",\"versionEndExcluding\":\"6.12.89\",\"matchCriteriaId\":\"2FC20380-C800-4D5A-BC9F-50124ECB1709\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.13\",\"versionEndExcluding\":\"6.18.31\",\"matchCriteriaId\":\"FAFC1335-4F1D-4680-93F8-9C2051B745F7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.19\",\"versionEndExcluding\":\"7.0.8\",\"matchCriteriaId\":\"962A23E4-220C-4121-8533-753E9922ABDD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"B1EF7059-E670-45F4-B422-54C40FA86390\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D38F0BF-A728-4133-A358-D44A2F7EE6D6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:7.1:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC732D08-5F7B-46D9-B154-E60C7F4F0A97\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA6FEEC2-9F11-4643-8827-749718254FED\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/01363cb3fbd0238ffdeb09f53e9039c9edf8a730\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/15b828a46f305ae9f05a7c16914b3ce273474205\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/2a93a4fac7b6051d3be7cd1b015fe7320cd0404d\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/31e62c2ebbfdc3fe3dbdf5e02c92a9dc67087a3a\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/4709234fd1b95136ceb789f639b1e7ea5de1b181\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/6e5b51e74a40d377bcd3081dd33fbaa0e1aa7e3d\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/8f907d345bae8f4b3f004c5abc56bf2dfb851ea7\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/93d4ba49d18e3d7fb41a9927c2d0cca5e9dfefd6\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/15/9\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/20/14\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2026/05/20/16\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2026/05/msg00032.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2026/05/msg00035.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:19521\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:19540\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:19568\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:19569\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:19664\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:19666\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:19705\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:19711\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:19875\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:20051\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:20054\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:20129\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:20130\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:20299\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:20593\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:21701\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:21702\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:23468\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:23469\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:23470\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:23471\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:24814\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:33486\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/security/cve/CVE-2026-46333\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2477802\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/0xdeadbeefnetwork/ssh-keysign-pwn/\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-46333.json\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"tags\":[\"Product\",\"Third Party Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/15/9\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2026/05/msg00032.html\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2026/05/msg00035.html\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/20/14\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2026/05/20/16\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2026-05-20T18:47:13.604Z\"}}, {\"title\": \"kernel: Read root-owned files as an unprivileged user\", \"metrics\": [{\"other\": {\"type\": \"Red Hat severity rating\", \"content\": {\"value\": \"Important\", \"namespace\": \"https://access.redhat.com/security/updates/classification/\"}}}, {\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.8, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"cpes\": [\"cpe:/a:redhat:enterprise_linux_nvidia:10::el10\"], \"vendor\": \"Red Hat\", \"product\": \"NVIDIA for RHEL 10\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4.20::el8\", \"cpe:/a:redhat:openshift:4.20::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4.20\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux_eus:10.0\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AppStream EUS (v. 10.0)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:10.2\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AppStream (v. 10)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_e4s:9.0::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AppStream E4S (v.9.0)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_e4s:9.2::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AppStream E4S (v.9.2)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_eus:9.4::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AppStream EUS (v.9.4)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_eus:9.6::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AppStream EUS (v.9.6)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux:9::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AppStream (v. 9)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux_eus:10.0\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux BaseOS EUS (v. 10.0)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:10.2\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux BaseOS (v. 10)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:8::baseos\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux BaseOS (v. 8)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:rhel_aus:8.4::baseos\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux BaseOS AUS (v.8.4)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:rhel_eus_long_life:8.4::baseos\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:rhel_aus:8.6::baseos\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux BaseOS AUS (v.8.6)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:rhel_e4s:8.6::baseos\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux BaseOS E4S (v.8.6)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:rhel_tus:8.6::baseos\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux BaseOS TUS (v.8.6)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:rhel_e4s:8.8::baseos\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux BaseOS E4S (v.8.8)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:rhel_tus:8.8::baseos\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux BaseOS TUS (v.8.8)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:rhel_e4s:9.0::baseos\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux BaseOS E4S (v.9.0)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:rhel_e4s:9.2::baseos\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux BaseOS E4S (v.9.2)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:rhel_e4s:9.4::baseos\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux BaseOS E4S (v.9.4)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:rhel_eus:9.4::baseos\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux BaseOS EUS (v.9.4)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:rhel_eus:9.6::baseos\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux BaseOS EUS (v.9.6)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:9::baseos\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux BaseOS (v. 9)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux_eus:10.0\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:10.2\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux:8::crb\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux CRB (v. 8)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_eus:9.4::crb\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat CodeReady Linux Builder EUS (v.9.4)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_eus:9.6::crb\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat CodeReady Linux Builder EUS (v.9.6)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux:9::crb\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux_eus:10.0\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux Real Time for NFV EUS (v. 10.0)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:10.2\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux Real Time for NFV (v. 10)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux:8::nfv\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux NFV (v. 8)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_e4s:9.0::nfv\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux NFV E4S (v.9.0)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_e4s:9.2::nfv\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_eus:9.4::nfv\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux Real Time for NFV EUS (v.9.4)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_eus:9.6::nfv\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux Real Time for NFV EUS (v.9.6)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux:9::nfv\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux Real Time for NFV (v. 9)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux_eus:10.0\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux Real Time EUS (v. 10.0)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:10.2\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux Real Time (v. 10)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux:8::realtime\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux RT (v. 8)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_e4s:9.0::realtime\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux Real Time E4S (v.9.0)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_e4s:9.2::realtime\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux Real Time E4S (v.9.2)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_eus:9.4::realtime\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux Real Time EUS (v.9.4)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_eus:9.6::realtime\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux Real Time EUS (v.9.6)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux:9::realtime\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux Real Time (v. 9)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:6\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 6\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:7\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 7\", \"defaultStatus\": \"unaffected\"}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2026-05-15T08:27:21.590Z\", \"value\": \"Reported to Red Hat.\"}, {\"lang\": \"en\", \"time\": \"2026-05-15T05:55:00.000Z\", \"value\": \"Made public.\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"RHSA-2026:19540: NVIDIA for RHEL 10\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:21701: Red Hat OpenShift Container Platform 4.20\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:21702: Red Hat OpenShift Container Platform 4.20\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:20299: Red Hat Enterprise Linux AppStream EUS (v. 10.0), Red Hat Enterprise Linux BaseOS EUS (v. 10.0), Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0), Red Hat Enterprise Linux Real Time EUS (v. 10.0), Red Hat Enterprise Linux Real Time for NFV EUS (v. 10.0)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:19569: Red Hat Enterprise Linux AppStream (v. 10), Red Hat Enterprise Linux BaseOS (v. 10), Red Hat Enterprise Linux CodeReady Linux Builder (v. 10), Red Hat Enterprise Linux Real Time (v. 10), Red Hat Enterprise Linux Real Time for NFV (v. 10)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:19705: Red Hat Enterprise Linux AppStream E4S (v.9.0), Red Hat Enterprise Linux BaseOS E4S (v.9.0)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:20593: Red Hat Enterprise Linux AppStream E4S (v.9.2), Red Hat Enterprise Linux BaseOS E4S (v.9.2)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:20054: Red Hat CodeReady Linux Builder EUS (v.9.4), Red Hat Enterprise Linux AppStream EUS (v.9.4), Red Hat Enterprise Linux BaseOS EUS (v.9.4), Red Hat Enterprise Linux Real Time EUS (v.9.4), Red Hat Enterprise Linux Real Time for NFV EUS (v.9.4)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:20129: Red Hat CodeReady Linux Builder EUS (v.9.6), Red Hat Enterprise Linux AppStream EUS (v.9.6), Red Hat Enterprise Linux BaseOS EUS (v.9.6), Red Hat Enterprise Linux Real Time EUS (v.9.6), Red Hat Enterprise Linux Real Time for NFV EUS (v.9.6)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:19568: Red Hat Enterprise Linux AppStream (v. 9), Red Hat Enterprise Linux BaseOS (v. 9), Red Hat Enterprise Linux CodeReady Linux Builder (v. 9), Red Hat Enterprise Linux Real Time (v. 9), Red Hat Enterprise Linux Real Time for NFV (v. 9)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:19666: Red Hat Enterprise Linux BaseOS (v. 8), Red Hat Enterprise Linux CRB (v. 8)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:23470: Red Hat Enterprise Linux BaseOS (v. 8)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:20130: Red Hat Enterprise Linux BaseOS AUS (v.8.4), Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:20051: Red Hat Enterprise Linux BaseOS AUS (v.8.6), Red Hat Enterprise Linux BaseOS E4S (v.8.6), Red Hat Enterprise Linux BaseOS TUS (v.8.6)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:19521: Red Hat Enterprise Linux BaseOS E4S (v.8.8), Red Hat Enterprise Linux BaseOS TUS (v.8.8)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:23471: Red Hat Enterprise Linux BaseOS E4S (v.8.8)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:23469: Red Hat Enterprise Linux BaseOS E4S (v.9.2)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:24814: Red Hat Enterprise Linux BaseOS E4S (v.9.4)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:23468: Red Hat Enterprise Linux BaseOS EUS (v.9.6)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:19664: Red Hat Enterprise Linux NFV (v. 8), Red Hat Enterprise Linux RT (v. 8)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:19711: Red Hat Enterprise Linux NFV E4S (v.9.0), Red Hat Enterprise Linux Real Time E4S (v.9.0)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:19875: Red Hat Enterprise Linux Real Time E4S (v.9.2), Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)\"}], \"x_adpType\": \"supplier\", \"datePublic\": \"2026-05-15T05:55:00.000Z\", \"references\": [{\"url\": \"https://access.redhat.com/security/cve/CVE-2026-46333\", \"tags\": [\"vdb-entry\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2477802\", \"name\": \"RHBZ#2477802\", \"tags\": [\"issue-tracking\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-46333.json\", \"tags\": [\"x_sadp-csaf-vex\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:19540\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:21701\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:21702\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:20299\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:19569\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:19705\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:20593\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:20054\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:20129\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:19568\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:19666\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:23470\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:20130\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:20051\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:19521\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:23471\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:23469\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:24814\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:23468\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:19664\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:19711\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:19875\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"See the security bulletin for a detailed mitigation procedure.\"}], \"x_generator\": {\"engine\": \"sadp-cli 1.0.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"A vulnerability was found in the Linux kernel that allows an unprivileged local user to read sensitive files normally restricted to the root user. The flaw occurs during process exit, where a brief window allows an attacker to intercept file access from a privileged process before it fully terminates. Successful exploitation may lead to the disclosure of sensitive data such as SSH host private keys or /etc/shadow contents.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-269\", \"description\": \"Improper Privilege Management\"}]}], \"providerMetadata\": {\"orgId\": \"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\", \"shortName\": \"redhat-SADP\", \"dateUpdated\": \"2026-06-30T03:18:56.319Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-46333\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-05-21T12:57:16.275566Z\"}}}], \"references\": [{\"url\": \"https://github.com/0xdeadbeefnetwork/ssh-keysign-pwn/\", \"tags\": [\"exploit\"]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-269\", \"description\": \"CWE-269 Improper Privilege Management\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-05-18T12:53:39.616Z\"}}], \"cna\": {\"title\": \"ptrace: slightly saner \u0027get_dumpable()\u0027 logic\", \"metrics\": [{\"cvssV3_1\": {\"version\": \"3.1\", \"baseScore\": 7.1, \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N\"}}], \"affected\": [{\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"bfedb589252c01fa505ac9f6f2a3d5d68d707ef4\", \"lessThan\": \"93d4ba49d18e3d7fb41a9927c2d0cca5e9dfefd6\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"bfedb589252c01fa505ac9f6f2a3d5d68d707ef4\", \"lessThan\": \"15b828a46f305ae9f05a7c16914b3ce273474205\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"bfedb589252c01fa505ac9f6f2a3d5d68d707ef4\", \"lessThan\": \"4709234fd1b95136ceb789f639b1e7ea5de1b181\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"bfedb589252c01fa505ac9f6f2a3d5d68d707ef4\", \"lessThan\": \"8f907d345bae8f4b3f004c5abc56bf2dfb851ea7\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"bfedb589252c01fa505ac9f6f2a3d5d68d707ef4\", \"lessThan\": \"6e5b51e74a40d377bcd3081dd33fbaa0e1aa7e3d\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"bfedb589252c01fa505ac9f6f2a3d5d68d707ef4\", \"lessThan\": \"2a93a4fac7b6051d3be7cd1b015fe7320cd0404d\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"bfedb589252c01fa505ac9f6f2a3d5d68d707ef4\", \"lessThan\": \"01363cb3fbd0238ffdeb09f53e9039c9edf8a730\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"bfedb589252c01fa505ac9f6f2a3d5d68d707ef4\", \"lessThan\": \"31e62c2ebbfdc3fe3dbdf5e02c92a9dc67087a3a\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"d5b3e840dbf6dd2c0f30b5982b6f5ecd49e46b12\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"03eed7afbc09e061f66b448daf7863174c3dc3f3\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"e45692fa1aea06676449b63ef3c2b6e1e72b7578\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"694a95fa6dae4991f16cda333d897ea063021fed\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"3.16.52\", \"lessThan\": \"3.17\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"4.4.40\", \"lessThan\": \"4.5\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"4.8.16\", \"lessThan\": \"4.9\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"4.9.1\", \"lessThan\": \"4.10\", \"versionType\": \"semver\"}], \"programFiles\": [\"include/linux/sched.h\", \"kernel/exit.c\", \"kernel/ptrace.c\"], \"defaultStatus\": \"unaffected\"}, {\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.10\"}, {\"status\": \"unaffected\", \"version\": \"0\", \"lessThan\": \"4.10\", \"versionType\": \"semver\"}, {\"status\": \"unaffected\", \"version\": \"5.10.256\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.10.*\"}, {\"status\": \"unaffected\", \"version\": \"5.15.207\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.15.*\"}, {\"status\": \"unaffected\", \"version\": \"6.1.173\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.1.*\"}, {\"status\": \"unaffected\", \"version\": \"6.6.139\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.6.*\"}, {\"status\": \"unaffected\", \"version\": \"6.12.89\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.12.*\"}, {\"status\": \"unaffected\", \"version\": \"6.18.31\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.18.*\"}, {\"status\": \"unaffected\", \"version\": \"7.0.8\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"7.0.*\"}, {\"status\": \"unaffected\", \"version\": \"7.1\", \"versionType\": \"original_commit_for_fix\", \"lessThanOrEqual\": \"*\"}], \"programFiles\": [\"include/linux/sched.h\", \"kernel/exit.c\", \"kernel/ptrace.c\"], \"defaultStatus\": \"affected\"}], \"references\": [{\"url\": \"https://git.kernel.org/stable/c/93d4ba49d18e3d7fb41a9927c2d0cca5e9dfefd6\"}, {\"url\": \"https://git.kernel.org/stable/c/15b828a46f305ae9f05a7c16914b3ce273474205\"}, {\"url\": \"https://git.kernel.org/stable/c/4709234fd1b95136ceb789f639b1e7ea5de1b181\"}, {\"url\": \"https://git.kernel.org/stable/c/8f907d345bae8f4b3f004c5abc56bf2dfb851ea7\"}, {\"url\": \"https://git.kernel.org/stable/c/6e5b51e74a40d377bcd3081dd33fbaa0e1aa7e3d\"}, {\"url\": \"https://git.kernel.org/stable/c/2a93a4fac7b6051d3be7cd1b015fe7320cd0404d\"}, {\"url\": \"https://git.kernel.org/stable/c/01363cb3fbd0238ffdeb09f53e9039c9edf8a730\"}, {\"url\": \"https://git.kernel.org/stable/c/31e62c2ebbfdc3fe3dbdf5e02c92a9dc67087a3a\"}], \"x_generator\": {\"engine\": \"bippy-1.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\nptrace: slightly saner \u0027get_dumpable()\u0027 logic\\n\\nThe \u0027dumpability\u0027 of a task is fundamentally about the memory image of\\nthe task - the concept comes from whether it can core dump or not - and\\nmakes no sense when you don\u0027t have an associated mm.\\n\\nAnd almost all users do in fact use it only for the case where the task\\nhas a mm pointer.\\n\\nBut we have one odd special case: ptrace_may_access() uses \u0027dumpable\u0027 to\\ncheck various other things entirely independently of the MM (typically\\nexplicitly using flags like PTRACE_MODE_READ_FSCREDS). Including for\\nthreads that no longer have a VM (and maybe never did, like most kernel\\nthreads).\\n\\nIt\u0027s not what this flag was designed for, but it is what it is.\\n\\nThe ptrace code does check that the uid/gid matches, so you do have to\\nbe uid-0 to see kernel thread details, but this means that the\\ntraditional \\\"drop capabilities\\\" model doesn\u0027t make any difference for\\nthis all.\\n\\nMake it all make a *bit* more sense by saying that if you don\u0027t have a\\nMM pointer, we\u0027ll use a cached \\\"last dumpability\\\" flag if the thread\\never had a MM (it will be zero for kernel threads since it is never\\nset), and require a proper CAP_SYS_PTRACE capability to override.\"}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.10.256\", \"versionStartIncluding\": \"4.10\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.15.207\", \"versionStartIncluding\": \"4.10\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.1.173\", \"versionStartIncluding\": \"4.10\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.6.139\", \"versionStartIncluding\": \"4.10\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.12.89\", \"versionStartIncluding\": \"4.10\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.18.31\", \"versionStartIncluding\": \"4.10\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"7.0.8\", \"versionStartIncluding\": \"4.10\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"7.1\", \"versionStartIncluding\": \"4.10\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionStartIncluding\": \"3.16.52\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionStartIncluding\": \"4.4.40\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionStartIncluding\": \"4.8.16\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionStartIncluding\": \"4.9.1\"}], \"operator\": \"OR\"}]}], \"providerMetadata\": {\"orgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"shortName\": \"Linux\", \"dateUpdated\": \"2026-06-14T18:09:28.322Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-46333\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-06-30T03:18:56.319Z\", \"dateReserved\": \"2026-05-13T15:03:33.113Z\", \"assignerOrgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"datePublished\": \"2026-05-15T12:58:44.599Z\", \"assignerShortName\": \"Linux\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
RHSA-2026:23468
Vulnerability from csaf_redhat - Published: 2026-06-04 21:47 - Updated: 2026-07-01 19:39A flaw was found in the Linux kernel's networking (skbuff) component. When skb_try_coalesce() attaches paged fragments, it can lose the SKBFL_SHARED_FRAG marker. This can lead to the Encapsulating Security Payload (ESP) input decrypting data in place over page-cache backed fragments, potentially resulting in data corruption.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-0:1-15.el9_6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-0:1-15.el9_6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-0:1-15.el9_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-debuginfo-0:1-15.el9_6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-debuginfo-0:1-15.el9_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-debugsource-0:1-15.el9_6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-debugsource-0:1-15.el9_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-0:1-6.el9_6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-0:1-6.el9_6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-0:1-6.el9_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-debuginfo-0:1-6.el9_6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-debuginfo-0:1-6.el9_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-debugsource-0:1-6.el9_6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-debugsource-0:1-6.el9_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-0:1-5.el9_6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-0:1-5.el9_6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-0:1-5.el9_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-debuginfo-0:1-5.el9_6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-debuginfo-0:1-5.el9_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-debugsource-0:1-5.el9_6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-debugsource-0:1-5.el9_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-0:1-3.el9_6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-0:1-3.el9_6.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-0:1-3.el9_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-debuginfo-0:1-3.el9_6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-debuginfo-0:1-3.el9_6.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-debugsource-0:1-3.el9_6.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-debugsource-0:1-3.el9_6.x86_64 | — |
Vendor Fix
fix
|
A flaw was found in the Linux kernel's XFRM ESP-in-TCP subsystem. Unsafe in-place cryptographic processing allows a low-privileged local attacker to write arbitrary bytes into the page cache of read-only files, including sensitive system files. An attacker can exploit this to overwrite privileged binaries and gain root privileges.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-0:1-15.el9_6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-0:1-15.el9_6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-0:1-15.el9_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-debuginfo-0:1-15.el9_6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-debuginfo-0:1-15.el9_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-debugsource-0:1-15.el9_6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-debugsource-0:1-15.el9_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-0:1-6.el9_6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-0:1-6.el9_6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-0:1-6.el9_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-debuginfo-0:1-6.el9_6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-debuginfo-0:1-6.el9_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-debugsource-0:1-6.el9_6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-debugsource-0:1-6.el9_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-0:1-5.el9_6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-0:1-5.el9_6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-0:1-5.el9_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-debuginfo-0:1-5.el9_6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-debuginfo-0:1-5.el9_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-debugsource-0:1-5.el9_6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-debugsource-0:1-5.el9_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-0:1-3.el9_6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-0:1-3.el9_6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-0:1-3.el9_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-debuginfo-0:1-3.el9_6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-debuginfo-0:1-3.el9_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-debugsource-0:1-3.el9_6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-debugsource-0:1-3.el9_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
A vulnerability was found in the Linux kernel that allows an unprivileged local user to read sensitive files normally restricted to the root user. The flaw occurs during process exit, where a brief window allows an attacker to intercept file access from a privileged process before it fully terminates. Successful exploitation may lead to the disclosure of sensitive data such as SSH host private keys or /etc/shadow contents.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-0:1-15.el9_6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-0:1-15.el9_6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-0:1-15.el9_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-debuginfo-0:1-15.el9_6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-debuginfo-0:1-15.el9_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-debugsource-0:1-15.el9_6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-debugsource-0:1-15.el9_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-0:1-6.el9_6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-0:1-6.el9_6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-0:1-6.el9_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-debuginfo-0:1-6.el9_6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-debuginfo-0:1-6.el9_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-debugsource-0:1-6.el9_6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-debugsource-0:1-6.el9_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-0:1-5.el9_6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-0:1-5.el9_6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-0:1-5.el9_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-debuginfo-0:1-5.el9_6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-debuginfo-0:1-5.el9_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-debugsource-0:1-5.el9_6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-debugsource-0:1-5.el9_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-0:1-3.el9_6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-0:1-3.el9_6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-0:1-3.el9_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-debuginfo-0:1-3.el9_6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-debuginfo-0:1-3.el9_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-debugsource-0:1-3.el9_6.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-debugsource-0:1-3.el9_6.x86_64 | — |
Vendor Fix
fix
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for multiple packages is now available for Red Hat Enterprise Linux 9.6 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This is a kernel live patch module which can be loaded by the kpatch command line utility to modify the code of a running kernel. This patch module is targeted for kernel-5.14.0-570.17.1.el9_6.\n\nSecurity Fix(es):\n\n* kernel: \"Fragnesia\" is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation (LPE) vulnerability in the Linux kernel (CVE-2026-46300)\n\n* kernel: Read root-owned files as an unprivileged user (CVE-2026-46333)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:23468",
"url": "https://access.redhat.com/errata/RHSA-2026:23468"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2477015",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477015"
},
{
"category": "external",
"summary": "2477802",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477802"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_23468.json"
}
],
"title": "Red Hat Security Advisory: kpatch-patch-5_14_0-570_17_1, kpatch-patch-5_14_0-570_39_1, kpatch-patch-5_14_0-570_66_1, and kpatch-patch-5_14_0-570_94_1 security update",
"tracking": {
"current_release_date": "2026-07-01T19:39:25+00:00",
"generator": {
"date": "2026-07-01T19:39:25+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:23468",
"initial_release_date": "2026-06-04T21:47:06+00:00",
"revision_history": [
{
"date": "2026-06-04T21:47:06+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-06-04T21:47:06+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-01T19:39:25+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_eus:9.6::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-570_17_1-0:1-15.el9_6.src",
"product": {
"name": "kpatch-patch-5_14_0-570_17_1-0:1-15.el9_6.src",
"product_id": "kpatch-patch-5_14_0-570_17_1-0:1-15.el9_6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-570_17_1@1-15.el9_6?arch=src"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-570_39_1-0:1-6.el9_6.src",
"product": {
"name": "kpatch-patch-5_14_0-570_39_1-0:1-6.el9_6.src",
"product_id": "kpatch-patch-5_14_0-570_39_1-0:1-6.el9_6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-570_39_1@1-6.el9_6?arch=src"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-570_66_1-0:1-5.el9_6.src",
"product": {
"name": "kpatch-patch-5_14_0-570_66_1-0:1-5.el9_6.src",
"product_id": "kpatch-patch-5_14_0-570_66_1-0:1-5.el9_6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-570_66_1@1-5.el9_6?arch=src"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-570_94_1-0:1-3.el9_6.src",
"product": {
"name": "kpatch-patch-5_14_0-570_94_1-0:1-3.el9_6.src",
"product_id": "kpatch-patch-5_14_0-570_94_1-0:1-3.el9_6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-570_94_1@1-3.el9_6?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-570_17_1-0:1-15.el9_6.ppc64le",
"product": {
"name": "kpatch-patch-5_14_0-570_17_1-0:1-15.el9_6.ppc64le",
"product_id": "kpatch-patch-5_14_0-570_17_1-0:1-15.el9_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-570_17_1@1-15.el9_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-570_17_1-debugsource-0:1-15.el9_6.ppc64le",
"product": {
"name": "kpatch-patch-5_14_0-570_17_1-debugsource-0:1-15.el9_6.ppc64le",
"product_id": "kpatch-patch-5_14_0-570_17_1-debugsource-0:1-15.el9_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-570_17_1-debugsource@1-15.el9_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-570_17_1-debuginfo-0:1-15.el9_6.ppc64le",
"product": {
"name": "kpatch-patch-5_14_0-570_17_1-debuginfo-0:1-15.el9_6.ppc64le",
"product_id": "kpatch-patch-5_14_0-570_17_1-debuginfo-0:1-15.el9_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-570_17_1-debuginfo@1-15.el9_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-570_39_1-0:1-6.el9_6.ppc64le",
"product": {
"name": "kpatch-patch-5_14_0-570_39_1-0:1-6.el9_6.ppc64le",
"product_id": "kpatch-patch-5_14_0-570_39_1-0:1-6.el9_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-570_39_1@1-6.el9_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-570_39_1-debugsource-0:1-6.el9_6.ppc64le",
"product": {
"name": "kpatch-patch-5_14_0-570_39_1-debugsource-0:1-6.el9_6.ppc64le",
"product_id": "kpatch-patch-5_14_0-570_39_1-debugsource-0:1-6.el9_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-570_39_1-debugsource@1-6.el9_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-570_39_1-debuginfo-0:1-6.el9_6.ppc64le",
"product": {
"name": "kpatch-patch-5_14_0-570_39_1-debuginfo-0:1-6.el9_6.ppc64le",
"product_id": "kpatch-patch-5_14_0-570_39_1-debuginfo-0:1-6.el9_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-570_39_1-debuginfo@1-6.el9_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-570_66_1-0:1-5.el9_6.ppc64le",
"product": {
"name": "kpatch-patch-5_14_0-570_66_1-0:1-5.el9_6.ppc64le",
"product_id": "kpatch-patch-5_14_0-570_66_1-0:1-5.el9_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-570_66_1@1-5.el9_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-570_66_1-debugsource-0:1-5.el9_6.ppc64le",
"product": {
"name": "kpatch-patch-5_14_0-570_66_1-debugsource-0:1-5.el9_6.ppc64le",
"product_id": "kpatch-patch-5_14_0-570_66_1-debugsource-0:1-5.el9_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-570_66_1-debugsource@1-5.el9_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-570_66_1-debuginfo-0:1-5.el9_6.ppc64le",
"product": {
"name": "kpatch-patch-5_14_0-570_66_1-debuginfo-0:1-5.el9_6.ppc64le",
"product_id": "kpatch-patch-5_14_0-570_66_1-debuginfo-0:1-5.el9_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-570_66_1-debuginfo@1-5.el9_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-570_94_1-0:1-3.el9_6.ppc64le",
"product": {
"name": "kpatch-patch-5_14_0-570_94_1-0:1-3.el9_6.ppc64le",
"product_id": "kpatch-patch-5_14_0-570_94_1-0:1-3.el9_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-570_94_1@1-3.el9_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-570_94_1-debugsource-0:1-3.el9_6.ppc64le",
"product": {
"name": "kpatch-patch-5_14_0-570_94_1-debugsource-0:1-3.el9_6.ppc64le",
"product_id": "kpatch-patch-5_14_0-570_94_1-debugsource-0:1-3.el9_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-570_94_1-debugsource@1-3.el9_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-570_94_1-debuginfo-0:1-3.el9_6.ppc64le",
"product": {
"name": "kpatch-patch-5_14_0-570_94_1-debuginfo-0:1-3.el9_6.ppc64le",
"product_id": "kpatch-patch-5_14_0-570_94_1-debuginfo-0:1-3.el9_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-570_94_1-debuginfo@1-3.el9_6?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-570_17_1-0:1-15.el9_6.x86_64",
"product": {
"name": "kpatch-patch-5_14_0-570_17_1-0:1-15.el9_6.x86_64",
"product_id": "kpatch-patch-5_14_0-570_17_1-0:1-15.el9_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-570_17_1@1-15.el9_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-570_17_1-debugsource-0:1-15.el9_6.x86_64",
"product": {
"name": "kpatch-patch-5_14_0-570_17_1-debugsource-0:1-15.el9_6.x86_64",
"product_id": "kpatch-patch-5_14_0-570_17_1-debugsource-0:1-15.el9_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-570_17_1-debugsource@1-15.el9_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-570_17_1-debuginfo-0:1-15.el9_6.x86_64",
"product": {
"name": "kpatch-patch-5_14_0-570_17_1-debuginfo-0:1-15.el9_6.x86_64",
"product_id": "kpatch-patch-5_14_0-570_17_1-debuginfo-0:1-15.el9_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-570_17_1-debuginfo@1-15.el9_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-570_39_1-0:1-6.el9_6.x86_64",
"product": {
"name": "kpatch-patch-5_14_0-570_39_1-0:1-6.el9_6.x86_64",
"product_id": "kpatch-patch-5_14_0-570_39_1-0:1-6.el9_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-570_39_1@1-6.el9_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-570_39_1-debugsource-0:1-6.el9_6.x86_64",
"product": {
"name": "kpatch-patch-5_14_0-570_39_1-debugsource-0:1-6.el9_6.x86_64",
"product_id": "kpatch-patch-5_14_0-570_39_1-debugsource-0:1-6.el9_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-570_39_1-debugsource@1-6.el9_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-570_39_1-debuginfo-0:1-6.el9_6.x86_64",
"product": {
"name": "kpatch-patch-5_14_0-570_39_1-debuginfo-0:1-6.el9_6.x86_64",
"product_id": "kpatch-patch-5_14_0-570_39_1-debuginfo-0:1-6.el9_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-570_39_1-debuginfo@1-6.el9_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-570_66_1-0:1-5.el9_6.x86_64",
"product": {
"name": "kpatch-patch-5_14_0-570_66_1-0:1-5.el9_6.x86_64",
"product_id": "kpatch-patch-5_14_0-570_66_1-0:1-5.el9_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-570_66_1@1-5.el9_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-570_66_1-debugsource-0:1-5.el9_6.x86_64",
"product": {
"name": "kpatch-patch-5_14_0-570_66_1-debugsource-0:1-5.el9_6.x86_64",
"product_id": "kpatch-patch-5_14_0-570_66_1-debugsource-0:1-5.el9_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-570_66_1-debugsource@1-5.el9_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-570_66_1-debuginfo-0:1-5.el9_6.x86_64",
"product": {
"name": "kpatch-patch-5_14_0-570_66_1-debuginfo-0:1-5.el9_6.x86_64",
"product_id": "kpatch-patch-5_14_0-570_66_1-debuginfo-0:1-5.el9_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-570_66_1-debuginfo@1-5.el9_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-570_94_1-0:1-3.el9_6.x86_64",
"product": {
"name": "kpatch-patch-5_14_0-570_94_1-0:1-3.el9_6.x86_64",
"product_id": "kpatch-patch-5_14_0-570_94_1-0:1-3.el9_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-570_94_1@1-3.el9_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-570_94_1-debugsource-0:1-3.el9_6.x86_64",
"product": {
"name": "kpatch-patch-5_14_0-570_94_1-debugsource-0:1-3.el9_6.x86_64",
"product_id": "kpatch-patch-5_14_0-570_94_1-debugsource-0:1-3.el9_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-570_94_1-debugsource@1-3.el9_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-570_94_1-debuginfo-0:1-3.el9_6.x86_64",
"product": {
"name": "kpatch-patch-5_14_0-570_94_1-debuginfo-0:1-3.el9_6.x86_64",
"product_id": "kpatch-patch-5_14_0-570_94_1-debuginfo-0:1-3.el9_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-570_94_1-debuginfo@1-3.el9_6?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-570_17_1-0:1-15.el9_6.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-0:1-15.el9_6.ppc64le"
},
"product_reference": "kpatch-patch-5_14_0-570_17_1-0:1-15.el9_6.ppc64le",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-570_17_1-0:1-15.el9_6.src as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-0:1-15.el9_6.src"
},
"product_reference": "kpatch-patch-5_14_0-570_17_1-0:1-15.el9_6.src",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-570_17_1-0:1-15.el9_6.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-0:1-15.el9_6.x86_64"
},
"product_reference": "kpatch-patch-5_14_0-570_17_1-0:1-15.el9_6.x86_64",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-570_17_1-debuginfo-0:1-15.el9_6.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-debuginfo-0:1-15.el9_6.ppc64le"
},
"product_reference": "kpatch-patch-5_14_0-570_17_1-debuginfo-0:1-15.el9_6.ppc64le",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-570_17_1-debuginfo-0:1-15.el9_6.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-debuginfo-0:1-15.el9_6.x86_64"
},
"product_reference": "kpatch-patch-5_14_0-570_17_1-debuginfo-0:1-15.el9_6.x86_64",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-570_17_1-debugsource-0:1-15.el9_6.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-debugsource-0:1-15.el9_6.ppc64le"
},
"product_reference": "kpatch-patch-5_14_0-570_17_1-debugsource-0:1-15.el9_6.ppc64le",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-570_17_1-debugsource-0:1-15.el9_6.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-debugsource-0:1-15.el9_6.x86_64"
},
"product_reference": "kpatch-patch-5_14_0-570_17_1-debugsource-0:1-15.el9_6.x86_64",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-570_39_1-0:1-6.el9_6.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-0:1-6.el9_6.ppc64le"
},
"product_reference": "kpatch-patch-5_14_0-570_39_1-0:1-6.el9_6.ppc64le",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-570_39_1-0:1-6.el9_6.src as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-0:1-6.el9_6.src"
},
"product_reference": "kpatch-patch-5_14_0-570_39_1-0:1-6.el9_6.src",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-570_39_1-0:1-6.el9_6.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-0:1-6.el9_6.x86_64"
},
"product_reference": "kpatch-patch-5_14_0-570_39_1-0:1-6.el9_6.x86_64",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-570_39_1-debuginfo-0:1-6.el9_6.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-debuginfo-0:1-6.el9_6.ppc64le"
},
"product_reference": "kpatch-patch-5_14_0-570_39_1-debuginfo-0:1-6.el9_6.ppc64le",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-570_39_1-debuginfo-0:1-6.el9_6.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-debuginfo-0:1-6.el9_6.x86_64"
},
"product_reference": "kpatch-patch-5_14_0-570_39_1-debuginfo-0:1-6.el9_6.x86_64",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-570_39_1-debugsource-0:1-6.el9_6.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-debugsource-0:1-6.el9_6.ppc64le"
},
"product_reference": "kpatch-patch-5_14_0-570_39_1-debugsource-0:1-6.el9_6.ppc64le",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-570_39_1-debugsource-0:1-6.el9_6.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-debugsource-0:1-6.el9_6.x86_64"
},
"product_reference": "kpatch-patch-5_14_0-570_39_1-debugsource-0:1-6.el9_6.x86_64",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-570_66_1-0:1-5.el9_6.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-0:1-5.el9_6.ppc64le"
},
"product_reference": "kpatch-patch-5_14_0-570_66_1-0:1-5.el9_6.ppc64le",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-570_66_1-0:1-5.el9_6.src as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-0:1-5.el9_6.src"
},
"product_reference": "kpatch-patch-5_14_0-570_66_1-0:1-5.el9_6.src",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-570_66_1-0:1-5.el9_6.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-0:1-5.el9_6.x86_64"
},
"product_reference": "kpatch-patch-5_14_0-570_66_1-0:1-5.el9_6.x86_64",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-570_66_1-debuginfo-0:1-5.el9_6.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-debuginfo-0:1-5.el9_6.ppc64le"
},
"product_reference": "kpatch-patch-5_14_0-570_66_1-debuginfo-0:1-5.el9_6.ppc64le",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-570_66_1-debuginfo-0:1-5.el9_6.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-debuginfo-0:1-5.el9_6.x86_64"
},
"product_reference": "kpatch-patch-5_14_0-570_66_1-debuginfo-0:1-5.el9_6.x86_64",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-570_66_1-debugsource-0:1-5.el9_6.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-debugsource-0:1-5.el9_6.ppc64le"
},
"product_reference": "kpatch-patch-5_14_0-570_66_1-debugsource-0:1-5.el9_6.ppc64le",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-570_66_1-debugsource-0:1-5.el9_6.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-debugsource-0:1-5.el9_6.x86_64"
},
"product_reference": "kpatch-patch-5_14_0-570_66_1-debugsource-0:1-5.el9_6.x86_64",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-570_94_1-0:1-3.el9_6.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-0:1-3.el9_6.ppc64le"
},
"product_reference": "kpatch-patch-5_14_0-570_94_1-0:1-3.el9_6.ppc64le",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-570_94_1-0:1-3.el9_6.src as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-0:1-3.el9_6.src"
},
"product_reference": "kpatch-patch-5_14_0-570_94_1-0:1-3.el9_6.src",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-570_94_1-0:1-3.el9_6.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-0:1-3.el9_6.x86_64"
},
"product_reference": "kpatch-patch-5_14_0-570_94_1-0:1-3.el9_6.x86_64",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-570_94_1-debuginfo-0:1-3.el9_6.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-debuginfo-0:1-3.el9_6.ppc64le"
},
"product_reference": "kpatch-patch-5_14_0-570_94_1-debuginfo-0:1-3.el9_6.ppc64le",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-570_94_1-debuginfo-0:1-3.el9_6.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-debuginfo-0:1-3.el9_6.x86_64"
},
"product_reference": "kpatch-patch-5_14_0-570_94_1-debuginfo-0:1-3.el9_6.x86_64",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-570_94_1-debugsource-0:1-3.el9_6.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-debugsource-0:1-3.el9_6.ppc64le"
},
"product_reference": "kpatch-patch-5_14_0-570_94_1-debugsource-0:1-3.el9_6.ppc64le",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-570_94_1-debugsource-0:1-3.el9_6.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-debugsource-0:1-3.el9_6.x86_64"
},
"product_reference": "kpatch-patch-5_14_0-570_94_1-debugsource-0:1-3.el9_6.x86_64",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-43503",
"cwe": {
"id": "CWE-664",
"name": "Improper Control of a Resource Through its Lifetime"
},
"discovery_date": "2026-05-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480902"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u0027s networking (skbuff) component. When skb_try_coalesce() attaches paged fragments, it can lose the SKBFL_SHARED_FRAG marker. This can lead to the Encapsulating Security Payload (ESP) input decrypting data in place over page-cache backed fragments, potentially resulting in data corruption.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: net: skbuff: propagate shared-frag marker through frag-transfer helpers",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Impact is rated as Important because the privileged file-backed cache pages may be modified through a shared-page ownership bypass. Within Red Hat Enterprise Linux and Red Hat OpenShift Container Platform, this vulnerability was fixed at the same time as CVE-2026-46300.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-0:1-15.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-0:1-15.el9_6.src",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-0:1-15.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-debuginfo-0:1-15.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-debuginfo-0:1-15.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-debugsource-0:1-15.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-debugsource-0:1-15.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-0:1-6.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-0:1-6.el9_6.src",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-0:1-6.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-debuginfo-0:1-6.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-debuginfo-0:1-6.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-debugsource-0:1-6.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-debugsource-0:1-6.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-0:1-5.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-0:1-5.el9_6.src",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-0:1-5.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-debuginfo-0:1-5.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-debuginfo-0:1-5.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-debugsource-0:1-5.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-debugsource-0:1-5.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-0:1-3.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-0:1-3.el9_6.src",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-0:1-3.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-debuginfo-0:1-3.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-debuginfo-0:1-3.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-debugsource-0:1-3.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-debugsource-0:1-3.el9_6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-43503"
},
{
"category": "external",
"summary": "RHBZ#2480902",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480902"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-43503",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43503"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-43503",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-43503"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/security/vulns.git/plain/cve/published/2026/CVE-2026-43503.mbox",
"url": "https://git.kernel.org/pub/scm/linux/security/vulns.git/plain/cve/published/2026/CVE-2026-43503.mbox"
}
],
"release_date": "2026-05-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-04T21:47:06+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-0:1-15.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-0:1-15.el9_6.src",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-0:1-15.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-debuginfo-0:1-15.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-debuginfo-0:1-15.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-debugsource-0:1-15.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-debugsource-0:1-15.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-0:1-6.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-0:1-6.el9_6.src",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-0:1-6.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-debuginfo-0:1-6.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-debuginfo-0:1-6.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-debugsource-0:1-6.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-debugsource-0:1-6.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-0:1-5.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-0:1-5.el9_6.src",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-0:1-5.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-debuginfo-0:1-5.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-debuginfo-0:1-5.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-debugsource-0:1-5.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-debugsource-0:1-5.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-0:1-3.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-0:1-3.el9_6.src",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-0:1-3.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-debuginfo-0:1-3.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-debuginfo-0:1-3.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-debugsource-0:1-3.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-debugsource-0:1-3.el9_6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:23468"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-0:1-15.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-0:1-15.el9_6.src",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-0:1-15.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-debuginfo-0:1-15.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-debuginfo-0:1-15.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-debugsource-0:1-15.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-debugsource-0:1-15.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-0:1-6.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-0:1-6.el9_6.src",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-0:1-6.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-debuginfo-0:1-6.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-debuginfo-0:1-6.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-debugsource-0:1-6.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-debugsource-0:1-6.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-0:1-5.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-0:1-5.el9_6.src",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-0:1-5.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-debuginfo-0:1-5.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-debuginfo-0:1-5.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-debugsource-0:1-5.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-debugsource-0:1-5.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-0:1-3.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-0:1-3.el9_6.src",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-0:1-3.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-debuginfo-0:1-3.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-debuginfo-0:1-3.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-debugsource-0:1-3.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-debugsource-0:1-3.el9_6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: net: skbuff: propagate shared-frag marker through frag-transfer helpers"
},
{
"cve": "CVE-2026-46300",
"cwe": {
"id": "CWE-123",
"name": "Write-what-where Condition"
},
"discovery_date": "2026-05-13T13:28:21.270000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477015"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u0027s XFRM ESP-in-TCP subsystem. Unsafe in-place cryptographic processing allows a low-privileged local attacker to write arbitrary bytes into the page cache of read-only files, including sensitive system files. An attacker can exploit this to overwrite privileged binaries and gain root privileges.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: \"Fragnesia\" is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation (LPE) vulnerability in the Linux kernel",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is classified as Important, rather than Critical severity, because exploitation requires local access to the system. A low-privileged local attacker can exploit this flaw in the Linux kernel\u0027s XFRM ESP-in-TCP subsystem to gain root privileges by overwriting sensitive system files. Exploitation does not require user interaction, potentially resulting in full compromise of confidentiality, integrity, and availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-0:1-15.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-0:1-15.el9_6.src",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-0:1-15.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-debuginfo-0:1-15.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-debuginfo-0:1-15.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-debugsource-0:1-15.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-debugsource-0:1-15.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-0:1-6.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-0:1-6.el9_6.src",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-0:1-6.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-debuginfo-0:1-6.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-debuginfo-0:1-6.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-debugsource-0:1-6.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-debugsource-0:1-6.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-0:1-5.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-0:1-5.el9_6.src",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-0:1-5.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-debuginfo-0:1-5.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-debuginfo-0:1-5.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-debugsource-0:1-5.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-debugsource-0:1-5.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-0:1-3.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-0:1-3.el9_6.src",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-0:1-3.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-debuginfo-0:1-3.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-debuginfo-0:1-3.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-debugsource-0:1-3.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-debugsource-0:1-3.el9_6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-46300"
},
{
"category": "external",
"summary": "RHBZ#2477015",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477015"
},
{
"category": "external",
"summary": "RHSB-2026-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2026-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-46300",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46300"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-46300",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-46300"
}
],
"release_date": "2026-05-13T12:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-04T21:47:06+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-0:1-15.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-0:1-15.el9_6.src",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-0:1-15.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-debuginfo-0:1-15.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-debuginfo-0:1-15.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-debugsource-0:1-15.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-debugsource-0:1-15.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-0:1-6.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-0:1-6.el9_6.src",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-0:1-6.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-debuginfo-0:1-6.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-debuginfo-0:1-6.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-debugsource-0:1-6.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-debugsource-0:1-6.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-0:1-5.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-0:1-5.el9_6.src",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-0:1-5.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-debuginfo-0:1-5.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-debuginfo-0:1-5.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-debugsource-0:1-5.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-debugsource-0:1-5.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-0:1-3.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-0:1-3.el9_6.src",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-0:1-3.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-debuginfo-0:1-3.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-debuginfo-0:1-3.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-debugsource-0:1-3.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-debugsource-0:1-3.el9_6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:23468"
},
{
"category": "workaround",
"details": "See the security bulletin for a detailed mitigation procedure.",
"product_ids": [
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-0:1-15.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-0:1-15.el9_6.src",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-0:1-15.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-debuginfo-0:1-15.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-debuginfo-0:1-15.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-debugsource-0:1-15.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-debugsource-0:1-15.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-0:1-6.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-0:1-6.el9_6.src",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-0:1-6.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-debuginfo-0:1-6.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-debuginfo-0:1-6.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-debugsource-0:1-6.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-debugsource-0:1-6.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-0:1-5.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-0:1-5.el9_6.src",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-0:1-5.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-debuginfo-0:1-5.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-debuginfo-0:1-5.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-debugsource-0:1-5.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-debugsource-0:1-5.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-0:1-3.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-0:1-3.el9_6.src",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-0:1-3.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-debuginfo-0:1-3.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-debuginfo-0:1-3.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-debugsource-0:1-3.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-debugsource-0:1-3.el9_6.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-0:1-15.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-0:1-15.el9_6.src",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-0:1-15.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-debuginfo-0:1-15.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-debuginfo-0:1-15.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-debugsource-0:1-15.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-debugsource-0:1-15.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-0:1-6.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-0:1-6.el9_6.src",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-0:1-6.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-debuginfo-0:1-6.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-debuginfo-0:1-6.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-debugsource-0:1-6.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-debugsource-0:1-6.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-0:1-5.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-0:1-5.el9_6.src",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-0:1-5.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-debuginfo-0:1-5.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-debuginfo-0:1-5.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-debugsource-0:1-5.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-debugsource-0:1-5.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-0:1-3.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-0:1-3.el9_6.src",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-0:1-3.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-debuginfo-0:1-3.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-debuginfo-0:1-3.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-debugsource-0:1-3.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-debugsource-0:1-3.el9_6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: \"Fragnesia\" is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation (LPE) vulnerability in the Linux kernel"
},
{
"cve": "CVE-2026-46333",
"cwe": {
"id": "CWE-269",
"name": "Improper Privilege Management"
},
"discovery_date": "2026-05-15T08:27:21.590000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477802"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Linux kernel that allows an unprivileged local user to read sensitive files normally restricted to the root user. The flaw occurs during process exit, where a brief window allows an attacker to intercept file access from a privileged process before it fully terminates. Successful exploitation may lead to the disclosure of sensitive data such as SSH host private keys or /etc/shadow contents.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Read root-owned files as an unprivileged user",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important flaw in the Linux kernel that allows a local unprivileged attacker to read root-owned files. The vulnerability arises from a race condition during process termination, enabling a brief window where sensitive data, such as SSH host private keys or /etc/shadow contents, can be disclosed. This could lead to unauthorized access to sensitive information on affected Red Hat Enterprise Linux systems.\n\nIn OpenShift Container Platform 4, this flaw is rated Low. The default `restricted-v2` Security Context Constraint (SCC) sets `allowPrivilegeEscalation: false` on all pods, which causes the kernel to ignore setuid file bits and prevents target binaries from opening privileged files, breaking the exploit chain entirely. Under non-default SCCs such as `anyuid` that permit privilege escalation, the vulnerability is constrained by PID and mount namespace isolation to the container\u0027s own filesystem. An attacker would only be able to access root-owned files already within the container, not host or cross-pod resources. In practice, containers rarely contain sensitive root-owned files that are not already accessible to the pod user through normal means.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-0:1-15.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-0:1-15.el9_6.src",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-0:1-15.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-debuginfo-0:1-15.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-debuginfo-0:1-15.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-debugsource-0:1-15.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-debugsource-0:1-15.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-0:1-6.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-0:1-6.el9_6.src",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-0:1-6.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-debuginfo-0:1-6.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-debuginfo-0:1-6.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-debugsource-0:1-6.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-debugsource-0:1-6.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-0:1-5.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-0:1-5.el9_6.src",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-0:1-5.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-debuginfo-0:1-5.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-debuginfo-0:1-5.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-debugsource-0:1-5.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-debugsource-0:1-5.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-0:1-3.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-0:1-3.el9_6.src",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-0:1-3.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-debuginfo-0:1-3.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-debuginfo-0:1-3.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-debugsource-0:1-3.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-debugsource-0:1-3.el9_6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-46333"
},
{
"category": "external",
"summary": "RHBZ#2477802",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477802"
},
{
"category": "external",
"summary": "RHSB-2026-004",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2026-004"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-46333",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46333"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-46333",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-46333"
},
{
"category": "external",
"summary": "https://blog.qualys.com/vulnerabilities-threat-research/2026/05/20/cve-2026-46333-local-root-privilege-escalation-and-credential-disclosure-in-the-linux-kernel-ptrace-path",
"url": "https://blog.qualys.com/vulnerabilities-threat-research/2026/05/20/cve-2026-46333-local-root-privilege-escalation-and-credential-disclosure-in-the-linux-kernel-ptrace-path"
},
{
"category": "external",
"summary": "https://github.com/torvalds/linux/commit/31e62c2ebbfdc3fe3dbdf5e02c92a9dc67087a3a",
"url": "https://github.com/torvalds/linux/commit/31e62c2ebbfdc3fe3dbdf5e02c92a9dc67087a3a"
}
],
"release_date": "2026-05-15T05:55:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-04T21:47:06+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-0:1-15.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-0:1-15.el9_6.src",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-0:1-15.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-debuginfo-0:1-15.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-debuginfo-0:1-15.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-debugsource-0:1-15.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-debugsource-0:1-15.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-0:1-6.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-0:1-6.el9_6.src",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-0:1-6.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-debuginfo-0:1-6.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-debuginfo-0:1-6.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-debugsource-0:1-6.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-debugsource-0:1-6.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-0:1-5.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-0:1-5.el9_6.src",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-0:1-5.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-debuginfo-0:1-5.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-debuginfo-0:1-5.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-debugsource-0:1-5.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-debugsource-0:1-5.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-0:1-3.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-0:1-3.el9_6.src",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-0:1-3.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-debuginfo-0:1-3.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-debuginfo-0:1-3.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-debugsource-0:1-3.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-debugsource-0:1-3.el9_6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:23468"
},
{
"category": "workaround",
"details": "See the security bulletin for a detailed mitigation procedure.",
"product_ids": [
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-0:1-15.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-0:1-15.el9_6.src",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-0:1-15.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-debuginfo-0:1-15.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-debuginfo-0:1-15.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-debugsource-0:1-15.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-debugsource-0:1-15.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-0:1-6.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-0:1-6.el9_6.src",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-0:1-6.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-debuginfo-0:1-6.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-debuginfo-0:1-6.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-debugsource-0:1-6.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-debugsource-0:1-6.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-0:1-5.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-0:1-5.el9_6.src",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-0:1-5.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-debuginfo-0:1-5.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-debuginfo-0:1-5.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-debugsource-0:1-5.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-debugsource-0:1-5.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-0:1-3.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-0:1-3.el9_6.src",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-0:1-3.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-debuginfo-0:1-3.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-debuginfo-0:1-3.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-debugsource-0:1-3.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-debugsource-0:1-3.el9_6.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-0:1-15.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-0:1-15.el9_6.src",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-0:1-15.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-debuginfo-0:1-15.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-debuginfo-0:1-15.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-debugsource-0:1-15.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_17_1-debugsource-0:1-15.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-0:1-6.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-0:1-6.el9_6.src",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-0:1-6.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-debuginfo-0:1-6.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-debuginfo-0:1-6.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-debugsource-0:1-6.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_39_1-debugsource-0:1-6.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-0:1-5.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-0:1-5.el9_6.src",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-0:1-5.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-debuginfo-0:1-5.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-debuginfo-0:1-5.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-debugsource-0:1-5.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_66_1-debugsource-0:1-5.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-0:1-3.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-0:1-3.el9_6.src",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-0:1-3.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-debuginfo-0:1-3.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-debuginfo-0:1-3.el9_6.x86_64",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-debugsource-0:1-3.el9_6.ppc64le",
"BaseOS-9.6.0.Z.EUS:kpatch-patch-5_14_0-570_94_1-debugsource-0:1-3.el9_6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: Read root-owned files as an unprivileged user"
}
]
}
RHSA-2026:23469
Vulnerability from csaf_redhat - Published: 2026-06-04 22:08 - Updated: 2026-07-01 19:39A flaw was found in the Linux kernel's networking (skbuff) component. When skb_try_coalesce() attaches paged fragments, it can lose the SKBFL_SHARED_FRAG marker. This can lead to the Encapsulating Security Payload (ESP) input decrypting data in place over page-cache backed fragments, potentially resulting in data corruption.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-0:1-16.el9_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-0:1-16.el9_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-0:1-16.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debuginfo-0:1-16.el9_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debuginfo-0:1-16.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debugsource-0:1-16.el9_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debugsource-0:1-16.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-0:1-13.el9_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-0:1-13.el9_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-0:1-13.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debuginfo-0:1-13.el9_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debuginfo-0:1-13.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debugsource-0:1-13.el9_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debugsource-0:1-13.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-0:1-7.el9_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-0:1-7.el9_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-0:1-7.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debuginfo-0:1-7.el9_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debuginfo-0:1-7.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debugsource-0:1-7.el9_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debugsource-0:1-7.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-0:1-5.el9_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-0:1-5.el9_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-0:1-5.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debuginfo-0:1-5.el9_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debuginfo-0:1-5.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debugsource-0:1-5.el9_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debugsource-0:1-5.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-0:1-3.el9_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-0:1-3.el9_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-0:1-3.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debuginfo-0:1-3.el9_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debuginfo-0:1-3.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debugsource-0:1-3.el9_2.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debugsource-0:1-3.el9_2.x86_64 | — |
Vendor Fix
fix
|
A flaw was found in the Linux kernel's XFRM ESP-in-TCP subsystem. Unsafe in-place cryptographic processing allows a low-privileged local attacker to write arbitrary bytes into the page cache of read-only files, including sensitive system files. An attacker can exploit this to overwrite privileged binaries and gain root privileges.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-0:1-16.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-0:1-16.el9_2.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-0:1-16.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debuginfo-0:1-16.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debuginfo-0:1-16.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debugsource-0:1-16.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debugsource-0:1-16.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-0:1-13.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-0:1-13.el9_2.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-0:1-13.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debuginfo-0:1-13.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debuginfo-0:1-13.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debugsource-0:1-13.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debugsource-0:1-13.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-0:1-7.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-0:1-7.el9_2.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-0:1-7.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debuginfo-0:1-7.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debuginfo-0:1-7.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debugsource-0:1-7.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debugsource-0:1-7.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-0:1-5.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-0:1-5.el9_2.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-0:1-5.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debuginfo-0:1-5.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debuginfo-0:1-5.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debugsource-0:1-5.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debugsource-0:1-5.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-0:1-3.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-0:1-3.el9_2.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-0:1-3.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debuginfo-0:1-3.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debuginfo-0:1-3.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debugsource-0:1-3.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debugsource-0:1-3.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
A vulnerability was found in the Linux kernel that allows an unprivileged local user to read sensitive files normally restricted to the root user. The flaw occurs during process exit, where a brief window allows an attacker to intercept file access from a privileged process before it fully terminates. Successful exploitation may lead to the disclosure of sensitive data such as SSH host private keys or /etc/shadow contents.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-0:1-16.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-0:1-16.el9_2.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-0:1-16.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debuginfo-0:1-16.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debuginfo-0:1-16.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debugsource-0:1-16.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debugsource-0:1-16.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-0:1-13.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-0:1-13.el9_2.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-0:1-13.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debuginfo-0:1-13.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debuginfo-0:1-13.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debugsource-0:1-13.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debugsource-0:1-13.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-0:1-7.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-0:1-7.el9_2.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-0:1-7.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debuginfo-0:1-7.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debuginfo-0:1-7.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debugsource-0:1-7.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debugsource-0:1-7.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-0:1-5.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-0:1-5.el9_2.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-0:1-5.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debuginfo-0:1-5.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debuginfo-0:1-5.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debugsource-0:1-5.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debugsource-0:1-5.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-0:1-3.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-0:1-3.el9_2.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-0:1-3.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debuginfo-0:1-3.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debuginfo-0:1-3.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debugsource-0:1-3.el9_2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debugsource-0:1-3.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for multiple packages is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This is a kernel live patch module which can be loaded by the kpatch command line utility to modify the code of a running kernel. This patch module is targeted for kernel-5.14.0-284.104.1.el9_2.\n\nSecurity Fix(es):\n\n* kernel: \"Fragnesia\" is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation (LPE) vulnerability in the Linux kernel (CVE-2026-46300)\n\n* kernel: Read root-owned files as an unprivileged user (CVE-2026-46333)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:23469",
"url": "https://access.redhat.com/errata/RHSA-2026:23469"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2477015",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477015"
},
{
"category": "external",
"summary": "2477802",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477802"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_23469.json"
}
],
"title": "Red Hat Security Advisory: kpatch-patch-5_14_0-284_104_1, kpatch-patch-5_14_0-284_117_1, kpatch-patch-5_14_0-284_134_1, kpatch-patch-5_14_0-284_148_1, and kpatch-patch-5_14_0-284_158_1 security update",
"tracking": {
"current_release_date": "2026-07-01T19:39:25+00:00",
"generator": {
"date": "2026-07-01T19:39:25+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:23469",
"initial_release_date": "2026-06-04T22:08:31+00:00",
"revision_history": [
{
"date": "2026-06-04T22:08:31+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-06-04T22:08:31+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-01T19:39:25+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_e4s:9.2::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-284_104_1-0:1-16.el9_2.src",
"product": {
"name": "kpatch-patch-5_14_0-284_104_1-0:1-16.el9_2.src",
"product_id": "kpatch-patch-5_14_0-284_104_1-0:1-16.el9_2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-284_104_1@1-16.el9_2?arch=src"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-284_117_1-0:1-13.el9_2.src",
"product": {
"name": "kpatch-patch-5_14_0-284_117_1-0:1-13.el9_2.src",
"product_id": "kpatch-patch-5_14_0-284_117_1-0:1-13.el9_2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-284_117_1@1-13.el9_2?arch=src"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-284_134_1-0:1-7.el9_2.src",
"product": {
"name": "kpatch-patch-5_14_0-284_134_1-0:1-7.el9_2.src",
"product_id": "kpatch-patch-5_14_0-284_134_1-0:1-7.el9_2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-284_134_1@1-7.el9_2?arch=src"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-284_148_1-0:1-5.el9_2.src",
"product": {
"name": "kpatch-patch-5_14_0-284_148_1-0:1-5.el9_2.src",
"product_id": "kpatch-patch-5_14_0-284_148_1-0:1-5.el9_2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-284_148_1@1-5.el9_2?arch=src"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-284_158_1-0:1-3.el9_2.src",
"product": {
"name": "kpatch-patch-5_14_0-284_158_1-0:1-3.el9_2.src",
"product_id": "kpatch-patch-5_14_0-284_158_1-0:1-3.el9_2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-284_158_1@1-3.el9_2?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-284_104_1-0:1-16.el9_2.ppc64le",
"product": {
"name": "kpatch-patch-5_14_0-284_104_1-0:1-16.el9_2.ppc64le",
"product_id": "kpatch-patch-5_14_0-284_104_1-0:1-16.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-284_104_1@1-16.el9_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-284_104_1-debugsource-0:1-16.el9_2.ppc64le",
"product": {
"name": "kpatch-patch-5_14_0-284_104_1-debugsource-0:1-16.el9_2.ppc64le",
"product_id": "kpatch-patch-5_14_0-284_104_1-debugsource-0:1-16.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-284_104_1-debugsource@1-16.el9_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-284_104_1-debuginfo-0:1-16.el9_2.ppc64le",
"product": {
"name": "kpatch-patch-5_14_0-284_104_1-debuginfo-0:1-16.el9_2.ppc64le",
"product_id": "kpatch-patch-5_14_0-284_104_1-debuginfo-0:1-16.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-284_104_1-debuginfo@1-16.el9_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-284_117_1-0:1-13.el9_2.ppc64le",
"product": {
"name": "kpatch-patch-5_14_0-284_117_1-0:1-13.el9_2.ppc64le",
"product_id": "kpatch-patch-5_14_0-284_117_1-0:1-13.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-284_117_1@1-13.el9_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-284_117_1-debugsource-0:1-13.el9_2.ppc64le",
"product": {
"name": "kpatch-patch-5_14_0-284_117_1-debugsource-0:1-13.el9_2.ppc64le",
"product_id": "kpatch-patch-5_14_0-284_117_1-debugsource-0:1-13.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-284_117_1-debugsource@1-13.el9_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-284_117_1-debuginfo-0:1-13.el9_2.ppc64le",
"product": {
"name": "kpatch-patch-5_14_0-284_117_1-debuginfo-0:1-13.el9_2.ppc64le",
"product_id": "kpatch-patch-5_14_0-284_117_1-debuginfo-0:1-13.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-284_117_1-debuginfo@1-13.el9_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-284_134_1-0:1-7.el9_2.ppc64le",
"product": {
"name": "kpatch-patch-5_14_0-284_134_1-0:1-7.el9_2.ppc64le",
"product_id": "kpatch-patch-5_14_0-284_134_1-0:1-7.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-284_134_1@1-7.el9_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-284_134_1-debugsource-0:1-7.el9_2.ppc64le",
"product": {
"name": "kpatch-patch-5_14_0-284_134_1-debugsource-0:1-7.el9_2.ppc64le",
"product_id": "kpatch-patch-5_14_0-284_134_1-debugsource-0:1-7.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-284_134_1-debugsource@1-7.el9_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-284_134_1-debuginfo-0:1-7.el9_2.ppc64le",
"product": {
"name": "kpatch-patch-5_14_0-284_134_1-debuginfo-0:1-7.el9_2.ppc64le",
"product_id": "kpatch-patch-5_14_0-284_134_1-debuginfo-0:1-7.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-284_134_1-debuginfo@1-7.el9_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-284_148_1-0:1-5.el9_2.ppc64le",
"product": {
"name": "kpatch-patch-5_14_0-284_148_1-0:1-5.el9_2.ppc64le",
"product_id": "kpatch-patch-5_14_0-284_148_1-0:1-5.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-284_148_1@1-5.el9_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-284_148_1-debugsource-0:1-5.el9_2.ppc64le",
"product": {
"name": "kpatch-patch-5_14_0-284_148_1-debugsource-0:1-5.el9_2.ppc64le",
"product_id": "kpatch-patch-5_14_0-284_148_1-debugsource-0:1-5.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-284_148_1-debugsource@1-5.el9_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-284_148_1-debuginfo-0:1-5.el9_2.ppc64le",
"product": {
"name": "kpatch-patch-5_14_0-284_148_1-debuginfo-0:1-5.el9_2.ppc64le",
"product_id": "kpatch-patch-5_14_0-284_148_1-debuginfo-0:1-5.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-284_148_1-debuginfo@1-5.el9_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-284_158_1-0:1-3.el9_2.ppc64le",
"product": {
"name": "kpatch-patch-5_14_0-284_158_1-0:1-3.el9_2.ppc64le",
"product_id": "kpatch-patch-5_14_0-284_158_1-0:1-3.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-284_158_1@1-3.el9_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-284_158_1-debugsource-0:1-3.el9_2.ppc64le",
"product": {
"name": "kpatch-patch-5_14_0-284_158_1-debugsource-0:1-3.el9_2.ppc64le",
"product_id": "kpatch-patch-5_14_0-284_158_1-debugsource-0:1-3.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-284_158_1-debugsource@1-3.el9_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-284_158_1-debuginfo-0:1-3.el9_2.ppc64le",
"product": {
"name": "kpatch-patch-5_14_0-284_158_1-debuginfo-0:1-3.el9_2.ppc64le",
"product_id": "kpatch-patch-5_14_0-284_158_1-debuginfo-0:1-3.el9_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-284_158_1-debuginfo@1-3.el9_2?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-284_104_1-0:1-16.el9_2.x86_64",
"product": {
"name": "kpatch-patch-5_14_0-284_104_1-0:1-16.el9_2.x86_64",
"product_id": "kpatch-patch-5_14_0-284_104_1-0:1-16.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-284_104_1@1-16.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-284_104_1-debugsource-0:1-16.el9_2.x86_64",
"product": {
"name": "kpatch-patch-5_14_0-284_104_1-debugsource-0:1-16.el9_2.x86_64",
"product_id": "kpatch-patch-5_14_0-284_104_1-debugsource-0:1-16.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-284_104_1-debugsource@1-16.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-284_104_1-debuginfo-0:1-16.el9_2.x86_64",
"product": {
"name": "kpatch-patch-5_14_0-284_104_1-debuginfo-0:1-16.el9_2.x86_64",
"product_id": "kpatch-patch-5_14_0-284_104_1-debuginfo-0:1-16.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-284_104_1-debuginfo@1-16.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-284_117_1-0:1-13.el9_2.x86_64",
"product": {
"name": "kpatch-patch-5_14_0-284_117_1-0:1-13.el9_2.x86_64",
"product_id": "kpatch-patch-5_14_0-284_117_1-0:1-13.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-284_117_1@1-13.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-284_117_1-debugsource-0:1-13.el9_2.x86_64",
"product": {
"name": "kpatch-patch-5_14_0-284_117_1-debugsource-0:1-13.el9_2.x86_64",
"product_id": "kpatch-patch-5_14_0-284_117_1-debugsource-0:1-13.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-284_117_1-debugsource@1-13.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-284_117_1-debuginfo-0:1-13.el9_2.x86_64",
"product": {
"name": "kpatch-patch-5_14_0-284_117_1-debuginfo-0:1-13.el9_2.x86_64",
"product_id": "kpatch-patch-5_14_0-284_117_1-debuginfo-0:1-13.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-284_117_1-debuginfo@1-13.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-284_134_1-0:1-7.el9_2.x86_64",
"product": {
"name": "kpatch-patch-5_14_0-284_134_1-0:1-7.el9_2.x86_64",
"product_id": "kpatch-patch-5_14_0-284_134_1-0:1-7.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-284_134_1@1-7.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-284_134_1-debugsource-0:1-7.el9_2.x86_64",
"product": {
"name": "kpatch-patch-5_14_0-284_134_1-debugsource-0:1-7.el9_2.x86_64",
"product_id": "kpatch-patch-5_14_0-284_134_1-debugsource-0:1-7.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-284_134_1-debugsource@1-7.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-284_134_1-debuginfo-0:1-7.el9_2.x86_64",
"product": {
"name": "kpatch-patch-5_14_0-284_134_1-debuginfo-0:1-7.el9_2.x86_64",
"product_id": "kpatch-patch-5_14_0-284_134_1-debuginfo-0:1-7.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-284_134_1-debuginfo@1-7.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-284_148_1-0:1-5.el9_2.x86_64",
"product": {
"name": "kpatch-patch-5_14_0-284_148_1-0:1-5.el9_2.x86_64",
"product_id": "kpatch-patch-5_14_0-284_148_1-0:1-5.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-284_148_1@1-5.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-284_148_1-debugsource-0:1-5.el9_2.x86_64",
"product": {
"name": "kpatch-patch-5_14_0-284_148_1-debugsource-0:1-5.el9_2.x86_64",
"product_id": "kpatch-patch-5_14_0-284_148_1-debugsource-0:1-5.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-284_148_1-debugsource@1-5.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-284_148_1-debuginfo-0:1-5.el9_2.x86_64",
"product": {
"name": "kpatch-patch-5_14_0-284_148_1-debuginfo-0:1-5.el9_2.x86_64",
"product_id": "kpatch-patch-5_14_0-284_148_1-debuginfo-0:1-5.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-284_148_1-debuginfo@1-5.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-284_158_1-0:1-3.el9_2.x86_64",
"product": {
"name": "kpatch-patch-5_14_0-284_158_1-0:1-3.el9_2.x86_64",
"product_id": "kpatch-patch-5_14_0-284_158_1-0:1-3.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-284_158_1@1-3.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-284_158_1-debugsource-0:1-3.el9_2.x86_64",
"product": {
"name": "kpatch-patch-5_14_0-284_158_1-debugsource-0:1-3.el9_2.x86_64",
"product_id": "kpatch-patch-5_14_0-284_158_1-debugsource-0:1-3.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-284_158_1-debugsource@1-3.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-284_158_1-debuginfo-0:1-3.el9_2.x86_64",
"product": {
"name": "kpatch-patch-5_14_0-284_158_1-debuginfo-0:1-3.el9_2.x86_64",
"product_id": "kpatch-patch-5_14_0-284_158_1-debuginfo-0:1-3.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-284_158_1-debuginfo@1-3.el9_2?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-284_104_1-0:1-16.el9_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-0:1-16.el9_2.ppc64le"
},
"product_reference": "kpatch-patch-5_14_0-284_104_1-0:1-16.el9_2.ppc64le",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-284_104_1-0:1-16.el9_2.src as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-0:1-16.el9_2.src"
},
"product_reference": "kpatch-patch-5_14_0-284_104_1-0:1-16.el9_2.src",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-284_104_1-0:1-16.el9_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-0:1-16.el9_2.x86_64"
},
"product_reference": "kpatch-patch-5_14_0-284_104_1-0:1-16.el9_2.x86_64",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-284_104_1-debuginfo-0:1-16.el9_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debuginfo-0:1-16.el9_2.ppc64le"
},
"product_reference": "kpatch-patch-5_14_0-284_104_1-debuginfo-0:1-16.el9_2.ppc64le",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-284_104_1-debuginfo-0:1-16.el9_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debuginfo-0:1-16.el9_2.x86_64"
},
"product_reference": "kpatch-patch-5_14_0-284_104_1-debuginfo-0:1-16.el9_2.x86_64",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-284_104_1-debugsource-0:1-16.el9_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debugsource-0:1-16.el9_2.ppc64le"
},
"product_reference": "kpatch-patch-5_14_0-284_104_1-debugsource-0:1-16.el9_2.ppc64le",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-284_104_1-debugsource-0:1-16.el9_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debugsource-0:1-16.el9_2.x86_64"
},
"product_reference": "kpatch-patch-5_14_0-284_104_1-debugsource-0:1-16.el9_2.x86_64",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-284_117_1-0:1-13.el9_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-0:1-13.el9_2.ppc64le"
},
"product_reference": "kpatch-patch-5_14_0-284_117_1-0:1-13.el9_2.ppc64le",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-284_117_1-0:1-13.el9_2.src as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-0:1-13.el9_2.src"
},
"product_reference": "kpatch-patch-5_14_0-284_117_1-0:1-13.el9_2.src",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-284_117_1-0:1-13.el9_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-0:1-13.el9_2.x86_64"
},
"product_reference": "kpatch-patch-5_14_0-284_117_1-0:1-13.el9_2.x86_64",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-284_117_1-debuginfo-0:1-13.el9_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debuginfo-0:1-13.el9_2.ppc64le"
},
"product_reference": "kpatch-patch-5_14_0-284_117_1-debuginfo-0:1-13.el9_2.ppc64le",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-284_117_1-debuginfo-0:1-13.el9_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debuginfo-0:1-13.el9_2.x86_64"
},
"product_reference": "kpatch-patch-5_14_0-284_117_1-debuginfo-0:1-13.el9_2.x86_64",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-284_117_1-debugsource-0:1-13.el9_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debugsource-0:1-13.el9_2.ppc64le"
},
"product_reference": "kpatch-patch-5_14_0-284_117_1-debugsource-0:1-13.el9_2.ppc64le",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-284_117_1-debugsource-0:1-13.el9_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debugsource-0:1-13.el9_2.x86_64"
},
"product_reference": "kpatch-patch-5_14_0-284_117_1-debugsource-0:1-13.el9_2.x86_64",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-284_134_1-0:1-7.el9_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-0:1-7.el9_2.ppc64le"
},
"product_reference": "kpatch-patch-5_14_0-284_134_1-0:1-7.el9_2.ppc64le",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-284_134_1-0:1-7.el9_2.src as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-0:1-7.el9_2.src"
},
"product_reference": "kpatch-patch-5_14_0-284_134_1-0:1-7.el9_2.src",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-284_134_1-0:1-7.el9_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-0:1-7.el9_2.x86_64"
},
"product_reference": "kpatch-patch-5_14_0-284_134_1-0:1-7.el9_2.x86_64",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-284_134_1-debuginfo-0:1-7.el9_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debuginfo-0:1-7.el9_2.ppc64le"
},
"product_reference": "kpatch-patch-5_14_0-284_134_1-debuginfo-0:1-7.el9_2.ppc64le",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-284_134_1-debuginfo-0:1-7.el9_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debuginfo-0:1-7.el9_2.x86_64"
},
"product_reference": "kpatch-patch-5_14_0-284_134_1-debuginfo-0:1-7.el9_2.x86_64",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-284_134_1-debugsource-0:1-7.el9_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debugsource-0:1-7.el9_2.ppc64le"
},
"product_reference": "kpatch-patch-5_14_0-284_134_1-debugsource-0:1-7.el9_2.ppc64le",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-284_134_1-debugsource-0:1-7.el9_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debugsource-0:1-7.el9_2.x86_64"
},
"product_reference": "kpatch-patch-5_14_0-284_134_1-debugsource-0:1-7.el9_2.x86_64",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-284_148_1-0:1-5.el9_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-0:1-5.el9_2.ppc64le"
},
"product_reference": "kpatch-patch-5_14_0-284_148_1-0:1-5.el9_2.ppc64le",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-284_148_1-0:1-5.el9_2.src as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-0:1-5.el9_2.src"
},
"product_reference": "kpatch-patch-5_14_0-284_148_1-0:1-5.el9_2.src",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-284_148_1-0:1-5.el9_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-0:1-5.el9_2.x86_64"
},
"product_reference": "kpatch-patch-5_14_0-284_148_1-0:1-5.el9_2.x86_64",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-284_148_1-debuginfo-0:1-5.el9_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debuginfo-0:1-5.el9_2.ppc64le"
},
"product_reference": "kpatch-patch-5_14_0-284_148_1-debuginfo-0:1-5.el9_2.ppc64le",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-284_148_1-debuginfo-0:1-5.el9_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debuginfo-0:1-5.el9_2.x86_64"
},
"product_reference": "kpatch-patch-5_14_0-284_148_1-debuginfo-0:1-5.el9_2.x86_64",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-284_148_1-debugsource-0:1-5.el9_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debugsource-0:1-5.el9_2.ppc64le"
},
"product_reference": "kpatch-patch-5_14_0-284_148_1-debugsource-0:1-5.el9_2.ppc64le",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-284_148_1-debugsource-0:1-5.el9_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debugsource-0:1-5.el9_2.x86_64"
},
"product_reference": "kpatch-patch-5_14_0-284_148_1-debugsource-0:1-5.el9_2.x86_64",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-284_158_1-0:1-3.el9_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-0:1-3.el9_2.ppc64le"
},
"product_reference": "kpatch-patch-5_14_0-284_158_1-0:1-3.el9_2.ppc64le",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-284_158_1-0:1-3.el9_2.src as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-0:1-3.el9_2.src"
},
"product_reference": "kpatch-patch-5_14_0-284_158_1-0:1-3.el9_2.src",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-284_158_1-0:1-3.el9_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-0:1-3.el9_2.x86_64"
},
"product_reference": "kpatch-patch-5_14_0-284_158_1-0:1-3.el9_2.x86_64",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-284_158_1-debuginfo-0:1-3.el9_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debuginfo-0:1-3.el9_2.ppc64le"
},
"product_reference": "kpatch-patch-5_14_0-284_158_1-debuginfo-0:1-3.el9_2.ppc64le",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-284_158_1-debuginfo-0:1-3.el9_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debuginfo-0:1-3.el9_2.x86_64"
},
"product_reference": "kpatch-patch-5_14_0-284_158_1-debuginfo-0:1-3.el9_2.x86_64",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-284_158_1-debugsource-0:1-3.el9_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debugsource-0:1-3.el9_2.ppc64le"
},
"product_reference": "kpatch-patch-5_14_0-284_158_1-debugsource-0:1-3.el9_2.ppc64le",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-284_158_1-debugsource-0:1-3.el9_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debugsource-0:1-3.el9_2.x86_64"
},
"product_reference": "kpatch-patch-5_14_0-284_158_1-debugsource-0:1-3.el9_2.x86_64",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-43503",
"cwe": {
"id": "CWE-664",
"name": "Improper Control of a Resource Through its Lifetime"
},
"discovery_date": "2026-05-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480902"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u0027s networking (skbuff) component. When skb_try_coalesce() attaches paged fragments, it can lose the SKBFL_SHARED_FRAG marker. This can lead to the Encapsulating Security Payload (ESP) input decrypting data in place over page-cache backed fragments, potentially resulting in data corruption.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: net: skbuff: propagate shared-frag marker through frag-transfer helpers",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Impact is rated as Important because the privileged file-backed cache pages may be modified through a shared-page ownership bypass. Within Red Hat Enterprise Linux and Red Hat OpenShift Container Platform, this vulnerability was fixed at the same time as CVE-2026-46300.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-0:1-16.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-0:1-16.el9_2.src",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-0:1-16.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debuginfo-0:1-16.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debuginfo-0:1-16.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debugsource-0:1-16.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debugsource-0:1-16.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-0:1-13.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-0:1-13.el9_2.src",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-0:1-13.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debuginfo-0:1-13.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debuginfo-0:1-13.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debugsource-0:1-13.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debugsource-0:1-13.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-0:1-7.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-0:1-7.el9_2.src",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-0:1-7.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debuginfo-0:1-7.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debuginfo-0:1-7.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debugsource-0:1-7.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debugsource-0:1-7.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-0:1-5.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-0:1-5.el9_2.src",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-0:1-5.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debuginfo-0:1-5.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debuginfo-0:1-5.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debugsource-0:1-5.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debugsource-0:1-5.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-0:1-3.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-0:1-3.el9_2.src",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-0:1-3.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debuginfo-0:1-3.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debuginfo-0:1-3.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debugsource-0:1-3.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debugsource-0:1-3.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-43503"
},
{
"category": "external",
"summary": "RHBZ#2480902",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480902"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-43503",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43503"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-43503",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-43503"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/security/vulns.git/plain/cve/published/2026/CVE-2026-43503.mbox",
"url": "https://git.kernel.org/pub/scm/linux/security/vulns.git/plain/cve/published/2026/CVE-2026-43503.mbox"
}
],
"release_date": "2026-05-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-04T22:08:31+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-0:1-16.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-0:1-16.el9_2.src",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-0:1-16.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debuginfo-0:1-16.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debuginfo-0:1-16.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debugsource-0:1-16.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debugsource-0:1-16.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-0:1-13.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-0:1-13.el9_2.src",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-0:1-13.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debuginfo-0:1-13.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debuginfo-0:1-13.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debugsource-0:1-13.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debugsource-0:1-13.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-0:1-7.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-0:1-7.el9_2.src",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-0:1-7.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debuginfo-0:1-7.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debuginfo-0:1-7.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debugsource-0:1-7.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debugsource-0:1-7.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-0:1-5.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-0:1-5.el9_2.src",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-0:1-5.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debuginfo-0:1-5.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debuginfo-0:1-5.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debugsource-0:1-5.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debugsource-0:1-5.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-0:1-3.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-0:1-3.el9_2.src",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-0:1-3.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debuginfo-0:1-3.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debuginfo-0:1-3.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debugsource-0:1-3.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debugsource-0:1-3.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:23469"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-0:1-16.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-0:1-16.el9_2.src",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-0:1-16.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debuginfo-0:1-16.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debuginfo-0:1-16.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debugsource-0:1-16.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debugsource-0:1-16.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-0:1-13.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-0:1-13.el9_2.src",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-0:1-13.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debuginfo-0:1-13.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debuginfo-0:1-13.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debugsource-0:1-13.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debugsource-0:1-13.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-0:1-7.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-0:1-7.el9_2.src",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-0:1-7.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debuginfo-0:1-7.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debuginfo-0:1-7.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debugsource-0:1-7.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debugsource-0:1-7.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-0:1-5.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-0:1-5.el9_2.src",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-0:1-5.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debuginfo-0:1-5.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debuginfo-0:1-5.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debugsource-0:1-5.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debugsource-0:1-5.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-0:1-3.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-0:1-3.el9_2.src",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-0:1-3.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debuginfo-0:1-3.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debuginfo-0:1-3.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debugsource-0:1-3.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debugsource-0:1-3.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: net: skbuff: propagate shared-frag marker through frag-transfer helpers"
},
{
"cve": "CVE-2026-46300",
"cwe": {
"id": "CWE-123",
"name": "Write-what-where Condition"
},
"discovery_date": "2026-05-13T13:28:21.270000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477015"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u0027s XFRM ESP-in-TCP subsystem. Unsafe in-place cryptographic processing allows a low-privileged local attacker to write arbitrary bytes into the page cache of read-only files, including sensitive system files. An attacker can exploit this to overwrite privileged binaries and gain root privileges.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: \"Fragnesia\" is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation (LPE) vulnerability in the Linux kernel",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is classified as Important, rather than Critical severity, because exploitation requires local access to the system. A low-privileged local attacker can exploit this flaw in the Linux kernel\u0027s XFRM ESP-in-TCP subsystem to gain root privileges by overwriting sensitive system files. Exploitation does not require user interaction, potentially resulting in full compromise of confidentiality, integrity, and availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-0:1-16.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-0:1-16.el9_2.src",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-0:1-16.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debuginfo-0:1-16.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debuginfo-0:1-16.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debugsource-0:1-16.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debugsource-0:1-16.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-0:1-13.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-0:1-13.el9_2.src",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-0:1-13.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debuginfo-0:1-13.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debuginfo-0:1-13.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debugsource-0:1-13.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debugsource-0:1-13.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-0:1-7.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-0:1-7.el9_2.src",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-0:1-7.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debuginfo-0:1-7.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debuginfo-0:1-7.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debugsource-0:1-7.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debugsource-0:1-7.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-0:1-5.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-0:1-5.el9_2.src",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-0:1-5.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debuginfo-0:1-5.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debuginfo-0:1-5.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debugsource-0:1-5.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debugsource-0:1-5.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-0:1-3.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-0:1-3.el9_2.src",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-0:1-3.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debuginfo-0:1-3.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debuginfo-0:1-3.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debugsource-0:1-3.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debugsource-0:1-3.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-46300"
},
{
"category": "external",
"summary": "RHBZ#2477015",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477015"
},
{
"category": "external",
"summary": "RHSB-2026-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2026-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-46300",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46300"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-46300",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-46300"
}
],
"release_date": "2026-05-13T12:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-04T22:08:31+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-0:1-16.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-0:1-16.el9_2.src",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-0:1-16.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debuginfo-0:1-16.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debuginfo-0:1-16.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debugsource-0:1-16.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debugsource-0:1-16.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-0:1-13.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-0:1-13.el9_2.src",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-0:1-13.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debuginfo-0:1-13.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debuginfo-0:1-13.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debugsource-0:1-13.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debugsource-0:1-13.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-0:1-7.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-0:1-7.el9_2.src",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-0:1-7.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debuginfo-0:1-7.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debuginfo-0:1-7.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debugsource-0:1-7.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debugsource-0:1-7.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-0:1-5.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-0:1-5.el9_2.src",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-0:1-5.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debuginfo-0:1-5.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debuginfo-0:1-5.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debugsource-0:1-5.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debugsource-0:1-5.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-0:1-3.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-0:1-3.el9_2.src",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-0:1-3.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debuginfo-0:1-3.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debuginfo-0:1-3.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debugsource-0:1-3.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debugsource-0:1-3.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:23469"
},
{
"category": "workaround",
"details": "See the security bulletin for a detailed mitigation procedure.",
"product_ids": [
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-0:1-16.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-0:1-16.el9_2.src",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-0:1-16.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debuginfo-0:1-16.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debuginfo-0:1-16.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debugsource-0:1-16.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debugsource-0:1-16.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-0:1-13.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-0:1-13.el9_2.src",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-0:1-13.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debuginfo-0:1-13.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debuginfo-0:1-13.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debugsource-0:1-13.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debugsource-0:1-13.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-0:1-7.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-0:1-7.el9_2.src",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-0:1-7.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debuginfo-0:1-7.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debuginfo-0:1-7.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debugsource-0:1-7.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debugsource-0:1-7.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-0:1-5.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-0:1-5.el9_2.src",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-0:1-5.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debuginfo-0:1-5.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debuginfo-0:1-5.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debugsource-0:1-5.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debugsource-0:1-5.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-0:1-3.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-0:1-3.el9_2.src",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-0:1-3.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debuginfo-0:1-3.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debuginfo-0:1-3.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debugsource-0:1-3.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debugsource-0:1-3.el9_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-0:1-16.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-0:1-16.el9_2.src",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-0:1-16.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debuginfo-0:1-16.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debuginfo-0:1-16.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debugsource-0:1-16.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debugsource-0:1-16.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-0:1-13.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-0:1-13.el9_2.src",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-0:1-13.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debuginfo-0:1-13.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debuginfo-0:1-13.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debugsource-0:1-13.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debugsource-0:1-13.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-0:1-7.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-0:1-7.el9_2.src",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-0:1-7.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debuginfo-0:1-7.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debuginfo-0:1-7.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debugsource-0:1-7.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debugsource-0:1-7.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-0:1-5.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-0:1-5.el9_2.src",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-0:1-5.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debuginfo-0:1-5.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debuginfo-0:1-5.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debugsource-0:1-5.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debugsource-0:1-5.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-0:1-3.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-0:1-3.el9_2.src",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-0:1-3.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debuginfo-0:1-3.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debuginfo-0:1-3.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debugsource-0:1-3.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debugsource-0:1-3.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: \"Fragnesia\" is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation (LPE) vulnerability in the Linux kernel"
},
{
"cve": "CVE-2026-46333",
"cwe": {
"id": "CWE-269",
"name": "Improper Privilege Management"
},
"discovery_date": "2026-05-15T08:27:21.590000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477802"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Linux kernel that allows an unprivileged local user to read sensitive files normally restricted to the root user. The flaw occurs during process exit, where a brief window allows an attacker to intercept file access from a privileged process before it fully terminates. Successful exploitation may lead to the disclosure of sensitive data such as SSH host private keys or /etc/shadow contents.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Read root-owned files as an unprivileged user",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important flaw in the Linux kernel that allows a local unprivileged attacker to read root-owned files. The vulnerability arises from a race condition during process termination, enabling a brief window where sensitive data, such as SSH host private keys or /etc/shadow contents, can be disclosed. This could lead to unauthorized access to sensitive information on affected Red Hat Enterprise Linux systems.\n\nIn OpenShift Container Platform 4, this flaw is rated Low. The default `restricted-v2` Security Context Constraint (SCC) sets `allowPrivilegeEscalation: false` on all pods, which causes the kernel to ignore setuid file bits and prevents target binaries from opening privileged files, breaking the exploit chain entirely. Under non-default SCCs such as `anyuid` that permit privilege escalation, the vulnerability is constrained by PID and mount namespace isolation to the container\u0027s own filesystem. An attacker would only be able to access root-owned files already within the container, not host or cross-pod resources. In practice, containers rarely contain sensitive root-owned files that are not already accessible to the pod user through normal means.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-0:1-16.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-0:1-16.el9_2.src",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-0:1-16.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debuginfo-0:1-16.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debuginfo-0:1-16.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debugsource-0:1-16.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debugsource-0:1-16.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-0:1-13.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-0:1-13.el9_2.src",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-0:1-13.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debuginfo-0:1-13.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debuginfo-0:1-13.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debugsource-0:1-13.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debugsource-0:1-13.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-0:1-7.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-0:1-7.el9_2.src",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-0:1-7.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debuginfo-0:1-7.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debuginfo-0:1-7.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debugsource-0:1-7.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debugsource-0:1-7.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-0:1-5.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-0:1-5.el9_2.src",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-0:1-5.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debuginfo-0:1-5.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debuginfo-0:1-5.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debugsource-0:1-5.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debugsource-0:1-5.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-0:1-3.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-0:1-3.el9_2.src",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-0:1-3.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debuginfo-0:1-3.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debuginfo-0:1-3.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debugsource-0:1-3.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debugsource-0:1-3.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-46333"
},
{
"category": "external",
"summary": "RHBZ#2477802",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477802"
},
{
"category": "external",
"summary": "RHSB-2026-004",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2026-004"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-46333",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46333"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-46333",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-46333"
},
{
"category": "external",
"summary": "https://blog.qualys.com/vulnerabilities-threat-research/2026/05/20/cve-2026-46333-local-root-privilege-escalation-and-credential-disclosure-in-the-linux-kernel-ptrace-path",
"url": "https://blog.qualys.com/vulnerabilities-threat-research/2026/05/20/cve-2026-46333-local-root-privilege-escalation-and-credential-disclosure-in-the-linux-kernel-ptrace-path"
},
{
"category": "external",
"summary": "https://github.com/torvalds/linux/commit/31e62c2ebbfdc3fe3dbdf5e02c92a9dc67087a3a",
"url": "https://github.com/torvalds/linux/commit/31e62c2ebbfdc3fe3dbdf5e02c92a9dc67087a3a"
}
],
"release_date": "2026-05-15T05:55:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-04T22:08:31+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-0:1-16.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-0:1-16.el9_2.src",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-0:1-16.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debuginfo-0:1-16.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debuginfo-0:1-16.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debugsource-0:1-16.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debugsource-0:1-16.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-0:1-13.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-0:1-13.el9_2.src",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-0:1-13.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debuginfo-0:1-13.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debuginfo-0:1-13.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debugsource-0:1-13.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debugsource-0:1-13.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-0:1-7.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-0:1-7.el9_2.src",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-0:1-7.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debuginfo-0:1-7.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debuginfo-0:1-7.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debugsource-0:1-7.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debugsource-0:1-7.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-0:1-5.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-0:1-5.el9_2.src",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-0:1-5.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debuginfo-0:1-5.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debuginfo-0:1-5.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debugsource-0:1-5.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debugsource-0:1-5.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-0:1-3.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-0:1-3.el9_2.src",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-0:1-3.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debuginfo-0:1-3.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debuginfo-0:1-3.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debugsource-0:1-3.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debugsource-0:1-3.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:23469"
},
{
"category": "workaround",
"details": "See the security bulletin for a detailed mitigation procedure.",
"product_ids": [
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-0:1-16.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-0:1-16.el9_2.src",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-0:1-16.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debuginfo-0:1-16.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debuginfo-0:1-16.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debugsource-0:1-16.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debugsource-0:1-16.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-0:1-13.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-0:1-13.el9_2.src",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-0:1-13.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debuginfo-0:1-13.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debuginfo-0:1-13.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debugsource-0:1-13.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debugsource-0:1-13.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-0:1-7.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-0:1-7.el9_2.src",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-0:1-7.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debuginfo-0:1-7.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debuginfo-0:1-7.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debugsource-0:1-7.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debugsource-0:1-7.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-0:1-5.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-0:1-5.el9_2.src",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-0:1-5.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debuginfo-0:1-5.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debuginfo-0:1-5.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debugsource-0:1-5.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debugsource-0:1-5.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-0:1-3.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-0:1-3.el9_2.src",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-0:1-3.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debuginfo-0:1-3.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debuginfo-0:1-3.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debugsource-0:1-3.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debugsource-0:1-3.el9_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-0:1-16.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-0:1-16.el9_2.src",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-0:1-16.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debuginfo-0:1-16.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debuginfo-0:1-16.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debugsource-0:1-16.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_104_1-debugsource-0:1-16.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-0:1-13.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-0:1-13.el9_2.src",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-0:1-13.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debuginfo-0:1-13.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debuginfo-0:1-13.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debugsource-0:1-13.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_117_1-debugsource-0:1-13.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-0:1-7.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-0:1-7.el9_2.src",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-0:1-7.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debuginfo-0:1-7.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debuginfo-0:1-7.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debugsource-0:1-7.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_134_1-debugsource-0:1-7.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-0:1-5.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-0:1-5.el9_2.src",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-0:1-5.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debuginfo-0:1-5.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debuginfo-0:1-5.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debugsource-0:1-5.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_148_1-debugsource-0:1-5.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-0:1-3.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-0:1-3.el9_2.src",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-0:1-3.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debuginfo-0:1-3.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debuginfo-0:1-3.el9_2.x86_64",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debugsource-0:1-3.el9_2.ppc64le",
"BaseOS-9.2.0.Z.E4S:kpatch-patch-5_14_0-284_158_1-debugsource-0:1-3.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: Read root-owned files as an unprivileged user"
}
]
}
RHSA-2026:23470
Vulnerability from csaf_redhat - Published: 2026-06-04 21:43 - Updated: 2026-07-01 19:39A flaw was found in the Linux kernel's networking (skbuff) component. When skb_try_coalesce() attaches paged fragments, it can lose the SKBFL_SHARED_FRAG marker. This can lead to the Encapsulating Security Payload (ESP) input decrypting data in place over page-cache backed fragments, potentially resulting in data corruption.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-0:1-3.el8_10.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-0:1-3.el8_10.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-0:1-3.el8_10.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-debuginfo-0:1-3.el8_10.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-debuginfo-0:1-3.el8_10.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-debugsource-0:1-3.el8_10.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-debugsource-0:1-3.el8_10.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-0:1-12.el8_10.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-0:1-12.el8_10.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-0:1-12.el8_10.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-debuginfo-0:1-12.el8_10.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-debuginfo-0:1-12.el8_10.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-debugsource-0:1-12.el8_10.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-debugsource-0:1-12.el8_10.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-0:1-10.el8_10.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-0:1-10.el8_10.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-0:1-10.el8_10.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-debuginfo-0:1-10.el8_10.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-debuginfo-0:1-10.el8_10.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-debugsource-0:1-10.el8_10.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-debugsource-0:1-10.el8_10.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-0:1-7.el8_10.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-0:1-7.el8_10.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-0:1-7.el8_10.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-debuginfo-0:1-7.el8_10.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-debuginfo-0:1-7.el8_10.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-debugsource-0:1-7.el8_10.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-debugsource-0:1-7.el8_10.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-0:1-5.el8_10.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-0:1-5.el8_10.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-0:1-5.el8_10.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-debuginfo-0:1-5.el8_10.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-debuginfo-0:1-5.el8_10.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-debugsource-0:1-5.el8_10.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-debugsource-0:1-5.el8_10.x86_64 | — |
Vendor Fix
fix
|
A flaw was found in the Linux kernel's XFRM ESP-in-TCP subsystem. Unsafe in-place cryptographic processing allows a low-privileged local attacker to write arbitrary bytes into the page cache of read-only files, including sensitive system files. An attacker can exploit this to overwrite privileged binaries and gain root privileges.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-0:1-3.el8_10.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-0:1-3.el8_10.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-0:1-3.el8_10.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-debuginfo-0:1-3.el8_10.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-debuginfo-0:1-3.el8_10.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-debugsource-0:1-3.el8_10.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-debugsource-0:1-3.el8_10.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-0:1-12.el8_10.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-0:1-12.el8_10.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-0:1-12.el8_10.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-debuginfo-0:1-12.el8_10.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-debuginfo-0:1-12.el8_10.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-debugsource-0:1-12.el8_10.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-debugsource-0:1-12.el8_10.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-0:1-10.el8_10.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-0:1-10.el8_10.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-0:1-10.el8_10.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-debuginfo-0:1-10.el8_10.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-debuginfo-0:1-10.el8_10.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-debugsource-0:1-10.el8_10.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-debugsource-0:1-10.el8_10.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-0:1-7.el8_10.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-0:1-7.el8_10.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-0:1-7.el8_10.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-debuginfo-0:1-7.el8_10.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-debuginfo-0:1-7.el8_10.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-debugsource-0:1-7.el8_10.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-debugsource-0:1-7.el8_10.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-0:1-5.el8_10.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-0:1-5.el8_10.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-0:1-5.el8_10.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-debuginfo-0:1-5.el8_10.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-debuginfo-0:1-5.el8_10.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-debugsource-0:1-5.el8_10.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-debugsource-0:1-5.el8_10.x86_64 | — |
Vendor Fix
fix
Workaround
|
A vulnerability was found in the Linux kernel that allows an unprivileged local user to read sensitive files normally restricted to the root user. The flaw occurs during process exit, where a brief window allows an attacker to intercept file access from a privileged process before it fully terminates. Successful exploitation may lead to the disclosure of sensitive data such as SSH host private keys or /etc/shadow contents.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-0:1-3.el8_10.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-0:1-3.el8_10.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-0:1-3.el8_10.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-debuginfo-0:1-3.el8_10.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-debuginfo-0:1-3.el8_10.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-debugsource-0:1-3.el8_10.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-debugsource-0:1-3.el8_10.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-0:1-12.el8_10.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-0:1-12.el8_10.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-0:1-12.el8_10.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-debuginfo-0:1-12.el8_10.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-debuginfo-0:1-12.el8_10.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-debugsource-0:1-12.el8_10.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-debugsource-0:1-12.el8_10.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-0:1-10.el8_10.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-0:1-10.el8_10.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-0:1-10.el8_10.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-debuginfo-0:1-10.el8_10.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-debuginfo-0:1-10.el8_10.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-debugsource-0:1-10.el8_10.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-debugsource-0:1-10.el8_10.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-0:1-7.el8_10.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-0:1-7.el8_10.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-0:1-7.el8_10.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-debuginfo-0:1-7.el8_10.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-debuginfo-0:1-7.el8_10.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-debugsource-0:1-7.el8_10.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-debugsource-0:1-7.el8_10.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-0:1-5.el8_10.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-0:1-5.el8_10.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-0:1-5.el8_10.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-debuginfo-0:1-5.el8_10.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-debuginfo-0:1-5.el8_10.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-debugsource-0:1-5.el8_10.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-debugsource-0:1-5.el8_10.x86_64 | — |
Vendor Fix
fix
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for multiple packages is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This is a kernel live patch module which can be loaded by the kpatch command line utility to modify the code of a running kernel. This patch module is targeted for kernel-4.18.0-553.40.1.el8_10.\n\nSecurity Fix(es):\n\n* kernel: \"Fragnesia\" is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation (LPE) vulnerability in the Linux kernel (CVE-2026-46300)\n\n* kernel: Read root-owned files as an unprivileged user (CVE-2026-46333)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:23470",
"url": "https://access.redhat.com/errata/RHSA-2026:23470"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2477015",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477015"
},
{
"category": "external",
"summary": "2477802",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477802"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_23470.json"
}
],
"title": "Red Hat Security Advisory: kpatch-patch-4_18_0-553_109_1, kpatch-patch-4_18_0-553_40_1, kpatch-patch-4_18_0-553_53_1, kpatch-patch-4_18_0-553_72_1, and kpatch-patch-4_18_0-553_85_1 security update",
"tracking": {
"current_release_date": "2026-07-01T19:39:25+00:00",
"generator": {
"date": "2026-07-01T19:39:25+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:23470",
"initial_release_date": "2026-06-04T21:43:51+00:00",
"revision_history": [
{
"date": "2026-06-04T21:43:51+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-06-04T21:43:51+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-01T19:39:25+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:8::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "kpatch-patch-4_18_0-553_40_1-0:1-12.el8_10.src",
"product": {
"name": "kpatch-patch-4_18_0-553_40_1-0:1-12.el8_10.src",
"product_id": "kpatch-patch-4_18_0-553_40_1-0:1-12.el8_10.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-553_40_1@1-12.el8_10?arch=src"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-4_18_0-553_53_1-0:1-10.el8_10.src",
"product": {
"name": "kpatch-patch-4_18_0-553_53_1-0:1-10.el8_10.src",
"product_id": "kpatch-patch-4_18_0-553_53_1-0:1-10.el8_10.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-553_53_1@1-10.el8_10?arch=src"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-4_18_0-553_72_1-0:1-7.el8_10.src",
"product": {
"name": "kpatch-patch-4_18_0-553_72_1-0:1-7.el8_10.src",
"product_id": "kpatch-patch-4_18_0-553_72_1-0:1-7.el8_10.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-553_72_1@1-7.el8_10?arch=src"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-4_18_0-553_85_1-0:1-5.el8_10.src",
"product": {
"name": "kpatch-patch-4_18_0-553_85_1-0:1-5.el8_10.src",
"product_id": "kpatch-patch-4_18_0-553_85_1-0:1-5.el8_10.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-553_85_1@1-5.el8_10?arch=src"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-4_18_0-553_109_1-0:1-3.el8_10.src",
"product": {
"name": "kpatch-patch-4_18_0-553_109_1-0:1-3.el8_10.src",
"product_id": "kpatch-patch-4_18_0-553_109_1-0:1-3.el8_10.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-553_109_1@1-3.el8_10?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "kpatch-patch-4_18_0-553_40_1-0:1-12.el8_10.ppc64le",
"product": {
"name": "kpatch-patch-4_18_0-553_40_1-0:1-12.el8_10.ppc64le",
"product_id": "kpatch-patch-4_18_0-553_40_1-0:1-12.el8_10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-553_40_1@1-12.el8_10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-4_18_0-553_40_1-debugsource-0:1-12.el8_10.ppc64le",
"product": {
"name": "kpatch-patch-4_18_0-553_40_1-debugsource-0:1-12.el8_10.ppc64le",
"product_id": "kpatch-patch-4_18_0-553_40_1-debugsource-0:1-12.el8_10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-553_40_1-debugsource@1-12.el8_10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-4_18_0-553_40_1-debuginfo-0:1-12.el8_10.ppc64le",
"product": {
"name": "kpatch-patch-4_18_0-553_40_1-debuginfo-0:1-12.el8_10.ppc64le",
"product_id": "kpatch-patch-4_18_0-553_40_1-debuginfo-0:1-12.el8_10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-553_40_1-debuginfo@1-12.el8_10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-4_18_0-553_53_1-0:1-10.el8_10.ppc64le",
"product": {
"name": "kpatch-patch-4_18_0-553_53_1-0:1-10.el8_10.ppc64le",
"product_id": "kpatch-patch-4_18_0-553_53_1-0:1-10.el8_10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-553_53_1@1-10.el8_10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-4_18_0-553_53_1-debugsource-0:1-10.el8_10.ppc64le",
"product": {
"name": "kpatch-patch-4_18_0-553_53_1-debugsource-0:1-10.el8_10.ppc64le",
"product_id": "kpatch-patch-4_18_0-553_53_1-debugsource-0:1-10.el8_10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-553_53_1-debugsource@1-10.el8_10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-4_18_0-553_53_1-debuginfo-0:1-10.el8_10.ppc64le",
"product": {
"name": "kpatch-patch-4_18_0-553_53_1-debuginfo-0:1-10.el8_10.ppc64le",
"product_id": "kpatch-patch-4_18_0-553_53_1-debuginfo-0:1-10.el8_10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-553_53_1-debuginfo@1-10.el8_10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-4_18_0-553_72_1-0:1-7.el8_10.ppc64le",
"product": {
"name": "kpatch-patch-4_18_0-553_72_1-0:1-7.el8_10.ppc64le",
"product_id": "kpatch-patch-4_18_0-553_72_1-0:1-7.el8_10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-553_72_1@1-7.el8_10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-4_18_0-553_72_1-debugsource-0:1-7.el8_10.ppc64le",
"product": {
"name": "kpatch-patch-4_18_0-553_72_1-debugsource-0:1-7.el8_10.ppc64le",
"product_id": "kpatch-patch-4_18_0-553_72_1-debugsource-0:1-7.el8_10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-553_72_1-debugsource@1-7.el8_10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-4_18_0-553_72_1-debuginfo-0:1-7.el8_10.ppc64le",
"product": {
"name": "kpatch-patch-4_18_0-553_72_1-debuginfo-0:1-7.el8_10.ppc64le",
"product_id": "kpatch-patch-4_18_0-553_72_1-debuginfo-0:1-7.el8_10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-553_72_1-debuginfo@1-7.el8_10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-4_18_0-553_85_1-0:1-5.el8_10.ppc64le",
"product": {
"name": "kpatch-patch-4_18_0-553_85_1-0:1-5.el8_10.ppc64le",
"product_id": "kpatch-patch-4_18_0-553_85_1-0:1-5.el8_10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-553_85_1@1-5.el8_10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-4_18_0-553_85_1-debugsource-0:1-5.el8_10.ppc64le",
"product": {
"name": "kpatch-patch-4_18_0-553_85_1-debugsource-0:1-5.el8_10.ppc64le",
"product_id": "kpatch-patch-4_18_0-553_85_1-debugsource-0:1-5.el8_10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-553_85_1-debugsource@1-5.el8_10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-4_18_0-553_85_1-debuginfo-0:1-5.el8_10.ppc64le",
"product": {
"name": "kpatch-patch-4_18_0-553_85_1-debuginfo-0:1-5.el8_10.ppc64le",
"product_id": "kpatch-patch-4_18_0-553_85_1-debuginfo-0:1-5.el8_10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-553_85_1-debuginfo@1-5.el8_10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-4_18_0-553_109_1-0:1-3.el8_10.ppc64le",
"product": {
"name": "kpatch-patch-4_18_0-553_109_1-0:1-3.el8_10.ppc64le",
"product_id": "kpatch-patch-4_18_0-553_109_1-0:1-3.el8_10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-553_109_1@1-3.el8_10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-4_18_0-553_109_1-debugsource-0:1-3.el8_10.ppc64le",
"product": {
"name": "kpatch-patch-4_18_0-553_109_1-debugsource-0:1-3.el8_10.ppc64le",
"product_id": "kpatch-patch-4_18_0-553_109_1-debugsource-0:1-3.el8_10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-553_109_1-debugsource@1-3.el8_10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-4_18_0-553_109_1-debuginfo-0:1-3.el8_10.ppc64le",
"product": {
"name": "kpatch-patch-4_18_0-553_109_1-debuginfo-0:1-3.el8_10.ppc64le",
"product_id": "kpatch-patch-4_18_0-553_109_1-debuginfo-0:1-3.el8_10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-553_109_1-debuginfo@1-3.el8_10?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kpatch-patch-4_18_0-553_40_1-0:1-12.el8_10.x86_64",
"product": {
"name": "kpatch-patch-4_18_0-553_40_1-0:1-12.el8_10.x86_64",
"product_id": "kpatch-patch-4_18_0-553_40_1-0:1-12.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-553_40_1@1-12.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-4_18_0-553_40_1-debugsource-0:1-12.el8_10.x86_64",
"product": {
"name": "kpatch-patch-4_18_0-553_40_1-debugsource-0:1-12.el8_10.x86_64",
"product_id": "kpatch-patch-4_18_0-553_40_1-debugsource-0:1-12.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-553_40_1-debugsource@1-12.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-4_18_0-553_40_1-debuginfo-0:1-12.el8_10.x86_64",
"product": {
"name": "kpatch-patch-4_18_0-553_40_1-debuginfo-0:1-12.el8_10.x86_64",
"product_id": "kpatch-patch-4_18_0-553_40_1-debuginfo-0:1-12.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-553_40_1-debuginfo@1-12.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-4_18_0-553_53_1-0:1-10.el8_10.x86_64",
"product": {
"name": "kpatch-patch-4_18_0-553_53_1-0:1-10.el8_10.x86_64",
"product_id": "kpatch-patch-4_18_0-553_53_1-0:1-10.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-553_53_1@1-10.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-4_18_0-553_53_1-debugsource-0:1-10.el8_10.x86_64",
"product": {
"name": "kpatch-patch-4_18_0-553_53_1-debugsource-0:1-10.el8_10.x86_64",
"product_id": "kpatch-patch-4_18_0-553_53_1-debugsource-0:1-10.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-553_53_1-debugsource@1-10.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-4_18_0-553_53_1-debuginfo-0:1-10.el8_10.x86_64",
"product": {
"name": "kpatch-patch-4_18_0-553_53_1-debuginfo-0:1-10.el8_10.x86_64",
"product_id": "kpatch-patch-4_18_0-553_53_1-debuginfo-0:1-10.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-553_53_1-debuginfo@1-10.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-4_18_0-553_72_1-0:1-7.el8_10.x86_64",
"product": {
"name": "kpatch-patch-4_18_0-553_72_1-0:1-7.el8_10.x86_64",
"product_id": "kpatch-patch-4_18_0-553_72_1-0:1-7.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-553_72_1@1-7.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-4_18_0-553_72_1-debugsource-0:1-7.el8_10.x86_64",
"product": {
"name": "kpatch-patch-4_18_0-553_72_1-debugsource-0:1-7.el8_10.x86_64",
"product_id": "kpatch-patch-4_18_0-553_72_1-debugsource-0:1-7.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-553_72_1-debugsource@1-7.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-4_18_0-553_72_1-debuginfo-0:1-7.el8_10.x86_64",
"product": {
"name": "kpatch-patch-4_18_0-553_72_1-debuginfo-0:1-7.el8_10.x86_64",
"product_id": "kpatch-patch-4_18_0-553_72_1-debuginfo-0:1-7.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-553_72_1-debuginfo@1-7.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-4_18_0-553_85_1-0:1-5.el8_10.x86_64",
"product": {
"name": "kpatch-patch-4_18_0-553_85_1-0:1-5.el8_10.x86_64",
"product_id": "kpatch-patch-4_18_0-553_85_1-0:1-5.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-553_85_1@1-5.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-4_18_0-553_85_1-debugsource-0:1-5.el8_10.x86_64",
"product": {
"name": "kpatch-patch-4_18_0-553_85_1-debugsource-0:1-5.el8_10.x86_64",
"product_id": "kpatch-patch-4_18_0-553_85_1-debugsource-0:1-5.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-553_85_1-debugsource@1-5.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-4_18_0-553_85_1-debuginfo-0:1-5.el8_10.x86_64",
"product": {
"name": "kpatch-patch-4_18_0-553_85_1-debuginfo-0:1-5.el8_10.x86_64",
"product_id": "kpatch-patch-4_18_0-553_85_1-debuginfo-0:1-5.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-553_85_1-debuginfo@1-5.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-4_18_0-553_109_1-0:1-3.el8_10.x86_64",
"product": {
"name": "kpatch-patch-4_18_0-553_109_1-0:1-3.el8_10.x86_64",
"product_id": "kpatch-patch-4_18_0-553_109_1-0:1-3.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-553_109_1@1-3.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-4_18_0-553_109_1-debugsource-0:1-3.el8_10.x86_64",
"product": {
"name": "kpatch-patch-4_18_0-553_109_1-debugsource-0:1-3.el8_10.x86_64",
"product_id": "kpatch-patch-4_18_0-553_109_1-debugsource-0:1-3.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-553_109_1-debugsource@1-3.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-4_18_0-553_109_1-debuginfo-0:1-3.el8_10.x86_64",
"product": {
"name": "kpatch-patch-4_18_0-553_109_1-debuginfo-0:1-3.el8_10.x86_64",
"product_id": "kpatch-patch-4_18_0-553_109_1-debuginfo-0:1-3.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-553_109_1-debuginfo@1-3.el8_10?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-4_18_0-553_109_1-0:1-3.el8_10.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-0:1-3.el8_10.ppc64le"
},
"product_reference": "kpatch-patch-4_18_0-553_109_1-0:1-3.el8_10.ppc64le",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-4_18_0-553_109_1-0:1-3.el8_10.src as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-0:1-3.el8_10.src"
},
"product_reference": "kpatch-patch-4_18_0-553_109_1-0:1-3.el8_10.src",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-4_18_0-553_109_1-0:1-3.el8_10.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-0:1-3.el8_10.x86_64"
},
"product_reference": "kpatch-patch-4_18_0-553_109_1-0:1-3.el8_10.x86_64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-4_18_0-553_109_1-debuginfo-0:1-3.el8_10.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-debuginfo-0:1-3.el8_10.ppc64le"
},
"product_reference": "kpatch-patch-4_18_0-553_109_1-debuginfo-0:1-3.el8_10.ppc64le",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-4_18_0-553_109_1-debuginfo-0:1-3.el8_10.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-debuginfo-0:1-3.el8_10.x86_64"
},
"product_reference": "kpatch-patch-4_18_0-553_109_1-debuginfo-0:1-3.el8_10.x86_64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-4_18_0-553_109_1-debugsource-0:1-3.el8_10.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-debugsource-0:1-3.el8_10.ppc64le"
},
"product_reference": "kpatch-patch-4_18_0-553_109_1-debugsource-0:1-3.el8_10.ppc64le",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-4_18_0-553_109_1-debugsource-0:1-3.el8_10.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-debugsource-0:1-3.el8_10.x86_64"
},
"product_reference": "kpatch-patch-4_18_0-553_109_1-debugsource-0:1-3.el8_10.x86_64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-4_18_0-553_40_1-0:1-12.el8_10.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-0:1-12.el8_10.ppc64le"
},
"product_reference": "kpatch-patch-4_18_0-553_40_1-0:1-12.el8_10.ppc64le",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-4_18_0-553_40_1-0:1-12.el8_10.src as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-0:1-12.el8_10.src"
},
"product_reference": "kpatch-patch-4_18_0-553_40_1-0:1-12.el8_10.src",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-4_18_0-553_40_1-0:1-12.el8_10.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-0:1-12.el8_10.x86_64"
},
"product_reference": "kpatch-patch-4_18_0-553_40_1-0:1-12.el8_10.x86_64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-4_18_0-553_40_1-debuginfo-0:1-12.el8_10.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-debuginfo-0:1-12.el8_10.ppc64le"
},
"product_reference": "kpatch-patch-4_18_0-553_40_1-debuginfo-0:1-12.el8_10.ppc64le",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-4_18_0-553_40_1-debuginfo-0:1-12.el8_10.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-debuginfo-0:1-12.el8_10.x86_64"
},
"product_reference": "kpatch-patch-4_18_0-553_40_1-debuginfo-0:1-12.el8_10.x86_64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-4_18_0-553_40_1-debugsource-0:1-12.el8_10.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-debugsource-0:1-12.el8_10.ppc64le"
},
"product_reference": "kpatch-patch-4_18_0-553_40_1-debugsource-0:1-12.el8_10.ppc64le",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-4_18_0-553_40_1-debugsource-0:1-12.el8_10.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-debugsource-0:1-12.el8_10.x86_64"
},
"product_reference": "kpatch-patch-4_18_0-553_40_1-debugsource-0:1-12.el8_10.x86_64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-4_18_0-553_53_1-0:1-10.el8_10.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-0:1-10.el8_10.ppc64le"
},
"product_reference": "kpatch-patch-4_18_0-553_53_1-0:1-10.el8_10.ppc64le",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-4_18_0-553_53_1-0:1-10.el8_10.src as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-0:1-10.el8_10.src"
},
"product_reference": "kpatch-patch-4_18_0-553_53_1-0:1-10.el8_10.src",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-4_18_0-553_53_1-0:1-10.el8_10.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-0:1-10.el8_10.x86_64"
},
"product_reference": "kpatch-patch-4_18_0-553_53_1-0:1-10.el8_10.x86_64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-4_18_0-553_53_1-debuginfo-0:1-10.el8_10.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-debuginfo-0:1-10.el8_10.ppc64le"
},
"product_reference": "kpatch-patch-4_18_0-553_53_1-debuginfo-0:1-10.el8_10.ppc64le",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-4_18_0-553_53_1-debuginfo-0:1-10.el8_10.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-debuginfo-0:1-10.el8_10.x86_64"
},
"product_reference": "kpatch-patch-4_18_0-553_53_1-debuginfo-0:1-10.el8_10.x86_64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-4_18_0-553_53_1-debugsource-0:1-10.el8_10.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-debugsource-0:1-10.el8_10.ppc64le"
},
"product_reference": "kpatch-patch-4_18_0-553_53_1-debugsource-0:1-10.el8_10.ppc64le",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-4_18_0-553_53_1-debugsource-0:1-10.el8_10.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-debugsource-0:1-10.el8_10.x86_64"
},
"product_reference": "kpatch-patch-4_18_0-553_53_1-debugsource-0:1-10.el8_10.x86_64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-4_18_0-553_72_1-0:1-7.el8_10.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-0:1-7.el8_10.ppc64le"
},
"product_reference": "kpatch-patch-4_18_0-553_72_1-0:1-7.el8_10.ppc64le",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-4_18_0-553_72_1-0:1-7.el8_10.src as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-0:1-7.el8_10.src"
},
"product_reference": "kpatch-patch-4_18_0-553_72_1-0:1-7.el8_10.src",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-4_18_0-553_72_1-0:1-7.el8_10.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-0:1-7.el8_10.x86_64"
},
"product_reference": "kpatch-patch-4_18_0-553_72_1-0:1-7.el8_10.x86_64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-4_18_0-553_72_1-debuginfo-0:1-7.el8_10.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-debuginfo-0:1-7.el8_10.ppc64le"
},
"product_reference": "kpatch-patch-4_18_0-553_72_1-debuginfo-0:1-7.el8_10.ppc64le",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-4_18_0-553_72_1-debuginfo-0:1-7.el8_10.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-debuginfo-0:1-7.el8_10.x86_64"
},
"product_reference": "kpatch-patch-4_18_0-553_72_1-debuginfo-0:1-7.el8_10.x86_64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-4_18_0-553_72_1-debugsource-0:1-7.el8_10.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-debugsource-0:1-7.el8_10.ppc64le"
},
"product_reference": "kpatch-patch-4_18_0-553_72_1-debugsource-0:1-7.el8_10.ppc64le",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-4_18_0-553_72_1-debugsource-0:1-7.el8_10.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-debugsource-0:1-7.el8_10.x86_64"
},
"product_reference": "kpatch-patch-4_18_0-553_72_1-debugsource-0:1-7.el8_10.x86_64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-4_18_0-553_85_1-0:1-5.el8_10.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-0:1-5.el8_10.ppc64le"
},
"product_reference": "kpatch-patch-4_18_0-553_85_1-0:1-5.el8_10.ppc64le",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-4_18_0-553_85_1-0:1-5.el8_10.src as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-0:1-5.el8_10.src"
},
"product_reference": "kpatch-patch-4_18_0-553_85_1-0:1-5.el8_10.src",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-4_18_0-553_85_1-0:1-5.el8_10.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-0:1-5.el8_10.x86_64"
},
"product_reference": "kpatch-patch-4_18_0-553_85_1-0:1-5.el8_10.x86_64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-4_18_0-553_85_1-debuginfo-0:1-5.el8_10.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-debuginfo-0:1-5.el8_10.ppc64le"
},
"product_reference": "kpatch-patch-4_18_0-553_85_1-debuginfo-0:1-5.el8_10.ppc64le",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-4_18_0-553_85_1-debuginfo-0:1-5.el8_10.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-debuginfo-0:1-5.el8_10.x86_64"
},
"product_reference": "kpatch-patch-4_18_0-553_85_1-debuginfo-0:1-5.el8_10.x86_64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-4_18_0-553_85_1-debugsource-0:1-5.el8_10.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-debugsource-0:1-5.el8_10.ppc64le"
},
"product_reference": "kpatch-patch-4_18_0-553_85_1-debugsource-0:1-5.el8_10.ppc64le",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-4_18_0-553_85_1-debugsource-0:1-5.el8_10.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-debugsource-0:1-5.el8_10.x86_64"
},
"product_reference": "kpatch-patch-4_18_0-553_85_1-debugsource-0:1-5.el8_10.x86_64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-43503",
"cwe": {
"id": "CWE-664",
"name": "Improper Control of a Resource Through its Lifetime"
},
"discovery_date": "2026-05-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480902"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u0027s networking (skbuff) component. When skb_try_coalesce() attaches paged fragments, it can lose the SKBFL_SHARED_FRAG marker. This can lead to the Encapsulating Security Payload (ESP) input decrypting data in place over page-cache backed fragments, potentially resulting in data corruption.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: net: skbuff: propagate shared-frag marker through frag-transfer helpers",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Impact is rated as Important because the privileged file-backed cache pages may be modified through a shared-page ownership bypass. Within Red Hat Enterprise Linux and Red Hat OpenShift Container Platform, this vulnerability was fixed at the same time as CVE-2026-46300.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-0:1-3.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-0:1-3.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-0:1-3.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-debuginfo-0:1-3.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-debuginfo-0:1-3.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-debugsource-0:1-3.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-debugsource-0:1-3.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-0:1-12.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-0:1-12.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-0:1-12.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-debuginfo-0:1-12.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-debuginfo-0:1-12.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-debugsource-0:1-12.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-debugsource-0:1-12.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-0:1-10.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-0:1-10.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-0:1-10.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-debuginfo-0:1-10.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-debuginfo-0:1-10.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-debugsource-0:1-10.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-debugsource-0:1-10.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-0:1-7.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-0:1-7.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-0:1-7.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-debuginfo-0:1-7.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-debuginfo-0:1-7.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-debugsource-0:1-7.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-debugsource-0:1-7.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-0:1-5.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-0:1-5.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-0:1-5.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-debuginfo-0:1-5.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-debuginfo-0:1-5.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-debugsource-0:1-5.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-debugsource-0:1-5.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-43503"
},
{
"category": "external",
"summary": "RHBZ#2480902",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480902"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-43503",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43503"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-43503",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-43503"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/security/vulns.git/plain/cve/published/2026/CVE-2026-43503.mbox",
"url": "https://git.kernel.org/pub/scm/linux/security/vulns.git/plain/cve/published/2026/CVE-2026-43503.mbox"
}
],
"release_date": "2026-05-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-04T21:43:51+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-0:1-3.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-0:1-3.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-0:1-3.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-debuginfo-0:1-3.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-debuginfo-0:1-3.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-debugsource-0:1-3.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-debugsource-0:1-3.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-0:1-12.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-0:1-12.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-0:1-12.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-debuginfo-0:1-12.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-debuginfo-0:1-12.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-debugsource-0:1-12.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-debugsource-0:1-12.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-0:1-10.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-0:1-10.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-0:1-10.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-debuginfo-0:1-10.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-debuginfo-0:1-10.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-debugsource-0:1-10.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-debugsource-0:1-10.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-0:1-7.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-0:1-7.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-0:1-7.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-debuginfo-0:1-7.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-debuginfo-0:1-7.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-debugsource-0:1-7.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-debugsource-0:1-7.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-0:1-5.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-0:1-5.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-0:1-5.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-debuginfo-0:1-5.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-debuginfo-0:1-5.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-debugsource-0:1-5.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-debugsource-0:1-5.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:23470"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-0:1-3.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-0:1-3.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-0:1-3.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-debuginfo-0:1-3.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-debuginfo-0:1-3.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-debugsource-0:1-3.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-debugsource-0:1-3.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-0:1-12.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-0:1-12.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-0:1-12.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-debuginfo-0:1-12.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-debuginfo-0:1-12.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-debugsource-0:1-12.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-debugsource-0:1-12.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-0:1-10.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-0:1-10.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-0:1-10.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-debuginfo-0:1-10.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-debuginfo-0:1-10.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-debugsource-0:1-10.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-debugsource-0:1-10.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-0:1-7.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-0:1-7.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-0:1-7.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-debuginfo-0:1-7.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-debuginfo-0:1-7.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-debugsource-0:1-7.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-debugsource-0:1-7.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-0:1-5.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-0:1-5.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-0:1-5.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-debuginfo-0:1-5.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-debuginfo-0:1-5.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-debugsource-0:1-5.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-debugsource-0:1-5.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: net: skbuff: propagate shared-frag marker through frag-transfer helpers"
},
{
"cve": "CVE-2026-46300",
"cwe": {
"id": "CWE-123",
"name": "Write-what-where Condition"
},
"discovery_date": "2026-05-13T13:28:21.270000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477015"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u0027s XFRM ESP-in-TCP subsystem. Unsafe in-place cryptographic processing allows a low-privileged local attacker to write arbitrary bytes into the page cache of read-only files, including sensitive system files. An attacker can exploit this to overwrite privileged binaries and gain root privileges.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: \"Fragnesia\" is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation (LPE) vulnerability in the Linux kernel",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is classified as Important, rather than Critical severity, because exploitation requires local access to the system. A low-privileged local attacker can exploit this flaw in the Linux kernel\u0027s XFRM ESP-in-TCP subsystem to gain root privileges by overwriting sensitive system files. Exploitation does not require user interaction, potentially resulting in full compromise of confidentiality, integrity, and availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-0:1-3.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-0:1-3.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-0:1-3.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-debuginfo-0:1-3.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-debuginfo-0:1-3.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-debugsource-0:1-3.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-debugsource-0:1-3.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-0:1-12.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-0:1-12.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-0:1-12.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-debuginfo-0:1-12.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-debuginfo-0:1-12.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-debugsource-0:1-12.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-debugsource-0:1-12.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-0:1-10.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-0:1-10.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-0:1-10.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-debuginfo-0:1-10.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-debuginfo-0:1-10.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-debugsource-0:1-10.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-debugsource-0:1-10.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-0:1-7.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-0:1-7.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-0:1-7.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-debuginfo-0:1-7.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-debuginfo-0:1-7.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-debugsource-0:1-7.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-debugsource-0:1-7.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-0:1-5.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-0:1-5.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-0:1-5.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-debuginfo-0:1-5.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-debuginfo-0:1-5.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-debugsource-0:1-5.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-debugsource-0:1-5.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-46300"
},
{
"category": "external",
"summary": "RHBZ#2477015",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477015"
},
{
"category": "external",
"summary": "RHSB-2026-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2026-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-46300",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46300"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-46300",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-46300"
}
],
"release_date": "2026-05-13T12:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-04T21:43:51+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-0:1-3.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-0:1-3.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-0:1-3.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-debuginfo-0:1-3.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-debuginfo-0:1-3.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-debugsource-0:1-3.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-debugsource-0:1-3.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-0:1-12.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-0:1-12.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-0:1-12.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-debuginfo-0:1-12.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-debuginfo-0:1-12.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-debugsource-0:1-12.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-debugsource-0:1-12.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-0:1-10.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-0:1-10.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-0:1-10.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-debuginfo-0:1-10.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-debuginfo-0:1-10.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-debugsource-0:1-10.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-debugsource-0:1-10.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-0:1-7.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-0:1-7.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-0:1-7.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-debuginfo-0:1-7.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-debuginfo-0:1-7.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-debugsource-0:1-7.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-debugsource-0:1-7.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-0:1-5.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-0:1-5.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-0:1-5.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-debuginfo-0:1-5.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-debuginfo-0:1-5.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-debugsource-0:1-5.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-debugsource-0:1-5.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:23470"
},
{
"category": "workaround",
"details": "See the security bulletin for a detailed mitigation procedure.",
"product_ids": [
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-0:1-3.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-0:1-3.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-0:1-3.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-debuginfo-0:1-3.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-debuginfo-0:1-3.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-debugsource-0:1-3.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-debugsource-0:1-3.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-0:1-12.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-0:1-12.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-0:1-12.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-debuginfo-0:1-12.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-debuginfo-0:1-12.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-debugsource-0:1-12.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-debugsource-0:1-12.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-0:1-10.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-0:1-10.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-0:1-10.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-debuginfo-0:1-10.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-debuginfo-0:1-10.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-debugsource-0:1-10.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-debugsource-0:1-10.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-0:1-7.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-0:1-7.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-0:1-7.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-debuginfo-0:1-7.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-debuginfo-0:1-7.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-debugsource-0:1-7.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-debugsource-0:1-7.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-0:1-5.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-0:1-5.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-0:1-5.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-debuginfo-0:1-5.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-debuginfo-0:1-5.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-debugsource-0:1-5.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-debugsource-0:1-5.el8_10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-0:1-3.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-0:1-3.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-0:1-3.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-debuginfo-0:1-3.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-debuginfo-0:1-3.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-debugsource-0:1-3.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-debugsource-0:1-3.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-0:1-12.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-0:1-12.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-0:1-12.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-debuginfo-0:1-12.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-debuginfo-0:1-12.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-debugsource-0:1-12.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-debugsource-0:1-12.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-0:1-10.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-0:1-10.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-0:1-10.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-debuginfo-0:1-10.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-debuginfo-0:1-10.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-debugsource-0:1-10.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-debugsource-0:1-10.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-0:1-7.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-0:1-7.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-0:1-7.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-debuginfo-0:1-7.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-debuginfo-0:1-7.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-debugsource-0:1-7.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-debugsource-0:1-7.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-0:1-5.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-0:1-5.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-0:1-5.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-debuginfo-0:1-5.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-debuginfo-0:1-5.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-debugsource-0:1-5.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-debugsource-0:1-5.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: \"Fragnesia\" is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation (LPE) vulnerability in the Linux kernel"
},
{
"cve": "CVE-2026-46333",
"cwe": {
"id": "CWE-269",
"name": "Improper Privilege Management"
},
"discovery_date": "2026-05-15T08:27:21.590000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477802"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Linux kernel that allows an unprivileged local user to read sensitive files normally restricted to the root user. The flaw occurs during process exit, where a brief window allows an attacker to intercept file access from a privileged process before it fully terminates. Successful exploitation may lead to the disclosure of sensitive data such as SSH host private keys or /etc/shadow contents.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Read root-owned files as an unprivileged user",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important flaw in the Linux kernel that allows a local unprivileged attacker to read root-owned files. The vulnerability arises from a race condition during process termination, enabling a brief window where sensitive data, such as SSH host private keys or /etc/shadow contents, can be disclosed. This could lead to unauthorized access to sensitive information on affected Red Hat Enterprise Linux systems.\n\nIn OpenShift Container Platform 4, this flaw is rated Low. The default `restricted-v2` Security Context Constraint (SCC) sets `allowPrivilegeEscalation: false` on all pods, which causes the kernel to ignore setuid file bits and prevents target binaries from opening privileged files, breaking the exploit chain entirely. Under non-default SCCs such as `anyuid` that permit privilege escalation, the vulnerability is constrained by PID and mount namespace isolation to the container\u0027s own filesystem. An attacker would only be able to access root-owned files already within the container, not host or cross-pod resources. In practice, containers rarely contain sensitive root-owned files that are not already accessible to the pod user through normal means.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-0:1-3.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-0:1-3.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-0:1-3.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-debuginfo-0:1-3.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-debuginfo-0:1-3.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-debugsource-0:1-3.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-debugsource-0:1-3.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-0:1-12.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-0:1-12.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-0:1-12.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-debuginfo-0:1-12.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-debuginfo-0:1-12.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-debugsource-0:1-12.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-debugsource-0:1-12.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-0:1-10.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-0:1-10.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-0:1-10.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-debuginfo-0:1-10.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-debuginfo-0:1-10.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-debugsource-0:1-10.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-debugsource-0:1-10.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-0:1-7.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-0:1-7.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-0:1-7.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-debuginfo-0:1-7.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-debuginfo-0:1-7.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-debugsource-0:1-7.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-debugsource-0:1-7.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-0:1-5.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-0:1-5.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-0:1-5.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-debuginfo-0:1-5.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-debuginfo-0:1-5.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-debugsource-0:1-5.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-debugsource-0:1-5.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-46333"
},
{
"category": "external",
"summary": "RHBZ#2477802",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477802"
},
{
"category": "external",
"summary": "RHSB-2026-004",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2026-004"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-46333",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46333"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-46333",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-46333"
},
{
"category": "external",
"summary": "https://blog.qualys.com/vulnerabilities-threat-research/2026/05/20/cve-2026-46333-local-root-privilege-escalation-and-credential-disclosure-in-the-linux-kernel-ptrace-path",
"url": "https://blog.qualys.com/vulnerabilities-threat-research/2026/05/20/cve-2026-46333-local-root-privilege-escalation-and-credential-disclosure-in-the-linux-kernel-ptrace-path"
},
{
"category": "external",
"summary": "https://github.com/torvalds/linux/commit/31e62c2ebbfdc3fe3dbdf5e02c92a9dc67087a3a",
"url": "https://github.com/torvalds/linux/commit/31e62c2ebbfdc3fe3dbdf5e02c92a9dc67087a3a"
}
],
"release_date": "2026-05-15T05:55:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-04T21:43:51+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-0:1-3.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-0:1-3.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-0:1-3.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-debuginfo-0:1-3.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-debuginfo-0:1-3.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-debugsource-0:1-3.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-debugsource-0:1-3.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-0:1-12.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-0:1-12.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-0:1-12.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-debuginfo-0:1-12.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-debuginfo-0:1-12.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-debugsource-0:1-12.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-debugsource-0:1-12.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-0:1-10.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-0:1-10.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-0:1-10.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-debuginfo-0:1-10.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-debuginfo-0:1-10.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-debugsource-0:1-10.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-debugsource-0:1-10.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-0:1-7.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-0:1-7.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-0:1-7.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-debuginfo-0:1-7.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-debuginfo-0:1-7.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-debugsource-0:1-7.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-debugsource-0:1-7.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-0:1-5.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-0:1-5.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-0:1-5.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-debuginfo-0:1-5.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-debuginfo-0:1-5.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-debugsource-0:1-5.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-debugsource-0:1-5.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:23470"
},
{
"category": "workaround",
"details": "See the security bulletin for a detailed mitigation procedure.",
"product_ids": [
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-0:1-3.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-0:1-3.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-0:1-3.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-debuginfo-0:1-3.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-debuginfo-0:1-3.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-debugsource-0:1-3.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-debugsource-0:1-3.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-0:1-12.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-0:1-12.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-0:1-12.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-debuginfo-0:1-12.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-debuginfo-0:1-12.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-debugsource-0:1-12.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-debugsource-0:1-12.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-0:1-10.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-0:1-10.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-0:1-10.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-debuginfo-0:1-10.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-debuginfo-0:1-10.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-debugsource-0:1-10.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-debugsource-0:1-10.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-0:1-7.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-0:1-7.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-0:1-7.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-debuginfo-0:1-7.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-debuginfo-0:1-7.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-debugsource-0:1-7.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-debugsource-0:1-7.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-0:1-5.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-0:1-5.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-0:1-5.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-debuginfo-0:1-5.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-debuginfo-0:1-5.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-debugsource-0:1-5.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-debugsource-0:1-5.el8_10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-0:1-3.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-0:1-3.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-0:1-3.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-debuginfo-0:1-3.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-debuginfo-0:1-3.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-debugsource-0:1-3.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_109_1-debugsource-0:1-3.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-0:1-12.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-0:1-12.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-0:1-12.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-debuginfo-0:1-12.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-debuginfo-0:1-12.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-debugsource-0:1-12.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_40_1-debugsource-0:1-12.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-0:1-10.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-0:1-10.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-0:1-10.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-debuginfo-0:1-10.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-debuginfo-0:1-10.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-debugsource-0:1-10.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_53_1-debugsource-0:1-10.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-0:1-7.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-0:1-7.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-0:1-7.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-debuginfo-0:1-7.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-debuginfo-0:1-7.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-debugsource-0:1-7.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_72_1-debugsource-0:1-7.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-0:1-5.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-0:1-5.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-0:1-5.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-debuginfo-0:1-5.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-debuginfo-0:1-5.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-debugsource-0:1-5.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:kpatch-patch-4_18_0-553_85_1-debugsource-0:1-5.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: Read root-owned files as an unprivileged user"
}
]
}
RHSA-2026:23471
Vulnerability from csaf_redhat - Published: 2026-06-04 21:24 - Updated: 2026-07-01 19:39A flaw was found in the Linux kernel's networking (skbuff) component. When skb_try_coalesce() attaches paged fragments, it can lose the SKBFL_SHARED_FRAG marker. This can lead to the Encapsulating Security Payload (ESP) input decrypting data in place over page-cache backed fragments, potentially resulting in data corruption.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-0:1-6.el8_8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-0:1-6.el8_8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-0:1-6.el8_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-debuginfo-0:1-6.el8_8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-debuginfo-0:1-6.el8_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-debugsource-0:1-6.el8_8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-debugsource-0:1-6.el8_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-0:1-5.el8_8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-0:1-5.el8_8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-0:1-5.el8_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-debuginfo-0:1-5.el8_8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-debuginfo-0:1-5.el8_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-debugsource-0:1-5.el8_8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-debugsource-0:1-5.el8_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-0:1-3.el8_8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-0:1-3.el8_8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-0:1-3.el8_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-debuginfo-0:1-3.el8_8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-debuginfo-0:1-3.el8_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-debugsource-0:1-3.el8_8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-debugsource-0:1-3.el8_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-0:1-12.el8_8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-0:1-12.el8_8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-0:1-12.el8_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-debuginfo-0:1-12.el8_8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-debuginfo-0:1-12.el8_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-debugsource-0:1-12.el8_8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-debugsource-0:1-12.el8_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-0:1-10.el8_8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-0:1-10.el8_8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-0:1-10.el8_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-debuginfo-0:1-10.el8_8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-debuginfo-0:1-10.el8_8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-debugsource-0:1-10.el8_8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-debugsource-0:1-10.el8_8.x86_64 | — |
Vendor Fix
fix
|
A flaw was found in the Linux kernel's XFRM ESP-in-TCP subsystem. Unsafe in-place cryptographic processing allows a low-privileged local attacker to write arbitrary bytes into the page cache of read-only files, including sensitive system files. An attacker can exploit this to overwrite privileged binaries and gain root privileges.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-0:1-6.el8_8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-0:1-6.el8_8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-0:1-6.el8_8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-debuginfo-0:1-6.el8_8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-debuginfo-0:1-6.el8_8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-debugsource-0:1-6.el8_8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-debugsource-0:1-6.el8_8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-0:1-5.el8_8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-0:1-5.el8_8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-0:1-5.el8_8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-debuginfo-0:1-5.el8_8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-debuginfo-0:1-5.el8_8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-debugsource-0:1-5.el8_8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-debugsource-0:1-5.el8_8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-0:1-3.el8_8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-0:1-3.el8_8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-0:1-3.el8_8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-debuginfo-0:1-3.el8_8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-debuginfo-0:1-3.el8_8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-debugsource-0:1-3.el8_8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-debugsource-0:1-3.el8_8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-0:1-12.el8_8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-0:1-12.el8_8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-0:1-12.el8_8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-debuginfo-0:1-12.el8_8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-debuginfo-0:1-12.el8_8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-debugsource-0:1-12.el8_8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-debugsource-0:1-12.el8_8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-0:1-10.el8_8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-0:1-10.el8_8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-0:1-10.el8_8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-debuginfo-0:1-10.el8_8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-debuginfo-0:1-10.el8_8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-debugsource-0:1-10.el8_8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-debugsource-0:1-10.el8_8.x86_64 | — |
Vendor Fix
fix
Workaround
|
A vulnerability was found in the Linux kernel that allows an unprivileged local user to read sensitive files normally restricted to the root user. The flaw occurs during process exit, where a brief window allows an attacker to intercept file access from a privileged process before it fully terminates. Successful exploitation may lead to the disclosure of sensitive data such as SSH host private keys or /etc/shadow contents.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-0:1-6.el8_8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-0:1-6.el8_8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-0:1-6.el8_8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-debuginfo-0:1-6.el8_8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-debuginfo-0:1-6.el8_8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-debugsource-0:1-6.el8_8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-debugsource-0:1-6.el8_8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-0:1-5.el8_8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-0:1-5.el8_8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-0:1-5.el8_8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-debuginfo-0:1-5.el8_8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-debuginfo-0:1-5.el8_8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-debugsource-0:1-5.el8_8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-debugsource-0:1-5.el8_8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-0:1-3.el8_8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-0:1-3.el8_8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-0:1-3.el8_8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-debuginfo-0:1-3.el8_8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-debuginfo-0:1-3.el8_8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-debugsource-0:1-3.el8_8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-debugsource-0:1-3.el8_8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-0:1-12.el8_8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-0:1-12.el8_8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-0:1-12.el8_8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-debuginfo-0:1-12.el8_8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-debuginfo-0:1-12.el8_8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-debugsource-0:1-12.el8_8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-debugsource-0:1-12.el8_8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-0:1-10.el8_8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-0:1-10.el8_8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-0:1-10.el8_8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-debuginfo-0:1-10.el8_8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-debuginfo-0:1-10.el8_8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-debugsource-0:1-10.el8_8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-debugsource-0:1-10.el8_8.x86_64 | — |
Vendor Fix
fix
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for multiple packages is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This is a kernel live patch module which can be loaded by the kpatch command line utility to modify the code of a running kernel. This patch module is targeted for kernel-4.18.0-477.89.1.el8_8.\n\nSecurity Fix(es):\n\n* kernel: \"Fragnesia\" is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation (LPE) vulnerability in the Linux kernel (CVE-2026-46300)\n\n* kernel: Read root-owned files as an unprivileged user (CVE-2026-46333)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:23471",
"url": "https://access.redhat.com/errata/RHSA-2026:23471"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2477015",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477015"
},
{
"category": "external",
"summary": "2477802",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477802"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_23471.json"
}
],
"title": "Red Hat Security Advisory: kpatch-patch-4_18_0-477_107_1, kpatch-patch-4_18_0-477_120_1, kpatch-patch-4_18_0-477_130_1, kpatch-patch-4_18_0-477_89_1, and kpatch-patch-4_18_0-477_97_1 security update",
"tracking": {
"current_release_date": "2026-07-01T19:39:57+00:00",
"generator": {
"date": "2026-07-01T19:39:57+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:23471",
"initial_release_date": "2026-06-04T21:24:41+00:00",
"revision_history": [
{
"date": "2026-06-04T21:24:41+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-06-04T21:24:41+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-01T19:39:57+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_e4s:8.8::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "kpatch-patch-4_18_0-477_89_1-0:1-12.el8_8.src",
"product": {
"name": "kpatch-patch-4_18_0-477_89_1-0:1-12.el8_8.src",
"product_id": "kpatch-patch-4_18_0-477_89_1-0:1-12.el8_8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-477_89_1@1-12.el8_8?arch=src"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-4_18_0-477_97_1-0:1-10.el8_8.src",
"product": {
"name": "kpatch-patch-4_18_0-477_97_1-0:1-10.el8_8.src",
"product_id": "kpatch-patch-4_18_0-477_97_1-0:1-10.el8_8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-477_97_1@1-10.el8_8?arch=src"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-4_18_0-477_107_1-0:1-6.el8_8.src",
"product": {
"name": "kpatch-patch-4_18_0-477_107_1-0:1-6.el8_8.src",
"product_id": "kpatch-patch-4_18_0-477_107_1-0:1-6.el8_8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-477_107_1@1-6.el8_8?arch=src"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-4_18_0-477_120_1-0:1-5.el8_8.src",
"product": {
"name": "kpatch-patch-4_18_0-477_120_1-0:1-5.el8_8.src",
"product_id": "kpatch-patch-4_18_0-477_120_1-0:1-5.el8_8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-477_120_1@1-5.el8_8?arch=src"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-4_18_0-477_130_1-0:1-3.el8_8.src",
"product": {
"name": "kpatch-patch-4_18_0-477_130_1-0:1-3.el8_8.src",
"product_id": "kpatch-patch-4_18_0-477_130_1-0:1-3.el8_8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-477_130_1@1-3.el8_8?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "kpatch-patch-4_18_0-477_89_1-0:1-12.el8_8.ppc64le",
"product": {
"name": "kpatch-patch-4_18_0-477_89_1-0:1-12.el8_8.ppc64le",
"product_id": "kpatch-patch-4_18_0-477_89_1-0:1-12.el8_8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-477_89_1@1-12.el8_8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-4_18_0-477_89_1-debugsource-0:1-12.el8_8.ppc64le",
"product": {
"name": "kpatch-patch-4_18_0-477_89_1-debugsource-0:1-12.el8_8.ppc64le",
"product_id": "kpatch-patch-4_18_0-477_89_1-debugsource-0:1-12.el8_8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-477_89_1-debugsource@1-12.el8_8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-4_18_0-477_89_1-debuginfo-0:1-12.el8_8.ppc64le",
"product": {
"name": "kpatch-patch-4_18_0-477_89_1-debuginfo-0:1-12.el8_8.ppc64le",
"product_id": "kpatch-patch-4_18_0-477_89_1-debuginfo-0:1-12.el8_8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-477_89_1-debuginfo@1-12.el8_8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-4_18_0-477_97_1-0:1-10.el8_8.ppc64le",
"product": {
"name": "kpatch-patch-4_18_0-477_97_1-0:1-10.el8_8.ppc64le",
"product_id": "kpatch-patch-4_18_0-477_97_1-0:1-10.el8_8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-477_97_1@1-10.el8_8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-4_18_0-477_97_1-debugsource-0:1-10.el8_8.ppc64le",
"product": {
"name": "kpatch-patch-4_18_0-477_97_1-debugsource-0:1-10.el8_8.ppc64le",
"product_id": "kpatch-patch-4_18_0-477_97_1-debugsource-0:1-10.el8_8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-477_97_1-debugsource@1-10.el8_8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-4_18_0-477_97_1-debuginfo-0:1-10.el8_8.ppc64le",
"product": {
"name": "kpatch-patch-4_18_0-477_97_1-debuginfo-0:1-10.el8_8.ppc64le",
"product_id": "kpatch-patch-4_18_0-477_97_1-debuginfo-0:1-10.el8_8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-477_97_1-debuginfo@1-10.el8_8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-4_18_0-477_107_1-0:1-6.el8_8.ppc64le",
"product": {
"name": "kpatch-patch-4_18_0-477_107_1-0:1-6.el8_8.ppc64le",
"product_id": "kpatch-patch-4_18_0-477_107_1-0:1-6.el8_8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-477_107_1@1-6.el8_8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-4_18_0-477_107_1-debugsource-0:1-6.el8_8.ppc64le",
"product": {
"name": "kpatch-patch-4_18_0-477_107_1-debugsource-0:1-6.el8_8.ppc64le",
"product_id": "kpatch-patch-4_18_0-477_107_1-debugsource-0:1-6.el8_8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-477_107_1-debugsource@1-6.el8_8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-4_18_0-477_107_1-debuginfo-0:1-6.el8_8.ppc64le",
"product": {
"name": "kpatch-patch-4_18_0-477_107_1-debuginfo-0:1-6.el8_8.ppc64le",
"product_id": "kpatch-patch-4_18_0-477_107_1-debuginfo-0:1-6.el8_8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-477_107_1-debuginfo@1-6.el8_8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-4_18_0-477_120_1-0:1-5.el8_8.ppc64le",
"product": {
"name": "kpatch-patch-4_18_0-477_120_1-0:1-5.el8_8.ppc64le",
"product_id": "kpatch-patch-4_18_0-477_120_1-0:1-5.el8_8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-477_120_1@1-5.el8_8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-4_18_0-477_120_1-debugsource-0:1-5.el8_8.ppc64le",
"product": {
"name": "kpatch-patch-4_18_0-477_120_1-debugsource-0:1-5.el8_8.ppc64le",
"product_id": "kpatch-patch-4_18_0-477_120_1-debugsource-0:1-5.el8_8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-477_120_1-debugsource@1-5.el8_8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-4_18_0-477_120_1-debuginfo-0:1-5.el8_8.ppc64le",
"product": {
"name": "kpatch-patch-4_18_0-477_120_1-debuginfo-0:1-5.el8_8.ppc64le",
"product_id": "kpatch-patch-4_18_0-477_120_1-debuginfo-0:1-5.el8_8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-477_120_1-debuginfo@1-5.el8_8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-4_18_0-477_130_1-0:1-3.el8_8.ppc64le",
"product": {
"name": "kpatch-patch-4_18_0-477_130_1-0:1-3.el8_8.ppc64le",
"product_id": "kpatch-patch-4_18_0-477_130_1-0:1-3.el8_8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-477_130_1@1-3.el8_8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-4_18_0-477_130_1-debugsource-0:1-3.el8_8.ppc64le",
"product": {
"name": "kpatch-patch-4_18_0-477_130_1-debugsource-0:1-3.el8_8.ppc64le",
"product_id": "kpatch-patch-4_18_0-477_130_1-debugsource-0:1-3.el8_8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-477_130_1-debugsource@1-3.el8_8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-4_18_0-477_130_1-debuginfo-0:1-3.el8_8.ppc64le",
"product": {
"name": "kpatch-patch-4_18_0-477_130_1-debuginfo-0:1-3.el8_8.ppc64le",
"product_id": "kpatch-patch-4_18_0-477_130_1-debuginfo-0:1-3.el8_8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-477_130_1-debuginfo@1-3.el8_8?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kpatch-patch-4_18_0-477_89_1-0:1-12.el8_8.x86_64",
"product": {
"name": "kpatch-patch-4_18_0-477_89_1-0:1-12.el8_8.x86_64",
"product_id": "kpatch-patch-4_18_0-477_89_1-0:1-12.el8_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-477_89_1@1-12.el8_8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-4_18_0-477_89_1-debugsource-0:1-12.el8_8.x86_64",
"product": {
"name": "kpatch-patch-4_18_0-477_89_1-debugsource-0:1-12.el8_8.x86_64",
"product_id": "kpatch-patch-4_18_0-477_89_1-debugsource-0:1-12.el8_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-477_89_1-debugsource@1-12.el8_8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-4_18_0-477_89_1-debuginfo-0:1-12.el8_8.x86_64",
"product": {
"name": "kpatch-patch-4_18_0-477_89_1-debuginfo-0:1-12.el8_8.x86_64",
"product_id": "kpatch-patch-4_18_0-477_89_1-debuginfo-0:1-12.el8_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-477_89_1-debuginfo@1-12.el8_8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-4_18_0-477_97_1-0:1-10.el8_8.x86_64",
"product": {
"name": "kpatch-patch-4_18_0-477_97_1-0:1-10.el8_8.x86_64",
"product_id": "kpatch-patch-4_18_0-477_97_1-0:1-10.el8_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-477_97_1@1-10.el8_8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-4_18_0-477_97_1-debugsource-0:1-10.el8_8.x86_64",
"product": {
"name": "kpatch-patch-4_18_0-477_97_1-debugsource-0:1-10.el8_8.x86_64",
"product_id": "kpatch-patch-4_18_0-477_97_1-debugsource-0:1-10.el8_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-477_97_1-debugsource@1-10.el8_8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-4_18_0-477_97_1-debuginfo-0:1-10.el8_8.x86_64",
"product": {
"name": "kpatch-patch-4_18_0-477_97_1-debuginfo-0:1-10.el8_8.x86_64",
"product_id": "kpatch-patch-4_18_0-477_97_1-debuginfo-0:1-10.el8_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-477_97_1-debuginfo@1-10.el8_8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-4_18_0-477_107_1-0:1-6.el8_8.x86_64",
"product": {
"name": "kpatch-patch-4_18_0-477_107_1-0:1-6.el8_8.x86_64",
"product_id": "kpatch-patch-4_18_0-477_107_1-0:1-6.el8_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-477_107_1@1-6.el8_8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-4_18_0-477_107_1-debugsource-0:1-6.el8_8.x86_64",
"product": {
"name": "kpatch-patch-4_18_0-477_107_1-debugsource-0:1-6.el8_8.x86_64",
"product_id": "kpatch-patch-4_18_0-477_107_1-debugsource-0:1-6.el8_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-477_107_1-debugsource@1-6.el8_8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-4_18_0-477_107_1-debuginfo-0:1-6.el8_8.x86_64",
"product": {
"name": "kpatch-patch-4_18_0-477_107_1-debuginfo-0:1-6.el8_8.x86_64",
"product_id": "kpatch-patch-4_18_0-477_107_1-debuginfo-0:1-6.el8_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-477_107_1-debuginfo@1-6.el8_8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-4_18_0-477_120_1-0:1-5.el8_8.x86_64",
"product": {
"name": "kpatch-patch-4_18_0-477_120_1-0:1-5.el8_8.x86_64",
"product_id": "kpatch-patch-4_18_0-477_120_1-0:1-5.el8_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-477_120_1@1-5.el8_8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-4_18_0-477_120_1-debugsource-0:1-5.el8_8.x86_64",
"product": {
"name": "kpatch-patch-4_18_0-477_120_1-debugsource-0:1-5.el8_8.x86_64",
"product_id": "kpatch-patch-4_18_0-477_120_1-debugsource-0:1-5.el8_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-477_120_1-debugsource@1-5.el8_8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-4_18_0-477_120_1-debuginfo-0:1-5.el8_8.x86_64",
"product": {
"name": "kpatch-patch-4_18_0-477_120_1-debuginfo-0:1-5.el8_8.x86_64",
"product_id": "kpatch-patch-4_18_0-477_120_1-debuginfo-0:1-5.el8_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-477_120_1-debuginfo@1-5.el8_8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-4_18_0-477_130_1-0:1-3.el8_8.x86_64",
"product": {
"name": "kpatch-patch-4_18_0-477_130_1-0:1-3.el8_8.x86_64",
"product_id": "kpatch-patch-4_18_0-477_130_1-0:1-3.el8_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-477_130_1@1-3.el8_8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-4_18_0-477_130_1-debugsource-0:1-3.el8_8.x86_64",
"product": {
"name": "kpatch-patch-4_18_0-477_130_1-debugsource-0:1-3.el8_8.x86_64",
"product_id": "kpatch-patch-4_18_0-477_130_1-debugsource-0:1-3.el8_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-477_130_1-debugsource@1-3.el8_8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-4_18_0-477_130_1-debuginfo-0:1-3.el8_8.x86_64",
"product": {
"name": "kpatch-patch-4_18_0-477_130_1-debuginfo-0:1-3.el8_8.x86_64",
"product_id": "kpatch-patch-4_18_0-477_130_1-debuginfo-0:1-3.el8_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-477_130_1-debuginfo@1-3.el8_8?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-4_18_0-477_107_1-0:1-6.el8_8.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-0:1-6.el8_8.ppc64le"
},
"product_reference": "kpatch-patch-4_18_0-477_107_1-0:1-6.el8_8.ppc64le",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-4_18_0-477_107_1-0:1-6.el8_8.src as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-0:1-6.el8_8.src"
},
"product_reference": "kpatch-patch-4_18_0-477_107_1-0:1-6.el8_8.src",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-4_18_0-477_107_1-0:1-6.el8_8.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-0:1-6.el8_8.x86_64"
},
"product_reference": "kpatch-patch-4_18_0-477_107_1-0:1-6.el8_8.x86_64",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-4_18_0-477_107_1-debuginfo-0:1-6.el8_8.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-debuginfo-0:1-6.el8_8.ppc64le"
},
"product_reference": "kpatch-patch-4_18_0-477_107_1-debuginfo-0:1-6.el8_8.ppc64le",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-4_18_0-477_107_1-debuginfo-0:1-6.el8_8.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-debuginfo-0:1-6.el8_8.x86_64"
},
"product_reference": "kpatch-patch-4_18_0-477_107_1-debuginfo-0:1-6.el8_8.x86_64",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-4_18_0-477_107_1-debugsource-0:1-6.el8_8.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-debugsource-0:1-6.el8_8.ppc64le"
},
"product_reference": "kpatch-patch-4_18_0-477_107_1-debugsource-0:1-6.el8_8.ppc64le",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-4_18_0-477_107_1-debugsource-0:1-6.el8_8.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-debugsource-0:1-6.el8_8.x86_64"
},
"product_reference": "kpatch-patch-4_18_0-477_107_1-debugsource-0:1-6.el8_8.x86_64",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-4_18_0-477_120_1-0:1-5.el8_8.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-0:1-5.el8_8.ppc64le"
},
"product_reference": "kpatch-patch-4_18_0-477_120_1-0:1-5.el8_8.ppc64le",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-4_18_0-477_120_1-0:1-5.el8_8.src as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-0:1-5.el8_8.src"
},
"product_reference": "kpatch-patch-4_18_0-477_120_1-0:1-5.el8_8.src",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-4_18_0-477_120_1-0:1-5.el8_8.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-0:1-5.el8_8.x86_64"
},
"product_reference": "kpatch-patch-4_18_0-477_120_1-0:1-5.el8_8.x86_64",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-4_18_0-477_120_1-debuginfo-0:1-5.el8_8.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-debuginfo-0:1-5.el8_8.ppc64le"
},
"product_reference": "kpatch-patch-4_18_0-477_120_1-debuginfo-0:1-5.el8_8.ppc64le",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-4_18_0-477_120_1-debuginfo-0:1-5.el8_8.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-debuginfo-0:1-5.el8_8.x86_64"
},
"product_reference": "kpatch-patch-4_18_0-477_120_1-debuginfo-0:1-5.el8_8.x86_64",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-4_18_0-477_120_1-debugsource-0:1-5.el8_8.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-debugsource-0:1-5.el8_8.ppc64le"
},
"product_reference": "kpatch-patch-4_18_0-477_120_1-debugsource-0:1-5.el8_8.ppc64le",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-4_18_0-477_120_1-debugsource-0:1-5.el8_8.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-debugsource-0:1-5.el8_8.x86_64"
},
"product_reference": "kpatch-patch-4_18_0-477_120_1-debugsource-0:1-5.el8_8.x86_64",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-4_18_0-477_130_1-0:1-3.el8_8.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-0:1-3.el8_8.ppc64le"
},
"product_reference": "kpatch-patch-4_18_0-477_130_1-0:1-3.el8_8.ppc64le",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-4_18_0-477_130_1-0:1-3.el8_8.src as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-0:1-3.el8_8.src"
},
"product_reference": "kpatch-patch-4_18_0-477_130_1-0:1-3.el8_8.src",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-4_18_0-477_130_1-0:1-3.el8_8.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-0:1-3.el8_8.x86_64"
},
"product_reference": "kpatch-patch-4_18_0-477_130_1-0:1-3.el8_8.x86_64",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-4_18_0-477_130_1-debuginfo-0:1-3.el8_8.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-debuginfo-0:1-3.el8_8.ppc64le"
},
"product_reference": "kpatch-patch-4_18_0-477_130_1-debuginfo-0:1-3.el8_8.ppc64le",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-4_18_0-477_130_1-debuginfo-0:1-3.el8_8.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-debuginfo-0:1-3.el8_8.x86_64"
},
"product_reference": "kpatch-patch-4_18_0-477_130_1-debuginfo-0:1-3.el8_8.x86_64",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-4_18_0-477_130_1-debugsource-0:1-3.el8_8.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-debugsource-0:1-3.el8_8.ppc64le"
},
"product_reference": "kpatch-patch-4_18_0-477_130_1-debugsource-0:1-3.el8_8.ppc64le",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-4_18_0-477_130_1-debugsource-0:1-3.el8_8.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-debugsource-0:1-3.el8_8.x86_64"
},
"product_reference": "kpatch-patch-4_18_0-477_130_1-debugsource-0:1-3.el8_8.x86_64",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-4_18_0-477_89_1-0:1-12.el8_8.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-0:1-12.el8_8.ppc64le"
},
"product_reference": "kpatch-patch-4_18_0-477_89_1-0:1-12.el8_8.ppc64le",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-4_18_0-477_89_1-0:1-12.el8_8.src as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-0:1-12.el8_8.src"
},
"product_reference": "kpatch-patch-4_18_0-477_89_1-0:1-12.el8_8.src",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-4_18_0-477_89_1-0:1-12.el8_8.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-0:1-12.el8_8.x86_64"
},
"product_reference": "kpatch-patch-4_18_0-477_89_1-0:1-12.el8_8.x86_64",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-4_18_0-477_89_1-debuginfo-0:1-12.el8_8.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-debuginfo-0:1-12.el8_8.ppc64le"
},
"product_reference": "kpatch-patch-4_18_0-477_89_1-debuginfo-0:1-12.el8_8.ppc64le",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-4_18_0-477_89_1-debuginfo-0:1-12.el8_8.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-debuginfo-0:1-12.el8_8.x86_64"
},
"product_reference": "kpatch-patch-4_18_0-477_89_1-debuginfo-0:1-12.el8_8.x86_64",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-4_18_0-477_89_1-debugsource-0:1-12.el8_8.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-debugsource-0:1-12.el8_8.ppc64le"
},
"product_reference": "kpatch-patch-4_18_0-477_89_1-debugsource-0:1-12.el8_8.ppc64le",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-4_18_0-477_89_1-debugsource-0:1-12.el8_8.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-debugsource-0:1-12.el8_8.x86_64"
},
"product_reference": "kpatch-patch-4_18_0-477_89_1-debugsource-0:1-12.el8_8.x86_64",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-4_18_0-477_97_1-0:1-10.el8_8.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-0:1-10.el8_8.ppc64le"
},
"product_reference": "kpatch-patch-4_18_0-477_97_1-0:1-10.el8_8.ppc64le",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-4_18_0-477_97_1-0:1-10.el8_8.src as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-0:1-10.el8_8.src"
},
"product_reference": "kpatch-patch-4_18_0-477_97_1-0:1-10.el8_8.src",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-4_18_0-477_97_1-0:1-10.el8_8.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-0:1-10.el8_8.x86_64"
},
"product_reference": "kpatch-patch-4_18_0-477_97_1-0:1-10.el8_8.x86_64",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-4_18_0-477_97_1-debuginfo-0:1-10.el8_8.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-debuginfo-0:1-10.el8_8.ppc64le"
},
"product_reference": "kpatch-patch-4_18_0-477_97_1-debuginfo-0:1-10.el8_8.ppc64le",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-4_18_0-477_97_1-debuginfo-0:1-10.el8_8.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-debuginfo-0:1-10.el8_8.x86_64"
},
"product_reference": "kpatch-patch-4_18_0-477_97_1-debuginfo-0:1-10.el8_8.x86_64",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-4_18_0-477_97_1-debugsource-0:1-10.el8_8.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-debugsource-0:1-10.el8_8.ppc64le"
},
"product_reference": "kpatch-patch-4_18_0-477_97_1-debugsource-0:1-10.el8_8.ppc64le",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-4_18_0-477_97_1-debugsource-0:1-10.el8_8.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-debugsource-0:1-10.el8_8.x86_64"
},
"product_reference": "kpatch-patch-4_18_0-477_97_1-debugsource-0:1-10.el8_8.x86_64",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-43503",
"cwe": {
"id": "CWE-664",
"name": "Improper Control of a Resource Through its Lifetime"
},
"discovery_date": "2026-05-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480902"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u0027s networking (skbuff) component. When skb_try_coalesce() attaches paged fragments, it can lose the SKBFL_SHARED_FRAG marker. This can lead to the Encapsulating Security Payload (ESP) input decrypting data in place over page-cache backed fragments, potentially resulting in data corruption.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: net: skbuff: propagate shared-frag marker through frag-transfer helpers",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Impact is rated as Important because the privileged file-backed cache pages may be modified through a shared-page ownership bypass. Within Red Hat Enterprise Linux and Red Hat OpenShift Container Platform, this vulnerability was fixed at the same time as CVE-2026-46300.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-0:1-6.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-0:1-6.el8_8.src",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-0:1-6.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-debuginfo-0:1-6.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-debuginfo-0:1-6.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-debugsource-0:1-6.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-debugsource-0:1-6.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-0:1-5.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-0:1-5.el8_8.src",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-0:1-5.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-debuginfo-0:1-5.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-debuginfo-0:1-5.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-debugsource-0:1-5.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-debugsource-0:1-5.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-0:1-3.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-0:1-3.el8_8.src",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-0:1-3.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-debuginfo-0:1-3.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-debuginfo-0:1-3.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-debugsource-0:1-3.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-debugsource-0:1-3.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-0:1-12.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-0:1-12.el8_8.src",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-0:1-12.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-debuginfo-0:1-12.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-debuginfo-0:1-12.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-debugsource-0:1-12.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-debugsource-0:1-12.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-0:1-10.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-0:1-10.el8_8.src",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-0:1-10.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-debuginfo-0:1-10.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-debuginfo-0:1-10.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-debugsource-0:1-10.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-debugsource-0:1-10.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-43503"
},
{
"category": "external",
"summary": "RHBZ#2480902",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480902"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-43503",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43503"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-43503",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-43503"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/security/vulns.git/plain/cve/published/2026/CVE-2026-43503.mbox",
"url": "https://git.kernel.org/pub/scm/linux/security/vulns.git/plain/cve/published/2026/CVE-2026-43503.mbox"
}
],
"release_date": "2026-05-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-04T21:24:41+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-0:1-6.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-0:1-6.el8_8.src",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-0:1-6.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-debuginfo-0:1-6.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-debuginfo-0:1-6.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-debugsource-0:1-6.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-debugsource-0:1-6.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-0:1-5.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-0:1-5.el8_8.src",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-0:1-5.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-debuginfo-0:1-5.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-debuginfo-0:1-5.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-debugsource-0:1-5.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-debugsource-0:1-5.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-0:1-3.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-0:1-3.el8_8.src",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-0:1-3.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-debuginfo-0:1-3.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-debuginfo-0:1-3.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-debugsource-0:1-3.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-debugsource-0:1-3.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-0:1-12.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-0:1-12.el8_8.src",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-0:1-12.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-debuginfo-0:1-12.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-debuginfo-0:1-12.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-debugsource-0:1-12.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-debugsource-0:1-12.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-0:1-10.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-0:1-10.el8_8.src",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-0:1-10.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-debuginfo-0:1-10.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-debuginfo-0:1-10.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-debugsource-0:1-10.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-debugsource-0:1-10.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:23471"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-0:1-6.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-0:1-6.el8_8.src",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-0:1-6.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-debuginfo-0:1-6.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-debuginfo-0:1-6.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-debugsource-0:1-6.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-debugsource-0:1-6.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-0:1-5.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-0:1-5.el8_8.src",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-0:1-5.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-debuginfo-0:1-5.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-debuginfo-0:1-5.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-debugsource-0:1-5.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-debugsource-0:1-5.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-0:1-3.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-0:1-3.el8_8.src",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-0:1-3.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-debuginfo-0:1-3.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-debuginfo-0:1-3.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-debugsource-0:1-3.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-debugsource-0:1-3.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-0:1-12.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-0:1-12.el8_8.src",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-0:1-12.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-debuginfo-0:1-12.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-debuginfo-0:1-12.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-debugsource-0:1-12.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-debugsource-0:1-12.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-0:1-10.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-0:1-10.el8_8.src",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-0:1-10.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-debuginfo-0:1-10.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-debuginfo-0:1-10.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-debugsource-0:1-10.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-debugsource-0:1-10.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: net: skbuff: propagate shared-frag marker through frag-transfer helpers"
},
{
"cve": "CVE-2026-46300",
"cwe": {
"id": "CWE-123",
"name": "Write-what-where Condition"
},
"discovery_date": "2026-05-13T13:28:21.270000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477015"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u0027s XFRM ESP-in-TCP subsystem. Unsafe in-place cryptographic processing allows a low-privileged local attacker to write arbitrary bytes into the page cache of read-only files, including sensitive system files. An attacker can exploit this to overwrite privileged binaries and gain root privileges.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: \"Fragnesia\" is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation (LPE) vulnerability in the Linux kernel",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is classified as Important, rather than Critical severity, because exploitation requires local access to the system. A low-privileged local attacker can exploit this flaw in the Linux kernel\u0027s XFRM ESP-in-TCP subsystem to gain root privileges by overwriting sensitive system files. Exploitation does not require user interaction, potentially resulting in full compromise of confidentiality, integrity, and availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-0:1-6.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-0:1-6.el8_8.src",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-0:1-6.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-debuginfo-0:1-6.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-debuginfo-0:1-6.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-debugsource-0:1-6.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-debugsource-0:1-6.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-0:1-5.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-0:1-5.el8_8.src",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-0:1-5.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-debuginfo-0:1-5.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-debuginfo-0:1-5.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-debugsource-0:1-5.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-debugsource-0:1-5.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-0:1-3.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-0:1-3.el8_8.src",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-0:1-3.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-debuginfo-0:1-3.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-debuginfo-0:1-3.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-debugsource-0:1-3.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-debugsource-0:1-3.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-0:1-12.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-0:1-12.el8_8.src",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-0:1-12.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-debuginfo-0:1-12.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-debuginfo-0:1-12.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-debugsource-0:1-12.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-debugsource-0:1-12.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-0:1-10.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-0:1-10.el8_8.src",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-0:1-10.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-debuginfo-0:1-10.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-debuginfo-0:1-10.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-debugsource-0:1-10.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-debugsource-0:1-10.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-46300"
},
{
"category": "external",
"summary": "RHBZ#2477015",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477015"
},
{
"category": "external",
"summary": "RHSB-2026-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2026-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-46300",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46300"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-46300",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-46300"
}
],
"release_date": "2026-05-13T12:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-04T21:24:41+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-0:1-6.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-0:1-6.el8_8.src",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-0:1-6.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-debuginfo-0:1-6.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-debuginfo-0:1-6.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-debugsource-0:1-6.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-debugsource-0:1-6.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-0:1-5.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-0:1-5.el8_8.src",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-0:1-5.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-debuginfo-0:1-5.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-debuginfo-0:1-5.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-debugsource-0:1-5.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-debugsource-0:1-5.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-0:1-3.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-0:1-3.el8_8.src",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-0:1-3.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-debuginfo-0:1-3.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-debuginfo-0:1-3.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-debugsource-0:1-3.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-debugsource-0:1-3.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-0:1-12.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-0:1-12.el8_8.src",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-0:1-12.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-debuginfo-0:1-12.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-debuginfo-0:1-12.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-debugsource-0:1-12.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-debugsource-0:1-12.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-0:1-10.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-0:1-10.el8_8.src",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-0:1-10.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-debuginfo-0:1-10.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-debuginfo-0:1-10.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-debugsource-0:1-10.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-debugsource-0:1-10.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:23471"
},
{
"category": "workaround",
"details": "See the security bulletin for a detailed mitigation procedure.",
"product_ids": [
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-0:1-6.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-0:1-6.el8_8.src",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-0:1-6.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-debuginfo-0:1-6.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-debuginfo-0:1-6.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-debugsource-0:1-6.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-debugsource-0:1-6.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-0:1-5.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-0:1-5.el8_8.src",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-0:1-5.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-debuginfo-0:1-5.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-debuginfo-0:1-5.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-debugsource-0:1-5.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-debugsource-0:1-5.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-0:1-3.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-0:1-3.el8_8.src",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-0:1-3.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-debuginfo-0:1-3.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-debuginfo-0:1-3.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-debugsource-0:1-3.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-debugsource-0:1-3.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-0:1-12.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-0:1-12.el8_8.src",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-0:1-12.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-debuginfo-0:1-12.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-debuginfo-0:1-12.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-debugsource-0:1-12.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-debugsource-0:1-12.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-0:1-10.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-0:1-10.el8_8.src",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-0:1-10.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-debuginfo-0:1-10.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-debuginfo-0:1-10.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-debugsource-0:1-10.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-debugsource-0:1-10.el8_8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-0:1-6.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-0:1-6.el8_8.src",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-0:1-6.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-debuginfo-0:1-6.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-debuginfo-0:1-6.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-debugsource-0:1-6.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-debugsource-0:1-6.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-0:1-5.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-0:1-5.el8_8.src",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-0:1-5.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-debuginfo-0:1-5.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-debuginfo-0:1-5.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-debugsource-0:1-5.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-debugsource-0:1-5.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-0:1-3.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-0:1-3.el8_8.src",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-0:1-3.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-debuginfo-0:1-3.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-debuginfo-0:1-3.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-debugsource-0:1-3.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-debugsource-0:1-3.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-0:1-12.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-0:1-12.el8_8.src",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-0:1-12.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-debuginfo-0:1-12.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-debuginfo-0:1-12.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-debugsource-0:1-12.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-debugsource-0:1-12.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-0:1-10.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-0:1-10.el8_8.src",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-0:1-10.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-debuginfo-0:1-10.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-debuginfo-0:1-10.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-debugsource-0:1-10.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-debugsource-0:1-10.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: \"Fragnesia\" is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation (LPE) vulnerability in the Linux kernel"
},
{
"cve": "CVE-2026-46333",
"cwe": {
"id": "CWE-269",
"name": "Improper Privilege Management"
},
"discovery_date": "2026-05-15T08:27:21.590000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477802"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Linux kernel that allows an unprivileged local user to read sensitive files normally restricted to the root user. The flaw occurs during process exit, where a brief window allows an attacker to intercept file access from a privileged process before it fully terminates. Successful exploitation may lead to the disclosure of sensitive data such as SSH host private keys or /etc/shadow contents.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Read root-owned files as an unprivileged user",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important flaw in the Linux kernel that allows a local unprivileged attacker to read root-owned files. The vulnerability arises from a race condition during process termination, enabling a brief window where sensitive data, such as SSH host private keys or /etc/shadow contents, can be disclosed. This could lead to unauthorized access to sensitive information on affected Red Hat Enterprise Linux systems.\n\nIn OpenShift Container Platform 4, this flaw is rated Low. The default `restricted-v2` Security Context Constraint (SCC) sets `allowPrivilegeEscalation: false` on all pods, which causes the kernel to ignore setuid file bits and prevents target binaries from opening privileged files, breaking the exploit chain entirely. Under non-default SCCs such as `anyuid` that permit privilege escalation, the vulnerability is constrained by PID and mount namespace isolation to the container\u0027s own filesystem. An attacker would only be able to access root-owned files already within the container, not host or cross-pod resources. In practice, containers rarely contain sensitive root-owned files that are not already accessible to the pod user through normal means.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-0:1-6.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-0:1-6.el8_8.src",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-0:1-6.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-debuginfo-0:1-6.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-debuginfo-0:1-6.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-debugsource-0:1-6.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-debugsource-0:1-6.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-0:1-5.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-0:1-5.el8_8.src",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-0:1-5.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-debuginfo-0:1-5.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-debuginfo-0:1-5.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-debugsource-0:1-5.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-debugsource-0:1-5.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-0:1-3.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-0:1-3.el8_8.src",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-0:1-3.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-debuginfo-0:1-3.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-debuginfo-0:1-3.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-debugsource-0:1-3.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-debugsource-0:1-3.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-0:1-12.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-0:1-12.el8_8.src",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-0:1-12.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-debuginfo-0:1-12.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-debuginfo-0:1-12.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-debugsource-0:1-12.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-debugsource-0:1-12.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-0:1-10.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-0:1-10.el8_8.src",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-0:1-10.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-debuginfo-0:1-10.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-debuginfo-0:1-10.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-debugsource-0:1-10.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-debugsource-0:1-10.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-46333"
},
{
"category": "external",
"summary": "RHBZ#2477802",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477802"
},
{
"category": "external",
"summary": "RHSB-2026-004",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2026-004"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-46333",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46333"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-46333",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-46333"
},
{
"category": "external",
"summary": "https://blog.qualys.com/vulnerabilities-threat-research/2026/05/20/cve-2026-46333-local-root-privilege-escalation-and-credential-disclosure-in-the-linux-kernel-ptrace-path",
"url": "https://blog.qualys.com/vulnerabilities-threat-research/2026/05/20/cve-2026-46333-local-root-privilege-escalation-and-credential-disclosure-in-the-linux-kernel-ptrace-path"
},
{
"category": "external",
"summary": "https://github.com/torvalds/linux/commit/31e62c2ebbfdc3fe3dbdf5e02c92a9dc67087a3a",
"url": "https://github.com/torvalds/linux/commit/31e62c2ebbfdc3fe3dbdf5e02c92a9dc67087a3a"
}
],
"release_date": "2026-05-15T05:55:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-04T21:24:41+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-0:1-6.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-0:1-6.el8_8.src",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-0:1-6.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-debuginfo-0:1-6.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-debuginfo-0:1-6.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-debugsource-0:1-6.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-debugsource-0:1-6.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-0:1-5.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-0:1-5.el8_8.src",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-0:1-5.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-debuginfo-0:1-5.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-debuginfo-0:1-5.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-debugsource-0:1-5.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-debugsource-0:1-5.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-0:1-3.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-0:1-3.el8_8.src",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-0:1-3.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-debuginfo-0:1-3.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-debuginfo-0:1-3.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-debugsource-0:1-3.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-debugsource-0:1-3.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-0:1-12.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-0:1-12.el8_8.src",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-0:1-12.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-debuginfo-0:1-12.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-debuginfo-0:1-12.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-debugsource-0:1-12.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-debugsource-0:1-12.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-0:1-10.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-0:1-10.el8_8.src",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-0:1-10.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-debuginfo-0:1-10.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-debuginfo-0:1-10.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-debugsource-0:1-10.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-debugsource-0:1-10.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:23471"
},
{
"category": "workaround",
"details": "See the security bulletin for a detailed mitigation procedure.",
"product_ids": [
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-0:1-6.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-0:1-6.el8_8.src",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-0:1-6.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-debuginfo-0:1-6.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-debuginfo-0:1-6.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-debugsource-0:1-6.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-debugsource-0:1-6.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-0:1-5.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-0:1-5.el8_8.src",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-0:1-5.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-debuginfo-0:1-5.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-debuginfo-0:1-5.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-debugsource-0:1-5.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-debugsource-0:1-5.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-0:1-3.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-0:1-3.el8_8.src",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-0:1-3.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-debuginfo-0:1-3.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-debuginfo-0:1-3.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-debugsource-0:1-3.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-debugsource-0:1-3.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-0:1-12.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-0:1-12.el8_8.src",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-0:1-12.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-debuginfo-0:1-12.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-debuginfo-0:1-12.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-debugsource-0:1-12.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-debugsource-0:1-12.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-0:1-10.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-0:1-10.el8_8.src",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-0:1-10.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-debuginfo-0:1-10.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-debuginfo-0:1-10.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-debugsource-0:1-10.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-debugsource-0:1-10.el8_8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-0:1-6.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-0:1-6.el8_8.src",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-0:1-6.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-debuginfo-0:1-6.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-debuginfo-0:1-6.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-debugsource-0:1-6.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_107_1-debugsource-0:1-6.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-0:1-5.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-0:1-5.el8_8.src",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-0:1-5.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-debuginfo-0:1-5.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-debuginfo-0:1-5.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-debugsource-0:1-5.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_120_1-debugsource-0:1-5.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-0:1-3.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-0:1-3.el8_8.src",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-0:1-3.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-debuginfo-0:1-3.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-debuginfo-0:1-3.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-debugsource-0:1-3.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_130_1-debugsource-0:1-3.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-0:1-12.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-0:1-12.el8_8.src",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-0:1-12.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-debuginfo-0:1-12.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-debuginfo-0:1-12.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-debugsource-0:1-12.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_89_1-debugsource-0:1-12.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-0:1-10.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-0:1-10.el8_8.src",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-0:1-10.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-debuginfo-0:1-10.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-debuginfo-0:1-10.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-debugsource-0:1-10.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:kpatch-patch-4_18_0-477_97_1-debugsource-0:1-10.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: Read root-owned files as an unprivileged user"
}
]
}
RHSA-2026:24814
Vulnerability from csaf_redhat - Published: 2026-06-09 13:49 - Updated: 2026-07-01 19:39A flaw was found in the Linux kernel's networking (skbuff) component. When skb_try_coalesce() attaches paged fragments, it can lose the SKBFL_SHARED_FRAG marker. This can lead to the Encapsulating Security Payload (ESP) input decrypting data in place over page-cache backed fragments, potentially resulting in data corruption.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-0:1-5.el9_4.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-0:1-5.el9_4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-0:1-5.el9_4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-debuginfo-0:1-5.el9_4.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-debuginfo-0:1-5.el9_4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-debugsource-0:1-5.el9_4.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-debugsource-0:1-5.el9_4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-0:1-3.el9_4.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-0:1-3.el9_4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-0:1-3.el9_4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-debuginfo-0:1-3.el9_4.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-debuginfo-0:1-3.el9_4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-debugsource-0:1-3.el9_4.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-debugsource-0:1-3.el9_4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-0:1-15.el9_4.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-0:1-15.el9_4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-0:1-15.el9_4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-debuginfo-0:1-15.el9_4.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-debuginfo-0:1-15.el9_4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-debugsource-0:1-15.el9_4.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-debugsource-0:1-15.el9_4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-0:1-12.el9_4.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-0:1-12.el9_4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-0:1-12.el9_4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-debuginfo-0:1-12.el9_4.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-debuginfo-0:1-12.el9_4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-debugsource-0:1-12.el9_4.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-debugsource-0:1-12.el9_4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-0:1-7.el9_4.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-0:1-7.el9_4.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-0:1-7.el9_4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-debuginfo-0:1-7.el9_4.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-debuginfo-0:1-7.el9_4.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-debugsource-0:1-7.el9_4.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-debugsource-0:1-7.el9_4.x86_64 | — |
Vendor Fix
fix
|
A flaw was found in the Linux kernel's XFRM ESP-in-TCP subsystem. Unsafe in-place cryptographic processing allows a low-privileged local attacker to write arbitrary bytes into the page cache of read-only files, including sensitive system files. An attacker can exploit this to overwrite privileged binaries and gain root privileges.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-0:1-5.el9_4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-0:1-5.el9_4.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-0:1-5.el9_4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-debuginfo-0:1-5.el9_4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-debuginfo-0:1-5.el9_4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-debugsource-0:1-5.el9_4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-debugsource-0:1-5.el9_4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-0:1-3.el9_4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-0:1-3.el9_4.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-0:1-3.el9_4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-debuginfo-0:1-3.el9_4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-debuginfo-0:1-3.el9_4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-debugsource-0:1-3.el9_4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-debugsource-0:1-3.el9_4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-0:1-15.el9_4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-0:1-15.el9_4.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-0:1-15.el9_4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-debuginfo-0:1-15.el9_4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-debuginfo-0:1-15.el9_4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-debugsource-0:1-15.el9_4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-debugsource-0:1-15.el9_4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-0:1-12.el9_4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-0:1-12.el9_4.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-0:1-12.el9_4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-debuginfo-0:1-12.el9_4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-debuginfo-0:1-12.el9_4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-debugsource-0:1-12.el9_4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-debugsource-0:1-12.el9_4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-0:1-7.el9_4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-0:1-7.el9_4.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-0:1-7.el9_4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-debuginfo-0:1-7.el9_4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-debuginfo-0:1-7.el9_4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-debugsource-0:1-7.el9_4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-debugsource-0:1-7.el9_4.x86_64 | — |
Vendor Fix
fix
Workaround
|
A vulnerability was found in the Linux kernel that allows an unprivileged local user to read sensitive files normally restricted to the root user. The flaw occurs during process exit, where a brief window allows an attacker to intercept file access from a privileged process before it fully terminates. Successful exploitation may lead to the disclosure of sensitive data such as SSH host private keys or /etc/shadow contents.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-0:1-5.el9_4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-0:1-5.el9_4.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-0:1-5.el9_4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-debuginfo-0:1-5.el9_4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-debuginfo-0:1-5.el9_4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-debugsource-0:1-5.el9_4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-debugsource-0:1-5.el9_4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-0:1-3.el9_4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-0:1-3.el9_4.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-0:1-3.el9_4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-debuginfo-0:1-3.el9_4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-debuginfo-0:1-3.el9_4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-debugsource-0:1-3.el9_4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-debugsource-0:1-3.el9_4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-0:1-15.el9_4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-0:1-15.el9_4.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-0:1-15.el9_4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-debuginfo-0:1-15.el9_4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-debuginfo-0:1-15.el9_4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-debugsource-0:1-15.el9_4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-debugsource-0:1-15.el9_4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-0:1-12.el9_4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-0:1-12.el9_4.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-0:1-12.el9_4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-debuginfo-0:1-12.el9_4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-debuginfo-0:1-12.el9_4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-debugsource-0:1-12.el9_4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-debugsource-0:1-12.el9_4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-0:1-7.el9_4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-0:1-7.el9_4.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-0:1-7.el9_4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-debuginfo-0:1-7.el9_4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-debuginfo-0:1-7.el9_4.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-debugsource-0:1-7.el9_4.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-debugsource-0:1-7.el9_4.x86_64 | — |
Vendor Fix
fix
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for kpatch-patch is now available for Red Hat Enterprise Linux RHEL 9.4 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.\n\nSecurity Fix(es):\n\n* kernel: \"Fragnesia\" is a variant of Dirty Frag vulnerability in the ESP/XFRM\nleading to Local Privilege Escalation (LPE) vulnerability in the Linux kernel\n(CVE-2026-46300)\n\n* kernel: Read root-owned files as an unprivileged user (CVE-2026-46333)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:24814",
"url": "https://access.redhat.com/errata/RHSA-2026:24814"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2477015",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477015"
},
{
"category": "external",
"summary": "2477802",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477802"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_24814.json"
}
],
"title": "Red Hat Security Advisory: kpatch-patch security update",
"tracking": {
"current_release_date": "2026-07-01T19:39:25+00:00",
"generator": {
"date": "2026-07-01T19:39:25+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:24814",
"initial_release_date": "2026-06-09T13:49:22+00:00",
"revision_history": [
{
"date": "2026-06-09T13:49:22+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-06-09T13:49:22+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-01T19:39:25+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS E4S (v.9.4)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS E4S (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.E4S",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_e4s:9.4::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-427_113_1-0:1-3.el9_4.src",
"product": {
"name": "kpatch-patch-5_14_0-427_113_1-0:1-3.el9_4.src",
"product_id": "kpatch-patch-5_14_0-427_113_1-0:1-3.el9_4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-427_113_1@1-3.el9_4?arch=src"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-427_100_1-0:1-5.el9_4.src",
"product": {
"name": "kpatch-patch-5_14_0-427_100_1-0:1-5.el9_4.src",
"product_id": "kpatch-patch-5_14_0-427_100_1-0:1-5.el9_4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-427_100_1@1-5.el9_4?arch=src"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-427_84_1-0:1-7.el9_4.src",
"product": {
"name": "kpatch-patch-5_14_0-427_84_1-0:1-7.el9_4.src",
"product_id": "kpatch-patch-5_14_0-427_84_1-0:1-7.el9_4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-427_84_1@1-7.el9_4?arch=src"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-427_68_2-0:1-12.el9_4.src",
"product": {
"name": "kpatch-patch-5_14_0-427_68_2-0:1-12.el9_4.src",
"product_id": "kpatch-patch-5_14_0-427_68_2-0:1-12.el9_4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-427_68_2@1-12.el9_4?arch=src"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-427_55_1-0:1-15.el9_4.src",
"product": {
"name": "kpatch-patch-5_14_0-427_55_1-0:1-15.el9_4.src",
"product_id": "kpatch-patch-5_14_0-427_55_1-0:1-15.el9_4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-427_55_1@1-15.el9_4?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-427_113_1-0:1-3.el9_4.ppc64le",
"product": {
"name": "kpatch-patch-5_14_0-427_113_1-0:1-3.el9_4.ppc64le",
"product_id": "kpatch-patch-5_14_0-427_113_1-0:1-3.el9_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-427_113_1@1-3.el9_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-427_113_1-debugsource-0:1-3.el9_4.ppc64le",
"product": {
"name": "kpatch-patch-5_14_0-427_113_1-debugsource-0:1-3.el9_4.ppc64le",
"product_id": "kpatch-patch-5_14_0-427_113_1-debugsource-0:1-3.el9_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-427_113_1-debugsource@1-3.el9_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-427_113_1-debuginfo-0:1-3.el9_4.ppc64le",
"product": {
"name": "kpatch-patch-5_14_0-427_113_1-debuginfo-0:1-3.el9_4.ppc64le",
"product_id": "kpatch-patch-5_14_0-427_113_1-debuginfo-0:1-3.el9_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-427_113_1-debuginfo@1-3.el9_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-427_100_1-0:1-5.el9_4.ppc64le",
"product": {
"name": "kpatch-patch-5_14_0-427_100_1-0:1-5.el9_4.ppc64le",
"product_id": "kpatch-patch-5_14_0-427_100_1-0:1-5.el9_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-427_100_1@1-5.el9_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-427_100_1-debugsource-0:1-5.el9_4.ppc64le",
"product": {
"name": "kpatch-patch-5_14_0-427_100_1-debugsource-0:1-5.el9_4.ppc64le",
"product_id": "kpatch-patch-5_14_0-427_100_1-debugsource-0:1-5.el9_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-427_100_1-debugsource@1-5.el9_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-427_100_1-debuginfo-0:1-5.el9_4.ppc64le",
"product": {
"name": "kpatch-patch-5_14_0-427_100_1-debuginfo-0:1-5.el9_4.ppc64le",
"product_id": "kpatch-patch-5_14_0-427_100_1-debuginfo-0:1-5.el9_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-427_100_1-debuginfo@1-5.el9_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-427_84_1-0:1-7.el9_4.ppc64le",
"product": {
"name": "kpatch-patch-5_14_0-427_84_1-0:1-7.el9_4.ppc64le",
"product_id": "kpatch-patch-5_14_0-427_84_1-0:1-7.el9_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-427_84_1@1-7.el9_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-427_84_1-debugsource-0:1-7.el9_4.ppc64le",
"product": {
"name": "kpatch-patch-5_14_0-427_84_1-debugsource-0:1-7.el9_4.ppc64le",
"product_id": "kpatch-patch-5_14_0-427_84_1-debugsource-0:1-7.el9_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-427_84_1-debugsource@1-7.el9_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-427_84_1-debuginfo-0:1-7.el9_4.ppc64le",
"product": {
"name": "kpatch-patch-5_14_0-427_84_1-debuginfo-0:1-7.el9_4.ppc64le",
"product_id": "kpatch-patch-5_14_0-427_84_1-debuginfo-0:1-7.el9_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-427_84_1-debuginfo@1-7.el9_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-427_68_2-0:1-12.el9_4.ppc64le",
"product": {
"name": "kpatch-patch-5_14_0-427_68_2-0:1-12.el9_4.ppc64le",
"product_id": "kpatch-patch-5_14_0-427_68_2-0:1-12.el9_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-427_68_2@1-12.el9_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-427_68_2-debugsource-0:1-12.el9_4.ppc64le",
"product": {
"name": "kpatch-patch-5_14_0-427_68_2-debugsource-0:1-12.el9_4.ppc64le",
"product_id": "kpatch-patch-5_14_0-427_68_2-debugsource-0:1-12.el9_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-427_68_2-debugsource@1-12.el9_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-427_68_2-debuginfo-0:1-12.el9_4.ppc64le",
"product": {
"name": "kpatch-patch-5_14_0-427_68_2-debuginfo-0:1-12.el9_4.ppc64le",
"product_id": "kpatch-patch-5_14_0-427_68_2-debuginfo-0:1-12.el9_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-427_68_2-debuginfo@1-12.el9_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-427_55_1-0:1-15.el9_4.ppc64le",
"product": {
"name": "kpatch-patch-5_14_0-427_55_1-0:1-15.el9_4.ppc64le",
"product_id": "kpatch-patch-5_14_0-427_55_1-0:1-15.el9_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-427_55_1@1-15.el9_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-427_55_1-debugsource-0:1-15.el9_4.ppc64le",
"product": {
"name": "kpatch-patch-5_14_0-427_55_1-debugsource-0:1-15.el9_4.ppc64le",
"product_id": "kpatch-patch-5_14_0-427_55_1-debugsource-0:1-15.el9_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-427_55_1-debugsource@1-15.el9_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-427_55_1-debuginfo-0:1-15.el9_4.ppc64le",
"product": {
"name": "kpatch-patch-5_14_0-427_55_1-debuginfo-0:1-15.el9_4.ppc64le",
"product_id": "kpatch-patch-5_14_0-427_55_1-debuginfo-0:1-15.el9_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-427_55_1-debuginfo@1-15.el9_4?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-427_113_1-0:1-3.el9_4.x86_64",
"product": {
"name": "kpatch-patch-5_14_0-427_113_1-0:1-3.el9_4.x86_64",
"product_id": "kpatch-patch-5_14_0-427_113_1-0:1-3.el9_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-427_113_1@1-3.el9_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-427_113_1-debugsource-0:1-3.el9_4.x86_64",
"product": {
"name": "kpatch-patch-5_14_0-427_113_1-debugsource-0:1-3.el9_4.x86_64",
"product_id": "kpatch-patch-5_14_0-427_113_1-debugsource-0:1-3.el9_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-427_113_1-debugsource@1-3.el9_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-427_113_1-debuginfo-0:1-3.el9_4.x86_64",
"product": {
"name": "kpatch-patch-5_14_0-427_113_1-debuginfo-0:1-3.el9_4.x86_64",
"product_id": "kpatch-patch-5_14_0-427_113_1-debuginfo-0:1-3.el9_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-427_113_1-debuginfo@1-3.el9_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-427_100_1-0:1-5.el9_4.x86_64",
"product": {
"name": "kpatch-patch-5_14_0-427_100_1-0:1-5.el9_4.x86_64",
"product_id": "kpatch-patch-5_14_0-427_100_1-0:1-5.el9_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-427_100_1@1-5.el9_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-427_100_1-debugsource-0:1-5.el9_4.x86_64",
"product": {
"name": "kpatch-patch-5_14_0-427_100_1-debugsource-0:1-5.el9_4.x86_64",
"product_id": "kpatch-patch-5_14_0-427_100_1-debugsource-0:1-5.el9_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-427_100_1-debugsource@1-5.el9_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-427_100_1-debuginfo-0:1-5.el9_4.x86_64",
"product": {
"name": "kpatch-patch-5_14_0-427_100_1-debuginfo-0:1-5.el9_4.x86_64",
"product_id": "kpatch-patch-5_14_0-427_100_1-debuginfo-0:1-5.el9_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-427_100_1-debuginfo@1-5.el9_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-427_84_1-0:1-7.el9_4.x86_64",
"product": {
"name": "kpatch-patch-5_14_0-427_84_1-0:1-7.el9_4.x86_64",
"product_id": "kpatch-patch-5_14_0-427_84_1-0:1-7.el9_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-427_84_1@1-7.el9_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-427_84_1-debugsource-0:1-7.el9_4.x86_64",
"product": {
"name": "kpatch-patch-5_14_0-427_84_1-debugsource-0:1-7.el9_4.x86_64",
"product_id": "kpatch-patch-5_14_0-427_84_1-debugsource-0:1-7.el9_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-427_84_1-debugsource@1-7.el9_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-427_84_1-debuginfo-0:1-7.el9_4.x86_64",
"product": {
"name": "kpatch-patch-5_14_0-427_84_1-debuginfo-0:1-7.el9_4.x86_64",
"product_id": "kpatch-patch-5_14_0-427_84_1-debuginfo-0:1-7.el9_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-427_84_1-debuginfo@1-7.el9_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-427_68_2-0:1-12.el9_4.x86_64",
"product": {
"name": "kpatch-patch-5_14_0-427_68_2-0:1-12.el9_4.x86_64",
"product_id": "kpatch-patch-5_14_0-427_68_2-0:1-12.el9_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-427_68_2@1-12.el9_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-427_68_2-debugsource-0:1-12.el9_4.x86_64",
"product": {
"name": "kpatch-patch-5_14_0-427_68_2-debugsource-0:1-12.el9_4.x86_64",
"product_id": "kpatch-patch-5_14_0-427_68_2-debugsource-0:1-12.el9_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-427_68_2-debugsource@1-12.el9_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-427_68_2-debuginfo-0:1-12.el9_4.x86_64",
"product": {
"name": "kpatch-patch-5_14_0-427_68_2-debuginfo-0:1-12.el9_4.x86_64",
"product_id": "kpatch-patch-5_14_0-427_68_2-debuginfo-0:1-12.el9_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-427_68_2-debuginfo@1-12.el9_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-427_55_1-0:1-15.el9_4.x86_64",
"product": {
"name": "kpatch-patch-5_14_0-427_55_1-0:1-15.el9_4.x86_64",
"product_id": "kpatch-patch-5_14_0-427_55_1-0:1-15.el9_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-427_55_1@1-15.el9_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-427_55_1-debugsource-0:1-15.el9_4.x86_64",
"product": {
"name": "kpatch-patch-5_14_0-427_55_1-debugsource-0:1-15.el9_4.x86_64",
"product_id": "kpatch-patch-5_14_0-427_55_1-debugsource-0:1-15.el9_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-427_55_1-debugsource@1-15.el9_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kpatch-patch-5_14_0-427_55_1-debuginfo-0:1-15.el9_4.x86_64",
"product": {
"name": "kpatch-patch-5_14_0-427_55_1-debuginfo-0:1-15.el9_4.x86_64",
"product_id": "kpatch-patch-5_14_0-427_55_1-debuginfo-0:1-15.el9_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kpatch-patch-5_14_0-427_55_1-debuginfo@1-15.el9_4?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-427_100_1-0:1-5.el9_4.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-0:1-5.el9_4.ppc64le"
},
"product_reference": "kpatch-patch-5_14_0-427_100_1-0:1-5.el9_4.ppc64le",
"relates_to_product_reference": "BaseOS-9.4.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-427_100_1-0:1-5.el9_4.src as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-0:1-5.el9_4.src"
},
"product_reference": "kpatch-patch-5_14_0-427_100_1-0:1-5.el9_4.src",
"relates_to_product_reference": "BaseOS-9.4.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-427_100_1-0:1-5.el9_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-0:1-5.el9_4.x86_64"
},
"product_reference": "kpatch-patch-5_14_0-427_100_1-0:1-5.el9_4.x86_64",
"relates_to_product_reference": "BaseOS-9.4.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-427_100_1-debuginfo-0:1-5.el9_4.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-debuginfo-0:1-5.el9_4.ppc64le"
},
"product_reference": "kpatch-patch-5_14_0-427_100_1-debuginfo-0:1-5.el9_4.ppc64le",
"relates_to_product_reference": "BaseOS-9.4.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-427_100_1-debuginfo-0:1-5.el9_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-debuginfo-0:1-5.el9_4.x86_64"
},
"product_reference": "kpatch-patch-5_14_0-427_100_1-debuginfo-0:1-5.el9_4.x86_64",
"relates_to_product_reference": "BaseOS-9.4.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-427_100_1-debugsource-0:1-5.el9_4.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-debugsource-0:1-5.el9_4.ppc64le"
},
"product_reference": "kpatch-patch-5_14_0-427_100_1-debugsource-0:1-5.el9_4.ppc64le",
"relates_to_product_reference": "BaseOS-9.4.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-427_100_1-debugsource-0:1-5.el9_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-debugsource-0:1-5.el9_4.x86_64"
},
"product_reference": "kpatch-patch-5_14_0-427_100_1-debugsource-0:1-5.el9_4.x86_64",
"relates_to_product_reference": "BaseOS-9.4.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-427_113_1-0:1-3.el9_4.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-0:1-3.el9_4.ppc64le"
},
"product_reference": "kpatch-patch-5_14_0-427_113_1-0:1-3.el9_4.ppc64le",
"relates_to_product_reference": "BaseOS-9.4.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-427_113_1-0:1-3.el9_4.src as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-0:1-3.el9_4.src"
},
"product_reference": "kpatch-patch-5_14_0-427_113_1-0:1-3.el9_4.src",
"relates_to_product_reference": "BaseOS-9.4.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-427_113_1-0:1-3.el9_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-0:1-3.el9_4.x86_64"
},
"product_reference": "kpatch-patch-5_14_0-427_113_1-0:1-3.el9_4.x86_64",
"relates_to_product_reference": "BaseOS-9.4.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-427_113_1-debuginfo-0:1-3.el9_4.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-debuginfo-0:1-3.el9_4.ppc64le"
},
"product_reference": "kpatch-patch-5_14_0-427_113_1-debuginfo-0:1-3.el9_4.ppc64le",
"relates_to_product_reference": "BaseOS-9.4.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-427_113_1-debuginfo-0:1-3.el9_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-debuginfo-0:1-3.el9_4.x86_64"
},
"product_reference": "kpatch-patch-5_14_0-427_113_1-debuginfo-0:1-3.el9_4.x86_64",
"relates_to_product_reference": "BaseOS-9.4.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-427_113_1-debugsource-0:1-3.el9_4.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-debugsource-0:1-3.el9_4.ppc64le"
},
"product_reference": "kpatch-patch-5_14_0-427_113_1-debugsource-0:1-3.el9_4.ppc64le",
"relates_to_product_reference": "BaseOS-9.4.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-427_113_1-debugsource-0:1-3.el9_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-debugsource-0:1-3.el9_4.x86_64"
},
"product_reference": "kpatch-patch-5_14_0-427_113_1-debugsource-0:1-3.el9_4.x86_64",
"relates_to_product_reference": "BaseOS-9.4.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-427_55_1-0:1-15.el9_4.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-0:1-15.el9_4.ppc64le"
},
"product_reference": "kpatch-patch-5_14_0-427_55_1-0:1-15.el9_4.ppc64le",
"relates_to_product_reference": "BaseOS-9.4.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-427_55_1-0:1-15.el9_4.src as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-0:1-15.el9_4.src"
},
"product_reference": "kpatch-patch-5_14_0-427_55_1-0:1-15.el9_4.src",
"relates_to_product_reference": "BaseOS-9.4.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-427_55_1-0:1-15.el9_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-0:1-15.el9_4.x86_64"
},
"product_reference": "kpatch-patch-5_14_0-427_55_1-0:1-15.el9_4.x86_64",
"relates_to_product_reference": "BaseOS-9.4.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-427_55_1-debuginfo-0:1-15.el9_4.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-debuginfo-0:1-15.el9_4.ppc64le"
},
"product_reference": "kpatch-patch-5_14_0-427_55_1-debuginfo-0:1-15.el9_4.ppc64le",
"relates_to_product_reference": "BaseOS-9.4.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-427_55_1-debuginfo-0:1-15.el9_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-debuginfo-0:1-15.el9_4.x86_64"
},
"product_reference": "kpatch-patch-5_14_0-427_55_1-debuginfo-0:1-15.el9_4.x86_64",
"relates_to_product_reference": "BaseOS-9.4.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-427_55_1-debugsource-0:1-15.el9_4.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-debugsource-0:1-15.el9_4.ppc64le"
},
"product_reference": "kpatch-patch-5_14_0-427_55_1-debugsource-0:1-15.el9_4.ppc64le",
"relates_to_product_reference": "BaseOS-9.4.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-427_55_1-debugsource-0:1-15.el9_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-debugsource-0:1-15.el9_4.x86_64"
},
"product_reference": "kpatch-patch-5_14_0-427_55_1-debugsource-0:1-15.el9_4.x86_64",
"relates_to_product_reference": "BaseOS-9.4.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-427_68_2-0:1-12.el9_4.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-0:1-12.el9_4.ppc64le"
},
"product_reference": "kpatch-patch-5_14_0-427_68_2-0:1-12.el9_4.ppc64le",
"relates_to_product_reference": "BaseOS-9.4.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-427_68_2-0:1-12.el9_4.src as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-0:1-12.el9_4.src"
},
"product_reference": "kpatch-patch-5_14_0-427_68_2-0:1-12.el9_4.src",
"relates_to_product_reference": "BaseOS-9.4.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-427_68_2-0:1-12.el9_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-0:1-12.el9_4.x86_64"
},
"product_reference": "kpatch-patch-5_14_0-427_68_2-0:1-12.el9_4.x86_64",
"relates_to_product_reference": "BaseOS-9.4.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-427_68_2-debuginfo-0:1-12.el9_4.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-debuginfo-0:1-12.el9_4.ppc64le"
},
"product_reference": "kpatch-patch-5_14_0-427_68_2-debuginfo-0:1-12.el9_4.ppc64le",
"relates_to_product_reference": "BaseOS-9.4.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-427_68_2-debuginfo-0:1-12.el9_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-debuginfo-0:1-12.el9_4.x86_64"
},
"product_reference": "kpatch-patch-5_14_0-427_68_2-debuginfo-0:1-12.el9_4.x86_64",
"relates_to_product_reference": "BaseOS-9.4.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-427_68_2-debugsource-0:1-12.el9_4.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-debugsource-0:1-12.el9_4.ppc64le"
},
"product_reference": "kpatch-patch-5_14_0-427_68_2-debugsource-0:1-12.el9_4.ppc64le",
"relates_to_product_reference": "BaseOS-9.4.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-427_68_2-debugsource-0:1-12.el9_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-debugsource-0:1-12.el9_4.x86_64"
},
"product_reference": "kpatch-patch-5_14_0-427_68_2-debugsource-0:1-12.el9_4.x86_64",
"relates_to_product_reference": "BaseOS-9.4.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-427_84_1-0:1-7.el9_4.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-0:1-7.el9_4.ppc64le"
},
"product_reference": "kpatch-patch-5_14_0-427_84_1-0:1-7.el9_4.ppc64le",
"relates_to_product_reference": "BaseOS-9.4.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-427_84_1-0:1-7.el9_4.src as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-0:1-7.el9_4.src"
},
"product_reference": "kpatch-patch-5_14_0-427_84_1-0:1-7.el9_4.src",
"relates_to_product_reference": "BaseOS-9.4.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-427_84_1-0:1-7.el9_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-0:1-7.el9_4.x86_64"
},
"product_reference": "kpatch-patch-5_14_0-427_84_1-0:1-7.el9_4.x86_64",
"relates_to_product_reference": "BaseOS-9.4.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-427_84_1-debuginfo-0:1-7.el9_4.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-debuginfo-0:1-7.el9_4.ppc64le"
},
"product_reference": "kpatch-patch-5_14_0-427_84_1-debuginfo-0:1-7.el9_4.ppc64le",
"relates_to_product_reference": "BaseOS-9.4.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-427_84_1-debuginfo-0:1-7.el9_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-debuginfo-0:1-7.el9_4.x86_64"
},
"product_reference": "kpatch-patch-5_14_0-427_84_1-debuginfo-0:1-7.el9_4.x86_64",
"relates_to_product_reference": "BaseOS-9.4.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-427_84_1-debugsource-0:1-7.el9_4.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-debugsource-0:1-7.el9_4.ppc64le"
},
"product_reference": "kpatch-patch-5_14_0-427_84_1-debugsource-0:1-7.el9_4.ppc64le",
"relates_to_product_reference": "BaseOS-9.4.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kpatch-patch-5_14_0-427_84_1-debugsource-0:1-7.el9_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-debugsource-0:1-7.el9_4.x86_64"
},
"product_reference": "kpatch-patch-5_14_0-427_84_1-debugsource-0:1-7.el9_4.x86_64",
"relates_to_product_reference": "BaseOS-9.4.0.Z.E4S"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-43503",
"cwe": {
"id": "CWE-664",
"name": "Improper Control of a Resource Through its Lifetime"
},
"discovery_date": "2026-05-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480902"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u0027s networking (skbuff) component. When skb_try_coalesce() attaches paged fragments, it can lose the SKBFL_SHARED_FRAG marker. This can lead to the Encapsulating Security Payload (ESP) input decrypting data in place over page-cache backed fragments, potentially resulting in data corruption.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: net: skbuff: propagate shared-frag marker through frag-transfer helpers",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Impact is rated as Important because the privileged file-backed cache pages may be modified through a shared-page ownership bypass. Within Red Hat Enterprise Linux and Red Hat OpenShift Container Platform, this vulnerability was fixed at the same time as CVE-2026-46300.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-0:1-5.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-0:1-5.el9_4.src",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-0:1-5.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-debuginfo-0:1-5.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-debuginfo-0:1-5.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-debugsource-0:1-5.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-debugsource-0:1-5.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-0:1-3.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-0:1-3.el9_4.src",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-0:1-3.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-debuginfo-0:1-3.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-debuginfo-0:1-3.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-debugsource-0:1-3.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-debugsource-0:1-3.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-0:1-15.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-0:1-15.el9_4.src",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-0:1-15.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-debuginfo-0:1-15.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-debuginfo-0:1-15.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-debugsource-0:1-15.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-debugsource-0:1-15.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-0:1-12.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-0:1-12.el9_4.src",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-0:1-12.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-debuginfo-0:1-12.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-debuginfo-0:1-12.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-debugsource-0:1-12.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-debugsource-0:1-12.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-0:1-7.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-0:1-7.el9_4.src",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-0:1-7.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-debuginfo-0:1-7.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-debuginfo-0:1-7.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-debugsource-0:1-7.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-debugsource-0:1-7.el9_4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-43503"
},
{
"category": "external",
"summary": "RHBZ#2480902",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480902"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-43503",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43503"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-43503",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-43503"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/security/vulns.git/plain/cve/published/2026/CVE-2026-43503.mbox",
"url": "https://git.kernel.org/pub/scm/linux/security/vulns.git/plain/cve/published/2026/CVE-2026-43503.mbox"
}
],
"release_date": "2026-05-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-09T13:49:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-0:1-5.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-0:1-5.el9_4.src",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-0:1-5.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-debuginfo-0:1-5.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-debuginfo-0:1-5.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-debugsource-0:1-5.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-debugsource-0:1-5.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-0:1-3.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-0:1-3.el9_4.src",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-0:1-3.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-debuginfo-0:1-3.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-debuginfo-0:1-3.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-debugsource-0:1-3.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-debugsource-0:1-3.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-0:1-15.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-0:1-15.el9_4.src",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-0:1-15.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-debuginfo-0:1-15.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-debuginfo-0:1-15.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-debugsource-0:1-15.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-debugsource-0:1-15.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-0:1-12.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-0:1-12.el9_4.src",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-0:1-12.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-debuginfo-0:1-12.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-debuginfo-0:1-12.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-debugsource-0:1-12.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-debugsource-0:1-12.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-0:1-7.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-0:1-7.el9_4.src",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-0:1-7.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-debuginfo-0:1-7.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-debuginfo-0:1-7.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-debugsource-0:1-7.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-debugsource-0:1-7.el9_4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:24814"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-0:1-5.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-0:1-5.el9_4.src",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-0:1-5.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-debuginfo-0:1-5.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-debuginfo-0:1-5.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-debugsource-0:1-5.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-debugsource-0:1-5.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-0:1-3.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-0:1-3.el9_4.src",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-0:1-3.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-debuginfo-0:1-3.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-debuginfo-0:1-3.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-debugsource-0:1-3.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-debugsource-0:1-3.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-0:1-15.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-0:1-15.el9_4.src",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-0:1-15.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-debuginfo-0:1-15.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-debuginfo-0:1-15.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-debugsource-0:1-15.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-debugsource-0:1-15.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-0:1-12.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-0:1-12.el9_4.src",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-0:1-12.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-debuginfo-0:1-12.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-debuginfo-0:1-12.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-debugsource-0:1-12.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-debugsource-0:1-12.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-0:1-7.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-0:1-7.el9_4.src",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-0:1-7.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-debuginfo-0:1-7.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-debuginfo-0:1-7.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-debugsource-0:1-7.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-debugsource-0:1-7.el9_4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: net: skbuff: propagate shared-frag marker through frag-transfer helpers"
},
{
"cve": "CVE-2026-46300",
"cwe": {
"id": "CWE-123",
"name": "Write-what-where Condition"
},
"discovery_date": "2026-05-13T13:28:21.270000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477015"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u0027s XFRM ESP-in-TCP subsystem. Unsafe in-place cryptographic processing allows a low-privileged local attacker to write arbitrary bytes into the page cache of read-only files, including sensitive system files. An attacker can exploit this to overwrite privileged binaries and gain root privileges.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: \"Fragnesia\" is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation (LPE) vulnerability in the Linux kernel",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is classified as Important, rather than Critical severity, because exploitation requires local access to the system. A low-privileged local attacker can exploit this flaw in the Linux kernel\u0027s XFRM ESP-in-TCP subsystem to gain root privileges by overwriting sensitive system files. Exploitation does not require user interaction, potentially resulting in full compromise of confidentiality, integrity, and availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-0:1-5.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-0:1-5.el9_4.src",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-0:1-5.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-debuginfo-0:1-5.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-debuginfo-0:1-5.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-debugsource-0:1-5.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-debugsource-0:1-5.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-0:1-3.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-0:1-3.el9_4.src",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-0:1-3.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-debuginfo-0:1-3.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-debuginfo-0:1-3.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-debugsource-0:1-3.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-debugsource-0:1-3.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-0:1-15.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-0:1-15.el9_4.src",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-0:1-15.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-debuginfo-0:1-15.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-debuginfo-0:1-15.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-debugsource-0:1-15.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-debugsource-0:1-15.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-0:1-12.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-0:1-12.el9_4.src",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-0:1-12.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-debuginfo-0:1-12.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-debuginfo-0:1-12.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-debugsource-0:1-12.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-debugsource-0:1-12.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-0:1-7.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-0:1-7.el9_4.src",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-0:1-7.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-debuginfo-0:1-7.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-debuginfo-0:1-7.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-debugsource-0:1-7.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-debugsource-0:1-7.el9_4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-46300"
},
{
"category": "external",
"summary": "RHBZ#2477015",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477015"
},
{
"category": "external",
"summary": "RHSB-2026-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2026-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-46300",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46300"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-46300",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-46300"
}
],
"release_date": "2026-05-13T12:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-09T13:49:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-0:1-5.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-0:1-5.el9_4.src",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-0:1-5.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-debuginfo-0:1-5.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-debuginfo-0:1-5.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-debugsource-0:1-5.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-debugsource-0:1-5.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-0:1-3.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-0:1-3.el9_4.src",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-0:1-3.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-debuginfo-0:1-3.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-debuginfo-0:1-3.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-debugsource-0:1-3.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-debugsource-0:1-3.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-0:1-15.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-0:1-15.el9_4.src",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-0:1-15.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-debuginfo-0:1-15.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-debuginfo-0:1-15.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-debugsource-0:1-15.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-debugsource-0:1-15.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-0:1-12.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-0:1-12.el9_4.src",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-0:1-12.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-debuginfo-0:1-12.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-debuginfo-0:1-12.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-debugsource-0:1-12.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-debugsource-0:1-12.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-0:1-7.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-0:1-7.el9_4.src",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-0:1-7.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-debuginfo-0:1-7.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-debuginfo-0:1-7.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-debugsource-0:1-7.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-debugsource-0:1-7.el9_4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:24814"
},
{
"category": "workaround",
"details": "See the security bulletin for a detailed mitigation procedure.",
"product_ids": [
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-0:1-5.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-0:1-5.el9_4.src",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-0:1-5.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-debuginfo-0:1-5.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-debuginfo-0:1-5.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-debugsource-0:1-5.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-debugsource-0:1-5.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-0:1-3.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-0:1-3.el9_4.src",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-0:1-3.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-debuginfo-0:1-3.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-debuginfo-0:1-3.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-debugsource-0:1-3.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-debugsource-0:1-3.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-0:1-15.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-0:1-15.el9_4.src",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-0:1-15.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-debuginfo-0:1-15.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-debuginfo-0:1-15.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-debugsource-0:1-15.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-debugsource-0:1-15.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-0:1-12.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-0:1-12.el9_4.src",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-0:1-12.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-debuginfo-0:1-12.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-debuginfo-0:1-12.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-debugsource-0:1-12.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-debugsource-0:1-12.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-0:1-7.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-0:1-7.el9_4.src",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-0:1-7.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-debuginfo-0:1-7.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-debuginfo-0:1-7.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-debugsource-0:1-7.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-debugsource-0:1-7.el9_4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-0:1-5.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-0:1-5.el9_4.src",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-0:1-5.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-debuginfo-0:1-5.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-debuginfo-0:1-5.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-debugsource-0:1-5.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-debugsource-0:1-5.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-0:1-3.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-0:1-3.el9_4.src",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-0:1-3.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-debuginfo-0:1-3.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-debuginfo-0:1-3.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-debugsource-0:1-3.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-debugsource-0:1-3.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-0:1-15.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-0:1-15.el9_4.src",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-0:1-15.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-debuginfo-0:1-15.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-debuginfo-0:1-15.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-debugsource-0:1-15.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-debugsource-0:1-15.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-0:1-12.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-0:1-12.el9_4.src",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-0:1-12.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-debuginfo-0:1-12.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-debuginfo-0:1-12.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-debugsource-0:1-12.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-debugsource-0:1-12.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-0:1-7.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-0:1-7.el9_4.src",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-0:1-7.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-debuginfo-0:1-7.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-debuginfo-0:1-7.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-debugsource-0:1-7.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-debugsource-0:1-7.el9_4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: \"Fragnesia\" is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation (LPE) vulnerability in the Linux kernel"
},
{
"cve": "CVE-2026-46333",
"cwe": {
"id": "CWE-269",
"name": "Improper Privilege Management"
},
"discovery_date": "2026-05-15T08:27:21.590000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477802"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Linux kernel that allows an unprivileged local user to read sensitive files normally restricted to the root user. The flaw occurs during process exit, where a brief window allows an attacker to intercept file access from a privileged process before it fully terminates. Successful exploitation may lead to the disclosure of sensitive data such as SSH host private keys or /etc/shadow contents.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Read root-owned files as an unprivileged user",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important flaw in the Linux kernel that allows a local unprivileged attacker to read root-owned files. The vulnerability arises from a race condition during process termination, enabling a brief window where sensitive data, such as SSH host private keys or /etc/shadow contents, can be disclosed. This could lead to unauthorized access to sensitive information on affected Red Hat Enterprise Linux systems.\n\nIn OpenShift Container Platform 4, this flaw is rated Low. The default `restricted-v2` Security Context Constraint (SCC) sets `allowPrivilegeEscalation: false` on all pods, which causes the kernel to ignore setuid file bits and prevents target binaries from opening privileged files, breaking the exploit chain entirely. Under non-default SCCs such as `anyuid` that permit privilege escalation, the vulnerability is constrained by PID and mount namespace isolation to the container\u0027s own filesystem. An attacker would only be able to access root-owned files already within the container, not host or cross-pod resources. In practice, containers rarely contain sensitive root-owned files that are not already accessible to the pod user through normal means.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-0:1-5.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-0:1-5.el9_4.src",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-0:1-5.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-debuginfo-0:1-5.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-debuginfo-0:1-5.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-debugsource-0:1-5.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-debugsource-0:1-5.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-0:1-3.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-0:1-3.el9_4.src",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-0:1-3.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-debuginfo-0:1-3.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-debuginfo-0:1-3.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-debugsource-0:1-3.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-debugsource-0:1-3.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-0:1-15.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-0:1-15.el9_4.src",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-0:1-15.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-debuginfo-0:1-15.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-debuginfo-0:1-15.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-debugsource-0:1-15.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-debugsource-0:1-15.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-0:1-12.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-0:1-12.el9_4.src",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-0:1-12.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-debuginfo-0:1-12.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-debuginfo-0:1-12.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-debugsource-0:1-12.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-debugsource-0:1-12.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-0:1-7.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-0:1-7.el9_4.src",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-0:1-7.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-debuginfo-0:1-7.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-debuginfo-0:1-7.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-debugsource-0:1-7.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-debugsource-0:1-7.el9_4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-46333"
},
{
"category": "external",
"summary": "RHBZ#2477802",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477802"
},
{
"category": "external",
"summary": "RHSB-2026-004",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2026-004"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-46333",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46333"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-46333",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-46333"
},
{
"category": "external",
"summary": "https://blog.qualys.com/vulnerabilities-threat-research/2026/05/20/cve-2026-46333-local-root-privilege-escalation-and-credential-disclosure-in-the-linux-kernel-ptrace-path",
"url": "https://blog.qualys.com/vulnerabilities-threat-research/2026/05/20/cve-2026-46333-local-root-privilege-escalation-and-credential-disclosure-in-the-linux-kernel-ptrace-path"
},
{
"category": "external",
"summary": "https://github.com/torvalds/linux/commit/31e62c2ebbfdc3fe3dbdf5e02c92a9dc67087a3a",
"url": "https://github.com/torvalds/linux/commit/31e62c2ebbfdc3fe3dbdf5e02c92a9dc67087a3a"
}
],
"release_date": "2026-05-15T05:55:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-09T13:49:22+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-0:1-5.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-0:1-5.el9_4.src",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-0:1-5.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-debuginfo-0:1-5.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-debuginfo-0:1-5.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-debugsource-0:1-5.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-debugsource-0:1-5.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-0:1-3.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-0:1-3.el9_4.src",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-0:1-3.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-debuginfo-0:1-3.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-debuginfo-0:1-3.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-debugsource-0:1-3.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-debugsource-0:1-3.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-0:1-15.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-0:1-15.el9_4.src",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-0:1-15.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-debuginfo-0:1-15.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-debuginfo-0:1-15.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-debugsource-0:1-15.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-debugsource-0:1-15.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-0:1-12.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-0:1-12.el9_4.src",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-0:1-12.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-debuginfo-0:1-12.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-debuginfo-0:1-12.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-debugsource-0:1-12.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-debugsource-0:1-12.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-0:1-7.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-0:1-7.el9_4.src",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-0:1-7.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-debuginfo-0:1-7.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-debuginfo-0:1-7.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-debugsource-0:1-7.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-debugsource-0:1-7.el9_4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:24814"
},
{
"category": "workaround",
"details": "See the security bulletin for a detailed mitigation procedure.",
"product_ids": [
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-0:1-5.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-0:1-5.el9_4.src",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-0:1-5.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-debuginfo-0:1-5.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-debuginfo-0:1-5.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-debugsource-0:1-5.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-debugsource-0:1-5.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-0:1-3.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-0:1-3.el9_4.src",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-0:1-3.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-debuginfo-0:1-3.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-debuginfo-0:1-3.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-debugsource-0:1-3.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-debugsource-0:1-3.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-0:1-15.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-0:1-15.el9_4.src",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-0:1-15.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-debuginfo-0:1-15.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-debuginfo-0:1-15.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-debugsource-0:1-15.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-debugsource-0:1-15.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-0:1-12.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-0:1-12.el9_4.src",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-0:1-12.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-debuginfo-0:1-12.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-debuginfo-0:1-12.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-debugsource-0:1-12.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-debugsource-0:1-12.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-0:1-7.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-0:1-7.el9_4.src",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-0:1-7.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-debuginfo-0:1-7.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-debuginfo-0:1-7.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-debugsource-0:1-7.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-debugsource-0:1-7.el9_4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-0:1-5.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-0:1-5.el9_4.src",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-0:1-5.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-debuginfo-0:1-5.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-debuginfo-0:1-5.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-debugsource-0:1-5.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_100_1-debugsource-0:1-5.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-0:1-3.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-0:1-3.el9_4.src",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-0:1-3.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-debuginfo-0:1-3.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-debuginfo-0:1-3.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-debugsource-0:1-3.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_113_1-debugsource-0:1-3.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-0:1-15.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-0:1-15.el9_4.src",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-0:1-15.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-debuginfo-0:1-15.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-debuginfo-0:1-15.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-debugsource-0:1-15.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_55_1-debugsource-0:1-15.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-0:1-12.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-0:1-12.el9_4.src",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-0:1-12.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-debuginfo-0:1-12.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-debuginfo-0:1-12.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-debugsource-0:1-12.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_68_2-debugsource-0:1-12.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-0:1-7.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-0:1-7.el9_4.src",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-0:1-7.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-debuginfo-0:1-7.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-debuginfo-0:1-7.el9_4.x86_64",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-debugsource-0:1-7.el9_4.ppc64le",
"BaseOS-9.4.0.Z.E4S:kpatch-patch-5_14_0-427_84_1-debugsource-0:1-7.el9_4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: Read root-owned files as an unprivileged user"
}
]
}
RHSA-2026:33486
Vulnerability from csaf_redhat - Published: 2026-06-30 11:30 - Updated: 2026-07-01 19:39A flaw was found in the Linux kernel's algif_aead cryptographic algorithm interface. An incorrect in-place operation causes source and destination data mappings to differ during cryptographic processing. A low-privileged local attacker can exploit this flaw to corrupt the contents of sensitive system files and escalate to root privileges.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-0:6.12.0-231.12.el10nv.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-core-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-debug-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-debug-core-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-debug-debuginfo-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-debug-modules-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-debug-modules-core-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-debug-modules-extra-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-debuginfo-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-modules-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-modules-core-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-modules-extra-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-abi-stablelists-0:6.12.0-231.12.el10nv.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-core-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-debug-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-debug-core-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-debug-debuginfo-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-debug-devel-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-debug-devel-matched-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-debug-modules-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-debug-modules-core-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-debug-modules-extra-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-debuginfo-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-debuginfo-common-aarch64-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-devel-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-devel-matched-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-doc-0:6.12.0-231.12.el10nv.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-modules-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-modules-core-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-modules-extra-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-modules-extra-matched-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-tools-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-tools-debuginfo-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-tools-libs-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-uki-virt-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-uki-virt-addons-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:libperf-debuginfo-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:perf-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:perf-debuginfo-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:python3-perf-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:python3-perf-debuginfo-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:rtla-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:rtla-debuginfo-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:rv-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:rv-debuginfo-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in the Linux kernel's IPv6 tunnel implementation. A remote attacker could exploit this flaw by sending malicious ICMPv6 error messages to cause a stack-based buffer overflow in the kernel's IPv4-over-IPv6 tunnel error handling code. This could result in a kernel crash (denial of service) or potentially allow arbitrary code execution with kernel privileges.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-0:6.12.0-231.12.el10nv.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-core-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-debug-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-debug-core-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-debug-debuginfo-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-debug-modules-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-debug-modules-core-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-debug-modules-extra-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-debuginfo-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-modules-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-modules-core-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-modules-extra-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-abi-stablelists-0:6.12.0-231.12.el10nv.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-core-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-debug-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-debug-core-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-debug-debuginfo-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-debug-devel-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-debug-devel-matched-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-debug-modules-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-debug-modules-core-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-debug-modules-extra-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-debuginfo-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-debuginfo-common-aarch64-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-devel-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-devel-matched-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-doc-0:6.12.0-231.12.el10nv.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-modules-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-modules-core-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-modules-extra-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-modules-extra-matched-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-tools-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-tools-debuginfo-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-tools-libs-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-uki-virt-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-uki-virt-addons-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:libperf-debuginfo-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:perf-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:perf-debuginfo-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:python3-perf-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:python3-perf-debuginfo-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:rtla-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:rtla-debuginfo-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:rv-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:rv-debuginfo-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in the Linux kernel's xfrm-ESP and RxRPC subsystems. Unsafe in-place cryptographic processing of shared socket buffer fragments allows a low-privileged local attacker to corrupt page-cache contents of readable files, including sensitive system files, and gain root privileges. The xfrm-ESP variant requires unprivileged user or network namespace creation, while the RxRPC variant depends on the rxrpc module being available on the target system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-0:6.12.0-231.12.el10nv.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-core-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-debug-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-debug-core-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-debug-debuginfo-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-debug-modules-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-debug-modules-core-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-debug-modules-extra-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-debuginfo-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-modules-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-modules-core-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-modules-extra-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-abi-stablelists-0:6.12.0-231.12.el10nv.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-core-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-debug-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-debug-core-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-debug-debuginfo-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-debug-devel-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-debug-devel-matched-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-debug-modules-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-debug-modules-core-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-debug-modules-extra-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-debuginfo-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-debuginfo-common-aarch64-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-devel-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-devel-matched-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-doc-0:6.12.0-231.12.el10nv.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-modules-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-modules-core-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-modules-extra-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-modules-extra-matched-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-tools-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-tools-debuginfo-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-tools-libs-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-uki-virt-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-uki-virt-addons-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:libperf-debuginfo-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:perf-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:perf-debuginfo-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:python3-perf-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:python3-perf-debuginfo-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:rtla-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:rtla-debuginfo-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:rv-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:rv-debuginfo-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in the Linux kernel's networking (skbuff) component. When skb_try_coalesce() attaches paged fragments, it can lose the SKBFL_SHARED_FRAG marker. This can lead to the Encapsulating Security Payload (ESP) input decrypting data in place over page-cache backed fragments, potentially resulting in data corruption.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-0:6.12.0-231.12.el10nv.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-core-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-debug-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-debug-core-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-debug-debuginfo-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-debug-modules-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-debug-modules-core-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-debug-modules-extra-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-debuginfo-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-modules-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-modules-core-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-modules-extra-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-abi-stablelists-0:6.12.0-231.12.el10nv.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-core-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-debug-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-debug-core-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-debug-debuginfo-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-debug-devel-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-debug-devel-matched-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-debug-modules-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-debug-modules-core-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-debug-modules-extra-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-debuginfo-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-debuginfo-common-aarch64-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-devel-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-devel-matched-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-doc-0:6.12.0-231.12.el10nv.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-modules-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-modules-core-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-modules-extra-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-modules-extra-matched-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-tools-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-tools-debuginfo-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-tools-libs-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-uki-virt-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-uki-virt-addons-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:libperf-debuginfo-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:perf-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:perf-debuginfo-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:python3-perf-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:python3-perf-debuginfo-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:rtla-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:rtla-debuginfo-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:rv-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:rv-debuginfo-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
|
A privilege escalation vulnerability was found in the Linux kernel's CIFS client implementation. This could allow a local attacker to impersonate other users, bypass authentication in SMB mount operations, and potentially gain unauthorized access to network file shares or escalate privileges.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-0:6.12.0-231.12.el10nv.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-core-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-debug-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-debug-core-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-debug-debuginfo-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-debug-modules-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-debug-modules-core-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-debug-modules-extra-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-debuginfo-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-modules-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-modules-core-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-modules-extra-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-abi-stablelists-0:6.12.0-231.12.el10nv.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-core-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-debug-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-debug-core-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-debug-debuginfo-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-debug-devel-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-debug-devel-matched-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-debug-modules-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-debug-modules-core-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-debug-modules-extra-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-debuginfo-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-debuginfo-common-aarch64-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-devel-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-devel-matched-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-doc-0:6.12.0-231.12.el10nv.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-modules-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-modules-core-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-modules-extra-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-modules-extra-matched-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-tools-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-tools-debuginfo-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-tools-libs-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-uki-virt-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-uki-virt-addons-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:libperf-debuginfo-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:perf-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:perf-debuginfo-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:python3-perf-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:python3-perf-debuginfo-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:rtla-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:rtla-debuginfo-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:rv-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:rv-debuginfo-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in the Linux kernel's XFRM ESP-in-TCP subsystem. Unsafe in-place cryptographic processing allows a low-privileged local attacker to write arbitrary bytes into the page cache of read-only files, including sensitive system files. An attacker can exploit this to overwrite privileged binaries and gain root privileges.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-0:6.12.0-231.12.el10nv.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-core-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-debug-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-debug-core-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-debug-debuginfo-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-debug-modules-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-debug-modules-core-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-debug-modules-extra-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-debuginfo-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-modules-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-modules-core-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-modules-extra-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-abi-stablelists-0:6.12.0-231.12.el10nv.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-core-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-debug-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-debug-core-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-debug-debuginfo-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-debug-devel-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-debug-devel-matched-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-debug-modules-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-debug-modules-core-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-debug-modules-extra-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-debuginfo-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-debuginfo-common-aarch64-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-devel-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-devel-matched-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-doc-0:6.12.0-231.12.el10nv.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-modules-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-modules-core-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-modules-extra-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-modules-extra-matched-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-tools-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-tools-debuginfo-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-tools-libs-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-uki-virt-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-uki-virt-addons-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:libperf-debuginfo-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:perf-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:perf-debuginfo-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:python3-perf-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:python3-perf-debuginfo-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:rtla-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:rtla-debuginfo-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:rv-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:rv-debuginfo-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
A vulnerability was found in the Linux kernel that allows an unprivileged local user to read sensitive files normally restricted to the root user. The flaw occurs during process exit, where a brief window allows an attacker to intercept file access from a privileged process before it fully terminates. Successful exploitation may lead to the disclosure of sensitive data such as SSH host private keys or /etc/shadow contents.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-0:6.12.0-231.12.el10nv.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-core-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-debug-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-debug-core-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-debug-debuginfo-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-debug-modules-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-debug-modules-core-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-debug-modules-extra-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-debuginfo-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-modules-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-modules-core-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-64k-modules-extra-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-abi-stablelists-0:6.12.0-231.12.el10nv.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-core-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-debug-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-debug-core-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-debug-debuginfo-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-debug-devel-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-debug-devel-matched-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-debug-modules-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-debug-modules-core-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-debug-modules-extra-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-debuginfo-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-debuginfo-common-aarch64-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-devel-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-devel-matched-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-doc-0:6.12.0-231.12.el10nv.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-modules-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-modules-core-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-modules-extra-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-modules-extra-matched-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-tools-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-tools-debuginfo-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-tools-libs-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-uki-virt-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:kernel-uki-virt-addons-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:libperf-debuginfo-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:perf-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:perf-debuginfo-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:python3-perf-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:python3-perf-debuginfo-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:rtla-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:rtla-debuginfo-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:rv-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 10Base-RHEL-Nvidia:rv-debuginfo-0:6.12.0-231.12.el10nv.aarch64 | — |
Vendor Fix
fix
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for kernel is now available for Red Hat Enterprise Linux for NVIDIA.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "A special build of the kernel packages for Red Hat Enterprise Linux for\nNVIDIA.\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nFor detailed information on changes in this release, see the RHEL for NVIDIA Release Notes linked from the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:33486",
"url": "https://access.redhat.com/errata/RHSA-2026:33486"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_enterprise_linux_for_nvidia/",
"url": "https://docs.redhat.com/en/documentation/red_hat_enterprise_linux_for_nvidia/"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "2460538",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460538"
},
{
"category": "external",
"summary": "2464351",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2464351"
},
{
"category": "external",
"summary": "2467771",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467771"
},
{
"category": "external",
"summary": "2477015",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477015"
},
{
"category": "external",
"summary": "2477802",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477802"
},
{
"category": "external",
"summary": "2481486",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481486"
},
{
"category": "external",
"summary": "VOYAGER-10",
"url": "https://issues.redhat.com/browse/VOYAGER-10"
},
{
"category": "external",
"summary": "VOYAGER-1034",
"url": "https://issues.redhat.com/browse/VOYAGER-1034"
},
{
"category": "external",
"summary": "VOYAGER-222",
"url": "https://issues.redhat.com/browse/VOYAGER-222"
},
{
"category": "external",
"summary": "VOYAGER-223",
"url": "https://issues.redhat.com/browse/VOYAGER-223"
},
{
"category": "external",
"summary": "VOYAGER-224",
"url": "https://issues.redhat.com/browse/VOYAGER-224"
},
{
"category": "external",
"summary": "VOYAGER-238",
"url": "https://issues.redhat.com/browse/VOYAGER-238"
},
{
"category": "external",
"summary": "VOYAGER-239",
"url": "https://issues.redhat.com/browse/VOYAGER-239"
},
{
"category": "external",
"summary": "VOYAGER-240",
"url": "https://issues.redhat.com/browse/VOYAGER-240"
},
{
"category": "external",
"summary": "VOYAGER-256",
"url": "https://issues.redhat.com/browse/VOYAGER-256"
},
{
"category": "external",
"summary": "VOYAGER-281",
"url": "https://issues.redhat.com/browse/VOYAGER-281"
},
{
"category": "external",
"summary": "VOYAGER-286",
"url": "https://issues.redhat.com/browse/VOYAGER-286"
},
{
"category": "external",
"summary": "VOYAGER-418",
"url": "https://issues.redhat.com/browse/VOYAGER-418"
},
{
"category": "external",
"summary": "VOYAGER-419",
"url": "https://issues.redhat.com/browse/VOYAGER-419"
},
{
"category": "external",
"summary": "VOYAGER-488",
"url": "https://issues.redhat.com/browse/VOYAGER-488"
},
{
"category": "external",
"summary": "VOYAGER-490",
"url": "https://issues.redhat.com/browse/VOYAGER-490"
},
{
"category": "external",
"summary": "VOYAGER-6",
"url": "https://issues.redhat.com/browse/VOYAGER-6"
},
{
"category": "external",
"summary": "VOYAGER-72",
"url": "https://issues.redhat.com/browse/VOYAGER-72"
},
{
"category": "external",
"summary": "VOYAGER-73",
"url": "https://issues.redhat.com/browse/VOYAGER-73"
},
{
"category": "external",
"summary": "VOYAGER-732",
"url": "https://issues.redhat.com/browse/VOYAGER-732"
},
{
"category": "external",
"summary": "VOYAGER-74",
"url": "https://issues.redhat.com/browse/VOYAGER-74"
},
{
"category": "external",
"summary": "VOYAGER-75",
"url": "https://issues.redhat.com/browse/VOYAGER-75"
},
{
"category": "external",
"summary": "VOYAGER-82",
"url": "https://issues.redhat.com/browse/VOYAGER-82"
},
{
"category": "external",
"summary": "VOYAGER-83",
"url": "https://issues.redhat.com/browse/VOYAGER-83"
},
{
"category": "external",
"summary": "VOYAGER-89",
"url": "https://issues.redhat.com/browse/VOYAGER-89"
},
{
"category": "external",
"summary": "VOYAGER-93",
"url": "https://issues.redhat.com/browse/VOYAGER-93"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_33486.json"
}
],
"title": "Red Hat Security Advisory: kernel security, bug fix, and enhancement update",
"tracking": {
"current_release_date": "2026-07-01T19:39:26+00:00",
"generator": {
"date": "2026-07-01T19:39:26+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:33486",
"initial_release_date": "2026-06-30T11:30:57+00:00",
"revision_history": [
{
"date": "2026-06-30T11:30:57+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-06-30T11:30:57+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-01T19:39:26+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "NVIDIA for RHEL 10",
"product": {
"name": "NVIDIA for RHEL 10",
"product_id": "10Base-RHEL-Nvidia",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux_nvidia:10::el10"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux for NVIDIA"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-0:6.12.0-231.12.el10nv.src",
"product": {
"name": "kernel-0:6.12.0-231.12.el10nv.src",
"product_id": "kernel-0:6.12.0-231.12.el10nv.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel@6.12.0-231.12.el10nv?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-0:6.12.0-231.12.el10nv.aarch64",
"product": {
"name": "kernel-0:6.12.0-231.12.el10nv.aarch64",
"product_id": "kernel-0:6.12.0-231.12.el10nv.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel@6.12.0-231.12.el10nv?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-64k-0:6.12.0-231.12.el10nv.aarch64",
"product": {
"name": "kernel-64k-0:6.12.0-231.12.el10nv.aarch64",
"product_id": "kernel-64k-0:6.12.0-231.12.el10nv.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-64k@6.12.0-231.12.el10nv?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-64k-core-0:6.12.0-231.12.el10nv.aarch64",
"product": {
"name": "kernel-64k-core-0:6.12.0-231.12.el10nv.aarch64",
"product_id": "kernel-64k-core-0:6.12.0-231.12.el10nv.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-64k-core@6.12.0-231.12.el10nv?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-64k-debug-0:6.12.0-231.12.el10nv.aarch64",
"product": {
"name": "kernel-64k-debug-0:6.12.0-231.12.el10nv.aarch64",
"product_id": "kernel-64k-debug-0:6.12.0-231.12.el10nv.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-64k-debug@6.12.0-231.12.el10nv?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-64k-debug-core-0:6.12.0-231.12.el10nv.aarch64",
"product": {
"name": "kernel-64k-debug-core-0:6.12.0-231.12.el10nv.aarch64",
"product_id": "kernel-64k-debug-core-0:6.12.0-231.12.el10nv.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-64k-debug-core@6.12.0-231.12.el10nv?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-64k-debug-modules-0:6.12.0-231.12.el10nv.aarch64",
"product": {
"name": "kernel-64k-debug-modules-0:6.12.0-231.12.el10nv.aarch64",
"product_id": "kernel-64k-debug-modules-0:6.12.0-231.12.el10nv.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-64k-debug-modules@6.12.0-231.12.el10nv?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-64k-debug-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"product": {
"name": "kernel-64k-debug-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"product_id": "kernel-64k-debug-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-64k-debug-modules-core@6.12.0-231.12.el10nv?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-64k-debug-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"product": {
"name": "kernel-64k-debug-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"product_id": "kernel-64k-debug-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-64k-debug-modules-extra@6.12.0-231.12.el10nv?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-64k-modules-0:6.12.0-231.12.el10nv.aarch64",
"product": {
"name": "kernel-64k-modules-0:6.12.0-231.12.el10nv.aarch64",
"product_id": "kernel-64k-modules-0:6.12.0-231.12.el10nv.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-64k-modules@6.12.0-231.12.el10nv?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-64k-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"product": {
"name": "kernel-64k-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"product_id": "kernel-64k-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-64k-modules-core@6.12.0-231.12.el10nv?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-64k-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"product": {
"name": "kernel-64k-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"product_id": "kernel-64k-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-64k-modules-extra@6.12.0-231.12.el10nv?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-core-0:6.12.0-231.12.el10nv.aarch64",
"product": {
"name": "kernel-core-0:6.12.0-231.12.el10nv.aarch64",
"product_id": "kernel-core-0:6.12.0-231.12.el10nv.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-core@6.12.0-231.12.el10nv?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-0:6.12.0-231.12.el10nv.aarch64",
"product": {
"name": "kernel-debug-0:6.12.0-231.12.el10nv.aarch64",
"product_id": "kernel-debug-0:6.12.0-231.12.el10nv.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug@6.12.0-231.12.el10nv?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-core-0:6.12.0-231.12.el10nv.aarch64",
"product": {
"name": "kernel-debug-core-0:6.12.0-231.12.el10nv.aarch64",
"product_id": "kernel-debug-core-0:6.12.0-231.12.el10nv.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-core@6.12.0-231.12.el10nv?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-0:6.12.0-231.12.el10nv.aarch64",
"product": {
"name": "kernel-debug-devel-0:6.12.0-231.12.el10nv.aarch64",
"product_id": "kernel-debug-devel-0:6.12.0-231.12.el10nv.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-devel@6.12.0-231.12.el10nv?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-matched-0:6.12.0-231.12.el10nv.aarch64",
"product": {
"name": "kernel-debug-devel-matched-0:6.12.0-231.12.el10nv.aarch64",
"product_id": "kernel-debug-devel-matched-0:6.12.0-231.12.el10nv.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-devel-matched@6.12.0-231.12.el10nv?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-0:6.12.0-231.12.el10nv.aarch64",
"product": {
"name": "kernel-debug-modules-0:6.12.0-231.12.el10nv.aarch64",
"product_id": "kernel-debug-modules-0:6.12.0-231.12.el10nv.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules@6.12.0-231.12.el10nv?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"product": {
"name": "kernel-debug-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"product_id": "kernel-debug-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules-core@6.12.0-231.12.el10nv?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"product": {
"name": "kernel-debug-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"product_id": "kernel-debug-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules-extra@6.12.0-231.12.el10nv?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-devel-0:6.12.0-231.12.el10nv.aarch64",
"product": {
"name": "kernel-devel-0:6.12.0-231.12.el10nv.aarch64",
"product_id": "kernel-devel-0:6.12.0-231.12.el10nv.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-devel@6.12.0-231.12.el10nv?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-devel-matched-0:6.12.0-231.12.el10nv.aarch64",
"product": {
"name": "kernel-devel-matched-0:6.12.0-231.12.el10nv.aarch64",
"product_id": "kernel-devel-matched-0:6.12.0-231.12.el10nv.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-devel-matched@6.12.0-231.12.el10nv?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-0:6.12.0-231.12.el10nv.aarch64",
"product": {
"name": "kernel-modules-0:6.12.0-231.12.el10nv.aarch64",
"product_id": "kernel-modules-0:6.12.0-231.12.el10nv.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules@6.12.0-231.12.el10nv?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"product": {
"name": "kernel-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"product_id": "kernel-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules-core@6.12.0-231.12.el10nv?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"product": {
"name": "kernel-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"product_id": "kernel-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules-extra@6.12.0-231.12.el10nv?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-extra-matched-0:6.12.0-231.12.el10nv.aarch64",
"product": {
"name": "kernel-modules-extra-matched-0:6.12.0-231.12.el10nv.aarch64",
"product_id": "kernel-modules-extra-matched-0:6.12.0-231.12.el10nv.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules-extra-matched@6.12.0-231.12.el10nv?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-0:6.12.0-231.12.el10nv.aarch64",
"product": {
"name": "kernel-tools-0:6.12.0-231.12.el10nv.aarch64",
"product_id": "kernel-tools-0:6.12.0-231.12.el10nv.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools@6.12.0-231.12.el10nv?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-libs-0:6.12.0-231.12.el10nv.aarch64",
"product": {
"name": "kernel-tools-libs-0:6.12.0-231.12.el10nv.aarch64",
"product_id": "kernel-tools-libs-0:6.12.0-231.12.el10nv.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-libs@6.12.0-231.12.el10nv?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-uki-virt-0:6.12.0-231.12.el10nv.aarch64",
"product": {
"name": "kernel-uki-virt-0:6.12.0-231.12.el10nv.aarch64",
"product_id": "kernel-uki-virt-0:6.12.0-231.12.el10nv.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-uki-virt@6.12.0-231.12.el10nv?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-uki-virt-addons-0:6.12.0-231.12.el10nv.aarch64",
"product": {
"name": "kernel-uki-virt-addons-0:6.12.0-231.12.el10nv.aarch64",
"product_id": "kernel-uki-virt-addons-0:6.12.0-231.12.el10nv.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-uki-virt-addons@6.12.0-231.12.el10nv?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "perf-0:6.12.0-231.12.el10nv.aarch64",
"product": {
"name": "perf-0:6.12.0-231.12.el10nv.aarch64",
"product_id": "perf-0:6.12.0-231.12.el10nv.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/perf@6.12.0-231.12.el10nv?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python3-perf-0:6.12.0-231.12.el10nv.aarch64",
"product": {
"name": "python3-perf-0:6.12.0-231.12.el10nv.aarch64",
"product_id": "python3-perf-0:6.12.0-231.12.el10nv.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-perf@6.12.0-231.12.el10nv?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "rtla-0:6.12.0-231.12.el10nv.aarch64",
"product": {
"name": "rtla-0:6.12.0-231.12.el10nv.aarch64",
"product_id": "rtla-0:6.12.0-231.12.el10nv.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rtla@6.12.0-231.12.el10nv?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "rv-0:6.12.0-231.12.el10nv.aarch64",
"product": {
"name": "rv-0:6.12.0-231.12.el10nv.aarch64",
"product_id": "rv-0:6.12.0-231.12.el10nv.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rv@6.12.0-231.12.el10nv?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-64k-debug-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"product": {
"name": "kernel-64k-debug-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"product_id": "kernel-64k-debug-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-64k-debug-debuginfo@6.12.0-231.12.el10nv?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-64k-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"product": {
"name": "kernel-64k-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"product_id": "kernel-64k-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-64k-debuginfo@6.12.0-231.12.el10nv?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"product": {
"name": "kernel-debug-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"product_id": "kernel-debug-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-debuginfo@6.12.0-231.12.el10nv?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"product": {
"name": "kernel-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"product_id": "kernel-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo@6.12.0-231.12.el10nv?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-common-aarch64-0:6.12.0-231.12.el10nv.aarch64",
"product": {
"name": "kernel-debuginfo-common-aarch64-0:6.12.0-231.12.el10nv.aarch64",
"product_id": "kernel-debuginfo-common-aarch64-0:6.12.0-231.12.el10nv.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo-common-aarch64@6.12.0-231.12.el10nv?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"product": {
"name": "kernel-tools-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"product_id": "kernel-tools-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-debuginfo@6.12.0-231.12.el10nv?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "libperf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"product": {
"name": "libperf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"product_id": "libperf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libperf-debuginfo@6.12.0-231.12.el10nv?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "perf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"product": {
"name": "perf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"product_id": "perf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/perf-debuginfo@6.12.0-231.12.el10nv?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python3-perf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"product": {
"name": "python3-perf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"product_id": "python3-perf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-perf-debuginfo@6.12.0-231.12.el10nv?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "rtla-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"product": {
"name": "rtla-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"product_id": "rtla-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rtla-debuginfo@6.12.0-231.12.el10nv?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "rv-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"product": {
"name": "rv-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"product_id": "rv-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rv-debuginfo@6.12.0-231.12.el10nv?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-abi-stablelists-0:6.12.0-231.12.el10nv.noarch",
"product": {
"name": "kernel-abi-stablelists-0:6.12.0-231.12.el10nv.noarch",
"product_id": "kernel-abi-stablelists-0:6.12.0-231.12.el10nv.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-abi-stablelists@6.12.0-231.12.el10nv?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "kernel-doc-0:6.12.0-231.12.el10nv.noarch",
"product": {
"name": "kernel-doc-0:6.12.0-231.12.el10nv.noarch",
"product_id": "kernel-doc-0:6.12.0-231.12.el10nv.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-doc@6.12.0-231.12.el10nv?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:6.12.0-231.12.el10nv.aarch64 as a component of NVIDIA for RHEL 10",
"product_id": "10Base-RHEL-Nvidia:kernel-0:6.12.0-231.12.el10nv.aarch64"
},
"product_reference": "kernel-0:6.12.0-231.12.el10nv.aarch64",
"relates_to_product_reference": "10Base-RHEL-Nvidia"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:6.12.0-231.12.el10nv.src as a component of NVIDIA for RHEL 10",
"product_id": "10Base-RHEL-Nvidia:kernel-0:6.12.0-231.12.el10nv.src"
},
"product_reference": "kernel-0:6.12.0-231.12.el10nv.src",
"relates_to_product_reference": "10Base-RHEL-Nvidia"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-64k-0:6.12.0-231.12.el10nv.aarch64 as a component of NVIDIA for RHEL 10",
"product_id": "10Base-RHEL-Nvidia:kernel-64k-0:6.12.0-231.12.el10nv.aarch64"
},
"product_reference": "kernel-64k-0:6.12.0-231.12.el10nv.aarch64",
"relates_to_product_reference": "10Base-RHEL-Nvidia"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-64k-core-0:6.12.0-231.12.el10nv.aarch64 as a component of NVIDIA for RHEL 10",
"product_id": "10Base-RHEL-Nvidia:kernel-64k-core-0:6.12.0-231.12.el10nv.aarch64"
},
"product_reference": "kernel-64k-core-0:6.12.0-231.12.el10nv.aarch64",
"relates_to_product_reference": "10Base-RHEL-Nvidia"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-64k-debug-0:6.12.0-231.12.el10nv.aarch64 as a component of NVIDIA for RHEL 10",
"product_id": "10Base-RHEL-Nvidia:kernel-64k-debug-0:6.12.0-231.12.el10nv.aarch64"
},
"product_reference": "kernel-64k-debug-0:6.12.0-231.12.el10nv.aarch64",
"relates_to_product_reference": "10Base-RHEL-Nvidia"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-64k-debug-core-0:6.12.0-231.12.el10nv.aarch64 as a component of NVIDIA for RHEL 10",
"product_id": "10Base-RHEL-Nvidia:kernel-64k-debug-core-0:6.12.0-231.12.el10nv.aarch64"
},
"product_reference": "kernel-64k-debug-core-0:6.12.0-231.12.el10nv.aarch64",
"relates_to_product_reference": "10Base-RHEL-Nvidia"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-64k-debug-debuginfo-0:6.12.0-231.12.el10nv.aarch64 as a component of NVIDIA for RHEL 10",
"product_id": "10Base-RHEL-Nvidia:kernel-64k-debug-debuginfo-0:6.12.0-231.12.el10nv.aarch64"
},
"product_reference": "kernel-64k-debug-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"relates_to_product_reference": "10Base-RHEL-Nvidia"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-64k-debug-modules-0:6.12.0-231.12.el10nv.aarch64 as a component of NVIDIA for RHEL 10",
"product_id": "10Base-RHEL-Nvidia:kernel-64k-debug-modules-0:6.12.0-231.12.el10nv.aarch64"
},
"product_reference": "kernel-64k-debug-modules-0:6.12.0-231.12.el10nv.aarch64",
"relates_to_product_reference": "10Base-RHEL-Nvidia"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-64k-debug-modules-core-0:6.12.0-231.12.el10nv.aarch64 as a component of NVIDIA for RHEL 10",
"product_id": "10Base-RHEL-Nvidia:kernel-64k-debug-modules-core-0:6.12.0-231.12.el10nv.aarch64"
},
"product_reference": "kernel-64k-debug-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"relates_to_product_reference": "10Base-RHEL-Nvidia"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-64k-debug-modules-extra-0:6.12.0-231.12.el10nv.aarch64 as a component of NVIDIA for RHEL 10",
"product_id": "10Base-RHEL-Nvidia:kernel-64k-debug-modules-extra-0:6.12.0-231.12.el10nv.aarch64"
},
"product_reference": "kernel-64k-debug-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"relates_to_product_reference": "10Base-RHEL-Nvidia"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-64k-debuginfo-0:6.12.0-231.12.el10nv.aarch64 as a component of NVIDIA for RHEL 10",
"product_id": "10Base-RHEL-Nvidia:kernel-64k-debuginfo-0:6.12.0-231.12.el10nv.aarch64"
},
"product_reference": "kernel-64k-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"relates_to_product_reference": "10Base-RHEL-Nvidia"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-64k-modules-0:6.12.0-231.12.el10nv.aarch64 as a component of NVIDIA for RHEL 10",
"product_id": "10Base-RHEL-Nvidia:kernel-64k-modules-0:6.12.0-231.12.el10nv.aarch64"
},
"product_reference": "kernel-64k-modules-0:6.12.0-231.12.el10nv.aarch64",
"relates_to_product_reference": "10Base-RHEL-Nvidia"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-64k-modules-core-0:6.12.0-231.12.el10nv.aarch64 as a component of NVIDIA for RHEL 10",
"product_id": "10Base-RHEL-Nvidia:kernel-64k-modules-core-0:6.12.0-231.12.el10nv.aarch64"
},
"product_reference": "kernel-64k-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"relates_to_product_reference": "10Base-RHEL-Nvidia"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-64k-modules-extra-0:6.12.0-231.12.el10nv.aarch64 as a component of NVIDIA for RHEL 10",
"product_id": "10Base-RHEL-Nvidia:kernel-64k-modules-extra-0:6.12.0-231.12.el10nv.aarch64"
},
"product_reference": "kernel-64k-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"relates_to_product_reference": "10Base-RHEL-Nvidia"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-abi-stablelists-0:6.12.0-231.12.el10nv.noarch as a component of NVIDIA for RHEL 10",
"product_id": "10Base-RHEL-Nvidia:kernel-abi-stablelists-0:6.12.0-231.12.el10nv.noarch"
},
"product_reference": "kernel-abi-stablelists-0:6.12.0-231.12.el10nv.noarch",
"relates_to_product_reference": "10Base-RHEL-Nvidia"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-core-0:6.12.0-231.12.el10nv.aarch64 as a component of NVIDIA for RHEL 10",
"product_id": "10Base-RHEL-Nvidia:kernel-core-0:6.12.0-231.12.el10nv.aarch64"
},
"product_reference": "kernel-core-0:6.12.0-231.12.el10nv.aarch64",
"relates_to_product_reference": "10Base-RHEL-Nvidia"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-0:6.12.0-231.12.el10nv.aarch64 as a component of NVIDIA for RHEL 10",
"product_id": "10Base-RHEL-Nvidia:kernel-debug-0:6.12.0-231.12.el10nv.aarch64"
},
"product_reference": "kernel-debug-0:6.12.0-231.12.el10nv.aarch64",
"relates_to_product_reference": "10Base-RHEL-Nvidia"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-core-0:6.12.0-231.12.el10nv.aarch64 as a component of NVIDIA for RHEL 10",
"product_id": "10Base-RHEL-Nvidia:kernel-debug-core-0:6.12.0-231.12.el10nv.aarch64"
},
"product_reference": "kernel-debug-core-0:6.12.0-231.12.el10nv.aarch64",
"relates_to_product_reference": "10Base-RHEL-Nvidia"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-debuginfo-0:6.12.0-231.12.el10nv.aarch64 as a component of NVIDIA for RHEL 10",
"product_id": "10Base-RHEL-Nvidia:kernel-debug-debuginfo-0:6.12.0-231.12.el10nv.aarch64"
},
"product_reference": "kernel-debug-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"relates_to_product_reference": "10Base-RHEL-Nvidia"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-0:6.12.0-231.12.el10nv.aarch64 as a component of NVIDIA for RHEL 10",
"product_id": "10Base-RHEL-Nvidia:kernel-debug-devel-0:6.12.0-231.12.el10nv.aarch64"
},
"product_reference": "kernel-debug-devel-0:6.12.0-231.12.el10nv.aarch64",
"relates_to_product_reference": "10Base-RHEL-Nvidia"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-matched-0:6.12.0-231.12.el10nv.aarch64 as a component of NVIDIA for RHEL 10",
"product_id": "10Base-RHEL-Nvidia:kernel-debug-devel-matched-0:6.12.0-231.12.el10nv.aarch64"
},
"product_reference": "kernel-debug-devel-matched-0:6.12.0-231.12.el10nv.aarch64",
"relates_to_product_reference": "10Base-RHEL-Nvidia"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-0:6.12.0-231.12.el10nv.aarch64 as a component of NVIDIA for RHEL 10",
"product_id": "10Base-RHEL-Nvidia:kernel-debug-modules-0:6.12.0-231.12.el10nv.aarch64"
},
"product_reference": "kernel-debug-modules-0:6.12.0-231.12.el10nv.aarch64",
"relates_to_product_reference": "10Base-RHEL-Nvidia"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-core-0:6.12.0-231.12.el10nv.aarch64 as a component of NVIDIA for RHEL 10",
"product_id": "10Base-RHEL-Nvidia:kernel-debug-modules-core-0:6.12.0-231.12.el10nv.aarch64"
},
"product_reference": "kernel-debug-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"relates_to_product_reference": "10Base-RHEL-Nvidia"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-extra-0:6.12.0-231.12.el10nv.aarch64 as a component of NVIDIA for RHEL 10",
"product_id": "10Base-RHEL-Nvidia:kernel-debug-modules-extra-0:6.12.0-231.12.el10nv.aarch64"
},
"product_reference": "kernel-debug-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"relates_to_product_reference": "10Base-RHEL-Nvidia"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-0:6.12.0-231.12.el10nv.aarch64 as a component of NVIDIA for RHEL 10",
"product_id": "10Base-RHEL-Nvidia:kernel-debuginfo-0:6.12.0-231.12.el10nv.aarch64"
},
"product_reference": "kernel-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"relates_to_product_reference": "10Base-RHEL-Nvidia"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-common-aarch64-0:6.12.0-231.12.el10nv.aarch64 as a component of NVIDIA for RHEL 10",
"product_id": "10Base-RHEL-Nvidia:kernel-debuginfo-common-aarch64-0:6.12.0-231.12.el10nv.aarch64"
},
"product_reference": "kernel-debuginfo-common-aarch64-0:6.12.0-231.12.el10nv.aarch64",
"relates_to_product_reference": "10Base-RHEL-Nvidia"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-0:6.12.0-231.12.el10nv.aarch64 as a component of NVIDIA for RHEL 10",
"product_id": "10Base-RHEL-Nvidia:kernel-devel-0:6.12.0-231.12.el10nv.aarch64"
},
"product_reference": "kernel-devel-0:6.12.0-231.12.el10nv.aarch64",
"relates_to_product_reference": "10Base-RHEL-Nvidia"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-matched-0:6.12.0-231.12.el10nv.aarch64 as a component of NVIDIA for RHEL 10",
"product_id": "10Base-RHEL-Nvidia:kernel-devel-matched-0:6.12.0-231.12.el10nv.aarch64"
},
"product_reference": "kernel-devel-matched-0:6.12.0-231.12.el10nv.aarch64",
"relates_to_product_reference": "10Base-RHEL-Nvidia"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-doc-0:6.12.0-231.12.el10nv.noarch as a component of NVIDIA for RHEL 10",
"product_id": "10Base-RHEL-Nvidia:kernel-doc-0:6.12.0-231.12.el10nv.noarch"
},
"product_reference": "kernel-doc-0:6.12.0-231.12.el10nv.noarch",
"relates_to_product_reference": "10Base-RHEL-Nvidia"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-0:6.12.0-231.12.el10nv.aarch64 as a component of NVIDIA for RHEL 10",
"product_id": "10Base-RHEL-Nvidia:kernel-modules-0:6.12.0-231.12.el10nv.aarch64"
},
"product_reference": "kernel-modules-0:6.12.0-231.12.el10nv.aarch64",
"relates_to_product_reference": "10Base-RHEL-Nvidia"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-core-0:6.12.0-231.12.el10nv.aarch64 as a component of NVIDIA for RHEL 10",
"product_id": "10Base-RHEL-Nvidia:kernel-modules-core-0:6.12.0-231.12.el10nv.aarch64"
},
"product_reference": "kernel-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"relates_to_product_reference": "10Base-RHEL-Nvidia"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-extra-0:6.12.0-231.12.el10nv.aarch64 as a component of NVIDIA for RHEL 10",
"product_id": "10Base-RHEL-Nvidia:kernel-modules-extra-0:6.12.0-231.12.el10nv.aarch64"
},
"product_reference": "kernel-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"relates_to_product_reference": "10Base-RHEL-Nvidia"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-extra-matched-0:6.12.0-231.12.el10nv.aarch64 as a component of NVIDIA for RHEL 10",
"product_id": "10Base-RHEL-Nvidia:kernel-modules-extra-matched-0:6.12.0-231.12.el10nv.aarch64"
},
"product_reference": "kernel-modules-extra-matched-0:6.12.0-231.12.el10nv.aarch64",
"relates_to_product_reference": "10Base-RHEL-Nvidia"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-0:6.12.0-231.12.el10nv.aarch64 as a component of NVIDIA for RHEL 10",
"product_id": "10Base-RHEL-Nvidia:kernel-tools-0:6.12.0-231.12.el10nv.aarch64"
},
"product_reference": "kernel-tools-0:6.12.0-231.12.el10nv.aarch64",
"relates_to_product_reference": "10Base-RHEL-Nvidia"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-debuginfo-0:6.12.0-231.12.el10nv.aarch64 as a component of NVIDIA for RHEL 10",
"product_id": "10Base-RHEL-Nvidia:kernel-tools-debuginfo-0:6.12.0-231.12.el10nv.aarch64"
},
"product_reference": "kernel-tools-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"relates_to_product_reference": "10Base-RHEL-Nvidia"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-libs-0:6.12.0-231.12.el10nv.aarch64 as a component of NVIDIA for RHEL 10",
"product_id": "10Base-RHEL-Nvidia:kernel-tools-libs-0:6.12.0-231.12.el10nv.aarch64"
},
"product_reference": "kernel-tools-libs-0:6.12.0-231.12.el10nv.aarch64",
"relates_to_product_reference": "10Base-RHEL-Nvidia"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-uki-virt-0:6.12.0-231.12.el10nv.aarch64 as a component of NVIDIA for RHEL 10",
"product_id": "10Base-RHEL-Nvidia:kernel-uki-virt-0:6.12.0-231.12.el10nv.aarch64"
},
"product_reference": "kernel-uki-virt-0:6.12.0-231.12.el10nv.aarch64",
"relates_to_product_reference": "10Base-RHEL-Nvidia"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-uki-virt-addons-0:6.12.0-231.12.el10nv.aarch64 as a component of NVIDIA for RHEL 10",
"product_id": "10Base-RHEL-Nvidia:kernel-uki-virt-addons-0:6.12.0-231.12.el10nv.aarch64"
},
"product_reference": "kernel-uki-virt-addons-0:6.12.0-231.12.el10nv.aarch64",
"relates_to_product_reference": "10Base-RHEL-Nvidia"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libperf-debuginfo-0:6.12.0-231.12.el10nv.aarch64 as a component of NVIDIA for RHEL 10",
"product_id": "10Base-RHEL-Nvidia:libperf-debuginfo-0:6.12.0-231.12.el10nv.aarch64"
},
"product_reference": "libperf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"relates_to_product_reference": "10Base-RHEL-Nvidia"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-0:6.12.0-231.12.el10nv.aarch64 as a component of NVIDIA for RHEL 10",
"product_id": "10Base-RHEL-Nvidia:perf-0:6.12.0-231.12.el10nv.aarch64"
},
"product_reference": "perf-0:6.12.0-231.12.el10nv.aarch64",
"relates_to_product_reference": "10Base-RHEL-Nvidia"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-debuginfo-0:6.12.0-231.12.el10nv.aarch64 as a component of NVIDIA for RHEL 10",
"product_id": "10Base-RHEL-Nvidia:perf-debuginfo-0:6.12.0-231.12.el10nv.aarch64"
},
"product_reference": "perf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"relates_to_product_reference": "10Base-RHEL-Nvidia"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-perf-0:6.12.0-231.12.el10nv.aarch64 as a component of NVIDIA for RHEL 10",
"product_id": "10Base-RHEL-Nvidia:python3-perf-0:6.12.0-231.12.el10nv.aarch64"
},
"product_reference": "python3-perf-0:6.12.0-231.12.el10nv.aarch64",
"relates_to_product_reference": "10Base-RHEL-Nvidia"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-perf-debuginfo-0:6.12.0-231.12.el10nv.aarch64 as a component of NVIDIA for RHEL 10",
"product_id": "10Base-RHEL-Nvidia:python3-perf-debuginfo-0:6.12.0-231.12.el10nv.aarch64"
},
"product_reference": "python3-perf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"relates_to_product_reference": "10Base-RHEL-Nvidia"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rtla-0:6.12.0-231.12.el10nv.aarch64 as a component of NVIDIA for RHEL 10",
"product_id": "10Base-RHEL-Nvidia:rtla-0:6.12.0-231.12.el10nv.aarch64"
},
"product_reference": "rtla-0:6.12.0-231.12.el10nv.aarch64",
"relates_to_product_reference": "10Base-RHEL-Nvidia"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rtla-debuginfo-0:6.12.0-231.12.el10nv.aarch64 as a component of NVIDIA for RHEL 10",
"product_id": "10Base-RHEL-Nvidia:rtla-debuginfo-0:6.12.0-231.12.el10nv.aarch64"
},
"product_reference": "rtla-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"relates_to_product_reference": "10Base-RHEL-Nvidia"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rv-0:6.12.0-231.12.el10nv.aarch64 as a component of NVIDIA for RHEL 10",
"product_id": "10Base-RHEL-Nvidia:rv-0:6.12.0-231.12.el10nv.aarch64"
},
"product_reference": "rv-0:6.12.0-231.12.el10nv.aarch64",
"relates_to_product_reference": "10Base-RHEL-Nvidia"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rv-debuginfo-0:6.12.0-231.12.el10nv.aarch64 as a component of NVIDIA for RHEL 10",
"product_id": "10Base-RHEL-Nvidia:rv-debuginfo-0:6.12.0-231.12.el10nv.aarch64"
},
"product_reference": "rv-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"relates_to_product_reference": "10Base-RHEL-Nvidia"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-31431",
"cwe": {
"id": "CWE-1288",
"name": "Improper Validation of Consistency within Input"
},
"discovery_date": "2026-04-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2460538"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u0027s algif_aead cryptographic algorithm interface. An incorrect in-place operation causes source and destination data mappings to differ during cryptographic processing. A low-privileged local attacker can exploit this flaw to corrupt the contents of sensitive system files and escalate to root privileges.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: crypto: algif_aead - Revert to operating out-of-place",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is classified as Important, rather than Critical severity, because exploitation requires local access to the system. A low-privileged local attacker can exploit this flaw in the Linux kernel\u0027s cryptographic interface to gain root privileges by overwriting sensitive system files. Exploitation does not require user interaction, potentially resulting in full compromise of confidentiality, integrity, and availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"10Base-RHEL-Nvidia:kernel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-0:6.12.0-231.12.el10nv.src",
"10Base-RHEL-Nvidia:kernel-64k-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-abi-stablelists-0:6.12.0-231.12.el10nv.noarch",
"10Base-RHEL-Nvidia:kernel-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-devel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-devel-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debuginfo-common-aarch64-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-devel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-devel-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-doc-0:6.12.0-231.12.el10nv.noarch",
"10Base-RHEL-Nvidia:kernel-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-extra-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-libs-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-uki-virt-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-uki-virt-addons-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:libperf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:perf-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:perf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:python3-perf-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:python3-perf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rtla-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rtla-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rv-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rv-debuginfo-0:6.12.0-231.12.el10nv.aarch64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-31431"
},
{
"category": "external",
"summary": "RHBZ#2460538",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460538"
},
{
"category": "external",
"summary": "RHSB-2026-002",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2026-002"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-31431",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31431"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-31431",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-31431"
},
{
"category": "external",
"summary": "https://access.redhat.com/articles/7141989",
"url": "https://access.redhat.com/articles/7141989"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/7141931",
"url": "https://access.redhat.com/solutions/7141931"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/7141979",
"url": "https://access.redhat.com/solutions/7141979"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/7141990",
"url": "https://access.redhat.com/solutions/7141990"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/7141996",
"url": "https://access.redhat.com/solutions/7141996"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/7142032",
"url": "https://access.redhat.com/solutions/7142032"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/html/managing_monitoring_and_updating_the_kernel/configuring-kernel-command-line-parameters_managing-monitoring-and-updating-the-kernel",
"url": "https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/html/managing_monitoring_and_updating_the_kernel/configuring-kernel-command-line-parameters_managing-monitoring-and-updating-the-kernel"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2026042214-CVE-2026-31431-3d65@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2026042214-CVE-2026-31431-3d65@gregkh/T"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2026-04-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-30T11:30:57+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"10Base-RHEL-Nvidia:kernel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-0:6.12.0-231.12.el10nv.src",
"10Base-RHEL-Nvidia:kernel-64k-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-abi-stablelists-0:6.12.0-231.12.el10nv.noarch",
"10Base-RHEL-Nvidia:kernel-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-devel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-devel-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debuginfo-common-aarch64-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-devel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-devel-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-doc-0:6.12.0-231.12.el10nv.noarch",
"10Base-RHEL-Nvidia:kernel-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-extra-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-libs-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-uki-virt-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-uki-virt-addons-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:libperf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:perf-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:perf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:python3-perf-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:python3-perf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rtla-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rtla-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rv-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rv-debuginfo-0:6.12.0-231.12.el10nv.aarch64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33486"
},
{
"category": "workaround",
"details": "See the security bulletin for a detailed mitigation procedure.",
"product_ids": [
"10Base-RHEL-Nvidia:kernel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-0:6.12.0-231.12.el10nv.src",
"10Base-RHEL-Nvidia:kernel-64k-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-abi-stablelists-0:6.12.0-231.12.el10nv.noarch",
"10Base-RHEL-Nvidia:kernel-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-devel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-devel-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debuginfo-common-aarch64-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-devel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-devel-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-doc-0:6.12.0-231.12.el10nv.noarch",
"10Base-RHEL-Nvidia:kernel-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-extra-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-libs-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-uki-virt-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-uki-virt-addons-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:libperf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:perf-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:perf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:python3-perf-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:python3-perf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rtla-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rtla-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rv-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rv-debuginfo-0:6.12.0-231.12.el10nv.aarch64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"10Base-RHEL-Nvidia:kernel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-0:6.12.0-231.12.el10nv.src",
"10Base-RHEL-Nvidia:kernel-64k-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-abi-stablelists-0:6.12.0-231.12.el10nv.noarch",
"10Base-RHEL-Nvidia:kernel-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-devel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-devel-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debuginfo-common-aarch64-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-devel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-devel-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-doc-0:6.12.0-231.12.el10nv.noarch",
"10Base-RHEL-Nvidia:kernel-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-extra-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-libs-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-uki-virt-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-uki-virt-addons-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:libperf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:perf-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:perf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:python3-perf-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:python3-perf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rtla-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rtla-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rv-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rv-debuginfo-0:6.12.0-231.12.el10nv.aarch64"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2026-05-01T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: crypto: algif_aead - Revert to operating out-of-place"
},
{
"cve": "CVE-2026-43037",
"cwe": {
"id": "CWE-843",
"name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
},
"discovery_date": "2026-05-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2464351"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u0027s IPv6 tunnel implementation. A remote attacker could exploit this flaw by sending malicious ICMPv6 error messages to cause a stack-based buffer overflow in the kernel\u0027s IPv4-over-IPv6 tunnel error handling code. This could result in a kernel crash (denial of service) or potentially allow arbitrary code execution with kernel privileges.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: ip6_tunnel: clear skb2-\u003ecb[] in ip4ip6_err()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This Critical flaw in the Linux kernel\u0027s IPv6 tunneling error handling can lead to a stack buffer overflow. An unauthenticated remote attacker could exploit this by sending specially crafted network packets, potentially resulting in a denial of service or information disclosure on affected Red Hat Enterprise Linux systems.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"10Base-RHEL-Nvidia:kernel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-0:6.12.0-231.12.el10nv.src",
"10Base-RHEL-Nvidia:kernel-64k-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-abi-stablelists-0:6.12.0-231.12.el10nv.noarch",
"10Base-RHEL-Nvidia:kernel-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-devel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-devel-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debuginfo-common-aarch64-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-devel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-devel-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-doc-0:6.12.0-231.12.el10nv.noarch",
"10Base-RHEL-Nvidia:kernel-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-extra-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-libs-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-uki-virt-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-uki-virt-addons-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:libperf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:perf-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:perf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:python3-perf-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:python3-perf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rtla-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rtla-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rv-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rv-debuginfo-0:6.12.0-231.12.el10nv.aarch64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-43037"
},
{
"category": "external",
"summary": "RHBZ#2464351",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2464351"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-43037",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43037"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-43037",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-43037"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2026050102-CVE-2026-43037-0346@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2026050102-CVE-2026-43037-0346@gregkh/T"
}
],
"release_date": "2026-05-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-30T11:30:57+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"10Base-RHEL-Nvidia:kernel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-0:6.12.0-231.12.el10nv.src",
"10Base-RHEL-Nvidia:kernel-64k-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-abi-stablelists-0:6.12.0-231.12.el10nv.noarch",
"10Base-RHEL-Nvidia:kernel-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-devel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-devel-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debuginfo-common-aarch64-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-devel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-devel-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-doc-0:6.12.0-231.12.el10nv.noarch",
"10Base-RHEL-Nvidia:kernel-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-extra-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-libs-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-uki-virt-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-uki-virt-addons-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:libperf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:perf-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:perf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:python3-perf-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:python3-perf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rtla-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rtla-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rv-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rv-debuginfo-0:6.12.0-231.12.el10nv.aarch64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33486"
},
{
"category": "workaround",
"details": "Mitigation for this issue is to skip loading the affected module `ip6_tunnel` onto the system till we have a fix available, this can be done by a blacklist mechanism, this will ensure the driver is not loaded at the boot time.\n~~~\nHow do I blacklist a kernel module to prevent it from loading automatically? \nhttps://access.redhat.com/solutions/41278 \n~~~\n\nWe may also want to detection and monitoring an affected system as below:\n~~~\nMonitor for exploitation attempts:\n\n# Enable kernel audit for IPv6 tunnel operations\nauditctl -a always,exit -F arch=b64 -S socket -F a0=10 -F a1=3 -k ipv6_tunnel\n\n# Monitor system logs for kernel panics/crashes\njournalctl -k -p err -f | grep -i \"ip6_tunnel\\|icmp\\|stack\"\n~~~",
"product_ids": [
"10Base-RHEL-Nvidia:kernel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-0:6.12.0-231.12.el10nv.src",
"10Base-RHEL-Nvidia:kernel-64k-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-abi-stablelists-0:6.12.0-231.12.el10nv.noarch",
"10Base-RHEL-Nvidia:kernel-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-devel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-devel-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debuginfo-common-aarch64-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-devel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-devel-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-doc-0:6.12.0-231.12.el10nv.noarch",
"10Base-RHEL-Nvidia:kernel-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-extra-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-libs-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-uki-virt-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-uki-virt-addons-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:libperf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:perf-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:perf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:python3-perf-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:python3-perf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rtla-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rtla-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rv-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rv-debuginfo-0:6.12.0-231.12.el10nv.aarch64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"10Base-RHEL-Nvidia:kernel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-0:6.12.0-231.12.el10nv.src",
"10Base-RHEL-Nvidia:kernel-64k-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-abi-stablelists-0:6.12.0-231.12.el10nv.noarch",
"10Base-RHEL-Nvidia:kernel-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-devel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-devel-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debuginfo-common-aarch64-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-devel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-devel-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-doc-0:6.12.0-231.12.el10nv.noarch",
"10Base-RHEL-Nvidia:kernel-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-extra-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-libs-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-uki-virt-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-uki-virt-addons-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:libperf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:perf-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:perf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:python3-perf-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:python3-perf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rtla-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rtla-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rv-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rv-debuginfo-0:6.12.0-231.12.el10nv.aarch64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "kernel: ip6_tunnel: clear skb2-\u003ecb[] in ip4ip6_err()"
},
{
"cve": "CVE-2026-43284",
"cwe": {
"id": "CWE-123",
"name": "Write-what-where Condition"
},
"discovery_date": "2026-05-07T15:56:04.044000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2467771"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u0027s xfrm-ESP and RxRPC subsystems. Unsafe in-place cryptographic processing of shared socket buffer fragments allows a low-privileged local attacker to corrupt page-cache contents of readable files, including sensitive system files, and gain root privileges. The xfrm-ESP variant requires unprivileged user or network namespace creation, while the RxRPC variant depends on the rxrpc module being available on the target system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: \"Dirty Frag\" ESP XFRM variant is a new universal Local Privilege Escalation (LPE) vulnerability in the Linux kernel",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is classified as Important, rather than Critical severity, because exploitation requires local access to the system. A low-privileged local attacker can exploit this flaw in the Linux kernel\u0027s xfrm-ESP and RxRPC subsystems to gain root privileges by overwriting sensitive system files. Exploitation does not require user interaction, potentially resulting in full compromise of confidentiality, integrity, and availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"10Base-RHEL-Nvidia:kernel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-0:6.12.0-231.12.el10nv.src",
"10Base-RHEL-Nvidia:kernel-64k-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-abi-stablelists-0:6.12.0-231.12.el10nv.noarch",
"10Base-RHEL-Nvidia:kernel-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-devel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-devel-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debuginfo-common-aarch64-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-devel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-devel-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-doc-0:6.12.0-231.12.el10nv.noarch",
"10Base-RHEL-Nvidia:kernel-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-extra-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-libs-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-uki-virt-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-uki-virt-addons-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:libperf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:perf-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:perf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:python3-perf-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:python3-perf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rtla-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rtla-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rv-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rv-debuginfo-0:6.12.0-231.12.el10nv.aarch64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-43284"
},
{
"category": "external",
"summary": "RHBZ#2467771",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467771"
},
{
"category": "external",
"summary": "RHSB-2026-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2026-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-43284",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43284"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-43284",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-43284"
},
{
"category": "external",
"summary": "https://dirtyfrag.io/",
"url": "https://dirtyfrag.io/"
}
],
"release_date": "2026-05-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-30T11:30:57+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"10Base-RHEL-Nvidia:kernel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-0:6.12.0-231.12.el10nv.src",
"10Base-RHEL-Nvidia:kernel-64k-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-abi-stablelists-0:6.12.0-231.12.el10nv.noarch",
"10Base-RHEL-Nvidia:kernel-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-devel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-devel-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debuginfo-common-aarch64-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-devel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-devel-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-doc-0:6.12.0-231.12.el10nv.noarch",
"10Base-RHEL-Nvidia:kernel-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-extra-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-libs-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-uki-virt-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-uki-virt-addons-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:libperf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:perf-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:perf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:python3-perf-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:python3-perf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rtla-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rtla-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rv-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rv-debuginfo-0:6.12.0-231.12.el10nv.aarch64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33486"
},
{
"category": "workaround",
"details": "See the security bulletin for a detailed mitigation procedure.",
"product_ids": [
"10Base-RHEL-Nvidia:kernel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-0:6.12.0-231.12.el10nv.src",
"10Base-RHEL-Nvidia:kernel-64k-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-abi-stablelists-0:6.12.0-231.12.el10nv.noarch",
"10Base-RHEL-Nvidia:kernel-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-devel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-devel-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debuginfo-common-aarch64-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-devel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-devel-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-doc-0:6.12.0-231.12.el10nv.noarch",
"10Base-RHEL-Nvidia:kernel-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-extra-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-libs-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-uki-virt-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-uki-virt-addons-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:libperf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:perf-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:perf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:python3-perf-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:python3-perf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rtla-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rtla-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rv-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rv-debuginfo-0:6.12.0-231.12.el10nv.aarch64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"10Base-RHEL-Nvidia:kernel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-0:6.12.0-231.12.el10nv.src",
"10Base-RHEL-Nvidia:kernel-64k-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-abi-stablelists-0:6.12.0-231.12.el10nv.noarch",
"10Base-RHEL-Nvidia:kernel-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-devel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-devel-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debuginfo-common-aarch64-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-devel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-devel-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-doc-0:6.12.0-231.12.el10nv.noarch",
"10Base-RHEL-Nvidia:kernel-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-extra-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-libs-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-uki-virt-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-uki-virt-addons-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:libperf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:perf-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:perf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:python3-perf-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:python3-perf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rtla-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rtla-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rv-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rv-debuginfo-0:6.12.0-231.12.el10nv.aarch64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: \"Dirty Frag\" ESP XFRM variant is a new universal Local Privilege Escalation (LPE) vulnerability in the Linux kernel"
},
{
"cve": "CVE-2026-43503",
"cwe": {
"id": "CWE-664",
"name": "Improper Control of a Resource Through its Lifetime"
},
"discovery_date": "2026-05-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2480902"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u0027s networking (skbuff) component. When skb_try_coalesce() attaches paged fragments, it can lose the SKBFL_SHARED_FRAG marker. This can lead to the Encapsulating Security Payload (ESP) input decrypting data in place over page-cache backed fragments, potentially resulting in data corruption.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: net: skbuff: propagate shared-frag marker through frag-transfer helpers",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Impact is rated as Important because the privileged file-backed cache pages may be modified through a shared-page ownership bypass. Within Red Hat Enterprise Linux and Red Hat OpenShift Container Platform, this vulnerability was fixed at the same time as CVE-2026-46300.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"10Base-RHEL-Nvidia:kernel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-0:6.12.0-231.12.el10nv.src",
"10Base-RHEL-Nvidia:kernel-64k-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-abi-stablelists-0:6.12.0-231.12.el10nv.noarch",
"10Base-RHEL-Nvidia:kernel-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-devel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-devel-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debuginfo-common-aarch64-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-devel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-devel-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-doc-0:6.12.0-231.12.el10nv.noarch",
"10Base-RHEL-Nvidia:kernel-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-extra-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-libs-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-uki-virt-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-uki-virt-addons-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:libperf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:perf-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:perf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:python3-perf-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:python3-perf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rtla-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rtla-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rv-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rv-debuginfo-0:6.12.0-231.12.el10nv.aarch64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-43503"
},
{
"category": "external",
"summary": "RHBZ#2480902",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2480902"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-43503",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43503"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-43503",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-43503"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/security/vulns.git/plain/cve/published/2026/CVE-2026-43503.mbox",
"url": "https://git.kernel.org/pub/scm/linux/security/vulns.git/plain/cve/published/2026/CVE-2026-43503.mbox"
}
],
"release_date": "2026-05-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-30T11:30:57+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"10Base-RHEL-Nvidia:kernel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-0:6.12.0-231.12.el10nv.src",
"10Base-RHEL-Nvidia:kernel-64k-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-abi-stablelists-0:6.12.0-231.12.el10nv.noarch",
"10Base-RHEL-Nvidia:kernel-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-devel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-devel-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debuginfo-common-aarch64-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-devel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-devel-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-doc-0:6.12.0-231.12.el10nv.noarch",
"10Base-RHEL-Nvidia:kernel-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-extra-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-libs-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-uki-virt-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-uki-virt-addons-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:libperf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:perf-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:perf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:python3-perf-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:python3-perf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rtla-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rtla-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rv-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rv-debuginfo-0:6.12.0-231.12.el10nv.aarch64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33486"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"10Base-RHEL-Nvidia:kernel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-0:6.12.0-231.12.el10nv.src",
"10Base-RHEL-Nvidia:kernel-64k-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-abi-stablelists-0:6.12.0-231.12.el10nv.noarch",
"10Base-RHEL-Nvidia:kernel-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-devel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-devel-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debuginfo-common-aarch64-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-devel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-devel-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-doc-0:6.12.0-231.12.el10nv.noarch",
"10Base-RHEL-Nvidia:kernel-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-extra-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-libs-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-uki-virt-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-uki-virt-addons-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:libperf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:perf-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:perf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:python3-perf-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:python3-perf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rtla-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rtla-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rv-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rv-debuginfo-0:6.12.0-231.12.el10nv.aarch64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: net: skbuff: propagate shared-frag marker through frag-transfer helpers"
},
{
"cve": "CVE-2026-46243",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2026-05-26T15:07:49.955000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2481486"
}
],
"notes": [
{
"category": "description",
"text": "A privilege escalation vulnerability was found in the Linux kernel\u0027s CIFS client implementation. This could allow a local attacker to impersonate other users, bypass authentication in SMB mount operations, and potentially gain unauthorized access to network file shares or escalate privileges.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Linux kernel: smb: client: reject userspace cifs.spnego descriptions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is classified as Important severity primarily because a low-privileged local user can achieve full privilege escalation to root without any user interaction. The attack requires local access, which prevents remote exploitation and is the primary factor keeping the rating at Important rather than Critical.\n\nExploitation requires three components to be present on the system: the `cifs` kernel module (loaded or loadable), the `cifs-utils` package with its default `cifs.spnego` request-key rule, and the ability to create unprivileged user and mount namespaces. All three must be present for the attack chain to succeed. Environments that do not use SMB/CIFS file shares or Active Directory integration are unlikely to have `cifs-utils` installed, reducing their exposure.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"10Base-RHEL-Nvidia:kernel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-0:6.12.0-231.12.el10nv.src",
"10Base-RHEL-Nvidia:kernel-64k-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-abi-stablelists-0:6.12.0-231.12.el10nv.noarch",
"10Base-RHEL-Nvidia:kernel-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-devel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-devel-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debuginfo-common-aarch64-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-devel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-devel-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-doc-0:6.12.0-231.12.el10nv.noarch",
"10Base-RHEL-Nvidia:kernel-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-extra-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-libs-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-uki-virt-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-uki-virt-addons-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:libperf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:perf-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:perf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:python3-perf-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:python3-perf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rtla-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rtla-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rv-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rv-debuginfo-0:6.12.0-231.12.el10nv.aarch64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-46243"
},
{
"category": "external",
"summary": "RHBZ#2481486",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2481486"
},
{
"category": "external",
"summary": "RHSB-2026-005",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2026-005"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-46243",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46243"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-46243",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-46243"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3da1fdf4efbc490041eb4f836bf596201203f8f2",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3da1fdf4efbc490041eb4f836bf596201203f8f2"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2026060140-CVE-2026-46243-3d1c@gregkh/",
"url": "https://lore.kernel.org/linux-cve-announce/2026060140-CVE-2026-46243-3d1c@gregkh/"
}
],
"release_date": "2026-05-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-30T11:30:57+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"10Base-RHEL-Nvidia:kernel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-0:6.12.0-231.12.el10nv.src",
"10Base-RHEL-Nvidia:kernel-64k-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-abi-stablelists-0:6.12.0-231.12.el10nv.noarch",
"10Base-RHEL-Nvidia:kernel-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-devel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-devel-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debuginfo-common-aarch64-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-devel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-devel-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-doc-0:6.12.0-231.12.el10nv.noarch",
"10Base-RHEL-Nvidia:kernel-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-extra-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-libs-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-uki-virt-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-uki-virt-addons-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:libperf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:perf-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:perf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:python3-perf-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:python3-perf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rtla-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rtla-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rv-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rv-debuginfo-0:6.12.0-231.12.el10nv.aarch64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33486"
},
{
"category": "workaround",
"details": "See the security bulletin for a detailed mitigation procedure.",
"product_ids": [
"10Base-RHEL-Nvidia:kernel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-0:6.12.0-231.12.el10nv.src",
"10Base-RHEL-Nvidia:kernel-64k-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-abi-stablelists-0:6.12.0-231.12.el10nv.noarch",
"10Base-RHEL-Nvidia:kernel-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-devel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-devel-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debuginfo-common-aarch64-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-devel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-devel-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-doc-0:6.12.0-231.12.el10nv.noarch",
"10Base-RHEL-Nvidia:kernel-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-extra-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-libs-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-uki-virt-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-uki-virt-addons-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:libperf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:perf-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:perf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:python3-perf-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:python3-perf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rtla-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rtla-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rv-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rv-debuginfo-0:6.12.0-231.12.el10nv.aarch64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"10Base-RHEL-Nvidia:kernel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-0:6.12.0-231.12.el10nv.src",
"10Base-RHEL-Nvidia:kernel-64k-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-abi-stablelists-0:6.12.0-231.12.el10nv.noarch",
"10Base-RHEL-Nvidia:kernel-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-devel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-devel-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debuginfo-common-aarch64-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-devel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-devel-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-doc-0:6.12.0-231.12.el10nv.noarch",
"10Base-RHEL-Nvidia:kernel-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-extra-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-libs-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-uki-virt-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-uki-virt-addons-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:libperf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:perf-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:perf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:python3-perf-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:python3-perf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rtla-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rtla-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rv-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rv-debuginfo-0:6.12.0-231.12.el10nv.aarch64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: Linux kernel: smb: client: reject userspace cifs.spnego descriptions"
},
{
"cve": "CVE-2026-46300",
"cwe": {
"id": "CWE-123",
"name": "Write-what-where Condition"
},
"discovery_date": "2026-05-13T13:28:21.270000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477015"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u0027s XFRM ESP-in-TCP subsystem. Unsafe in-place cryptographic processing allows a low-privileged local attacker to write arbitrary bytes into the page cache of read-only files, including sensitive system files. An attacker can exploit this to overwrite privileged binaries and gain root privileges.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: \"Fragnesia\" is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation (LPE) vulnerability in the Linux kernel",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is classified as Important, rather than Critical severity, because exploitation requires local access to the system. A low-privileged local attacker can exploit this flaw in the Linux kernel\u0027s XFRM ESP-in-TCP subsystem to gain root privileges by overwriting sensitive system files. Exploitation does not require user interaction, potentially resulting in full compromise of confidentiality, integrity, and availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"10Base-RHEL-Nvidia:kernel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-0:6.12.0-231.12.el10nv.src",
"10Base-RHEL-Nvidia:kernel-64k-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-abi-stablelists-0:6.12.0-231.12.el10nv.noarch",
"10Base-RHEL-Nvidia:kernel-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-devel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-devel-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debuginfo-common-aarch64-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-devel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-devel-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-doc-0:6.12.0-231.12.el10nv.noarch",
"10Base-RHEL-Nvidia:kernel-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-extra-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-libs-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-uki-virt-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-uki-virt-addons-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:libperf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:perf-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:perf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:python3-perf-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:python3-perf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rtla-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rtla-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rv-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rv-debuginfo-0:6.12.0-231.12.el10nv.aarch64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-46300"
},
{
"category": "external",
"summary": "RHBZ#2477015",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477015"
},
{
"category": "external",
"summary": "RHSB-2026-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2026-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-46300",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46300"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-46300",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-46300"
}
],
"release_date": "2026-05-13T12:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-30T11:30:57+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"10Base-RHEL-Nvidia:kernel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-0:6.12.0-231.12.el10nv.src",
"10Base-RHEL-Nvidia:kernel-64k-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-abi-stablelists-0:6.12.0-231.12.el10nv.noarch",
"10Base-RHEL-Nvidia:kernel-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-devel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-devel-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debuginfo-common-aarch64-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-devel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-devel-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-doc-0:6.12.0-231.12.el10nv.noarch",
"10Base-RHEL-Nvidia:kernel-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-extra-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-libs-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-uki-virt-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-uki-virt-addons-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:libperf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:perf-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:perf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:python3-perf-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:python3-perf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rtla-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rtla-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rv-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rv-debuginfo-0:6.12.0-231.12.el10nv.aarch64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33486"
},
{
"category": "workaround",
"details": "See the security bulletin for a detailed mitigation procedure.",
"product_ids": [
"10Base-RHEL-Nvidia:kernel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-0:6.12.0-231.12.el10nv.src",
"10Base-RHEL-Nvidia:kernel-64k-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-abi-stablelists-0:6.12.0-231.12.el10nv.noarch",
"10Base-RHEL-Nvidia:kernel-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-devel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-devel-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debuginfo-common-aarch64-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-devel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-devel-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-doc-0:6.12.0-231.12.el10nv.noarch",
"10Base-RHEL-Nvidia:kernel-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-extra-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-libs-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-uki-virt-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-uki-virt-addons-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:libperf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:perf-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:perf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:python3-perf-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:python3-perf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rtla-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rtla-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rv-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rv-debuginfo-0:6.12.0-231.12.el10nv.aarch64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"10Base-RHEL-Nvidia:kernel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-0:6.12.0-231.12.el10nv.src",
"10Base-RHEL-Nvidia:kernel-64k-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-abi-stablelists-0:6.12.0-231.12.el10nv.noarch",
"10Base-RHEL-Nvidia:kernel-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-devel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-devel-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debuginfo-common-aarch64-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-devel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-devel-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-doc-0:6.12.0-231.12.el10nv.noarch",
"10Base-RHEL-Nvidia:kernel-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-extra-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-libs-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-uki-virt-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-uki-virt-addons-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:libperf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:perf-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:perf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:python3-perf-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:python3-perf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rtla-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rtla-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rv-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rv-debuginfo-0:6.12.0-231.12.el10nv.aarch64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: \"Fragnesia\" is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation (LPE) vulnerability in the Linux kernel"
},
{
"cve": "CVE-2026-46333",
"cwe": {
"id": "CWE-269",
"name": "Improper Privilege Management"
},
"discovery_date": "2026-05-15T08:27:21.590000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477802"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Linux kernel that allows an unprivileged local user to read sensitive files normally restricted to the root user. The flaw occurs during process exit, where a brief window allows an attacker to intercept file access from a privileged process before it fully terminates. Successful exploitation may lead to the disclosure of sensitive data such as SSH host private keys or /etc/shadow contents.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Read root-owned files as an unprivileged user",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important flaw in the Linux kernel that allows a local unprivileged attacker to read root-owned files. The vulnerability arises from a race condition during process termination, enabling a brief window where sensitive data, such as SSH host private keys or /etc/shadow contents, can be disclosed. This could lead to unauthorized access to sensitive information on affected Red Hat Enterprise Linux systems.\n\nIn OpenShift Container Platform 4, this flaw is rated Low. The default `restricted-v2` Security Context Constraint (SCC) sets `allowPrivilegeEscalation: false` on all pods, which causes the kernel to ignore setuid file bits and prevents target binaries from opening privileged files, breaking the exploit chain entirely. Under non-default SCCs such as `anyuid` that permit privilege escalation, the vulnerability is constrained by PID and mount namespace isolation to the container\u0027s own filesystem. An attacker would only be able to access root-owned files already within the container, not host or cross-pod resources. In practice, containers rarely contain sensitive root-owned files that are not already accessible to the pod user through normal means.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"10Base-RHEL-Nvidia:kernel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-0:6.12.0-231.12.el10nv.src",
"10Base-RHEL-Nvidia:kernel-64k-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-abi-stablelists-0:6.12.0-231.12.el10nv.noarch",
"10Base-RHEL-Nvidia:kernel-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-devel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-devel-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debuginfo-common-aarch64-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-devel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-devel-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-doc-0:6.12.0-231.12.el10nv.noarch",
"10Base-RHEL-Nvidia:kernel-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-extra-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-libs-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-uki-virt-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-uki-virt-addons-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:libperf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:perf-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:perf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:python3-perf-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:python3-perf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rtla-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rtla-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rv-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rv-debuginfo-0:6.12.0-231.12.el10nv.aarch64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-46333"
},
{
"category": "external",
"summary": "RHBZ#2477802",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477802"
},
{
"category": "external",
"summary": "RHSB-2026-004",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2026-004"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-46333",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46333"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-46333",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-46333"
},
{
"category": "external",
"summary": "https://blog.qualys.com/vulnerabilities-threat-research/2026/05/20/cve-2026-46333-local-root-privilege-escalation-and-credential-disclosure-in-the-linux-kernel-ptrace-path",
"url": "https://blog.qualys.com/vulnerabilities-threat-research/2026/05/20/cve-2026-46333-local-root-privilege-escalation-and-credential-disclosure-in-the-linux-kernel-ptrace-path"
},
{
"category": "external",
"summary": "https://github.com/torvalds/linux/commit/31e62c2ebbfdc3fe3dbdf5e02c92a9dc67087a3a",
"url": "https://github.com/torvalds/linux/commit/31e62c2ebbfdc3fe3dbdf5e02c92a9dc67087a3a"
}
],
"release_date": "2026-05-15T05:55:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-30T11:30:57+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"10Base-RHEL-Nvidia:kernel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-0:6.12.0-231.12.el10nv.src",
"10Base-RHEL-Nvidia:kernel-64k-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-abi-stablelists-0:6.12.0-231.12.el10nv.noarch",
"10Base-RHEL-Nvidia:kernel-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-devel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-devel-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debuginfo-common-aarch64-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-devel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-devel-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-doc-0:6.12.0-231.12.el10nv.noarch",
"10Base-RHEL-Nvidia:kernel-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-extra-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-libs-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-uki-virt-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-uki-virt-addons-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:libperf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:perf-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:perf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:python3-perf-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:python3-perf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rtla-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rtla-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rv-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rv-debuginfo-0:6.12.0-231.12.el10nv.aarch64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:33486"
},
{
"category": "workaround",
"details": "See the security bulletin for a detailed mitigation procedure.",
"product_ids": [
"10Base-RHEL-Nvidia:kernel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-0:6.12.0-231.12.el10nv.src",
"10Base-RHEL-Nvidia:kernel-64k-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-abi-stablelists-0:6.12.0-231.12.el10nv.noarch",
"10Base-RHEL-Nvidia:kernel-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-devel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-devel-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debuginfo-common-aarch64-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-devel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-devel-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-doc-0:6.12.0-231.12.el10nv.noarch",
"10Base-RHEL-Nvidia:kernel-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-extra-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-libs-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-uki-virt-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-uki-virt-addons-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:libperf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:perf-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:perf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:python3-perf-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:python3-perf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rtla-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rtla-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rv-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rv-debuginfo-0:6.12.0-231.12.el10nv.aarch64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"10Base-RHEL-Nvidia:kernel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-0:6.12.0-231.12.el10nv.src",
"10Base-RHEL-Nvidia:kernel-64k-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debug-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-64k-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-abi-stablelists-0:6.12.0-231.12.el10nv.noarch",
"10Base-RHEL-Nvidia:kernel-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-devel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-devel-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debug-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-debuginfo-common-aarch64-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-devel-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-devel-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-doc-0:6.12.0-231.12.el10nv.noarch",
"10Base-RHEL-Nvidia:kernel-modules-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-core-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-extra-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-modules-extra-matched-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-tools-libs-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-uki-virt-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:kernel-uki-virt-addons-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:libperf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:perf-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:perf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:python3-perf-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:python3-perf-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rtla-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rtla-debuginfo-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rv-0:6.12.0-231.12.el10nv.aarch64",
"10Base-RHEL-Nvidia:rv-debuginfo-0:6.12.0-231.12.el10nv.aarch64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: Read root-owned files as an unprivileged user"
}
]
}
In the Linux kernel, the following vulnerability has been resolved: crypto: algif_aead - Revert to operating out-of-place This mostly reverts commit 72548b093ee3 except for the copying of the associated data. There is no benefit in operating in-place in algif_aead since the source and destination come from different mappings. Get rid of all the complexity added for in-place operation and just copy the AD directly.
CWE-669 - Incorrect Resource Transfer Between Spheres| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
B&R Industrial Automation GmbH APROL APROL-AutoYaST-DVD- V4.4-010.10.260602
B&R Industrial Automation GmbH / APROL
|
APROL-AutoYaST-DVD- V4.4-010.10.260602 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
B&R Industrial Automation GmbH Linux for B&R <=12
B&R Industrial Automation GmbH / Linux for B&R
|
<=12 |
Mitigation
Workaround
|
|
|
B&R Industrial Automation GmbH APROL <APROL-AutoYaST-DVD- V4.4-010.10.260602
B&R Industrial Automation GmbH / APROL
|
<APROL-AutoYaST-DVD- V4.4-010.10.260602 |
Vendor Fix
|
|
|
B&R Industrial Automation GmbH X20EDS410 /all
B&R Industrial Automation GmbH / X20EDS410
|
/all |
Mitigation
Workaround
|
In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags MSG_SPLICE_PAGES can attach pages from a pipe directly to an skb. TCP marks such skbs with SKBFL_SHARED_FRAG after skb_splice_from_iter(), so later paths that may modify packet data can first make a private copy. The IPv4/IPv6 datagram append paths did not set this flag when splicing pages into UDP skbs. That leaves an ESP-in-UDP packet made from shared pipe pages looking like an ordinary uncloned nonlinear skb. ESP input then takes the no-COW fast path for uncloned skbs without a frag_list and decrypts in place over data that is not owned privately by the skb. Mark IPv4/IPv6 datagram splice frags with SKBFL_SHARED_FRAG, matching TCP. Also make ESP input fall back to skb_cow_data() when the flag is present, so ESP does not decrypt external-ly backed frags in place. Private nonlinear skb frags still use the existing fast path. This intentionally does not change ESP output. In esp_output_head(), the path that appends the ESP trailer to existing skb tailroom without calling skb_cow_data() is not reachable for nonlinear skbs: skb_tailroom() returns zero when skb->data_len is nonzero, while ESP tailen is positive. Thus ESP output will either use the separate destination-frag path or fall back to skb_cow_data().
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
B&R Industrial Automation GmbH APROL APROL-AutoYaST-DVD- V4.4-010.10.260602
B&R Industrial Automation GmbH / APROL
|
APROL-AutoYaST-DVD- V4.4-010.10.260602 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
B&R Industrial Automation GmbH Linux for B&R <=12
B&R Industrial Automation GmbH / Linux for B&R
|
<=12 |
Mitigation
Workaround
|
|
|
B&R Industrial Automation GmbH APROL <APROL-AutoYaST-DVD- V4.4-010.10.260602
B&R Industrial Automation GmbH / APROL
|
<APROL-AutoYaST-DVD- V4.4-010.10.260602 |
Vendor Fix
|
|
|
B&R Industrial Automation GmbH X20EDS410 /all
B&R Industrial Automation GmbH / X20EDS410
|
/all |
Mitigation
Workaround
|
In the Linux kernel, the following vulnerability has been resolved: ptrace: slightly saner 'get_dumpable()' logic The 'dumpability' of a task is fundamentally about the memory image of the task - the concept comes from whether it can core dump or not - and makes no sense when you don't have an associated mm. And almost all users do in fact use it only for the case where the task has a mm pointer. But we have one odd special case: ptrace_may_access() uses 'dumpable' to check various other things entirely independently of the MM (typically explicitly using flags like PTRACE_MODE_READ_FSCREDS). Including for threads that no longer have a VM (and maybe never did, like most kernel threads). It's not what this flag was designed for, but it is what it is. The ptrace code does check that the uid/gid matches, so you do have to be uid-0 to see kernel thread details, but this means that the traditional "drop capabilities" model doesn't make any difference for this all. Make it all make a *bit* more sense by saying that if you don't have a MM pointer, we'll use a cached "last dumpability" flag if the thread ever had a MM (it will be zero for kernel threads since it is never set), and require a proper CAP_SYS_PTRACE capability to override.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
B&R Industrial Automation GmbH APROL APROL-AutoYaST-DVD- V4.4-010.10.260602
B&R Industrial Automation GmbH / APROL
|
APROL-AutoYaST-DVD- V4.4-010.10.260602 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
B&R Industrial Automation GmbH Linux for B&R <=12
B&R Industrial Automation GmbH / Linux for B&R
|
<=12 |
Mitigation
Workaround
|
|
|
B&R Industrial Automation GmbH APROL <APROL-AutoYaST-DVD- V4.4-010.10.260602
B&R Industrial Automation GmbH / APROL
|
<APROL-AutoYaST-DVD- V4.4-010.10.260602 |
Vendor Fix
|
|
|
B&R Industrial Automation GmbH X20EDS410 /all
B&R Industrial Automation GmbH / X20EDS410
|
/all |
Mitigation
Workaround
|
In the Linux kernel, the following vulnerability has been resolved: net: skbuff: preserve shared-frag marker during coalescing skb_try_coalesce() can attach paged frags from @from to @to. If @from has SKBFL_SHARED_FRAG set, the resulting @to skb can contain the same externally-owned or page-cache-backed frags, but the shared-frag marker is currently lost. That breaks the invariant relied on by later in-place writers. In particular, ESP input checks skb_has_shared_frag() before deciding whether an uncloned nonlinear skb can skip skb_cow_data(). If TCP receive coalescing has moved shared frags into an unmarked skb, ESP can see skb_has_shared_frag() as false and decrypt in place over page-cache backed frags. Propagate SKBFL_SHARED_FRAG when skb_try_coalesce() transfers paged frags. The tailroom copy path does not need the marker because it copies bytes into @to's linear data rather than transferring frag descriptors..
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
B&R Industrial Automation GmbH APROL APROL-AutoYaST-DVD- V4.4-010.10.260602
B&R Industrial Automation GmbH / APROL
|
APROL-AutoYaST-DVD- V4.4-010.10.260602 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
B&R Industrial Automation GmbH Linux for B&R <=12
B&R Industrial Automation GmbH / Linux for B&R
|
<=12 |
Mitigation
Workaround
|
|
|
B&R Industrial Automation GmbH APROL <APROL-AutoYaST-DVD- V4.4-010.10.260602
B&R Industrial Automation GmbH / APROL
|
<APROL-AutoYaST-DVD- V4.4-010.10.260602 |
Vendor Fix
|
|
|
B&R Industrial Automation GmbH X20EDS410 /all
B&R Industrial Automation GmbH / X20EDS410
|
/all |
Mitigation
Workaround
|
In the Linux kernel, the following vulnerability has been resolved: net/rds: reset op_nents when zerocopy page pin fails When iov_iter_get_pages2() fails in rds_message_zcopy_from_user(), the pinned pages are released with put_page(), and rm->data.op_mmp_znotifier is cleared. But we fail to properly clear rm->data.op_nents. Later when rds_message_purge() is called from rds_sendmsg() the cleanup loop iterates over the incorrectly non zero number of op_nents and frees them again. Fix this by properly resetting op_nents when it should be in rds_message_zcopy_from_user().
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
B&R Industrial Automation GmbH APROL APROL-AutoYaST-DVD- V4.4-010.10.260602
B&R Industrial Automation GmbH / APROL
|
APROL-AutoYaST-DVD- V4.4-010.10.260602 |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
B&R Industrial Automation GmbH Linux for B&R <=12
B&R Industrial Automation GmbH / Linux for B&R
|
<=12 |
Mitigation
Workaround
|
|
|
B&R Industrial Automation GmbH APROL <APROL-AutoYaST-DVD- V4.4-010.10.260602
B&R Industrial Automation GmbH / APROL
|
<APROL-AutoYaST-DVD- V4.4-010.10.260602 |
Vendor Fix
|
|
|
B&R Industrial Automation GmbH X20EDS410 /all
B&R Industrial Automation GmbH / X20EDS410
|
/all |
Mitigation
Workaround
|
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "B\u0026R is aware of publicly reported vulnerabilities affecting the Linux kernel versions shipped with the products listed as affected in the advisory.\n\nSuccessful local exploitation of these vulnerabilities could allow an attacker to escalate privileges on the affected system. Public proof-of-concept exploits are available for the vulnerabilities described herein. At the time of publication of this advisory, B\u0026R had no evidence of active exploitation targeting B\u0026R products.",
"title": "Summary"
},
{
"category": "other",
"text": "For additional instructions and support please contact your local B\u0026R service organization. For contact information, see https://www.br-automation.com/en/about-us/locations/.\n\nInformation about ABB\u2019s cyber security program and capabilities can be found at www.abb.com/cybersecurity.\n\n\n",
"title": "Support"
},
{
"category": "legal_disclaimer",
"text": "The information in this document is subject to change without notice, and should not be construed as a commitment by B\u0026R.\n\nB\u0026R provides no warranty, express or implied, including warranties of merchantability and fitness for a particular purpose, for the information contained in this document, and assumes no responsibility for any errors that may appear in this document. In no event shall B\u0026R or any of its suppliers be liable for direct, indirect, special, incidental or consequential damages of any nature or kind arising from the use of this document, or from the use of any hardware or software described in this document, even if B\u0026R or its suppliers have been advised of the possibility of such damages.\n\nThis document and parts hereof must not be reproduced or copied without written permission from B\u0026R, and the contents hereof must not be imparted to a third party nor used for any unauthorized purpose.\n\nAll rights to registrations and trademarks reside with their respective owners.",
"title": "Notice"
},
{
"category": "other",
"text": "For any installation of software related ABB products we strongly recommend the following (non-exhaustive) list of cyber security practices:\n\n- Isolate special purpose networks (e.g. for automation systems) and remote devices behind firewalls and separate them from any general purpose network (e.g. office or home networks).\n\n- Install physical controls so no unauthorized personnel can access your devices, components, peripheral equipment, and networks.\n\n- Never connect programming software or computers containing programing software to any network other than the network for the devices that it is intended for.\n\n- Scan all data imported into your environment before use to detect potential malware infections.\n\n- Minimize network exposure for all applications and endpoints to ensure that they are not accessible from the Internet unless they are designed for such exposure and the intended use requires such.\n\n- Ensure all nodes are always up to date in terms of installed software, operating system, and firmware patches as well as anti-virus and firewall.\n\n- When remote access is required, use secure methods, such as Virtual Private Networks (VPNs). Recognize that VPNs may have vulnerabilities and should be updated to the most current version available. Also, understand that VPNs are only as secure as the connected devices.\n\nFor more information on recommended practices, please refer to the following documents listed in the reference section:\n\n- Defense in Depth for B\u0026R products\n",
"title": "General security recommendations"
},
{
"category": "other",
"text": "B\u0026R has a rigorous internal cyber security continuous improvement process which involves regular testing with industry leading tools and periodic assessments to identify potential product issues. Occasionally an issue is determined to be a design or coding flaw with implications that may impact product cyber security.\n\nWhen a potential product vulnerability is identified or reported, B\u0026R immediately initiates our vulnerability handling process. This entails validating if the issue is in fact a product issue, identifying root causes, determining what related products may be impacted, developing a remediation, and notifying end users and governmental organizations.\n\nThe resulting Cyber Security Advisory intends to notify customers of the vulnerability and provide details on which products are impacted, how to mitigate the vulnerability or explain workarounds that minimize the potential risk as much as possible. The release of a Cyber Security Advisory should not be misconstrued as an affirmation or indication of an active threat or ongoing campaign targeting the products mentioned here. If B\u0026R is aware of any specific threats, it will be clearly mentioned in the communication.\n\nThe publication of this Cyber Security Advisory is an example of B\u0026R\u2019s commitment to the user community in support of this critical topic. Responsible disclosure is an important element in the chain of trust we work to maintain with our many customers. The release of an Advisory provides timely information which is essential to help ensure our customers are fully informed.",
"title": "Purpose"
},
{
"category": "faq",
"text": "What causes the vulnerabilities?\n- The vulnerabilities are caused by a vulnerable Linux Kernel component.\n\nWhat might an attacker use the vulnerability to do?\n- An authenticated attacker with low privileges may elevate privileges to root.\n\nCould the vulnerabilities be exploited remotely? \n- Yes, an attacker with privileges to login in a vulnerable system node could exploit these vulnerabilities. Recommended practices include that process control systems are physically protected, have no direct connections to the Internet, and are separated from other networks by means of a firewall system that has a minimal number of ports exposed. \n\nWhen this security advisory was issued, had B\u0026R received any reports that these vulnerabilities were being exploited?\n- B\u0026R is aware of reports indicating that these vulnerabilities had been exploited at the time this security advisory was originally issued; however, no exploitation has been observed in B\u0026R products.",
"title": "Frequently asked questions"
}
],
"publisher": {
"category": "vendor",
"name": "ABB PSIRT",
"namespace": "https://www.abb.com/global/en/company/about/cybersecurity/alerts-and-notifications"
},
"references": [
{
"category": "self",
"summary": "B\u0026R CYBERSECURITY ADVISORY - PDF Version ",
"url": "https://br-cws-assets.de-fra-1.linodeobjects.com/SA26P010-0ea64434.pdf"
},
{
"category": "self",
"summary": "B\u0026R CYBERSECURITY ADVISORY - CSAF Version ",
"url": "https://psirt.abb.com/csaf/2026/sa26p010.json"
},
{
"summary": "Defense in Depth for B\u0026R products",
"url": "https://www.br-automation.com/fileadmin/Cyber_Security_-_Defense_in_Depth_for_BR_Products-bdd37e82.pdf"
}
],
"title": "Impact of Linux Kernel vulnerabilities on B\u0026R products",
"tracking": {
"current_release_date": "2026-06-18T00:30:00.000Z",
"generator": {
"date": "2026-06-18T06:53:19.151Z",
"engine": {
"name": "Secvisogram",
"version": "2.6.4"
}
},
"id": "SA26P010",
"initial_release_date": "2026-06-11T00:30:00.000Z",
"revision_history": [
{
"date": "2026-06-11T00:30:00.000Z",
"legacy_version": "A",
"number": "1",
"summary": "Initial version."
},
{
"date": "2026-06-18T00:30:00.000Z",
"number": "2",
"summary": "Updating the CWE classification for CVE-2026-43494."
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=12",
"product": {
"name": "B\u0026R Industrial Automation GmbH Linux for B\u0026R \u003c=12",
"product_id": "AV1"
}
}
],
"category": "product_name",
"name": "Linux for B\u0026R"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cAPROL-AutoYaST-DVD- V4.4-010.10.260602",
"product": {
"name": "B\u0026R Industrial Automation GmbH APROL \u003cAPROL-AutoYaST-DVD- V4.4-010.10.260602",
"product_id": "AV2"
}
},
{
"category": "product_version",
"name": "APROL-AutoYaST-DVD- V4.4-010.10.260602",
"product": {
"name": "B\u0026R Industrial Automation GmbH APROL APROL-AutoYaST-DVD- V4.4-010.10.260602",
"product_id": "FX2"
}
}
],
"category": "product_name",
"name": "APROL"
},
{
"branches": [
{
"category": "product_version_range",
"name": "/all",
"product": {
"name": "B\u0026R Industrial Automation GmbH X20EDS410 /all",
"product_id": "AV3"
}
}
],
"category": "product_name",
"name": "X20EDS410"
}
],
"category": "vendor",
"name": "B\u0026R Industrial Automation GmbH"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-31431",
"cwe": {
"id": "CWE-669",
"name": "Incorrect Resource Transfer Between Spheres"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved: crypto: algif_aead - Revert to operating out-of-place This mostly reverts commit 72548b093ee3 except for the copying of the associated data. There is no benefit in operating in-place in algif_aead since the source and destination come from different mappings. Get rid of all the complexity added for in-place operation and just copy the AD directly.",
"title": "CVE description"
}
],
"product_status": {
"fixed": [
"FX2"
],
"known_affected": [
"AV1",
"AV2",
"AV3"
]
},
"references": [
{
"category": "external",
"summary": "NVD - CVE-2026-31431",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-31431"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "For affected products, software updates should be installed upon availability.\n\n Product\t Patch version\n- APROL\t : APROL-AutoYaST-DVD- V4.4-010.10.260602\n\nUntil remediated software versions are available, customers are required to conduct a risk assessment of their affected systems and to implement the mitigation measures and workarounds specified in this advisory.",
"product_ids": [
"AV2"
]
},
{
"category": "mitigation",
"details": "Successful exploitation of the vulnerabilities described in this advisory requires local access to the affected system with low-privileged user credentials. Customers are strongly advised to enforce strict access control policies on all Linux-based systems, ensuring that interactive access is exclusively granted to authorized and trusted personnel. This includes reviewing and hardening user account permissions and disabling unused accounts.\n\nRefer to section \u201cGeneral security recommendations\u201d for further advise on how to keep your system secure.\n",
"product_ids": [
"AV1",
"AV3"
]
},
{
"category": "workaround",
"details": "Security researchers have identified and validated the following workarounds to reduce exposure to the vulnerabilities described in this advisory. These measures do not remediate the underlying vulnerabilities but effectively block known attack vectors until patched software versions are deployed.\n\nImportant: Customers are advised to thoroughly test their systems after applying any of the listed workarounds. B\u0026R has no visibility into customer-specific applications running on the underlying Linux system. It is the customer\u0027s responsibility to assess whether the applied workarounds interfere with existing application workloads prior to deployment in production environments.\n\nFor Debian-based systems within an active support lifecycle, kernel patches addressing CVE-2026-31431 are already available via the official package repositories. Customers are strongly encouraged to apply these updates immediately by executing the following command:\nsudo apt update \u0026\u0026 sudo apt upgrade\nA system reboot is required after the upgrade for the updated kernel to take effect.\n\nTemporary Mitigation: If an immediate system update is not feasible, the affected kernel module (algif_aead) can be disabled persistently. Security researchers have confirmed this measure effectively prevents exploitation of CVE-2026-31431.\nExecute the following commands as root:\n\necho \"install algif_aead /bin/false\" \u003e /etc/modprobe.d/disable-algif.conf\nrmmod algif_aead 2\u003e/dev/null || true\n\nImpact assessment: Disabling the algif_aead module removes the AEAD socket interface from the kernel cryp-to API. This does not affect dm-crypt/LUKS, kTLS, IPsec/XFRM, OpenSSL, GnuTLS, NSS, or SSH. Applications explicitly configured to use the afalg engine or that directly bind aead, skcipher, or hash sockets via AF_ALG may be affected. To assess exposure prior to applying this workaround, run:\n\nlsof | grep AF_ALG",
"product_ids": [
"AV1",
"AV3"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"reportConfidence": "CONFIRMED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:H/RC:C",
"version": "3.1"
},
"products": [
"AV1",
"AV2",
"AV3"
]
}
],
"title": "CVE-2026-31431"
},
{
"cve": "CVE-2026-43284",
"cwe": {
"id": "CWE-123",
"name": "Write-what-where Condition"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags MSG_SPLICE_PAGES can attach pages from a pipe directly to an skb. TCP marks such skbs with SKBFL_SHARED_FRAG after skb_splice_from_iter(), so later paths that may modify packet data can first make a private copy. The IPv4/IPv6 datagram append paths did not set this flag when splicing pages into UDP skbs. That leaves an ESP-in-UDP packet made from shared pipe pages looking like an ordinary uncloned nonlinear skb. ESP input then takes the no-COW fast path for uncloned skbs without a frag_list and decrypts in place over data that is not owned privately by the skb. Mark IPv4/IPv6 datagram splice frags with SKBFL_SHARED_FRAG, matching TCP. Also make ESP input fall back to skb_cow_data() when the flag is present, so ESP does not decrypt external-ly backed frags in place. Private nonlinear skb frags still use the existing fast path. This intentionally does not change ESP output. In esp_output_head(), the path that appends the ESP trailer to existing skb tailroom without calling skb_cow_data() is not reachable for nonlinear skbs: skb_tailroom() returns zero when skb-\u003edata_len is nonzero, while ESP tailen is positive. Thus ESP output will either use the separate destination-frag path or fall back to skb_cow_data().",
"title": "CVE description"
}
],
"product_status": {
"fixed": [
"FX2"
],
"known_affected": [
"AV1",
"AV2",
"AV3"
]
},
"references": [
{
"category": "external",
"summary": "NVD - CVE-2026-43284",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-43284"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "For affected products, software updates should be installed upon availability.\n\n Product\t Patch version\n- APROL\t : APROL-AutoYaST-DVD- V4.4-010.10.260602\n\nUntil remediated software versions are available, customers are required to conduct a risk assessment of their affected systems and to implement the mitigation measures and workarounds specified in this advisory.",
"product_ids": [
"AV2"
]
},
{
"category": "mitigation",
"details": "Successful exploitation of the vulnerabilities described in this advisory requires local access to the affected system with low-privileged user credentials. Customers are strongly advised to enforce strict access control policies on all Linux-based systems, ensuring that interactive access is exclusively granted to authorized and trusted personnel. This includes reviewing and hardening user account permissions and disabling unused accounts.\n\nRefer to section \u201cGeneral security recommendations\u201d for further advise on how to keep your system secure.\n",
"product_ids": [
"AV1",
"AV3"
]
},
{
"category": "workaround",
"details": "Security researchers have identified and validated the following workarounds to reduce exposure to the vulnerabilities described in this advisory. These measures do not remediate the underlying vulnerabilities but effectively block known attack vectors until patched software versions are deployed.\n\nImportant: Customers are advised to thoroughly test their systems after applying any of the listed workarounds. B\u0026R has no visibility into customer-specific applications running on the underlying Linux system. It is the customer\u0027s responsibility to assess whether the applied workarounds interfere with existing application workloads prior to deployment in production environments.\n\nFor Debian-based systems within an active support lifecycle, kernel patches addressing CVE-2026-31431 are already available via the official package repositories. Customers are strongly encouraged to apply these updates immediately by executing the following command:\nsudo apt update \u0026\u0026 sudo apt upgrade\nA system reboot is required after the upgrade for the updated kernel to take effect.\n\nTemporary Mitigation: If an immediate system update is not feasible, the affected kernel module (algif_aead) can be disabled persistently. Security researchers have confirmed this measure effectively prevents exploitation of CVE-2026-31431.\nExecute the following commands as root:\n\necho \"install algif_aead /bin/false\" \u003e /etc/modprobe.d/disable-algif.conf\nrmmod algif_aead 2\u003e/dev/null || true\n\nImpact assessment: Disabling the algif_aead module removes the AEAD socket interface from the kernel cryp-to API. This does not affect dm-crypt/LUKS, kTLS, IPsec/XFRM, OpenSSL, GnuTLS, NSS, or SSH. Applications explicitly configured to use the afalg engine or that directly bind aead, skcipher, or hash sockets via AF_ALG may be affected. To assess exposure prior to applying this workaround, run:\n\nlsof | grep AF_ALG",
"product_ids": [
"AV1",
"AV3"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.9,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AV1",
"AV2",
"AV3"
]
}
],
"title": "CVE-2026-43284"
},
{
"cve": "CVE-2026-46333",
"cwe": {
"id": "CWE-269",
"name": "Improper Privilege Management"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved: ptrace: slightly saner \u0027get_dumpable()\u0027 logic The \u0027dumpability\u0027 of a task is fundamentally about the memory image of the task - the concept comes from whether it can core dump or not - and makes no sense when you don\u0027t have an associated mm. And almost all users do in fact use it only for the case where the task has a mm pointer. But we have one odd special case: ptrace_may_access() uses \u0027dumpable\u0027 to check various other things entirely independently of the MM (typically explicitly using flags like PTRACE_MODE_READ_FSCREDS). Including for threads that no longer have a VM (and maybe never did, like most kernel threads). It\u0027s not what this flag was designed for, but it is what it is. The ptrace code does check that the uid/gid matches, so you do have to be uid-0 to see kernel thread details, but this means that the traditional \"drop capabilities\" model doesn\u0027t make any difference for this all. Make it all make a *bit* more sense by saying that if you don\u0027t have a MM pointer, we\u0027ll use a cached \"last dumpability\" flag if the thread ever had a MM (it will be zero for kernel threads since it is never set), and require a proper CAP_SYS_PTRACE capability to override.",
"title": "CVE description"
}
],
"product_status": {
"fixed": [
"FX2"
],
"known_affected": [
"AV1",
"AV2",
"AV3"
]
},
"references": [
{
"category": "external",
"summary": "NVD - CVE-2026-46333",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-46333"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "For affected products, software updates should be installed upon availability.\n\n Product\t Patch version\n- APROL\t : APROL-AutoYaST-DVD- V4.4-010.10.260602\n\nUntil remediated software versions are available, customers are required to conduct a risk assessment of their affected systems and to implement the mitigation measures and workarounds specified in this advisory.",
"product_ids": [
"AV2"
]
},
{
"category": "mitigation",
"details": "Successful exploitation of the vulnerabilities described in this advisory requires local access to the affected system with low-privileged user credentials. Customers are strongly advised to enforce strict access control policies on all Linux-based systems, ensuring that interactive access is exclusively granted to authorized and trusted personnel. This includes reviewing and hardening user account permissions and disabling unused accounts.\n\nRefer to section \u201cGeneral security recommendations\u201d for further advise on how to keep your system secure.\n",
"product_ids": [
"AV1",
"AV3"
]
},
{
"category": "workaround",
"details": "Security researchers have identified and validated the following workarounds to reduce exposure to the vulnerabilities described in this advisory. These measures do not remediate the underlying vulnerabilities but effectively block known attack vectors until patched software versions are deployed.\n\nImportant: Customers are advised to thoroughly test their systems after applying any of the listed workarounds. B\u0026R has no visibility into customer-specific applications running on the underlying Linux system. It is the customer\u0027s responsibility to assess whether the applied workarounds interfere with existing application workloads prior to deployment in production environments.\n\nFor Debian-based systems within an active support lifecycle, kernel patches addressing CVE-2026-31431 are already available via the official package repositories. Customers are strongly encouraged to apply these updates immediately by executing the following command:\nsudo apt update \u0026\u0026 sudo apt upgrade\nA system reboot is required after the upgrade for the updated kernel to take effect.\n\nTemporary Mitigation: If an immediate system update is not feasible, the affected kernel module (algif_aead) can be disabled persistently. Security researchers have confirmed this measure effectively prevents exploitation of CVE-2026-31431.\nExecute the following commands as root:\n\necho \"install algif_aead /bin/false\" \u003e /etc/modprobe.d/disable-algif.conf\nrmmod algif_aead 2\u003e/dev/null || true\n\nImpact assessment: Disabling the algif_aead module removes the AEAD socket interface from the kernel cryp-to API. This does not affect dm-crypt/LUKS, kTLS, IPsec/XFRM, OpenSSL, GnuTLS, NSS, or SSH. Applications explicitly configured to use the afalg engine or that directly bind aead, skcipher, or hash sockets via AF_ALG may be affected. To assess exposure prior to applying this workaround, run:\n\nlsof | grep AF_ALG",
"product_ids": [
"AV1",
"AV3"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.1,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 7.1,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"AV1",
"AV2",
"AV3"
]
}
],
"title": "CVE-2026-46333"
},
{
"cve": "CVE-2026-46300",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved: net: skbuff: preserve shared-frag marker during coalescing skb_try_coalesce() can attach paged frags from @from to @to. If @from has SKBFL_SHARED_FRAG set, the resulting @to skb can contain the same externally-owned or page-cache-backed frags, but the shared-frag marker is currently lost. That breaks the invariant relied on by later in-place writers. In particular, ESP input checks skb_has_shared_frag() before deciding whether an uncloned nonlinear skb can skip skb_cow_data(). If TCP receive coalescing has moved shared frags into an unmarked skb, ESP can see skb_has_shared_frag() as false and decrypt in place over page-cache backed frags. Propagate SKBFL_SHARED_FRAG when skb_try_coalesce() transfers paged frags. The tailroom copy path does not need the marker because it copies bytes into @to\u0027s linear data rather than transferring frag descriptors..",
"title": "CVE description"
}
],
"product_status": {
"fixed": [
"FX2"
],
"known_affected": [
"AV1",
"AV2",
"AV3"
]
},
"references": [
{
"category": "external",
"summary": "NVD - CVE-2026-46300 ",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-46300"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "For affected products, software updates should be installed upon availability.\n\n Product\t Patch version\n- APROL\t : APROL-AutoYaST-DVD- V4.4-010.10.260602\n\nUntil remediated software versions are available, customers are required to conduct a risk assessment of their affected systems and to implement the mitigation measures and workarounds specified in this advisory.",
"product_ids": [
"AV2"
]
},
{
"category": "mitigation",
"details": "Successful exploitation of the vulnerabilities described in this advisory requires local access to the affected system with low-privileged user credentials. Customers are strongly advised to enforce strict access control policies on all Linux-based systems, ensuring that interactive access is exclusively granted to authorized and trusted personnel. This includes reviewing and hardening user account permissions and disabling unused accounts.\n\nRefer to section \u201cGeneral security recommendations\u201d for further advise on how to keep your system secure.\n",
"product_ids": [
"AV1",
"AV3"
]
},
{
"category": "workaround",
"details": "Security researchers have identified and validated the following workarounds to reduce exposure to the vulnerabilities described in this advisory. These measures do not remediate the underlying vulnerabilities but effectively block known attack vectors until patched software versions are deployed.\n\nImportant: Customers are advised to thoroughly test their systems after applying any of the listed workarounds. B\u0026R has no visibility into customer-specific applications running on the underlying Linux system. It is the customer\u0027s responsibility to assess whether the applied workarounds interfere with existing application workloads prior to deployment in production environments.\n\nFor Debian-based systems within an active support lifecycle, kernel patches addressing CVE-2026-31431 are already available via the official package repositories. Customers are strongly encouraged to apply these updates immediately by executing the following command:\nsudo apt update \u0026\u0026 sudo apt upgrade\nA system reboot is required after the upgrade for the updated kernel to take effect.\n\nTemporary Mitigation: If an immediate system update is not feasible, the affected kernel module (algif_aead) can be disabled persistently. Security researchers have confirmed this measure effectively prevents exploitation of CVE-2026-31431.\nExecute the following commands as root:\n\necho \"install algif_aead /bin/false\" \u003e /etc/modprobe.d/disable-algif.conf\nrmmod algif_aead 2\u003e/dev/null || true\n\nImpact assessment: Disabling the algif_aead module removes the AEAD socket interface from the kernel cryp-to API. This does not affect dm-crypt/LUKS, kTLS, IPsec/XFRM, OpenSSL, GnuTLS, NSS, or SSH. Applications explicitly configured to use the afalg engine or that directly bind aead, skcipher, or hash sockets via AF_ALG may be affected. To assess exposure prior to applying this workaround, run:\n\nlsof | grep AF_ALG",
"product_ids": [
"AV1",
"AV3"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AV1",
"AV2",
"AV3"
]
}
],
"title": "CVE-2026-46300"
},
{
"cve": "CVE-2026-43494",
"cwe": {
"id": "CWE-1341",
"name": "Multiple Releases of Same Resource or Handle"
},
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved: net/rds: reset op_nents when zerocopy page pin fails When iov_iter_get_pages2() fails in rds_message_zcopy_from_user(), the pinned pages are released with put_page(), and rm-\u003edata.op_mmp_znotifier is cleared. But we fail to properly clear rm-\u003edata.op_nents. Later when rds_message_purge() is called from rds_sendmsg() the cleanup loop iterates over the incorrectly non zero number of op_nents and frees them again. Fix this by properly resetting op_nents when it should be in rds_message_zcopy_from_user().",
"title": "CVE description"
}
],
"product_status": {
"fixed": [
"FX2"
],
"known_affected": [
"AV1",
"AV2",
"AV3"
]
},
"references": [
{
"category": "external",
"summary": "NVD - CVE-2026-43494",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-43494"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "For affected products, software updates should be installed upon availability.\n\n Product\t Patch version\n- APROL\t : APROL-AutoYaST-DVD- V4.4-010.10.260602\n\nUntil remediated software versions are available, customers are required to conduct a risk assessment of their affected systems and to implement the mitigation measures and workarounds specified in this advisory.",
"product_ids": [
"AV2"
]
},
{
"category": "mitigation",
"details": "Successful exploitation of the vulnerabilities described in this advisory requires local access to the affected system with low-privileged user credentials. Customers are strongly advised to enforce strict access control policies on all Linux-based systems, ensuring that interactive access is exclusively granted to authorized and trusted personnel. This includes reviewing and hardening user account permissions and disabling unused accounts.\n\nRefer to section \u201cGeneral security recommendations\u201d for further advise on how to keep your system secure.\n",
"product_ids": [
"AV1",
"AV3"
]
},
{
"category": "workaround",
"details": "Security researchers have identified and validated the following workarounds to reduce exposure to the vulnerabilities described in this advisory. These measures do not remediate the underlying vulnerabilities but effectively block known attack vectors until patched software versions are deployed.\n\nImportant: Customers are advised to thoroughly test their systems after applying any of the listed workarounds. B\u0026R has no visibility into customer-specific applications running on the underlying Linux system. It is the customer\u0027s responsibility to assess whether the applied workarounds interfere with existing application workloads prior to deployment in production environments.\n\nFor Debian-based systems within an active support lifecycle, kernel patches addressing CVE-2026-31431 are already available via the official package repositories. Customers are strongly encouraged to apply these updates immediately by executing the following command:\nsudo apt update \u0026\u0026 sudo apt upgrade\nA system reboot is required after the upgrade for the updated kernel to take effect.\n\nTemporary Mitigation: If an immediate system update is not feasible, the affected kernel module (algif_aead) can be disabled persistently. Security researchers have confirmed this measure effectively prevents exploitation of CVE-2026-31431.\nExecute the following commands as root:\n\necho \"install algif_aead /bin/false\" \u003e /etc/modprobe.d/disable-algif.conf\nrmmod algif_aead 2\u003e/dev/null || true\n\nImpact assessment: Disabling the algif_aead module removes the AEAD socket interface from the kernel cryp-to API. This does not affect dm-crypt/LUKS, kTLS, IPsec/XFRM, OpenSSL, GnuTLS, NSS, or SSH. Applications explicitly configured to use the afalg engine or that directly bind aead, skcipher, or hash sockets via AF_ALG may be affected. To assess exposure prior to applying this workaround, run:\n\nlsof | grep AF_ALG",
"product_ids": [
"AV1",
"AV3"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AV1",
"AV2",
"AV3"
]
}
],
"title": "CVE-2026-43494"
}
]
}
SUSE-RU-2026:21753-1
Vulnerability from csaf_suse - Published: 2026-05-18 13:37 - Updated: 2026-05-18 13:37| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.32.1.160000.2.13.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.32.1.160000.2.13.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.32.1.160000.2.13.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.32.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.32.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.32.1.noarch | — |
Vendor Fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Recommended update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 16.0 kernel was updated to fix one issue\n\nThe following non security issue was fixed:\n\n- CVE-2026-46333: Fixed logic bug in the Linux kernel\u0027s __ptrace_may_access() function (bsc#1265308).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SL-Micro-6.2-780",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-ru-2026_21753-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-RU-2026:21753-1",
"url": "https://www.suse.com/support/update/announcement//suse-ru-202621753-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-RU-2026:21753-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2026-May/046763.html"
},
{
"category": "self",
"summary": "SUSE Bug 1265308",
"url": "https://bugzilla.suse.com/1265308"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46333 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46333/"
}
],
"title": "Recommended update for the Linux Kernel",
"tracking": {
"current_release_date": "2026-05-18T13:37:31Z",
"generator": {
"date": "2026-05-18T13:37:31Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-RU-2026:21753-1",
"initial_release_date": "2026-05-18T13:37:31Z",
"revision_history": [
{
"date": "2026-05-18T13:37:31Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-64kb-6.12.0-160000.32.1.aarch64",
"product": {
"name": "kernel-64kb-6.12.0-160000.32.1.aarch64",
"product_id": "kernel-64kb-6.12.0-160000.32.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-64kb-devel-6.12.0-160000.32.1.aarch64",
"product": {
"name": "kernel-64kb-devel-6.12.0-160000.32.1.aarch64",
"product_id": "kernel-64kb-devel-6.12.0-160000.32.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-6.12.0-160000.32.1.aarch64",
"product": {
"name": "kernel-default-6.12.0-160000.32.1.aarch64",
"product_id": "kernel-default-6.12.0-160000.32.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-6.12.0-160000.32.1.160000.2.13.aarch64",
"product": {
"name": "kernel-default-base-6.12.0-160000.32.1.160000.2.13.aarch64",
"product_id": "kernel-default-base-6.12.0-160000.32.1.160000.2.13.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-6.12.0-160000.32.1.aarch64",
"product": {
"name": "kernel-default-devel-6.12.0-160000.32.1.aarch64",
"product_id": "kernel-default-devel-6.12.0-160000.32.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-6.12.0-160000.32.1.aarch64",
"product": {
"name": "kernel-default-extra-6.12.0-160000.32.1.aarch64",
"product_id": "kernel-default-extra-6.12.0-160000.32.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-rt-6.12.0-160000.32.1.aarch64",
"product": {
"name": "kernel-rt-6.12.0-160000.32.1.aarch64",
"product_id": "kernel-rt-6.12.0-160000.32.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-6.12.0-160000.32.1.aarch64",
"product": {
"name": "kernel-rt-devel-6.12.0-160000.32.1.aarch64",
"product_id": "kernel-rt-devel-6.12.0-160000.32.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-6.12.0-160000.32.1.noarch",
"product": {
"name": "kernel-devel-6.12.0-160000.32.1.noarch",
"product_id": "kernel-devel-6.12.0-160000.32.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-6.12.0-160000.32.1.noarch",
"product": {
"name": "kernel-macros-6.12.0-160000.32.1.noarch",
"product_id": "kernel-macros-6.12.0-160000.32.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-6.12.0-160000.32.1.noarch",
"product": {
"name": "kernel-source-6.12.0-160000.32.1.noarch",
"product_id": "kernel-source-6.12.0-160000.32.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-6.12.0-160000.32.1.ppc64le",
"product": {
"name": "kernel-default-6.12.0-160000.32.1.ppc64le",
"product_id": "kernel-default-6.12.0-160000.32.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-base-6.12.0-160000.32.1.160000.2.13.ppc64le",
"product": {
"name": "kernel-default-base-6.12.0-160000.32.1.160000.2.13.ppc64le",
"product_id": "kernel-default-base-6.12.0-160000.32.1.160000.2.13.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-6.12.0-160000.32.1.ppc64le",
"product": {
"name": "kernel-default-devel-6.12.0-160000.32.1.ppc64le",
"product_id": "kernel-default-devel-6.12.0-160000.32.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-6.12.0-160000.32.1.ppc64le",
"product": {
"name": "kernel-default-extra-6.12.0-160000.32.1.ppc64le",
"product_id": "kernel-default-extra-6.12.0-160000.32.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-6.12.0-160000.32.1.ppc64le",
"product": {
"name": "kernel-default-livepatch-6.12.0-160000.32.1.ppc64le",
"product_id": "kernel-default-livepatch-6.12.0-160000.32.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-6.12.0-160000.32.1.s390x",
"product": {
"name": "kernel-default-6.12.0-160000.32.1.s390x",
"product_id": "kernel-default-6.12.0-160000.32.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-6.12.0-160000.32.1.s390x",
"product": {
"name": "kernel-default-devel-6.12.0-160000.32.1.s390x",
"product_id": "kernel-default-devel-6.12.0-160000.32.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-6.12.0-160000.32.1.s390x",
"product": {
"name": "kernel-default-extra-6.12.0-160000.32.1.s390x",
"product_id": "kernel-default-extra-6.12.0-160000.32.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-6.12.0-160000.32.1.s390x",
"product": {
"name": "kernel-default-livepatch-6.12.0-160000.32.1.s390x",
"product_id": "kernel-default-livepatch-6.12.0-160000.32.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-6.12.0-160000.32.1.x86_64",
"product": {
"name": "kernel-default-6.12.0-160000.32.1.x86_64",
"product_id": "kernel-default-6.12.0-160000.32.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-6.12.0-160000.32.1.160000.2.13.x86_64",
"product": {
"name": "kernel-default-base-6.12.0-160000.32.1.160000.2.13.x86_64",
"product_id": "kernel-default-base-6.12.0-160000.32.1.160000.2.13.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-6.12.0-160000.32.1.x86_64",
"product": {
"name": "kernel-default-devel-6.12.0-160000.32.1.x86_64",
"product_id": "kernel-default-devel-6.12.0-160000.32.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-6.12.0-160000.32.1.x86_64",
"product": {
"name": "kernel-default-extra-6.12.0-160000.32.1.x86_64",
"product_id": "kernel-default-extra-6.12.0-160000.32.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-6.12.0-160000.32.1.x86_64",
"product": {
"name": "kernel-default-livepatch-6.12.0-160000.32.1.x86_64",
"product_id": "kernel-default-livepatch-6.12.0-160000.32.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-6.12.0-160000.32.1.x86_64",
"product": {
"name": "kernel-rt-6.12.0-160000.32.1.x86_64",
"product_id": "kernel-rt-6.12.0-160000.32.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-6.12.0-160000.32.1.x86_64",
"product": {
"name": "kernel-rt-devel-6.12.0-160000.32.1.x86_64",
"product_id": "kernel-rt-devel-6.12.0-160000.32.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-livepatch-6.12.0-160000.32.1.x86_64",
"product": {
"name": "kernel-rt-livepatch-6.12.0-160000.32.1.x86_64",
"product_id": "kernel-rt-livepatch-6.12.0-160000.32.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.2",
"product": {
"name": "SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-64kb-6.12.0-160000.32.1.aarch64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.32.1.aarch64"
},
"product_reference": "kernel-64kb-6.12.0-160000.32.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-64kb-devel-6.12.0-160000.32.1.aarch64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.32.1.aarch64"
},
"product_reference": "kernel-64kb-devel-6.12.0-160000.32.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.12.0-160000.32.1.aarch64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.32.1.aarch64"
},
"product_reference": "kernel-default-6.12.0-160000.32.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.12.0-160000.32.1.ppc64le as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.32.1.ppc64le"
},
"product_reference": "kernel-default-6.12.0-160000.32.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.12.0-160000.32.1.s390x as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.32.1.s390x"
},
"product_reference": "kernel-default-6.12.0-160000.32.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.12.0-160000.32.1.x86_64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.32.1.x86_64"
},
"product_reference": "kernel-default-6.12.0-160000.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-6.12.0-160000.32.1.160000.2.13.aarch64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.32.1.160000.2.13.aarch64"
},
"product_reference": "kernel-default-base-6.12.0-160000.32.1.160000.2.13.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-6.12.0-160000.32.1.160000.2.13.ppc64le as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.32.1.160000.2.13.ppc64le"
},
"product_reference": "kernel-default-base-6.12.0-160000.32.1.160000.2.13.ppc64le",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-6.12.0-160000.32.1.160000.2.13.x86_64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.32.1.160000.2.13.x86_64"
},
"product_reference": "kernel-default-base-6.12.0-160000.32.1.160000.2.13.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.12.0-160000.32.1.aarch64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.32.1.aarch64"
},
"product_reference": "kernel-default-devel-6.12.0-160000.32.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.12.0-160000.32.1.ppc64le as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.32.1.ppc64le"
},
"product_reference": "kernel-default-devel-6.12.0-160000.32.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.12.0-160000.32.1.s390x as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.32.1.s390x"
},
"product_reference": "kernel-default-devel-6.12.0-160000.32.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.12.0-160000.32.1.x86_64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.32.1.x86_64"
},
"product_reference": "kernel-default-devel-6.12.0-160000.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-extra-6.12.0-160000.32.1.aarch64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.32.1.aarch64"
},
"product_reference": "kernel-default-extra-6.12.0-160000.32.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-extra-6.12.0-160000.32.1.ppc64le as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.32.1.ppc64le"
},
"product_reference": "kernel-default-extra-6.12.0-160000.32.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-extra-6.12.0-160000.32.1.s390x as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.32.1.s390x"
},
"product_reference": "kernel-default-extra-6.12.0-160000.32.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-extra-6.12.0-160000.32.1.x86_64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.32.1.x86_64"
},
"product_reference": "kernel-default-extra-6.12.0-160000.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-6.12.0-160000.32.1.ppc64le as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.32.1.ppc64le"
},
"product_reference": "kernel-default-livepatch-6.12.0-160000.32.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-6.12.0-160000.32.1.s390x as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.32.1.s390x"
},
"product_reference": "kernel-default-livepatch-6.12.0-160000.32.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-6.12.0-160000.32.1.x86_64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.32.1.x86_64"
},
"product_reference": "kernel-default-livepatch-6.12.0-160000.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-6.12.0-160000.32.1.noarch as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.32.1.noarch"
},
"product_reference": "kernel-devel-6.12.0-160000.32.1.noarch",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-6.12.0-160000.32.1.noarch as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.32.1.noarch"
},
"product_reference": "kernel-macros-6.12.0-160000.32.1.noarch",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-6.12.0-160000.32.1.aarch64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.32.1.aarch64"
},
"product_reference": "kernel-rt-6.12.0-160000.32.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-6.12.0-160000.32.1.x86_64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.32.1.x86_64"
},
"product_reference": "kernel-rt-6.12.0-160000.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-6.12.0-160000.32.1.aarch64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.32.1.aarch64"
},
"product_reference": "kernel-rt-devel-6.12.0-160000.32.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-6.12.0-160000.32.1.x86_64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.32.1.x86_64"
},
"product_reference": "kernel-rt-devel-6.12.0-160000.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-livepatch-6.12.0-160000.32.1.x86_64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.32.1.x86_64"
},
"product_reference": "kernel-rt-livepatch-6.12.0-160000.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-6.12.0-160000.32.1.noarch as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.32.1.noarch"
},
"product_reference": "kernel-source-6.12.0-160000.32.1.noarch",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-46333",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46333"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nptrace: slightly saner \u0027get_dumpable()\u0027 logic\n\nThe \u0027dumpability\u0027 of a task is fundamentally about the memory image of\nthe task - the concept comes from whether it can core dump or not - and\nmakes no sense when you don\u0027t have an associated mm.\n\nAnd almost all users do in fact use it only for the case where the task\nhas a mm pointer.\n\nBut we have one odd special case: ptrace_may_access() uses \u0027dumpable\u0027 to\ncheck various other things entirely independently of the MM (typically\nexplicitly using flags like PTRACE_MODE_READ_FSCREDS). Including for\nthreads that no longer have a VM (and maybe never did, like most kernel\nthreads).\n\nIt\u0027s not what this flag was designed for, but it is what it is.\n\nThe ptrace code does check that the uid/gid matches, so you do have to\nbe uid-0 to see kernel thread details, but this means that the\ntraditional \"drop capabilities\" model doesn\u0027t make any difference for\nthis all.\n\nMake it all make a *bit* more sense by saying that if you don\u0027t have a\nMM pointer, we\u0027ll use a cached \"last dumpability\" flag if the thread\never had a MM (it will be zero for kernel threads since it is never\nset), and require a proper CAP_SYS_PTRACE capability to override.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.32.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.32.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.32.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.32.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.32.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.32.1.160000.2.13.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.32.1.160000.2.13.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.32.1.160000.2.13.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.32.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.32.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.32.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.32.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.32.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.32.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.32.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.32.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.32.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.32.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.32.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.32.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.32.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.32.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.32.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.32.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46333",
"url": "https://www.suse.com/security/cve/CVE-2026-46333"
},
{
"category": "external",
"summary": "SUSE Bug 1265308 for CVE-2026-46333",
"url": "https://bugzilla.suse.com/1265308"
},
{
"category": "external",
"summary": "SUSE Bug 1265384 for CVE-2026-46333",
"url": "https://bugzilla.suse.com/1265384"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.32.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.32.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.32.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.32.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.32.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.32.1.160000.2.13.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.32.1.160000.2.13.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.32.1.160000.2.13.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.32.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.32.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.32.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.32.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.32.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.32.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.32.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.32.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.32.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.32.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.32.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.32.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.32.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.32.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.32.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.32.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:kernel-64kb-6.12.0-160000.32.1.aarch64",
"SUSE Linux Micro 6.2:kernel-64kb-devel-6.12.0-160000.32.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.32.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.32.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-6.12.0-160000.32.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.32.1.160000.2.13.aarch64",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.32.1.160000.2.13.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-base-6.12.0-160000.32.1.160000.2.13.x86_64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.32.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.32.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-devel-6.12.0-160000.32.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.32.1.aarch64",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.32.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-extra-6.12.0-160000.32.1.x86_64",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.32.1.s390x",
"SUSE Linux Micro 6.2:kernel-default-livepatch-6.12.0-160000.32.1.x86_64",
"SUSE Linux Micro 6.2:kernel-devel-6.12.0-160000.32.1.noarch",
"SUSE Linux Micro 6.2:kernel-macros-6.12.0-160000.32.1.noarch",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.32.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-6.12.0-160000.32.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.32.1.aarch64",
"SUSE Linux Micro 6.2:kernel-rt-devel-6.12.0-160000.32.1.x86_64",
"SUSE Linux Micro 6.2:kernel-rt-livepatch-6.12.0-160000.32.1.x86_64",
"SUSE Linux Micro 6.2:kernel-source-6.12.0-160000.32.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-18T13:37:31Z",
"details": "important"
}
],
"title": "CVE-2026-46333"
}
]
}
SUSE-RU-2026:21783-1
Vulnerability from csaf_suse - Published: 2026-05-18 11:40 - Updated: 2026-05-18 11:40| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 16.0:cluster-md-kmp-default-6.12.0-160000.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 16.0:cluster-md-kmp-default-6.12.0-160000.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 16.0:cluster-md-kmp-default-6.12.0-160000.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 16.0:dlm-kmp-default-6.12.0-160000.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 16.0:dlm-kmp-default-6.12.0-160000.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 16.0:dlm-kmp-default-6.12.0-160000.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 16.0:gfs2-kmp-default-6.12.0-160000.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 16.0:gfs2-kmp-default-6.12.0-160000.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 16.0:gfs2-kmp-default-6.12.0-160000.32.1.x86_64 | — |
Vendor Fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Recommended update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 16.0 kernel was updated to fix one issue\n\nThe following non security issue was fixed:\n\n- CVE-2026-46333: Fixed logic bug in the Linux kernel\u0027s __ptrace_may_access() function (bsc#1265308).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLES-HA-16.0-780",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-ru-2026_21783-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-RU-2026:21783-1",
"url": "https://www.suse.com/support/update/announcement//suse-ru-202621783-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-RU-2026:21783-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2026-May/046830.html"
},
{
"category": "self",
"summary": "SUSE Bug 1265308",
"url": "https://bugzilla.suse.com/1265308"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46333 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46333/"
}
],
"title": "Recommended update for the Linux Kernel",
"tracking": {
"current_release_date": "2026-05-18T11:40:46Z",
"generator": {
"date": "2026-05-18T11:40:46Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-RU-2026:21783-1",
"initial_release_date": "2026-05-18T11:40:46Z",
"revision_history": [
{
"date": "2026-05-18T11:40:46Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-6.12.0-160000.32.1.ppc64le",
"product": {
"name": "cluster-md-kmp-default-6.12.0-160000.32.1.ppc64le",
"product_id": "cluster-md-kmp-default-6.12.0-160000.32.1.ppc64le"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-6.12.0-160000.32.1.ppc64le",
"product": {
"name": "dlm-kmp-default-6.12.0-160000.32.1.ppc64le",
"product_id": "dlm-kmp-default-6.12.0-160000.32.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-6.12.0-160000.32.1.ppc64le",
"product": {
"name": "gfs2-kmp-default-6.12.0-160000.32.1.ppc64le",
"product_id": "gfs2-kmp-default-6.12.0-160000.32.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-6.12.0-160000.32.1.s390x",
"product": {
"name": "cluster-md-kmp-default-6.12.0-160000.32.1.s390x",
"product_id": "cluster-md-kmp-default-6.12.0-160000.32.1.s390x"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-6.12.0-160000.32.1.s390x",
"product": {
"name": "dlm-kmp-default-6.12.0-160000.32.1.s390x",
"product_id": "dlm-kmp-default-6.12.0-160000.32.1.s390x"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-6.12.0-160000.32.1.s390x",
"product": {
"name": "gfs2-kmp-default-6.12.0-160000.32.1.s390x",
"product_id": "gfs2-kmp-default-6.12.0-160000.32.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-6.12.0-160000.32.1.x86_64",
"product": {
"name": "cluster-md-kmp-default-6.12.0-160000.32.1.x86_64",
"product_id": "cluster-md-kmp-default-6.12.0-160000.32.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-6.12.0-160000.32.1.x86_64",
"product": {
"name": "dlm-kmp-default-6.12.0-160000.32.1.x86_64",
"product_id": "dlm-kmp-default-6.12.0-160000.32.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-6.12.0-160000.32.1.x86_64",
"product": {
"name": "gfs2-kmp-default-6.12.0-160000.32.1.x86_64",
"product_id": "gfs2-kmp-default-6.12.0-160000.32.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Availability Extension 16.0",
"product": {
"name": "SUSE Linux Enterprise High Availability Extension 16.0",
"product_id": "SUSE Linux Enterprise High Availability Extension 16.0"
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-6.12.0-160000.32.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 16.0",
"product_id": "SUSE Linux Enterprise High Availability Extension 16.0:cluster-md-kmp-default-6.12.0-160000.32.1.ppc64le"
},
"product_reference": "cluster-md-kmp-default-6.12.0-160000.32.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-6.12.0-160000.32.1.s390x as component of SUSE Linux Enterprise High Availability Extension 16.0",
"product_id": "SUSE Linux Enterprise High Availability Extension 16.0:cluster-md-kmp-default-6.12.0-160000.32.1.s390x"
},
"product_reference": "cluster-md-kmp-default-6.12.0-160000.32.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-6.12.0-160000.32.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 16.0",
"product_id": "SUSE Linux Enterprise High Availability Extension 16.0:cluster-md-kmp-default-6.12.0-160000.32.1.x86_64"
},
"product_reference": "cluster-md-kmp-default-6.12.0-160000.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-6.12.0-160000.32.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 16.0",
"product_id": "SUSE Linux Enterprise High Availability Extension 16.0:dlm-kmp-default-6.12.0-160000.32.1.ppc64le"
},
"product_reference": "dlm-kmp-default-6.12.0-160000.32.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-6.12.0-160000.32.1.s390x as component of SUSE Linux Enterprise High Availability Extension 16.0",
"product_id": "SUSE Linux Enterprise High Availability Extension 16.0:dlm-kmp-default-6.12.0-160000.32.1.s390x"
},
"product_reference": "dlm-kmp-default-6.12.0-160000.32.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-6.12.0-160000.32.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 16.0",
"product_id": "SUSE Linux Enterprise High Availability Extension 16.0:dlm-kmp-default-6.12.0-160000.32.1.x86_64"
},
"product_reference": "dlm-kmp-default-6.12.0-160000.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-6.12.0-160000.32.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 16.0",
"product_id": "SUSE Linux Enterprise High Availability Extension 16.0:gfs2-kmp-default-6.12.0-160000.32.1.ppc64le"
},
"product_reference": "gfs2-kmp-default-6.12.0-160000.32.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-6.12.0-160000.32.1.s390x as component of SUSE Linux Enterprise High Availability Extension 16.0",
"product_id": "SUSE Linux Enterprise High Availability Extension 16.0:gfs2-kmp-default-6.12.0-160000.32.1.s390x"
},
"product_reference": "gfs2-kmp-default-6.12.0-160000.32.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-6.12.0-160000.32.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 16.0",
"product_id": "SUSE Linux Enterprise High Availability Extension 16.0:gfs2-kmp-default-6.12.0-160000.32.1.x86_64"
},
"product_reference": "gfs2-kmp-default-6.12.0-160000.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 16.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-46333",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46333"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nptrace: slightly saner \u0027get_dumpable()\u0027 logic\n\nThe \u0027dumpability\u0027 of a task is fundamentally about the memory image of\nthe task - the concept comes from whether it can core dump or not - and\nmakes no sense when you don\u0027t have an associated mm.\n\nAnd almost all users do in fact use it only for the case where the task\nhas a mm pointer.\n\nBut we have one odd special case: ptrace_may_access() uses \u0027dumpable\u0027 to\ncheck various other things entirely independently of the MM (typically\nexplicitly using flags like PTRACE_MODE_READ_FSCREDS). Including for\nthreads that no longer have a VM (and maybe never did, like most kernel\nthreads).\n\nIt\u0027s not what this flag was designed for, but it is what it is.\n\nThe ptrace code does check that the uid/gid matches, so you do have to\nbe uid-0 to see kernel thread details, but this means that the\ntraditional \"drop capabilities\" model doesn\u0027t make any difference for\nthis all.\n\nMake it all make a *bit* more sense by saying that if you don\u0027t have a\nMM pointer, we\u0027ll use a cached \"last dumpability\" flag if the thread\never had a MM (it will be zero for kernel threads since it is never\nset), and require a proper CAP_SYS_PTRACE capability to override.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 16.0:cluster-md-kmp-default-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 16.0:cluster-md-kmp-default-6.12.0-160000.32.1.s390x",
"SUSE Linux Enterprise High Availability Extension 16.0:cluster-md-kmp-default-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 16.0:dlm-kmp-default-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 16.0:dlm-kmp-default-6.12.0-160000.32.1.s390x",
"SUSE Linux Enterprise High Availability Extension 16.0:dlm-kmp-default-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 16.0:gfs2-kmp-default-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 16.0:gfs2-kmp-default-6.12.0-160000.32.1.s390x",
"SUSE Linux Enterprise High Availability Extension 16.0:gfs2-kmp-default-6.12.0-160000.32.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46333",
"url": "https://www.suse.com/security/cve/CVE-2026-46333"
},
{
"category": "external",
"summary": "SUSE Bug 1265308 for CVE-2026-46333",
"url": "https://bugzilla.suse.com/1265308"
},
{
"category": "external",
"summary": "SUSE Bug 1265384 for CVE-2026-46333",
"url": "https://bugzilla.suse.com/1265384"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 16.0:cluster-md-kmp-default-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 16.0:cluster-md-kmp-default-6.12.0-160000.32.1.s390x",
"SUSE Linux Enterprise High Availability Extension 16.0:cluster-md-kmp-default-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 16.0:dlm-kmp-default-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 16.0:dlm-kmp-default-6.12.0-160000.32.1.s390x",
"SUSE Linux Enterprise High Availability Extension 16.0:dlm-kmp-default-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 16.0:gfs2-kmp-default-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 16.0:gfs2-kmp-default-6.12.0-160000.32.1.s390x",
"SUSE Linux Enterprise High Availability Extension 16.0:gfs2-kmp-default-6.12.0-160000.32.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 16.0:cluster-md-kmp-default-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 16.0:cluster-md-kmp-default-6.12.0-160000.32.1.s390x",
"SUSE Linux Enterprise High Availability Extension 16.0:cluster-md-kmp-default-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 16.0:dlm-kmp-default-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 16.0:dlm-kmp-default-6.12.0-160000.32.1.s390x",
"SUSE Linux Enterprise High Availability Extension 16.0:dlm-kmp-default-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 16.0:gfs2-kmp-default-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 16.0:gfs2-kmp-default-6.12.0-160000.32.1.s390x",
"SUSE Linux Enterprise High Availability Extension 16.0:gfs2-kmp-default-6.12.0-160000.32.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-18T11:40:46Z",
"details": "important"
}
],
"title": "CVE-2026-46333"
}
]
}
SUSE-RU-2026:21820-1
Vulnerability from csaf_suse - Published: 2026-05-18 13:37 - Updated: 2026-05-18 13:37| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:cluster-md-kmp-default-6.12.0-160000.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:cluster-md-kmp-default-6.12.0-160000.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dlm-kmp-default-6.12.0-160000.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:dlm-kmp-default-6.12.0-160000.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:gfs2-kmp-default-6.12.0-160000.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:gfs2-kmp-default-6.12.0-160000.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-64kb-6.12.0-160000.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-64kb-devel-6.12.0-160000.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-64kb-extra-6.12.0-160000.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-azure-6.12.0-160000.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-azure-6.12.0-160000.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-azure-devel-6.12.0-160000.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-azure-devel-6.12.0-160000.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-azure-extra-6.12.0-160000.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-azure-extra-6.12.0-160000.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-azure-vdso-6.12.0-160000.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-default-6.12.0-160000.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-default-6.12.0-160000.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-default-6.12.0-160000.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-default-6.12.0-160000.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-default-base-6.12.0-160000.32.1.160000.2.13.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-default-base-6.12.0-160000.32.1.160000.2.13.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-default-base-6.12.0-160000.32.1.160000.2.13.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-default-devel-6.12.0-160000.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-default-devel-6.12.0-160000.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-default-devel-6.12.0-160000.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-default-devel-6.12.0-160000.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-default-extra-6.12.0-160000.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-default-extra-6.12.0-160000.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-default-extra-6.12.0-160000.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-default-extra-6.12.0-160000.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-default-livepatch-6.12.0-160000.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-default-livepatch-6.12.0-160000.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-default-livepatch-6.12.0-160000.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-default-vdso-6.12.0-160000.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-devel-6.12.0-160000.32.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-docs-6.12.0-160000.32.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-docs-html-6.12.0-160000.32.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-kvmsmall-6.12.0-160000.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-kvmsmall-6.12.0-160000.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-kvmsmall-6.12.0-160000.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-kvmsmall-devel-6.12.0-160000.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-kvmsmall-devel-6.12.0-160000.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-kvmsmall-devel-6.12.0-160000.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-kvmsmall-vdso-6.12.0-160000.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-macros-6.12.0-160000.32.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-obs-qa-6.12.0-160000.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-obs-qa-6.12.0-160000.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-obs-qa-6.12.0-160000.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-obs-qa-6.12.0-160000.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-source-6.12.0-160000.32.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-source-vanilla-6.12.0-160000.32.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-syms-6.12.0-160000.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-syms-6.12.0-160000.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-syms-6.12.0-160000.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-syms-6.12.0-160000.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:kernel-zfcpdump-6.12.0-160000.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:cluster-md-kmp-default-6.12.0-160000.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:cluster-md-kmp-default-6.12.0-160000.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dlm-kmp-default-6.12.0-160000.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:dlm-kmp-default-6.12.0-160000.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:gfs2-kmp-default-6.12.0-160000.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:gfs2-kmp-default-6.12.0-160000.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-64kb-6.12.0-160000.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-64kb-devel-6.12.0-160000.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-64kb-extra-6.12.0-160000.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-azure-6.12.0-160000.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-azure-6.12.0-160000.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-azure-devel-6.12.0-160000.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-azure-devel-6.12.0-160000.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-azure-extra-6.12.0-160000.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-azure-extra-6.12.0-160000.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-azure-vdso-6.12.0-160000.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-6.12.0-160000.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-6.12.0-160000.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-6.12.0-160000.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-6.12.0-160000.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-base-6.12.0-160000.32.1.160000.2.13.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-base-6.12.0-160000.32.1.160000.2.13.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-base-6.12.0-160000.32.1.160000.2.13.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-devel-6.12.0-160000.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-devel-6.12.0-160000.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-devel-6.12.0-160000.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-devel-6.12.0-160000.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-extra-6.12.0-160000.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-extra-6.12.0-160000.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-extra-6.12.0-160000.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-extra-6.12.0-160000.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-livepatch-6.12.0-160000.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-livepatch-6.12.0-160000.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-livepatch-6.12.0-160000.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-vdso-6.12.0-160000.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-devel-6.12.0-160000.32.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-docs-6.12.0-160000.32.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-docs-html-6.12.0-160000.32.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-kvmsmall-6.12.0-160000.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-kvmsmall-6.12.0-160000.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-kvmsmall-6.12.0-160000.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-kvmsmall-devel-6.12.0-160000.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-kvmsmall-devel-6.12.0-160000.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-kvmsmall-devel-6.12.0-160000.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-kvmsmall-vdso-6.12.0-160000.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-macros-6.12.0-160000.32.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-obs-qa-6.12.0-160000.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-obs-qa-6.12.0-160000.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-obs-qa-6.12.0-160000.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-obs-qa-6.12.0-160000.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-source-6.12.0-160000.32.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-source-vanilla-6.12.0-160000.32.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-syms-6.12.0-160000.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-syms-6.12.0-160000.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-syms-6.12.0-160000.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-syms-6.12.0-160000.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:kernel-zfcpdump-6.12.0-160000.32.1.s390x | — |
Vendor Fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Recommended update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 16.0 kernel was updated to fix one issue\n\nThe following non security issue was fixed:\n\n- CVE-2026-46333: Fixed logic bug in the Linux kernel\u0027s __ptrace_may_access() function (bsc#1265308).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLES-16.0-780",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-ru-2026_21820-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-RU-2026:21820-1",
"url": "https://www.suse.com/support/update/announcement//suse-ru-202621820-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-RU-2026:21820-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2026-May/046793.html"
},
{
"category": "self",
"summary": "SUSE Bug 1265308",
"url": "https://bugzilla.suse.com/1265308"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46333 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46333/"
}
],
"title": "Recommended update for the Linux Kernel",
"tracking": {
"current_release_date": "2026-05-18T13:37:31Z",
"generator": {
"date": "2026-05-18T13:37:31Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-RU-2026:21820-1",
"initial_release_date": "2026-05-18T13:37:31Z",
"revision_history": [
{
"date": "2026-05-18T13:37:31Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-64kb-6.12.0-160000.32.1.aarch64",
"product": {
"name": "kernel-64kb-6.12.0-160000.32.1.aarch64",
"product_id": "kernel-64kb-6.12.0-160000.32.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-64kb-devel-6.12.0-160000.32.1.aarch64",
"product": {
"name": "kernel-64kb-devel-6.12.0-160000.32.1.aarch64",
"product_id": "kernel-64kb-devel-6.12.0-160000.32.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-64kb-extra-6.12.0-160000.32.1.aarch64",
"product": {
"name": "kernel-64kb-extra-6.12.0-160000.32.1.aarch64",
"product_id": "kernel-64kb-extra-6.12.0-160000.32.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-azure-6.12.0-160000.32.1.aarch64",
"product": {
"name": "kernel-azure-6.12.0-160000.32.1.aarch64",
"product_id": "kernel-azure-6.12.0-160000.32.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-azure-devel-6.12.0-160000.32.1.aarch64",
"product": {
"name": "kernel-azure-devel-6.12.0-160000.32.1.aarch64",
"product_id": "kernel-azure-devel-6.12.0-160000.32.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-azure-extra-6.12.0-160000.32.1.aarch64",
"product": {
"name": "kernel-azure-extra-6.12.0-160000.32.1.aarch64",
"product_id": "kernel-azure-extra-6.12.0-160000.32.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-6.12.0-160000.32.1.aarch64",
"product": {
"name": "kernel-default-6.12.0-160000.32.1.aarch64",
"product_id": "kernel-default-6.12.0-160000.32.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-6.12.0-160000.32.1.160000.2.13.aarch64",
"product": {
"name": "kernel-default-base-6.12.0-160000.32.1.160000.2.13.aarch64",
"product_id": "kernel-default-base-6.12.0-160000.32.1.160000.2.13.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-6.12.0-160000.32.1.aarch64",
"product": {
"name": "kernel-default-devel-6.12.0-160000.32.1.aarch64",
"product_id": "kernel-default-devel-6.12.0-160000.32.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-6.12.0-160000.32.1.aarch64",
"product": {
"name": "kernel-default-extra-6.12.0-160000.32.1.aarch64",
"product_id": "kernel-default-extra-6.12.0-160000.32.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-6.12.0-160000.32.1.aarch64",
"product": {
"name": "kernel-kvmsmall-6.12.0-160000.32.1.aarch64",
"product_id": "kernel-kvmsmall-6.12.0-160000.32.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-devel-6.12.0-160000.32.1.aarch64",
"product": {
"name": "kernel-kvmsmall-devel-6.12.0-160000.32.1.aarch64",
"product_id": "kernel-kvmsmall-devel-6.12.0-160000.32.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-6.12.0-160000.32.1.aarch64",
"product": {
"name": "kernel-obs-qa-6.12.0-160000.32.1.aarch64",
"product_id": "kernel-obs-qa-6.12.0-160000.32.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-syms-6.12.0-160000.32.1.aarch64",
"product": {
"name": "kernel-syms-6.12.0-160000.32.1.aarch64",
"product_id": "kernel-syms-6.12.0-160000.32.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-6.12.0-160000.32.1.noarch",
"product": {
"name": "kernel-devel-6.12.0-160000.32.1.noarch",
"product_id": "kernel-devel-6.12.0-160000.32.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-6.12.0-160000.32.1.noarch",
"product": {
"name": "kernel-docs-6.12.0-160000.32.1.noarch",
"product_id": "kernel-docs-6.12.0-160000.32.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-html-6.12.0-160000.32.1.noarch",
"product": {
"name": "kernel-docs-html-6.12.0-160000.32.1.noarch",
"product_id": "kernel-docs-html-6.12.0-160000.32.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-6.12.0-160000.32.1.noarch",
"product": {
"name": "kernel-macros-6.12.0-160000.32.1.noarch",
"product_id": "kernel-macros-6.12.0-160000.32.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-6.12.0-160000.32.1.noarch",
"product": {
"name": "kernel-source-6.12.0-160000.32.1.noarch",
"product_id": "kernel-source-6.12.0-160000.32.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-vanilla-6.12.0-160000.32.1.noarch",
"product": {
"name": "kernel-source-vanilla-6.12.0-160000.32.1.noarch",
"product_id": "kernel-source-vanilla-6.12.0-160000.32.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-6.12.0-160000.32.1.ppc64le",
"product": {
"name": "cluster-md-kmp-default-6.12.0-160000.32.1.ppc64le",
"product_id": "cluster-md-kmp-default-6.12.0-160000.32.1.ppc64le"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-6.12.0-160000.32.1.ppc64le",
"product": {
"name": "dlm-kmp-default-6.12.0-160000.32.1.ppc64le",
"product_id": "dlm-kmp-default-6.12.0-160000.32.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-6.12.0-160000.32.1.ppc64le",
"product": {
"name": "gfs2-kmp-default-6.12.0-160000.32.1.ppc64le",
"product_id": "gfs2-kmp-default-6.12.0-160000.32.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-6.12.0-160000.32.1.ppc64le",
"product": {
"name": "kernel-default-6.12.0-160000.32.1.ppc64le",
"product_id": "kernel-default-6.12.0-160000.32.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-base-6.12.0-160000.32.1.160000.2.13.ppc64le",
"product": {
"name": "kernel-default-base-6.12.0-160000.32.1.160000.2.13.ppc64le",
"product_id": "kernel-default-base-6.12.0-160000.32.1.160000.2.13.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-6.12.0-160000.32.1.ppc64le",
"product": {
"name": "kernel-default-devel-6.12.0-160000.32.1.ppc64le",
"product_id": "kernel-default-devel-6.12.0-160000.32.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-6.12.0-160000.32.1.ppc64le",
"product": {
"name": "kernel-default-extra-6.12.0-160000.32.1.ppc64le",
"product_id": "kernel-default-extra-6.12.0-160000.32.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-6.12.0-160000.32.1.ppc64le",
"product": {
"name": "kernel-default-livepatch-6.12.0-160000.32.1.ppc64le",
"product_id": "kernel-default-livepatch-6.12.0-160000.32.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-6.12.0-160000.32.1.ppc64le",
"product": {
"name": "kernel-kvmsmall-6.12.0-160000.32.1.ppc64le",
"product_id": "kernel-kvmsmall-6.12.0-160000.32.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-devel-6.12.0-160000.32.1.ppc64le",
"product": {
"name": "kernel-kvmsmall-devel-6.12.0-160000.32.1.ppc64le",
"product_id": "kernel-kvmsmall-devel-6.12.0-160000.32.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-6.12.0-160000.32.1.ppc64le",
"product": {
"name": "kernel-obs-qa-6.12.0-160000.32.1.ppc64le",
"product_id": "kernel-obs-qa-6.12.0-160000.32.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-syms-6.12.0-160000.32.1.ppc64le",
"product": {
"name": "kernel-syms-6.12.0-160000.32.1.ppc64le",
"product_id": "kernel-syms-6.12.0-160000.32.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-6.12.0-160000.32.1.s390x",
"product": {
"name": "kernel-default-6.12.0-160000.32.1.s390x",
"product_id": "kernel-default-6.12.0-160000.32.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-6.12.0-160000.32.1.s390x",
"product": {
"name": "kernel-default-devel-6.12.0-160000.32.1.s390x",
"product_id": "kernel-default-devel-6.12.0-160000.32.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-6.12.0-160000.32.1.s390x",
"product": {
"name": "kernel-default-extra-6.12.0-160000.32.1.s390x",
"product_id": "kernel-default-extra-6.12.0-160000.32.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-6.12.0-160000.32.1.s390x",
"product": {
"name": "kernel-default-livepatch-6.12.0-160000.32.1.s390x",
"product_id": "kernel-default-livepatch-6.12.0-160000.32.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-6.12.0-160000.32.1.s390x",
"product": {
"name": "kernel-obs-qa-6.12.0-160000.32.1.s390x",
"product_id": "kernel-obs-qa-6.12.0-160000.32.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-syms-6.12.0-160000.32.1.s390x",
"product": {
"name": "kernel-syms-6.12.0-160000.32.1.s390x",
"product_id": "kernel-syms-6.12.0-160000.32.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-6.12.0-160000.32.1.s390x",
"product": {
"name": "kernel-zfcpdump-6.12.0-160000.32.1.s390x",
"product_id": "kernel-zfcpdump-6.12.0-160000.32.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-6.12.0-160000.32.1.x86_64",
"product": {
"name": "cluster-md-kmp-default-6.12.0-160000.32.1.x86_64",
"product_id": "cluster-md-kmp-default-6.12.0-160000.32.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-6.12.0-160000.32.1.x86_64",
"product": {
"name": "dlm-kmp-default-6.12.0-160000.32.1.x86_64",
"product_id": "dlm-kmp-default-6.12.0-160000.32.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-6.12.0-160000.32.1.x86_64",
"product": {
"name": "gfs2-kmp-default-6.12.0-160000.32.1.x86_64",
"product_id": "gfs2-kmp-default-6.12.0-160000.32.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-6.12.0-160000.32.1.x86_64",
"product": {
"name": "kernel-azure-6.12.0-160000.32.1.x86_64",
"product_id": "kernel-azure-6.12.0-160000.32.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-devel-6.12.0-160000.32.1.x86_64",
"product": {
"name": "kernel-azure-devel-6.12.0-160000.32.1.x86_64",
"product_id": "kernel-azure-devel-6.12.0-160000.32.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-extra-6.12.0-160000.32.1.x86_64",
"product": {
"name": "kernel-azure-extra-6.12.0-160000.32.1.x86_64",
"product_id": "kernel-azure-extra-6.12.0-160000.32.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-vdso-6.12.0-160000.32.1.x86_64",
"product": {
"name": "kernel-azure-vdso-6.12.0-160000.32.1.x86_64",
"product_id": "kernel-azure-vdso-6.12.0-160000.32.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-6.12.0-160000.32.1.x86_64",
"product": {
"name": "kernel-default-6.12.0-160000.32.1.x86_64",
"product_id": "kernel-default-6.12.0-160000.32.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-6.12.0-160000.32.1.160000.2.13.x86_64",
"product": {
"name": "kernel-default-base-6.12.0-160000.32.1.160000.2.13.x86_64",
"product_id": "kernel-default-base-6.12.0-160000.32.1.160000.2.13.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-6.12.0-160000.32.1.x86_64",
"product": {
"name": "kernel-default-devel-6.12.0-160000.32.1.x86_64",
"product_id": "kernel-default-devel-6.12.0-160000.32.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-6.12.0-160000.32.1.x86_64",
"product": {
"name": "kernel-default-extra-6.12.0-160000.32.1.x86_64",
"product_id": "kernel-default-extra-6.12.0-160000.32.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-6.12.0-160000.32.1.x86_64",
"product": {
"name": "kernel-default-livepatch-6.12.0-160000.32.1.x86_64",
"product_id": "kernel-default-livepatch-6.12.0-160000.32.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-vdso-6.12.0-160000.32.1.x86_64",
"product": {
"name": "kernel-default-vdso-6.12.0-160000.32.1.x86_64",
"product_id": "kernel-default-vdso-6.12.0-160000.32.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-6.12.0-160000.32.1.x86_64",
"product": {
"name": "kernel-kvmsmall-6.12.0-160000.32.1.x86_64",
"product_id": "kernel-kvmsmall-6.12.0-160000.32.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-devel-6.12.0-160000.32.1.x86_64",
"product": {
"name": "kernel-kvmsmall-devel-6.12.0-160000.32.1.x86_64",
"product_id": "kernel-kvmsmall-devel-6.12.0-160000.32.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-vdso-6.12.0-160000.32.1.x86_64",
"product": {
"name": "kernel-kvmsmall-vdso-6.12.0-160000.32.1.x86_64",
"product_id": "kernel-kvmsmall-vdso-6.12.0-160000.32.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-6.12.0-160000.32.1.x86_64",
"product": {
"name": "kernel-obs-qa-6.12.0-160000.32.1.x86_64",
"product_id": "kernel-obs-qa-6.12.0-160000.32.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-6.12.0-160000.32.1.x86_64",
"product": {
"name": "kernel-syms-6.12.0-160000.32.1.x86_64",
"product_id": "kernel-syms-6.12.0-160000.32.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 16.0",
"product": {
"name": "SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:16:16.0:server"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product": {
"name": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:16:16.0:server-sap"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-6.12.0-160000.32.1.ppc64le as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:cluster-md-kmp-default-6.12.0-160000.32.1.ppc64le"
},
"product_reference": "cluster-md-kmp-default-6.12.0-160000.32.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-6.12.0-160000.32.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:cluster-md-kmp-default-6.12.0-160000.32.1.x86_64"
},
"product_reference": "cluster-md-kmp-default-6.12.0-160000.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-6.12.0-160000.32.1.ppc64le as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:dlm-kmp-default-6.12.0-160000.32.1.ppc64le"
},
"product_reference": "dlm-kmp-default-6.12.0-160000.32.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-6.12.0-160000.32.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:dlm-kmp-default-6.12.0-160000.32.1.x86_64"
},
"product_reference": "dlm-kmp-default-6.12.0-160000.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-6.12.0-160000.32.1.ppc64le as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:gfs2-kmp-default-6.12.0-160000.32.1.ppc64le"
},
"product_reference": "gfs2-kmp-default-6.12.0-160000.32.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-6.12.0-160000.32.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:gfs2-kmp-default-6.12.0-160000.32.1.x86_64"
},
"product_reference": "gfs2-kmp-default-6.12.0-160000.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-64kb-6.12.0-160000.32.1.aarch64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:kernel-64kb-6.12.0-160000.32.1.aarch64"
},
"product_reference": "kernel-64kb-6.12.0-160000.32.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-64kb-devel-6.12.0-160000.32.1.aarch64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:kernel-64kb-devel-6.12.0-160000.32.1.aarch64"
},
"product_reference": "kernel-64kb-devel-6.12.0-160000.32.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-64kb-extra-6.12.0-160000.32.1.aarch64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:kernel-64kb-extra-6.12.0-160000.32.1.aarch64"
},
"product_reference": "kernel-64kb-extra-6.12.0-160000.32.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-6.12.0-160000.32.1.aarch64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:kernel-azure-6.12.0-160000.32.1.aarch64"
},
"product_reference": "kernel-azure-6.12.0-160000.32.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-6.12.0-160000.32.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:kernel-azure-6.12.0-160000.32.1.x86_64"
},
"product_reference": "kernel-azure-6.12.0-160000.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-devel-6.12.0-160000.32.1.aarch64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:kernel-azure-devel-6.12.0-160000.32.1.aarch64"
},
"product_reference": "kernel-azure-devel-6.12.0-160000.32.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-devel-6.12.0-160000.32.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:kernel-azure-devel-6.12.0-160000.32.1.x86_64"
},
"product_reference": "kernel-azure-devel-6.12.0-160000.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-extra-6.12.0-160000.32.1.aarch64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:kernel-azure-extra-6.12.0-160000.32.1.aarch64"
},
"product_reference": "kernel-azure-extra-6.12.0-160000.32.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-extra-6.12.0-160000.32.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:kernel-azure-extra-6.12.0-160000.32.1.x86_64"
},
"product_reference": "kernel-azure-extra-6.12.0-160000.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-vdso-6.12.0-160000.32.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:kernel-azure-vdso-6.12.0-160000.32.1.x86_64"
},
"product_reference": "kernel-azure-vdso-6.12.0-160000.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.12.0-160000.32.1.aarch64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:kernel-default-6.12.0-160000.32.1.aarch64"
},
"product_reference": "kernel-default-6.12.0-160000.32.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.12.0-160000.32.1.ppc64le as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:kernel-default-6.12.0-160000.32.1.ppc64le"
},
"product_reference": "kernel-default-6.12.0-160000.32.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.12.0-160000.32.1.s390x as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:kernel-default-6.12.0-160000.32.1.s390x"
},
"product_reference": "kernel-default-6.12.0-160000.32.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.12.0-160000.32.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:kernel-default-6.12.0-160000.32.1.x86_64"
},
"product_reference": "kernel-default-6.12.0-160000.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-6.12.0-160000.32.1.160000.2.13.aarch64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:kernel-default-base-6.12.0-160000.32.1.160000.2.13.aarch64"
},
"product_reference": "kernel-default-base-6.12.0-160000.32.1.160000.2.13.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-6.12.0-160000.32.1.160000.2.13.ppc64le as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:kernel-default-base-6.12.0-160000.32.1.160000.2.13.ppc64le"
},
"product_reference": "kernel-default-base-6.12.0-160000.32.1.160000.2.13.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-6.12.0-160000.32.1.160000.2.13.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:kernel-default-base-6.12.0-160000.32.1.160000.2.13.x86_64"
},
"product_reference": "kernel-default-base-6.12.0-160000.32.1.160000.2.13.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.12.0-160000.32.1.aarch64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:kernel-default-devel-6.12.0-160000.32.1.aarch64"
},
"product_reference": "kernel-default-devel-6.12.0-160000.32.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.12.0-160000.32.1.ppc64le as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:kernel-default-devel-6.12.0-160000.32.1.ppc64le"
},
"product_reference": "kernel-default-devel-6.12.0-160000.32.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.12.0-160000.32.1.s390x as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:kernel-default-devel-6.12.0-160000.32.1.s390x"
},
"product_reference": "kernel-default-devel-6.12.0-160000.32.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.12.0-160000.32.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:kernel-default-devel-6.12.0-160000.32.1.x86_64"
},
"product_reference": "kernel-default-devel-6.12.0-160000.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-extra-6.12.0-160000.32.1.aarch64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:kernel-default-extra-6.12.0-160000.32.1.aarch64"
},
"product_reference": "kernel-default-extra-6.12.0-160000.32.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-extra-6.12.0-160000.32.1.ppc64le as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:kernel-default-extra-6.12.0-160000.32.1.ppc64le"
},
"product_reference": "kernel-default-extra-6.12.0-160000.32.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-extra-6.12.0-160000.32.1.s390x as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:kernel-default-extra-6.12.0-160000.32.1.s390x"
},
"product_reference": "kernel-default-extra-6.12.0-160000.32.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-extra-6.12.0-160000.32.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:kernel-default-extra-6.12.0-160000.32.1.x86_64"
},
"product_reference": "kernel-default-extra-6.12.0-160000.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-6.12.0-160000.32.1.ppc64le as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:kernel-default-livepatch-6.12.0-160000.32.1.ppc64le"
},
"product_reference": "kernel-default-livepatch-6.12.0-160000.32.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-6.12.0-160000.32.1.s390x as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:kernel-default-livepatch-6.12.0-160000.32.1.s390x"
},
"product_reference": "kernel-default-livepatch-6.12.0-160000.32.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-6.12.0-160000.32.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:kernel-default-livepatch-6.12.0-160000.32.1.x86_64"
},
"product_reference": "kernel-default-livepatch-6.12.0-160000.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-vdso-6.12.0-160000.32.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:kernel-default-vdso-6.12.0-160000.32.1.x86_64"
},
"product_reference": "kernel-default-vdso-6.12.0-160000.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-6.12.0-160000.32.1.noarch as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:kernel-devel-6.12.0-160000.32.1.noarch"
},
"product_reference": "kernel-devel-6.12.0-160000.32.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-docs-6.12.0-160000.32.1.noarch as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:kernel-docs-6.12.0-160000.32.1.noarch"
},
"product_reference": "kernel-docs-6.12.0-160000.32.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-docs-html-6.12.0-160000.32.1.noarch as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:kernel-docs-html-6.12.0-160000.32.1.noarch"
},
"product_reference": "kernel-docs-html-6.12.0-160000.32.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-6.12.0-160000.32.1.aarch64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:kernel-kvmsmall-6.12.0-160000.32.1.aarch64"
},
"product_reference": "kernel-kvmsmall-6.12.0-160000.32.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-6.12.0-160000.32.1.ppc64le as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:kernel-kvmsmall-6.12.0-160000.32.1.ppc64le"
},
"product_reference": "kernel-kvmsmall-6.12.0-160000.32.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-6.12.0-160000.32.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:kernel-kvmsmall-6.12.0-160000.32.1.x86_64"
},
"product_reference": "kernel-kvmsmall-6.12.0-160000.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-devel-6.12.0-160000.32.1.aarch64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:kernel-kvmsmall-devel-6.12.0-160000.32.1.aarch64"
},
"product_reference": "kernel-kvmsmall-devel-6.12.0-160000.32.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-devel-6.12.0-160000.32.1.ppc64le as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:kernel-kvmsmall-devel-6.12.0-160000.32.1.ppc64le"
},
"product_reference": "kernel-kvmsmall-devel-6.12.0-160000.32.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-devel-6.12.0-160000.32.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:kernel-kvmsmall-devel-6.12.0-160000.32.1.x86_64"
},
"product_reference": "kernel-kvmsmall-devel-6.12.0-160000.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-vdso-6.12.0-160000.32.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:kernel-kvmsmall-vdso-6.12.0-160000.32.1.x86_64"
},
"product_reference": "kernel-kvmsmall-vdso-6.12.0-160000.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-6.12.0-160000.32.1.noarch as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:kernel-macros-6.12.0-160000.32.1.noarch"
},
"product_reference": "kernel-macros-6.12.0-160000.32.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-qa-6.12.0-160000.32.1.aarch64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:kernel-obs-qa-6.12.0-160000.32.1.aarch64"
},
"product_reference": "kernel-obs-qa-6.12.0-160000.32.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-qa-6.12.0-160000.32.1.ppc64le as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:kernel-obs-qa-6.12.0-160000.32.1.ppc64le"
},
"product_reference": "kernel-obs-qa-6.12.0-160000.32.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-qa-6.12.0-160000.32.1.s390x as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:kernel-obs-qa-6.12.0-160000.32.1.s390x"
},
"product_reference": "kernel-obs-qa-6.12.0-160000.32.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-qa-6.12.0-160000.32.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:kernel-obs-qa-6.12.0-160000.32.1.x86_64"
},
"product_reference": "kernel-obs-qa-6.12.0-160000.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-6.12.0-160000.32.1.noarch as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:kernel-source-6.12.0-160000.32.1.noarch"
},
"product_reference": "kernel-source-6.12.0-160000.32.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-vanilla-6.12.0-160000.32.1.noarch as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:kernel-source-vanilla-6.12.0-160000.32.1.noarch"
},
"product_reference": "kernel-source-vanilla-6.12.0-160000.32.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-6.12.0-160000.32.1.aarch64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:kernel-syms-6.12.0-160000.32.1.aarch64"
},
"product_reference": "kernel-syms-6.12.0-160000.32.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-6.12.0-160000.32.1.ppc64le as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:kernel-syms-6.12.0-160000.32.1.ppc64le"
},
"product_reference": "kernel-syms-6.12.0-160000.32.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-6.12.0-160000.32.1.s390x as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:kernel-syms-6.12.0-160000.32.1.s390x"
},
"product_reference": "kernel-syms-6.12.0-160000.32.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-6.12.0-160000.32.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:kernel-syms-6.12.0-160000.32.1.x86_64"
},
"product_reference": "kernel-syms-6.12.0-160000.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-zfcpdump-6.12.0-160000.32.1.s390x as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:kernel-zfcpdump-6.12.0-160000.32.1.s390x"
},
"product_reference": "kernel-zfcpdump-6.12.0-160000.32.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-6.12.0-160000.32.1.ppc64le as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:cluster-md-kmp-default-6.12.0-160000.32.1.ppc64le"
},
"product_reference": "cluster-md-kmp-default-6.12.0-160000.32.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-6.12.0-160000.32.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:cluster-md-kmp-default-6.12.0-160000.32.1.x86_64"
},
"product_reference": "cluster-md-kmp-default-6.12.0-160000.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-6.12.0-160000.32.1.ppc64le as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:dlm-kmp-default-6.12.0-160000.32.1.ppc64le"
},
"product_reference": "dlm-kmp-default-6.12.0-160000.32.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-6.12.0-160000.32.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:dlm-kmp-default-6.12.0-160000.32.1.x86_64"
},
"product_reference": "dlm-kmp-default-6.12.0-160000.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-6.12.0-160000.32.1.ppc64le as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:gfs2-kmp-default-6.12.0-160000.32.1.ppc64le"
},
"product_reference": "gfs2-kmp-default-6.12.0-160000.32.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-6.12.0-160000.32.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:gfs2-kmp-default-6.12.0-160000.32.1.x86_64"
},
"product_reference": "gfs2-kmp-default-6.12.0-160000.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-64kb-6.12.0-160000.32.1.aarch64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-64kb-6.12.0-160000.32.1.aarch64"
},
"product_reference": "kernel-64kb-6.12.0-160000.32.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-64kb-devel-6.12.0-160000.32.1.aarch64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-64kb-devel-6.12.0-160000.32.1.aarch64"
},
"product_reference": "kernel-64kb-devel-6.12.0-160000.32.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-64kb-extra-6.12.0-160000.32.1.aarch64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-64kb-extra-6.12.0-160000.32.1.aarch64"
},
"product_reference": "kernel-64kb-extra-6.12.0-160000.32.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-6.12.0-160000.32.1.aarch64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-azure-6.12.0-160000.32.1.aarch64"
},
"product_reference": "kernel-azure-6.12.0-160000.32.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-6.12.0-160000.32.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-azure-6.12.0-160000.32.1.x86_64"
},
"product_reference": "kernel-azure-6.12.0-160000.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-devel-6.12.0-160000.32.1.aarch64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-azure-devel-6.12.0-160000.32.1.aarch64"
},
"product_reference": "kernel-azure-devel-6.12.0-160000.32.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-devel-6.12.0-160000.32.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-azure-devel-6.12.0-160000.32.1.x86_64"
},
"product_reference": "kernel-azure-devel-6.12.0-160000.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-extra-6.12.0-160000.32.1.aarch64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-azure-extra-6.12.0-160000.32.1.aarch64"
},
"product_reference": "kernel-azure-extra-6.12.0-160000.32.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-extra-6.12.0-160000.32.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-azure-extra-6.12.0-160000.32.1.x86_64"
},
"product_reference": "kernel-azure-extra-6.12.0-160000.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-vdso-6.12.0-160000.32.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-azure-vdso-6.12.0-160000.32.1.x86_64"
},
"product_reference": "kernel-azure-vdso-6.12.0-160000.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.12.0-160000.32.1.aarch64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-6.12.0-160000.32.1.aarch64"
},
"product_reference": "kernel-default-6.12.0-160000.32.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.12.0-160000.32.1.ppc64le as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-6.12.0-160000.32.1.ppc64le"
},
"product_reference": "kernel-default-6.12.0-160000.32.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.12.0-160000.32.1.s390x as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-6.12.0-160000.32.1.s390x"
},
"product_reference": "kernel-default-6.12.0-160000.32.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.12.0-160000.32.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-6.12.0-160000.32.1.x86_64"
},
"product_reference": "kernel-default-6.12.0-160000.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-6.12.0-160000.32.1.160000.2.13.aarch64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-base-6.12.0-160000.32.1.160000.2.13.aarch64"
},
"product_reference": "kernel-default-base-6.12.0-160000.32.1.160000.2.13.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-6.12.0-160000.32.1.160000.2.13.ppc64le as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-base-6.12.0-160000.32.1.160000.2.13.ppc64le"
},
"product_reference": "kernel-default-base-6.12.0-160000.32.1.160000.2.13.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-6.12.0-160000.32.1.160000.2.13.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-base-6.12.0-160000.32.1.160000.2.13.x86_64"
},
"product_reference": "kernel-default-base-6.12.0-160000.32.1.160000.2.13.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.12.0-160000.32.1.aarch64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-devel-6.12.0-160000.32.1.aarch64"
},
"product_reference": "kernel-default-devel-6.12.0-160000.32.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.12.0-160000.32.1.ppc64le as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-devel-6.12.0-160000.32.1.ppc64le"
},
"product_reference": "kernel-default-devel-6.12.0-160000.32.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.12.0-160000.32.1.s390x as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-devel-6.12.0-160000.32.1.s390x"
},
"product_reference": "kernel-default-devel-6.12.0-160000.32.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.12.0-160000.32.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-devel-6.12.0-160000.32.1.x86_64"
},
"product_reference": "kernel-default-devel-6.12.0-160000.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-extra-6.12.0-160000.32.1.aarch64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-extra-6.12.0-160000.32.1.aarch64"
},
"product_reference": "kernel-default-extra-6.12.0-160000.32.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-extra-6.12.0-160000.32.1.ppc64le as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-extra-6.12.0-160000.32.1.ppc64le"
},
"product_reference": "kernel-default-extra-6.12.0-160000.32.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-extra-6.12.0-160000.32.1.s390x as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-extra-6.12.0-160000.32.1.s390x"
},
"product_reference": "kernel-default-extra-6.12.0-160000.32.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-extra-6.12.0-160000.32.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-extra-6.12.0-160000.32.1.x86_64"
},
"product_reference": "kernel-default-extra-6.12.0-160000.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-6.12.0-160000.32.1.ppc64le as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-livepatch-6.12.0-160000.32.1.ppc64le"
},
"product_reference": "kernel-default-livepatch-6.12.0-160000.32.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-6.12.0-160000.32.1.s390x as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-livepatch-6.12.0-160000.32.1.s390x"
},
"product_reference": "kernel-default-livepatch-6.12.0-160000.32.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-6.12.0-160000.32.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-livepatch-6.12.0-160000.32.1.x86_64"
},
"product_reference": "kernel-default-livepatch-6.12.0-160000.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-vdso-6.12.0-160000.32.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-vdso-6.12.0-160000.32.1.x86_64"
},
"product_reference": "kernel-default-vdso-6.12.0-160000.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-6.12.0-160000.32.1.noarch as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-devel-6.12.0-160000.32.1.noarch"
},
"product_reference": "kernel-devel-6.12.0-160000.32.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-docs-6.12.0-160000.32.1.noarch as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-docs-6.12.0-160000.32.1.noarch"
},
"product_reference": "kernel-docs-6.12.0-160000.32.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-docs-html-6.12.0-160000.32.1.noarch as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-docs-html-6.12.0-160000.32.1.noarch"
},
"product_reference": "kernel-docs-html-6.12.0-160000.32.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-6.12.0-160000.32.1.aarch64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-kvmsmall-6.12.0-160000.32.1.aarch64"
},
"product_reference": "kernel-kvmsmall-6.12.0-160000.32.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-6.12.0-160000.32.1.ppc64le as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-kvmsmall-6.12.0-160000.32.1.ppc64le"
},
"product_reference": "kernel-kvmsmall-6.12.0-160000.32.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-6.12.0-160000.32.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-kvmsmall-6.12.0-160000.32.1.x86_64"
},
"product_reference": "kernel-kvmsmall-6.12.0-160000.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-devel-6.12.0-160000.32.1.aarch64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-kvmsmall-devel-6.12.0-160000.32.1.aarch64"
},
"product_reference": "kernel-kvmsmall-devel-6.12.0-160000.32.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-devel-6.12.0-160000.32.1.ppc64le as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-kvmsmall-devel-6.12.0-160000.32.1.ppc64le"
},
"product_reference": "kernel-kvmsmall-devel-6.12.0-160000.32.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-devel-6.12.0-160000.32.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-kvmsmall-devel-6.12.0-160000.32.1.x86_64"
},
"product_reference": "kernel-kvmsmall-devel-6.12.0-160000.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-vdso-6.12.0-160000.32.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-kvmsmall-vdso-6.12.0-160000.32.1.x86_64"
},
"product_reference": "kernel-kvmsmall-vdso-6.12.0-160000.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-6.12.0-160000.32.1.noarch as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-macros-6.12.0-160000.32.1.noarch"
},
"product_reference": "kernel-macros-6.12.0-160000.32.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-qa-6.12.0-160000.32.1.aarch64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-obs-qa-6.12.0-160000.32.1.aarch64"
},
"product_reference": "kernel-obs-qa-6.12.0-160000.32.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-qa-6.12.0-160000.32.1.ppc64le as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-obs-qa-6.12.0-160000.32.1.ppc64le"
},
"product_reference": "kernel-obs-qa-6.12.0-160000.32.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-qa-6.12.0-160000.32.1.s390x as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-obs-qa-6.12.0-160000.32.1.s390x"
},
"product_reference": "kernel-obs-qa-6.12.0-160000.32.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-qa-6.12.0-160000.32.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-obs-qa-6.12.0-160000.32.1.x86_64"
},
"product_reference": "kernel-obs-qa-6.12.0-160000.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-6.12.0-160000.32.1.noarch as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-source-6.12.0-160000.32.1.noarch"
},
"product_reference": "kernel-source-6.12.0-160000.32.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-vanilla-6.12.0-160000.32.1.noarch as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-source-vanilla-6.12.0-160000.32.1.noarch"
},
"product_reference": "kernel-source-vanilla-6.12.0-160000.32.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-6.12.0-160000.32.1.aarch64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-syms-6.12.0-160000.32.1.aarch64"
},
"product_reference": "kernel-syms-6.12.0-160000.32.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-6.12.0-160000.32.1.ppc64le as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-syms-6.12.0-160000.32.1.ppc64le"
},
"product_reference": "kernel-syms-6.12.0-160000.32.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-6.12.0-160000.32.1.s390x as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-syms-6.12.0-160000.32.1.s390x"
},
"product_reference": "kernel-syms-6.12.0-160000.32.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-6.12.0-160000.32.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-syms-6.12.0-160000.32.1.x86_64"
},
"product_reference": "kernel-syms-6.12.0-160000.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-zfcpdump-6.12.0-160000.32.1.s390x as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:kernel-zfcpdump-6.12.0-160000.32.1.s390x"
},
"product_reference": "kernel-zfcpdump-6.12.0-160000.32.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-46333",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46333"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nptrace: slightly saner \u0027get_dumpable()\u0027 logic\n\nThe \u0027dumpability\u0027 of a task is fundamentally about the memory image of\nthe task - the concept comes from whether it can core dump or not - and\nmakes no sense when you don\u0027t have an associated mm.\n\nAnd almost all users do in fact use it only for the case where the task\nhas a mm pointer.\n\nBut we have one odd special case: ptrace_may_access() uses \u0027dumpable\u0027 to\ncheck various other things entirely independently of the MM (typically\nexplicitly using flags like PTRACE_MODE_READ_FSCREDS). Including for\nthreads that no longer have a VM (and maybe never did, like most kernel\nthreads).\n\nIt\u0027s not what this flag was designed for, but it is what it is.\n\nThe ptrace code does check that the uid/gid matches, so you do have to\nbe uid-0 to see kernel thread details, but this means that the\ntraditional \"drop capabilities\" model doesn\u0027t make any difference for\nthis all.\n\nMake it all make a *bit* more sense by saying that if you don\u0027t have a\nMM pointer, we\u0027ll use a cached \"last dumpability\" flag if the thread\never had a MM (it will be zero for kernel threads since it is never\nset), and require a proper CAP_SYS_PTRACE capability to override.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:cluster-md-kmp-default-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:cluster-md-kmp-default-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dlm-kmp-default-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dlm-kmp-default-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server 16.0:gfs2-kmp-default-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:gfs2-kmp-default-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server 16.0:kernel-64kb-6.12.0-160000.32.1.aarch64",
"SUSE Linux Enterprise Server 16.0:kernel-64kb-devel-6.12.0-160000.32.1.aarch64",
"SUSE Linux Enterprise Server 16.0:kernel-64kb-extra-6.12.0-160000.32.1.aarch64",
"SUSE Linux Enterprise Server 16.0:kernel-azure-6.12.0-160000.32.1.aarch64",
"SUSE Linux Enterprise Server 16.0:kernel-azure-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server 16.0:kernel-azure-devel-6.12.0-160000.32.1.aarch64",
"SUSE Linux Enterprise Server 16.0:kernel-azure-devel-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server 16.0:kernel-azure-extra-6.12.0-160000.32.1.aarch64",
"SUSE Linux Enterprise Server 16.0:kernel-azure-extra-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server 16.0:kernel-azure-vdso-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server 16.0:kernel-default-6.12.0-160000.32.1.aarch64",
"SUSE Linux Enterprise Server 16.0:kernel-default-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-default-6.12.0-160000.32.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-default-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server 16.0:kernel-default-base-6.12.0-160000.32.1.160000.2.13.aarch64",
"SUSE Linux Enterprise Server 16.0:kernel-default-base-6.12.0-160000.32.1.160000.2.13.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-default-base-6.12.0-160000.32.1.160000.2.13.x86_64",
"SUSE Linux Enterprise Server 16.0:kernel-default-devel-6.12.0-160000.32.1.aarch64",
"SUSE Linux Enterprise Server 16.0:kernel-default-devel-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-default-devel-6.12.0-160000.32.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-default-devel-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server 16.0:kernel-default-extra-6.12.0-160000.32.1.aarch64",
"SUSE Linux Enterprise Server 16.0:kernel-default-extra-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-default-extra-6.12.0-160000.32.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-default-extra-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server 16.0:kernel-default-livepatch-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-default-livepatch-6.12.0-160000.32.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-default-livepatch-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server 16.0:kernel-default-vdso-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server 16.0:kernel-devel-6.12.0-160000.32.1.noarch",
"SUSE Linux Enterprise Server 16.0:kernel-docs-6.12.0-160000.32.1.noarch",
"SUSE Linux Enterprise Server 16.0:kernel-docs-html-6.12.0-160000.32.1.noarch",
"SUSE Linux Enterprise Server 16.0:kernel-kvmsmall-6.12.0-160000.32.1.aarch64",
"SUSE Linux Enterprise Server 16.0:kernel-kvmsmall-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-kvmsmall-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server 16.0:kernel-kvmsmall-devel-6.12.0-160000.32.1.aarch64",
"SUSE Linux Enterprise Server 16.0:kernel-kvmsmall-devel-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-kvmsmall-devel-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server 16.0:kernel-kvmsmall-vdso-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server 16.0:kernel-macros-6.12.0-160000.32.1.noarch",
"SUSE Linux Enterprise Server 16.0:kernel-obs-qa-6.12.0-160000.32.1.aarch64",
"SUSE Linux Enterprise Server 16.0:kernel-obs-qa-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-obs-qa-6.12.0-160000.32.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-obs-qa-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server 16.0:kernel-source-6.12.0-160000.32.1.noarch",
"SUSE Linux Enterprise Server 16.0:kernel-source-vanilla-6.12.0-160000.32.1.noarch",
"SUSE Linux Enterprise Server 16.0:kernel-syms-6.12.0-160000.32.1.aarch64",
"SUSE Linux Enterprise Server 16.0:kernel-syms-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-syms-6.12.0-160000.32.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-syms-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server 16.0:kernel-zfcpdump-6.12.0-160000.32.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:cluster-md-kmp-default-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:cluster-md-kmp-default-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dlm-kmp-default-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dlm-kmp-default-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:gfs2-kmp-default-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:gfs2-kmp-default-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-64kb-6.12.0-160000.32.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-64kb-devel-6.12.0-160000.32.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-64kb-extra-6.12.0-160000.32.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-azure-6.12.0-160000.32.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-azure-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-azure-devel-6.12.0-160000.32.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-azure-devel-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-azure-extra-6.12.0-160000.32.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-azure-extra-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-azure-vdso-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-6.12.0-160000.32.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-6.12.0-160000.32.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-base-6.12.0-160000.32.1.160000.2.13.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-base-6.12.0-160000.32.1.160000.2.13.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-base-6.12.0-160000.32.1.160000.2.13.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-devel-6.12.0-160000.32.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-devel-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-devel-6.12.0-160000.32.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-devel-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-extra-6.12.0-160000.32.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-extra-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-extra-6.12.0-160000.32.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-extra-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-livepatch-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-livepatch-6.12.0-160000.32.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-livepatch-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-vdso-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-devel-6.12.0-160000.32.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-docs-6.12.0-160000.32.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-docs-html-6.12.0-160000.32.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-kvmsmall-6.12.0-160000.32.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-kvmsmall-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-kvmsmall-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-kvmsmall-devel-6.12.0-160000.32.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-kvmsmall-devel-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-kvmsmall-devel-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-kvmsmall-vdso-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-macros-6.12.0-160000.32.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-obs-qa-6.12.0-160000.32.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-obs-qa-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-obs-qa-6.12.0-160000.32.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-obs-qa-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-source-6.12.0-160000.32.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-source-vanilla-6.12.0-160000.32.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-syms-6.12.0-160000.32.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-syms-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-syms-6.12.0-160000.32.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-syms-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-zfcpdump-6.12.0-160000.32.1.s390x"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46333",
"url": "https://www.suse.com/security/cve/CVE-2026-46333"
},
{
"category": "external",
"summary": "SUSE Bug 1265308 for CVE-2026-46333",
"url": "https://bugzilla.suse.com/1265308"
},
{
"category": "external",
"summary": "SUSE Bug 1265384 for CVE-2026-46333",
"url": "https://bugzilla.suse.com/1265384"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:cluster-md-kmp-default-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:cluster-md-kmp-default-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dlm-kmp-default-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dlm-kmp-default-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server 16.0:gfs2-kmp-default-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:gfs2-kmp-default-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server 16.0:kernel-64kb-6.12.0-160000.32.1.aarch64",
"SUSE Linux Enterprise Server 16.0:kernel-64kb-devel-6.12.0-160000.32.1.aarch64",
"SUSE Linux Enterprise Server 16.0:kernel-64kb-extra-6.12.0-160000.32.1.aarch64",
"SUSE Linux Enterprise Server 16.0:kernel-azure-6.12.0-160000.32.1.aarch64",
"SUSE Linux Enterprise Server 16.0:kernel-azure-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server 16.0:kernel-azure-devel-6.12.0-160000.32.1.aarch64",
"SUSE Linux Enterprise Server 16.0:kernel-azure-devel-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server 16.0:kernel-azure-extra-6.12.0-160000.32.1.aarch64",
"SUSE Linux Enterprise Server 16.0:kernel-azure-extra-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server 16.0:kernel-azure-vdso-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server 16.0:kernel-default-6.12.0-160000.32.1.aarch64",
"SUSE Linux Enterprise Server 16.0:kernel-default-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-default-6.12.0-160000.32.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-default-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server 16.0:kernel-default-base-6.12.0-160000.32.1.160000.2.13.aarch64",
"SUSE Linux Enterprise Server 16.0:kernel-default-base-6.12.0-160000.32.1.160000.2.13.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-default-base-6.12.0-160000.32.1.160000.2.13.x86_64",
"SUSE Linux Enterprise Server 16.0:kernel-default-devel-6.12.0-160000.32.1.aarch64",
"SUSE Linux Enterprise Server 16.0:kernel-default-devel-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-default-devel-6.12.0-160000.32.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-default-devel-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server 16.0:kernel-default-extra-6.12.0-160000.32.1.aarch64",
"SUSE Linux Enterprise Server 16.0:kernel-default-extra-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-default-extra-6.12.0-160000.32.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-default-extra-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server 16.0:kernel-default-livepatch-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-default-livepatch-6.12.0-160000.32.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-default-livepatch-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server 16.0:kernel-default-vdso-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server 16.0:kernel-devel-6.12.0-160000.32.1.noarch",
"SUSE Linux Enterprise Server 16.0:kernel-docs-6.12.0-160000.32.1.noarch",
"SUSE Linux Enterprise Server 16.0:kernel-docs-html-6.12.0-160000.32.1.noarch",
"SUSE Linux Enterprise Server 16.0:kernel-kvmsmall-6.12.0-160000.32.1.aarch64",
"SUSE Linux Enterprise Server 16.0:kernel-kvmsmall-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-kvmsmall-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server 16.0:kernel-kvmsmall-devel-6.12.0-160000.32.1.aarch64",
"SUSE Linux Enterprise Server 16.0:kernel-kvmsmall-devel-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-kvmsmall-devel-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server 16.0:kernel-kvmsmall-vdso-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server 16.0:kernel-macros-6.12.0-160000.32.1.noarch",
"SUSE Linux Enterprise Server 16.0:kernel-obs-qa-6.12.0-160000.32.1.aarch64",
"SUSE Linux Enterprise Server 16.0:kernel-obs-qa-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-obs-qa-6.12.0-160000.32.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-obs-qa-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server 16.0:kernel-source-6.12.0-160000.32.1.noarch",
"SUSE Linux Enterprise Server 16.0:kernel-source-vanilla-6.12.0-160000.32.1.noarch",
"SUSE Linux Enterprise Server 16.0:kernel-syms-6.12.0-160000.32.1.aarch64",
"SUSE Linux Enterprise Server 16.0:kernel-syms-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-syms-6.12.0-160000.32.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-syms-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server 16.0:kernel-zfcpdump-6.12.0-160000.32.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:cluster-md-kmp-default-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:cluster-md-kmp-default-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dlm-kmp-default-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dlm-kmp-default-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:gfs2-kmp-default-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:gfs2-kmp-default-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-64kb-6.12.0-160000.32.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-64kb-devel-6.12.0-160000.32.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-64kb-extra-6.12.0-160000.32.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-azure-6.12.0-160000.32.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-azure-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-azure-devel-6.12.0-160000.32.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-azure-devel-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-azure-extra-6.12.0-160000.32.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-azure-extra-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-azure-vdso-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-6.12.0-160000.32.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-6.12.0-160000.32.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-base-6.12.0-160000.32.1.160000.2.13.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-base-6.12.0-160000.32.1.160000.2.13.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-base-6.12.0-160000.32.1.160000.2.13.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-devel-6.12.0-160000.32.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-devel-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-devel-6.12.0-160000.32.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-devel-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-extra-6.12.0-160000.32.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-extra-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-extra-6.12.0-160000.32.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-extra-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-livepatch-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-livepatch-6.12.0-160000.32.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-livepatch-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-vdso-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-devel-6.12.0-160000.32.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-docs-6.12.0-160000.32.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-docs-html-6.12.0-160000.32.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-kvmsmall-6.12.0-160000.32.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-kvmsmall-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-kvmsmall-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-kvmsmall-devel-6.12.0-160000.32.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-kvmsmall-devel-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-kvmsmall-devel-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-kvmsmall-vdso-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-macros-6.12.0-160000.32.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-obs-qa-6.12.0-160000.32.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-obs-qa-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-obs-qa-6.12.0-160000.32.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-obs-qa-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-source-6.12.0-160000.32.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-source-vanilla-6.12.0-160000.32.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-syms-6.12.0-160000.32.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-syms-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-syms-6.12.0-160000.32.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-syms-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-zfcpdump-6.12.0-160000.32.1.s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:cluster-md-kmp-default-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:cluster-md-kmp-default-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server 16.0:dlm-kmp-default-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dlm-kmp-default-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server 16.0:gfs2-kmp-default-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:gfs2-kmp-default-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server 16.0:kernel-64kb-6.12.0-160000.32.1.aarch64",
"SUSE Linux Enterprise Server 16.0:kernel-64kb-devel-6.12.0-160000.32.1.aarch64",
"SUSE Linux Enterprise Server 16.0:kernel-64kb-extra-6.12.0-160000.32.1.aarch64",
"SUSE Linux Enterprise Server 16.0:kernel-azure-6.12.0-160000.32.1.aarch64",
"SUSE Linux Enterprise Server 16.0:kernel-azure-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server 16.0:kernel-azure-devel-6.12.0-160000.32.1.aarch64",
"SUSE Linux Enterprise Server 16.0:kernel-azure-devel-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server 16.0:kernel-azure-extra-6.12.0-160000.32.1.aarch64",
"SUSE Linux Enterprise Server 16.0:kernel-azure-extra-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server 16.0:kernel-azure-vdso-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server 16.0:kernel-default-6.12.0-160000.32.1.aarch64",
"SUSE Linux Enterprise Server 16.0:kernel-default-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-default-6.12.0-160000.32.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-default-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server 16.0:kernel-default-base-6.12.0-160000.32.1.160000.2.13.aarch64",
"SUSE Linux Enterprise Server 16.0:kernel-default-base-6.12.0-160000.32.1.160000.2.13.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-default-base-6.12.0-160000.32.1.160000.2.13.x86_64",
"SUSE Linux Enterprise Server 16.0:kernel-default-devel-6.12.0-160000.32.1.aarch64",
"SUSE Linux Enterprise Server 16.0:kernel-default-devel-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-default-devel-6.12.0-160000.32.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-default-devel-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server 16.0:kernel-default-extra-6.12.0-160000.32.1.aarch64",
"SUSE Linux Enterprise Server 16.0:kernel-default-extra-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-default-extra-6.12.0-160000.32.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-default-extra-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server 16.0:kernel-default-livepatch-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-default-livepatch-6.12.0-160000.32.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-default-livepatch-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server 16.0:kernel-default-vdso-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server 16.0:kernel-devel-6.12.0-160000.32.1.noarch",
"SUSE Linux Enterprise Server 16.0:kernel-docs-6.12.0-160000.32.1.noarch",
"SUSE Linux Enterprise Server 16.0:kernel-docs-html-6.12.0-160000.32.1.noarch",
"SUSE Linux Enterprise Server 16.0:kernel-kvmsmall-6.12.0-160000.32.1.aarch64",
"SUSE Linux Enterprise Server 16.0:kernel-kvmsmall-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-kvmsmall-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server 16.0:kernel-kvmsmall-devel-6.12.0-160000.32.1.aarch64",
"SUSE Linux Enterprise Server 16.0:kernel-kvmsmall-devel-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-kvmsmall-devel-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server 16.0:kernel-kvmsmall-vdso-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server 16.0:kernel-macros-6.12.0-160000.32.1.noarch",
"SUSE Linux Enterprise Server 16.0:kernel-obs-qa-6.12.0-160000.32.1.aarch64",
"SUSE Linux Enterprise Server 16.0:kernel-obs-qa-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-obs-qa-6.12.0-160000.32.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-obs-qa-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server 16.0:kernel-source-6.12.0-160000.32.1.noarch",
"SUSE Linux Enterprise Server 16.0:kernel-source-vanilla-6.12.0-160000.32.1.noarch",
"SUSE Linux Enterprise Server 16.0:kernel-syms-6.12.0-160000.32.1.aarch64",
"SUSE Linux Enterprise Server 16.0:kernel-syms-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:kernel-syms-6.12.0-160000.32.1.s390x",
"SUSE Linux Enterprise Server 16.0:kernel-syms-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server 16.0:kernel-zfcpdump-6.12.0-160000.32.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:cluster-md-kmp-default-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:cluster-md-kmp-default-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dlm-kmp-default-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dlm-kmp-default-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:gfs2-kmp-default-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:gfs2-kmp-default-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-64kb-6.12.0-160000.32.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-64kb-devel-6.12.0-160000.32.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-64kb-extra-6.12.0-160000.32.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-azure-6.12.0-160000.32.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-azure-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-azure-devel-6.12.0-160000.32.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-azure-devel-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-azure-extra-6.12.0-160000.32.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-azure-extra-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-azure-vdso-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-6.12.0-160000.32.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-6.12.0-160000.32.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-base-6.12.0-160000.32.1.160000.2.13.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-base-6.12.0-160000.32.1.160000.2.13.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-base-6.12.0-160000.32.1.160000.2.13.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-devel-6.12.0-160000.32.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-devel-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-devel-6.12.0-160000.32.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-devel-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-extra-6.12.0-160000.32.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-extra-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-extra-6.12.0-160000.32.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-extra-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-livepatch-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-livepatch-6.12.0-160000.32.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-livepatch-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-default-vdso-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-devel-6.12.0-160000.32.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-docs-6.12.0-160000.32.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-docs-html-6.12.0-160000.32.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-kvmsmall-6.12.0-160000.32.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-kvmsmall-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-kvmsmall-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-kvmsmall-devel-6.12.0-160000.32.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-kvmsmall-devel-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-kvmsmall-devel-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-kvmsmall-vdso-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-macros-6.12.0-160000.32.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-obs-qa-6.12.0-160000.32.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-obs-qa-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-obs-qa-6.12.0-160000.32.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-obs-qa-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-source-6.12.0-160000.32.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-source-vanilla-6.12.0-160000.32.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-syms-6.12.0-160000.32.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-syms-6.12.0-160000.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-syms-6.12.0-160000.32.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-syms-6.12.0-160000.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:kernel-zfcpdump-6.12.0-160000.32.1.s390x"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-18T13:37:31Z",
"details": "important"
}
],
"title": "CVE-2026-46333"
}
]
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.