Red Hat Security Advisory: kernel security update
Red Hat has issued an important security advisory addressing multiple vulnerabilities in the Linux kernel packages used in Red Hat Enterprise Linux 10 and related products. The update fixes 19 distinct issues including use-after-free vulnerabilities, out-of-bounds writes, race conditions, and memory corruption problems across various kernel subsystems such as irqchip, RDMA, eventpoll, io_uring, networking, Bluetooth, and more. Some of these vulnerabilities could lead to privilege escalation, denial of service, information disclosure, or memory corruption. The advisory requires applying the updated kernel packages and rebooting the system for the fixes to take effect.
AI Analysis
Technical Summary
This Red Hat security advisory (RHSA-2026:1690) addresses 19 vulnerabilities in the Linux kernel packages shipped with Red Hat Enterprise Linux 10 and related variants. The issues include multiple use-after-free bugs (e.g., CVE-2025-37819, CVE-2025-40271), out-of-bounds writes (CVE-2025-38568, CVE-2025-40294), race conditions (CVE-2025-40258, CVE-2025-40318), and memory corruption (CVE-2025-40248). Affected kernel components span irqchip/gic-v2m, RDMA core, eventpoll, io_uring, net schedulers, DRM, Bluetooth subsystems, and others. These vulnerabilities can result in privilege escalation, denial of service, information disclosure, or memory corruption. The advisory provides updated kernel packages that fix these issues and requires a system reboot to apply the updates.
Potential Impact
The vulnerabilities fixed by this advisory affect the Linux kernel core in Red Hat Enterprise Linux 10 and related products. Exploitation of these issues could allow attackers to cause denial of service, escalate privileges, disclose sensitive information, or corrupt memory. The impact varies by vulnerability but includes critical kernel subsystems such as networking, Bluetooth, and device drivers. No known exploits in the wild have been reported at the time of this advisory.
Mitigation Recommendations
Red Hat has released updated kernel packages that address all listed vulnerabilities. Users of affected Red Hat Enterprise Linux 10 versions and related products should apply the kernel update as described in the advisory (https://access.redhat.com/articles/11258) and reboot their systems to ensure the fixes take effect. This is the official and recommended remediation. Patch status is confirmed as available via the vendor advisory.
Red Hat Security Advisory: kernel security update
Description
Red Hat has issued an important security advisory addressing multiple vulnerabilities in the Linux kernel packages used in Red Hat Enterprise Linux 10 and related products. The update fixes 19 distinct issues including use-after-free vulnerabilities, out-of-bounds writes, race conditions, and memory corruption problems across various kernel subsystems such as irqchip, RDMA, eventpoll, io_uring, networking, Bluetooth, and more. Some of these vulnerabilities could lead to privilege escalation, denial of service, information disclosure, or memory corruption. The advisory requires applying the updated kernel packages and rebooting the system for the fixes to take effect.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This Red Hat security advisory (RHSA-2026:1690) addresses 19 vulnerabilities in the Linux kernel packages shipped with Red Hat Enterprise Linux 10 and related variants. The issues include multiple use-after-free bugs (e.g., CVE-2025-37819, CVE-2025-40271), out-of-bounds writes (CVE-2025-38568, CVE-2025-40294), race conditions (CVE-2025-40258, CVE-2025-40318), and memory corruption (CVE-2025-40248). Affected kernel components span irqchip/gic-v2m, RDMA core, eventpoll, io_uring, net schedulers, DRM, Bluetooth subsystems, and others. These vulnerabilities can result in privilege escalation, denial of service, information disclosure, or memory corruption. The advisory provides updated kernel packages that fix these issues and requires a system reboot to apply the updates.
Potential Impact
The vulnerabilities fixed by this advisory affect the Linux kernel core in Red Hat Enterprise Linux 10 and related products. Exploitation of these issues could allow attackers to cause denial of service, escalate privileges, disclose sensitive information, or corrupt memory. The impact varies by vulnerability but includes critical kernel subsystems such as networking, Bluetooth, and device drivers. No known exploits in the wild have been reported at the time of this advisory.
Mitigation Recommendations
Red Hat has released updated kernel packages that address all listed vulnerabilities. Users of affected Red Hat Enterprise Linux 10 versions and related products should apply the kernel update as described in the advisory (https://access.redhat.com/articles/11258) and reboot their systems to ensure the fixes take effect. This is the official and recommended remediation. Patch status is confirmed as available via the vendor advisory.
Technical Details
- Gcve Source
- db.gcve.eu
- Csaf Category
- csaf_security_advisory
- Csaf Version
- 2.0
- Publisher
- Red Hat Product Security
- Advisory Id
- RHSA-2026:1690
- Cve Count
- 19
- Additional Cves
- ["CVE-2025-38022","CVE-2025-38349","CVE-2025-38453","CVE-2025-38568","CVE-2025-38731","CVE-2025-40135","CVE-2025-40154","CVE-2025-40158","CVE-2025-40170","CVE-2025-40248","CVE-2025-40251","CVE-2025-40258","CVE-2025-40271","CVE-2025-40294","CVE-2025-40301","CVE-2025-40318","CVE-2025-68301","CVE-2025-68305"]
- Cvss Version
- null
Threat ID: 6a160977e29bf47b50643b30
Added to database: 5/26/2026, 8:58:31 PM
Last enriched: 5/26/2026, 11:21:06 PM
Last updated: 5/27/2026, 4:55:42 AM
Views: 2
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.