Red Hat Security Advisory: kernel security, bug fix, and enhancement update
Red Hat has issued a security advisory for the Linux kernel packages in Red Hat Enterprise Linux 10, addressing multiple vulnerabilities including out-of-bounds reads, race conditions, double free errors, and workqueue corruption. The update fixes eight CVEs affecting various kernel subsystems such as rxrpc, ipv6, tcp, scsi, RDMA, and nvmet-tcp. The advisory also includes bug fixes and enhancements related to SELinux denials. Systems must be rebooted after applying the update for changes to take effect.
AI Analysis
Technical Summary
This Red Hat security advisory (RHSA-2026:30129) addresses eight kernel vulnerabilities in Red Hat Enterprise Linux 10. The fixes cover: CVE-2026-31636 (rxrpc RESPONSE authenticator parser out-of-bounds read), CVE-2026-43038 (clearing skb2->cb[] in ipv6 icmp error generation), CVE-2026-43198 (race condition in tcp_v6_syn_recv_sock), CVE-2026-43414 (fcport double free in scsi qla2xxx driver), CVE-2026-45898 (workqueue list corruption in RDMA/iwcm), CVE-2026-46117 (user-triggerable WARN_ON in RDMA/mana), CVE-2026-46145 (validation of rx_hash_key_len in RDMA/mana), and CVE-2026-46135 (race between ICReq handling and queue teardown in nvmet-tcp). The advisory also addresses unexpected SELinux denials after a prior fix. The update requires a system reboot to take effect.
Potential Impact
The vulnerabilities fixed include memory safety issues such as out-of-bounds reads and double frees, race conditions, and potential denial of service or system instability due to kernel subsystem errors. These issues could affect kernel reliability and security, potentially allowing attackers to cause crashes or unexpected behavior. No known exploits in the wild have been reported for these vulnerabilities at this time.
Mitigation Recommendations
Red Hat has released an official kernel update for Red Hat Enterprise Linux 10 that addresses these vulnerabilities. Users should apply the update promptly and reboot their systems to ensure the fixes take effect. For detailed update instructions, refer to Red Hat's official guidance at https://access.redhat.com/articles/11258. No additional mitigation steps are indicated beyond applying the official update and rebooting.
Red Hat Security Advisory: kernel security, bug fix, and enhancement update
Description
Red Hat has issued a security advisory for the Linux kernel packages in Red Hat Enterprise Linux 10, addressing multiple vulnerabilities including out-of-bounds reads, race conditions, double free errors, and workqueue corruption. The update fixes eight CVEs affecting various kernel subsystems such as rxrpc, ipv6, tcp, scsi, RDMA, and nvmet-tcp. The advisory also includes bug fixes and enhancements related to SELinux denials. Systems must be rebooted after applying the update for changes to take effect.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This Red Hat security advisory (RHSA-2026:30129) addresses eight kernel vulnerabilities in Red Hat Enterprise Linux 10. The fixes cover: CVE-2026-31636 (rxrpc RESPONSE authenticator parser out-of-bounds read), CVE-2026-43038 (clearing skb2->cb[] in ipv6 icmp error generation), CVE-2026-43198 (race condition in tcp_v6_syn_recv_sock), CVE-2026-43414 (fcport double free in scsi qla2xxx driver), CVE-2026-45898 (workqueue list corruption in RDMA/iwcm), CVE-2026-46117 (user-triggerable WARN_ON in RDMA/mana), CVE-2026-46145 (validation of rx_hash_key_len in RDMA/mana), and CVE-2026-46135 (race between ICReq handling and queue teardown in nvmet-tcp). The advisory also addresses unexpected SELinux denials after a prior fix. The update requires a system reboot to take effect.
Potential Impact
The vulnerabilities fixed include memory safety issues such as out-of-bounds reads and double frees, race conditions, and potential denial of service or system instability due to kernel subsystem errors. These issues could affect kernel reliability and security, potentially allowing attackers to cause crashes or unexpected behavior. No known exploits in the wild have been reported for these vulnerabilities at this time.
Mitigation Recommendations
Red Hat has released an official kernel update for Red Hat Enterprise Linux 10 that addresses these vulnerabilities. Users should apply the update promptly and reboot their systems to ensure the fixes take effect. For detailed update instructions, refer to Red Hat's official guidance at https://access.redhat.com/articles/11258. No additional mitigation steps are indicated beyond applying the official update and rebooting.
Technical Details
- Gcve Source
- db.gcve.eu
- Csaf Category
- csaf_security_advisory
- Csaf Version
- 2.0
- Publisher
- Red Hat Product Security
- Advisory Id
- RHSA-2026:30129
- Cve Count
- 8
- Additional Cves
- ["CVE-2026-43038","CVE-2026-43198","CVE-2026-43414","CVE-2026-45898","CVE-2026-46117","CVE-2026-46135","CVE-2026-46145"]
- Cvss Version
- null
Threat ID: 6a3e8056cef61ccff96ff66f
Added to database: 06/26/2026, 13:36:22 UTC
Last enriched: 06/26/2026, 13:36:59 UTC
Last updated: 06/26/2026, 14:26:43 UTC
Views: 2
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.