This advisory covers three kernel vulnerabilities in Red Hat Enterprise Linux 10.0 EUS and related products. CVE-2025-68741 fixes improper freeing of a purex item in the SCSI qla2xxx driver, which could lead to memory corruption. CVE-2026-23001 addresses a possible use-after-free (UAF) vulnerability in the macvlan_forward_source() function, which could cause instability or exploitation. CVE-2026-23111 resolves a privilege escalation or denial of service vulnerability in nf_tables caused by an inverted element activity check. Red Hat has released updated kernel packages that fix these issues. The advisory emphasizes the importance of applying the update and rebooting the system to ensure the fixes are applied.

The vulnerabilities affect the Linux kernel, the core component of the operating system, and could lead to memory corruption, use-after-free conditions, privilege escalation, or denial of service. Exploitation could compromise system stability or security by allowing unauthorized privilege escalation or causing service disruption. The issues are rated as important by Red Hat, indicating a high security impact but no known exploits in the wild at the time of the advisory.

Red Hat has released updated kernel packages that address these vulnerabilities. Users of Red Hat Enterprise Linux 10.0 Extended Update Support and related products should apply the kernel update as soon as possible. A system reboot is required for the update to take effect. For detailed update instructions, refer to Red Hat's official guidance at https://access.redhat.com/articles/11258. There are no indications that additional mitigations are necessary beyond applying the official patch and rebooting.