RHSA-2026:19875
Vulnerability from csaf_redhat - Published: 2026-05-20 23:40 - Updated: 2026-05-22 21:10Summary
Red Hat Security Advisory: kernel-rt security update
Severity
Important
Notes
Topic: An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
* kernel: proc: fix UAF in proc_get_inode() (CVE-2025-21999)
* kernel: Linux kernel (qla2xxx): Double free vulnerability leads to denial of service and potential privilege escalation. (CVE-2025-71238)
* kernel: Linux kernel: Denial of service and memory corruption in RDMA umad (CVE-2026-23243)
* kernel: Linux kernel KVM: Privilege escalation or denial of service due to improper shadow page table entry handling (CVE-2026-23401)
* kernel: can: raw: fix ro->uniq use-after-free in raw_rcv() (CVE-2026-31532)
* kernel: "Fragnesia" is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation (LPE) vulnerability in the Linux kernel (CVE-2026-46300)
* kernel: Read root-owned files as an unprivileged user (CVE-2026-46333)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
In the Linux kernel, the following vulnerability has been resolved: proc: fix UAF in proc_get_inode() Fix race between rmmod and /proc/XXX's inode instantiation. The bug is that pde->proc_ops don't belong to /proc, it belongs to a module, therefore dereferencing it after /proc entry has been registered is a bug unless use_pde/unuse_pde() pair has been used. use_pde/unuse_pde can be avoided (2 atomic ops!) because pde->proc_ops never changes so information necessary for inode instantiation can be saved _before_ proc_register() in PDE itself and used later, avoiding pde->proc_ops->... dereference. rmmod lookup sys_delete_module proc_lookup_de pde_get(de); proc_get_inode(dir->i_sb, de); mod->exit() proc_remove remove_proc_subtree proc_entry_rundown(de); free_module(mod); if (S_ISREG(inode->i_mode)) if (de->proc_ops->proc_read_iter) --> As module is already freed, will trigger UAF BUG: unable to handle page fault for address: fffffbfff80a702b PGD 817fc4067 P4D 817fc4067 PUD 817fc0067 PMD 102ef4067 PTE 0 Oops: Oops: 0000 [#1] PREEMPT SMP KASAN PTI CPU: 26 UID: 0 PID: 2667 Comm: ls Tainted: G Hardware name: QEMU Standard PC (i440FX + PIIX, 1996) RIP: 0010:proc_get_inode+0x302/0x6e0 RSP: 0018:ffff88811c837998 EFLAGS: 00010a06 RAX: dffffc0000000000 RBX: ffffffffc0538140 RCX: 0000000000000007 RDX: 1ffffffff80a702b RSI: 0000000000000001 RDI: ffffffffc0538158 RBP: ffff8881299a6000 R08: 0000000067bbe1e5 R09: 1ffff11023906f20 R10: ffffffffb560ca07 R11: ffffffffb2b43a58 R12: ffff888105bb78f0 R13: ffff888100518048 R14: ffff8881299a6004 R15: 0000000000000001 FS: 00007f95b9686840(0000) GS:ffff8883af100000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: fffffbfff80a702b CR3: 0000000117dd2000 CR4: 00000000000006f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: <TASK> proc_lookup_de+0x11f/0x2e0 __lookup_slow+0x188/0x350 walk_component+0x2ab/0x4f0 path_lookupat+0x120/0x660 filename_lookup+0x1ce/0x560 vfs_statx+0xac/0x150 __do_sys_newstat+0x96/0x110 do_syscall_64+0x5f/0x170 entry_SYSCALL_64_after_hwframe+0x76/0x7e [adobriyan@gmail.com: don't do 2 atomic ops on the common path]
6.4 (Medium)
Affected products
Fixed
36 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the Linux kernel's `qla2xxx` block SCSI generic (bsg) interface. This vulnerability, a double free, occurs because certain vendor-specific handlers incorrectly call the `bsg_job_done` function on both successful and failed operation paths. A local user could exploit this to trigger memory corruption, leading to a kernel crash and a Denial of Service (DoS). There is also a theoretical risk of local privilege escalation due to the memory corruption.
7.3 (High)
Affected products
Fixed
36 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in the Linux kernel's Remote Direct Memory Access (RDMA) `umad` (User Mode Access Device) component. A local user can exploit this vulnerability by manipulating input, causing an integer underflow that leads to an out-of-bounds memory write. This memory corruption can result in a denial of service (DoS) by crashing the system, and may also lead to limited information disclosure or data integrity issues.
7.3 (High)
Affected products
Fixed
36 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in the Linux kernel's Kernel-based Virtual Machine (KVM) component. A local attacker with privileges on the host system could exploit a vulnerability in how KVM handles shadow page table entries (SPTEs) during memory-mapped I/O (MMIO) operations. By manipulating guest page table entries (gPTEs) from host userspace, an attacker could cause KVM to install an MMIO SPTE without properly removing an existing shadow-present SPTE. This improper handling could lead to a kernel warning, resulting in a denial of service or potentially allowing for privilege escalation or information disclosure.
8.1 (High)
Affected products
Fixed
36 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
A flaw was found in the Linux kernel's Controller Area Network (CAN) raw socket implementation. A use-after-free vulnerability can occur due to a timing window during the unregistration of CAN receive filters, allowing a freed memory region to be accessed. This could lead to system instability or a denial of service (DoS).
7.0 (High)
Affected products
Fixed
36 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the Linux kernel's XFRM ESP-in-TCP subsystem. Unsafe in-place cryptographic processing allows a low-privileged local attacker to write arbitrary bytes into the page cache of read-only files, including sensitive system files. An attacker can exploit this to overwrite privileged binaries and gain root privileges.
7.8 (High)
Affected products
Fixed
36 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A vulnerability was found in the Linux kernel that allows an unprivileged local user to read sensitive files normally restricted to the root user. The flaw occurs during process exit, where a brief window allows an attacker to intercept file access from a privileged process before it fully terminates. Successful exploitation may lead to the disclosure of sensitive data such as SSH host private keys or /etc/shadow contents.
7.8 (High)
Affected products
Fixed
36 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
References
47 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es):\n\n* kernel: proc: fix UAF in proc_get_inode() (CVE-2025-21999)\n\n* kernel: Linux kernel (qla2xxx): Double free vulnerability leads to denial of service and potential privilege escalation. (CVE-2025-71238)\n\n* kernel: Linux kernel: Denial of service and memory corruption in RDMA umad (CVE-2026-23243)\n\n* kernel: Linux kernel KVM: Privilege escalation or denial of service due to improper shadow page table entry handling (CVE-2026-23401)\n\n* kernel: can: raw: fix ro-\u003euniq use-after-free in raw_rcv() (CVE-2026-31532)\n\n* kernel: \"Fragnesia\" is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation (LPE) vulnerability in the Linux kernel (CVE-2026-46300)\n\n* kernel: Read root-owned files as an unprivileged user (CVE-2026-46333)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:19875",
"url": "https://access.redhat.com/errata/RHSA-2026:19875"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2357134",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2357134"
},
{
"category": "external",
"summary": "2444398",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2444398"
},
{
"category": "external",
"summary": "2448594",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2448594"
},
{
"category": "external",
"summary": "2453803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453803"
},
{
"category": "external",
"summary": "2461107",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461107"
},
{
"category": "external",
"summary": "2477015",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477015"
},
{
"category": "external",
"summary": "2477802",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477802"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_19875.json"
}
],
"title": "Red Hat Security Advisory: kernel-rt security update",
"tracking": {
"current_release_date": "2026-05-22T21:10:48+00:00",
"generator": {
"date": "2026-05-22T21:10:48+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2026:19875",
"initial_release_date": "2026-05-20T23:40:26+00:00",
"revision_history": [
{
"date": "2026-05-20T23:40:26+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-05-20T23:40:26+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-22T21:10:48+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"product": {
"name": "Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"product_id": "RT-9.2.0.Z.E4S",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_e4s:9.2::realtime"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"product": {
"name": "Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"product_id": "NFV-9.2.0.Z.E4S",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_e4s:9.2::nfv"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.src",
"product": {
"name": "kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.src",
"product_id": "kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@5.14.0-284.172.1.rt14.457.el9_2?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"product": {
"name": "kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"product_id": "kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@5.14.0-284.172.1.rt14.457.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"product": {
"name": "kernel-rt-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"product_id": "kernel-rt-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-core@5.14.0-284.172.1.rt14.457.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"product": {
"name": "kernel-rt-debug-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"product_id": "kernel-rt-debug-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug@5.14.0-284.172.1.rt14.457.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"product": {
"name": "kernel-rt-debug-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"product_id": "kernel-rt-debug-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-core@5.14.0-284.172.1.rt14.457.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"product": {
"name": "kernel-rt-debug-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"product_id": "kernel-rt-debug-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-devel@5.14.0-284.172.1.rt14.457.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"product": {
"name": "kernel-rt-debug-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"product_id": "kernel-rt-debug-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-modules@5.14.0-284.172.1.rt14.457.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"product": {
"name": "kernel-rt-debug-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"product_id": "kernel-rt-debug-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-modules-core@5.14.0-284.172.1.rt14.457.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"product": {
"name": "kernel-rt-debug-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"product_id": "kernel-rt-debug-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-modules-extra@5.14.0-284.172.1.rt14.457.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"product": {
"name": "kernel-rt-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"product_id": "kernel-rt-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-devel@5.14.0-284.172.1.rt14.457.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"product": {
"name": "kernel-rt-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"product_id": "kernel-rt-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-modules@5.14.0-284.172.1.rt14.457.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"product": {
"name": "kernel-rt-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"product_id": "kernel-rt-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-modules-core@5.14.0-284.172.1.rt14.457.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"product": {
"name": "kernel-rt-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"product_id": "kernel-rt-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-modules-extra@5.14.0-284.172.1.rt14.457.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"product": {
"name": "kernel-rt-debug-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"product_id": "kernel-rt-debug-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@5.14.0-284.172.1.rt14.457.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"product": {
"name": "kernel-rt-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"product_id": "kernel-rt-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo@5.14.0-284.172.1.rt14.457.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"product": {
"name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"product_id": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common-x86_64@5.14.0-284.172.1.rt14.457.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"product": {
"name": "kernel-rt-debug-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"product_id": "kernel-rt-debug-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-kvm@5.14.0-284.172.1.rt14.457.el9_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"product": {
"name": "kernel-rt-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"product_id": "kernel-rt-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-kvm@5.14.0-284.172.1.rt14.457.el9_2?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.src as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"product_id": "NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.src"
},
"product_reference": "kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.src",
"relates_to_product_reference": "NFV-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"product_id": "NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64"
},
"product_reference": "kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"product_id": "NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64"
},
"product_reference": "kernel-rt-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"product_id": "NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"product_id": "NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"product_id": "NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"product_id": "NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"product_id": "NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"product_id": "NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"product_id": "NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"product_id": "NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"product_id": "NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64"
},
"product_reference": "kernel-rt-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"product_id": "NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64"
},
"product_reference": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"product_id": "NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64"
},
"product_reference": "kernel-rt-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"product_id": "NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64"
},
"product_reference": "kernel-rt-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"product_id": "NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64"
},
"product_reference": "kernel-rt-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"product_id": "NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64"
},
"product_reference": "kernel-rt-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)",
"product_id": "NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64"
},
"product_reference": "kernel-rt-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"relates_to_product_reference": "NFV-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.src as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"product_id": "RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.src"
},
"product_reference": "kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.src",
"relates_to_product_reference": "RT-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"product_id": "RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64"
},
"product_reference": "kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"product_id": "RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64"
},
"product_reference": "kernel-rt-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"product_id": "RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"product_id": "RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"product_id": "RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"product_id": "RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"product_id": "RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"product_id": "RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"product_id": "RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"product_id": "RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64"
},
"product_reference": "kernel-rt-debug-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"product_id": "RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64"
},
"product_reference": "kernel-rt-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"product_id": "RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64"
},
"product_reference": "kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"product_id": "RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64"
},
"product_reference": "kernel-rt-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"product_id": "RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64"
},
"product_reference": "kernel-rt-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"product_id": "RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64"
},
"product_reference": "kernel-rt-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"product_id": "RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64"
},
"product_reference": "kernel-rt-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64 as a component of Red Hat Enterprise Linux Real Time E4S (v.9.2)",
"product_id": "RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64"
},
"product_reference": "kernel-rt-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"relates_to_product_reference": "RT-9.2.0.Z.E4S"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-21999",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2025-04-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2357134"
}
],
"notes": [
{
"category": "description",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nproc: fix UAF in proc_get_inode()\n\nFix race between rmmod and /proc/XXX\u0027s inode instantiation.\n\nThe bug is that pde-\u003eproc_ops don\u0027t belong to /proc, it belongs to a\nmodule, therefore dereferencing it after /proc entry has been registered\nis a bug unless use_pde/unuse_pde() pair has been used.\n\nuse_pde/unuse_pde can be avoided (2 atomic ops!) because pde-\u003eproc_ops\nnever changes so information necessary for inode instantiation can be\nsaved _before_ proc_register() in PDE itself and used later, avoiding\npde-\u003eproc_ops-\u003e... dereference.\n\n rmmod lookup\nsys_delete_module\n proc_lookup_de\n\t\t\t pde_get(de);\n\t\t\t proc_get_inode(dir-\u003ei_sb, de);\n mod-\u003eexit()\n proc_remove\n remove_proc_subtree\n proc_entry_rundown(de);\n free_module(mod);\n\n if (S_ISREG(inode-\u003ei_mode))\n\t if (de-\u003eproc_ops-\u003eproc_read_iter)\n --\u003e As module is already freed, will trigger UAF\n\nBUG: unable to handle page fault for address: fffffbfff80a702b\nPGD 817fc4067 P4D 817fc4067 PUD 817fc0067 PMD 102ef4067 PTE 0\nOops: Oops: 0000 [#1] PREEMPT SMP KASAN PTI\nCPU: 26 UID: 0 PID: 2667 Comm: ls Tainted: G\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996)\nRIP: 0010:proc_get_inode+0x302/0x6e0\nRSP: 0018:ffff88811c837998 EFLAGS: 00010a06\nRAX: dffffc0000000000 RBX: ffffffffc0538140 RCX: 0000000000000007\nRDX: 1ffffffff80a702b RSI: 0000000000000001 RDI: ffffffffc0538158\nRBP: ffff8881299a6000 R08: 0000000067bbe1e5 R09: 1ffff11023906f20\nR10: ffffffffb560ca07 R11: ffffffffb2b43a58 R12: ffff888105bb78f0\nR13: ffff888100518048 R14: ffff8881299a6004 R15: 0000000000000001\nFS: 00007f95b9686840(0000) GS:ffff8883af100000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: fffffbfff80a702b CR3: 0000000117dd2000 CR4: 00000000000006f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n proc_lookup_de+0x11f/0x2e0\n __lookup_slow+0x188/0x350\n walk_component+0x2ab/0x4f0\n path_lookupat+0x120/0x660\n filename_lookup+0x1ce/0x560\n vfs_statx+0xac/0x150\n __do_sys_newstat+0x96/0x110\n do_syscall_64+0x5f/0x170\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\n[adobriyan@gmail.com: don\u0027t do 2 atomic ops on the common path]",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: proc: fix UAF in proc_get_inode()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-21999"
},
{
"category": "external",
"summary": "RHBZ#2357134",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2357134"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-21999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21999"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-21999",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-21999"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025040348-CVE-2025-21999-bc57@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025040348-CVE-2025-21999-bc57@gregkh/T"
}
],
"release_date": "2025-04-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-20T23:40:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:19875"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: proc: fix UAF in proc_get_inode()"
},
{
"cve": "CVE-2025-71238",
"cwe": {
"id": "CWE-672",
"name": "Operation on a Resource after Expiration or Release"
},
"discovery_date": "2026-03-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2444398"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u0027s `qla2xxx` block SCSI generic (bsg) interface. This vulnerability, a double free, occurs because certain vendor-specific handlers incorrectly call the `bsg_job_done` function on both successful and failed operation paths. A local user could exploit this to trigger memory corruption, leading to a kernel crash and a Denial of Service (DoS). There is also a theoretical risk of local privilege escalation due to the memory corruption.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Linux kernel (qla2xxx): Double free vulnerability leads to denial of service and potential privilege escalation.",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "A kernel double free can be triggered in the qla2xxx bsg interface because some vendor specific handlers called bsg_job_done on both success and failure paths. This can result in the same bsg job being completed and freed twice which leads to memory corruption and a kernel crash. The issue is not network reachable. Impact is denial of service and there is a theoretical risk of local privilege escalation because the flaw is a kernel memory corruption condition.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-71238"
},
{
"category": "external",
"summary": "RHBZ#2444398",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2444398"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-71238",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71238"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-71238",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-71238"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2026030437-CVE-2025-71238-76bc@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2026030437-CVE-2025-71238-76bc@gregkh/T"
}
],
"release_date": "2026-03-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-20T23:40:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:19875"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent module qla2xxx from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Linux kernel (qla2xxx): Double free vulnerability leads to denial of service and potential privilege escalation."
},
{
"cve": "CVE-2026-23243",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"discovery_date": "2026-03-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2448594"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u0027s Remote Direct Memory Access (RDMA) `umad` (User Mode Access Device) component. A local user can exploit this vulnerability by manipulating input, causing an integer underflow that leads to an out-of-bounds memory write. This memory corruption can result in a denial of service (DoS) by crashing the system, and may also lead to limited information disclosure or data integrity issues.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Linux kernel: Denial of service and memory corruption in RDMA umad",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This bug is a kernel out-of-bounds write in the RDMA umad write path caused by a user-controlled length calculation that could underflow and pass an invalid data_len into MAD send buffer creation.\nA local user with access to the umad interface can trigger the issue by supplying mismatched MAD and RMPP header sizes, which leads to an out-of-bounds memset in the send MAD allocation path and can corrupt kernel memory.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-23243"
},
{
"category": "external",
"summary": "RHBZ#2448594",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2448594"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-23243",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23243"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-23243",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23243"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2026031816-CVE-2026-23243-b88e@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2026031816-CVE-2026-23243-b88e@gregkh/T"
}
],
"release_date": "2026-03-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-20T23:40:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:19875"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent module ib_umad from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Linux kernel: Denial of service and memory corruption in RDMA umad"
},
{
"cve": "CVE-2026-23401",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2026-04-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2453803"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u0027s Kernel-based Virtual Machine (KVM) component. A local attacker with privileges on the host system could exploit a vulnerability in how KVM handles shadow page table entries (SPTEs) during memory-mapped I/O (MMIO) operations. By manipulating guest page table entries (gPTEs) from host userspace, an attacker could cause KVM to install an MMIO SPTE without properly removing an existing shadow-present SPTE. This improper handling could lead to a kernel warning, resulting in a denial of service or potentially allowing for privilege escalation or information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Linux kernel KVM: Privilege escalation or denial of service due to improper shadow page table entry handling",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important impact vulnerability. A flaw in the KVM\u0027s x86/mmu component in the Linux kernel could allow a privileged guest user to trigger a host denial of service. This issue occurs when host userspace modifies a shadowed gPTE to switch from a memslot to emulated MMIO, leading to a missing SPTE zap. Red Hat Enterprise Linux 8, 9, and 10, and Red Hat In-Vehicle OS are affected. Red Hat Enterprise Linux 6 and 7 are not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-23401"
},
{
"category": "external",
"summary": "RHBZ#2453803",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453803"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-23401",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23401"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-23401",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23401"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2026040108-CVE-2026-23401-956d@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2026040108-CVE-2026-23401-956d@gregkh/T"
}
],
"release_date": "2026-04-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-20T23:40:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:19875"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: Linux kernel KVM: Privilege escalation or denial of service due to improper shadow page table entry handling"
},
{
"cve": "CVE-2026-31532",
"cwe": {
"id": "CWE-366",
"name": "Race Condition within a Thread"
},
"discovery_date": "2026-04-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2461107"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u0027s Controller Area Network (CAN) raw socket implementation. A use-after-free vulnerability can occur due to a timing window during the unregistration of CAN receive filters, allowing a freed memory region to be accessed. This could lead to system instability or a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: can: raw: fix ro-\u003euniq use-after-free in raw_rcv()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "A use-after-free flaw in the Linux kernel CAN raw socket implementation can occur when raw_release() frees the per-CPU ro-\u003euniq storage before RCU-deferred receive callbacks have fully drained. A local attacker able to create raw CAN sockets and trigger CAN receive activity could race socket teardown with raw_rcv() and cause a kernel crash. The likely impact is denial of service, while privilege escalation would require additional, unproven control over per-CPU memory reuse.\nThe issue appears more consistent with an RCU lifetime/race-condition bug leading primarily to denial of service, as exploitation depends on a narrow teardown race involving a percpu object rather than a generic reclaimable slab object, with no demonstrated privilege-escalation path or obvious controlled overwrite primitive in the relatively niche CAN raw socket subsystem.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-31532"
},
{
"category": "external",
"summary": "RHBZ#2461107",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2461107"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-31532",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31532"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-31532",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-31532"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2026042349-CVE-2026-31532-a820@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2026042349-CVE-2026-31532-a820@gregkh/T"
}
],
"release_date": "2026-04-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-20T23:40:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:19875"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: can: raw: fix ro-\u003euniq use-after-free in raw_rcv()"
},
{
"cve": "CVE-2026-46300",
"cwe": {
"id": "CWE-123",
"name": "Write-what-where Condition"
},
"discovery_date": "2026-05-13T13:28:21.270000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477015"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u0027s XFRM ESP-in-TCP subsystem. Unsafe in-place cryptographic processing allows a low-privileged local attacker to write arbitrary bytes into the page cache of read-only files, including sensitive system files. An attacker can exploit this to overwrite privileged binaries and gain root privileges.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: \"Fragnesia\" is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation (LPE) vulnerability in the Linux kernel",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is classified as Important, rather than Critical severity, because exploitation requires local access to the system. A low-privileged local attacker can exploit this flaw in the Linux kernel\u0027s XFRM ESP-in-TCP subsystem to gain root privileges by overwriting sensitive system files. Exploitation does not require user interaction, potentially resulting in full compromise of confidentiality, integrity, and availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-46300"
},
{
"category": "external",
"summary": "RHBZ#2477015",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477015"
},
{
"category": "external",
"summary": "RHSB-2026-003",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2026-003"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-46300",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46300"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-46300",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-46300"
}
],
"release_date": "2026-05-13T12:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-20T23:40:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:19875"
},
{
"category": "workaround",
"details": "See the security bulletin for a detailed mitigation procedure.",
"product_ids": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: \"Fragnesia\" is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation (LPE) vulnerability in the Linux kernel"
},
{
"cve": "CVE-2026-46333",
"cwe": {
"id": "CWE-269",
"name": "Improper Privilege Management"
},
"discovery_date": "2026-05-15T08:27:21.590000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2477802"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Linux kernel that allows an unprivileged local user to read sensitive files normally restricted to the root user. The flaw occurs during process exit, where a brief window allows an attacker to intercept file access from a privileged process before it fully terminates. Successful exploitation may lead to the disclosure of sensitive data such as SSH host private keys or /etc/shadow contents.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Read root-owned files as an unprivileged user",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important flaw in the Linux kernel that allows a local unprivileged attacker to read root-owned files. The vulnerability arises from a race condition during process termination, enabling a brief window where sensitive data, such as SSH host private keys or /etc/shadow contents, can be disclosed. This could lead to unauthorized access to sensitive information on affected Red Hat Enterprise Linux systems.\n\nIn OpenShift Container Platform 4, this flaw is rated Low. The default `restricted-v2` Security Context Constraint (SCC) sets `allowPrivilegeEscalation: false` on all pods, which causes the kernel to ignore setuid file bits and prevents target binaries from opening privileged files, breaking the exploit chain entirely. Under non-default SCCs such as `anyuid` that permit privilege escalation, the vulnerability is constrained by PID and mount namespace isolation to the container\u0027s own filesystem. An attacker would only be able to access root-owned files already within the container, not host or cross-pod resources. In practice, containers rarely contain sensitive root-owned files that are not already accessible to the pod user through normal means.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-46333"
},
{
"category": "external",
"summary": "RHBZ#2477802",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2477802"
},
{
"category": "external",
"summary": "RHSB-2026-004",
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2026-004"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-46333",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46333"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-46333",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-46333"
},
{
"category": "external",
"summary": "https://blog.qualys.com/vulnerabilities-threat-research/2026/05/20/cve-2026-46333-local-root-privilege-escalation-and-credential-disclosure-in-the-linux-kernel-ptrace-path",
"url": "https://blog.qualys.com/vulnerabilities-threat-research/2026/05/20/cve-2026-46333-local-root-privilege-escalation-and-credential-disclosure-in-the-linux-kernel-ptrace-path"
},
{
"category": "external",
"summary": "https://github.com/torvalds/linux/commit/31e62c2ebbfdc3fe3dbdf5e02c92a9dc67087a3a",
"url": "https://github.com/torvalds/linux/commit/31e62c2ebbfdc3fe3dbdf5e02c92a9dc67087a3a"
}
],
"release_date": "2026-05-15T05:55:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-20T23:40:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:19875"
},
{
"category": "workaround",
"details": "See the security bulletin for a detailed mitigation procedure.",
"product_ids": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.src",
"NFV-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"NFV-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.src",
"RT-9.2.0.Z.E4S:kernel-rt-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debug-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-debuginfo-common-x86_64-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-devel-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-kvm-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-core-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64",
"RT-9.2.0.Z.E4S:kernel-rt-modules-extra-0:5.14.0-284.172.1.rt14.457.el9_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: Read root-owned files as an unprivileged user"
}
]
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…