Red Hat Security Advisory: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: Linux kernel: RDMA/rxe use-after-free vulnerability leading to potential arbitrary code execution (CVE-2025-38024) * kernel: ALSA: aloop: Fix racy access at PCM trigger (CVE-2026-23191) * kernel: Linux kernel: Denial of service and memory corruption in RDMA umad (CVE-2026-23243) * kernel: Linux kernel KVM: Privilege escalation or denial of service due to improper shadow page table entry handling (CVE-2026-23401) * kernel: Linux kernel: Use-after-free in bonding driver leads to denial of service (CVE-2026-31419) * kernel: can: raw: fix ro->uniq use-after-free in raw_rcv() (CVE-2026-31532) * kernel: "Fragnesia" is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation (LPE) vulnerability in the Linux kernel (CVE-2026-46300) * kernel: Read root-owned files as an unprivileged user (CVE-2026-46333) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
AI Analysis
Technical Summary
This Red Hat security advisory addresses eight distinct vulnerabilities in the Linux kernel, including CVE-2025-38024 (RDMA/rxe use-after-free leading to potential arbitrary code execution), CVE-2026-23191 (race condition in ALSA aloop PCM trigger), CVE-2026-23243 (denial of service and memory corruption in RDMA umad), CVE-2026-23401 (privilege escalation or denial of service in KVM due to improper shadow page table handling), CVE-2026-31419 (use-after-free in bonding driver causing denial of service), CVE-2026-31532 (use-after-free in can: raw driver), CVE-2026-46300 (local privilege escalation via a variant of Dirty Frag vulnerability in ESP/XFRM), and CVE-2026-46333 (unauthorized reading of root-owned files by unprivileged users). These vulnerabilities affect Red Hat Enterprise Linux 8.8 and related update services on x86_64 and ppc64le architectures. The advisory includes updated kernel packages that fix these issues and requires a system reboot to apply the updates.
Potential Impact
The vulnerabilities collectively allow for potential arbitrary code execution, local privilege escalation, denial of service, memory corruption, and unauthorized access to root-owned files on affected systems running vulnerable Red Hat Enterprise Linux kernel versions. Exploitation could compromise system integrity and confidentiality. The advisory rates the security impact as Important, indicating significant risk if unpatched. No known exploits in the wild have been reported at the time of this advisory.
Mitigation Recommendations
Red Hat has released updated kernel packages that address all listed vulnerabilities. Users of affected Red Hat Enterprise Linux 8.8 versions should apply the provided kernel updates promptly. A system reboot is required for the updates to take effect. Refer to the official Red Hat advisory (RHSA-2026:19521) and the linked article https://access.redhat.com/articles/11258 for detailed update instructions. No additional mitigations are specified or required beyond applying the official patches and rebooting.
Red Hat Security Advisory: kernel security update
Description
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: Linux kernel: RDMA/rxe use-after-free vulnerability leading to potential arbitrary code execution (CVE-2025-38024) * kernel: ALSA: aloop: Fix racy access at PCM trigger (CVE-2026-23191) * kernel: Linux kernel: Denial of service and memory corruption in RDMA umad (CVE-2026-23243) * kernel: Linux kernel KVM: Privilege escalation or denial of service due to improper shadow page table entry handling (CVE-2026-23401) * kernel: Linux kernel: Use-after-free in bonding driver leads to denial of service (CVE-2026-31419) * kernel: can: raw: fix ro->uniq use-after-free in raw_rcv() (CVE-2026-31532) * kernel: "Fragnesia" is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation (LPE) vulnerability in the Linux kernel (CVE-2026-46300) * kernel: Read root-owned files as an unprivileged user (CVE-2026-46333) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This Red Hat security advisory addresses eight distinct vulnerabilities in the Linux kernel, including CVE-2025-38024 (RDMA/rxe use-after-free leading to potential arbitrary code execution), CVE-2026-23191 (race condition in ALSA aloop PCM trigger), CVE-2026-23243 (denial of service and memory corruption in RDMA umad), CVE-2026-23401 (privilege escalation or denial of service in KVM due to improper shadow page table handling), CVE-2026-31419 (use-after-free in bonding driver causing denial of service), CVE-2026-31532 (use-after-free in can: raw driver), CVE-2026-46300 (local privilege escalation via a variant of Dirty Frag vulnerability in ESP/XFRM), and CVE-2026-46333 (unauthorized reading of root-owned files by unprivileged users). These vulnerabilities affect Red Hat Enterprise Linux 8.8 and related update services on x86_64 and ppc64le architectures. The advisory includes updated kernel packages that fix these issues and requires a system reboot to apply the updates.
Potential Impact
The vulnerabilities collectively allow for potential arbitrary code execution, local privilege escalation, denial of service, memory corruption, and unauthorized access to root-owned files on affected systems running vulnerable Red Hat Enterprise Linux kernel versions. Exploitation could compromise system integrity and confidentiality. The advisory rates the security impact as Important, indicating significant risk if unpatched. No known exploits in the wild have been reported at the time of this advisory.
Mitigation Recommendations
Red Hat has released updated kernel packages that address all listed vulnerabilities. Users of affected Red Hat Enterprise Linux 8.8 versions should apply the provided kernel updates promptly. A system reboot is required for the updates to take effect. Refer to the official Red Hat advisory (RHSA-2026:19521) and the linked article https://access.redhat.com/articles/11258 for detailed update instructions. No additional mitigations are specified or required beyond applying the official patches and rebooting.
Technical Details
- Gcve Source
- db.gcve.eu
- Csaf Category
- csaf_security_advisory
- Csaf Version
- 2.0
- Publisher
- Red Hat Product Security
- Advisory Id
- RHSA-2026:19521
- Cve Count
- 8
- Additional Cves
- ["CVE-2026-23191","CVE-2026-23243","CVE-2026-23401","CVE-2026-31419","CVE-2026-31532","CVE-2026-46300","CVE-2026-46333"]
- Cvss Version
- null
Threat ID: 6a175eede29bf47b50edbb63
Added to database: 5/27/2026, 9:15:25 PM
Last enriched: 5/27/2026, 9:18:50 PM
Last updated: 5/29/2026, 5:33:47 PM
Views: 11
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.