Red Hat Security Advisory: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: Linux kernel: Use-after-free in device mapper due to race condition in zone reporting (CVE-2025-38141) * kernel: Linux kernel io_uring: Local privilege escalation, information disclosure, or denial of service via use-after-free (CVE-2025-38106) * kernel: drm/xe: Make dma-fences compliant with the safe access rules (CVE-2025-38703) * kernel: Linux kernel: Denial of Service via out-of-bounds read in USB configuration parsing (CVE-2025-39760) * kernel: HID: intel-thc-hid: intel-thc: Fix incorrect pointer arithmetic in I2C regs save (CVE-2025-39818) * kernel: Kernel: Use-after-free in GPIO character device allows privilege escalation or denial of service (CVE-2025-40249) * kernel: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (CVE-2025-71085) * kernel: macvlan: fix possible UAF in macvlan_forward_source() (CVE-2026-23001) * kernel: Linux kernel: Denial of Service due to a deadlock in hugetlb folio migration (CVE-2026-23097) * kernel: Linux kernel: Information disclosure in efivarfs via incorrect error propagation (CVE-2026-23156) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
AI Analysis
Technical Summary
The advisory covers a set of 10 vulnerabilities in the Linux kernel used by Red Hat Enterprise Linux 10 and associated products. Key issues include use-after-free vulnerabilities in device mapper (CVE-2025-38141), io_uring (CVE-2025-38106), GPIO character device (CVE-2025-40249), and macvlan (CVE-2026-23001), which can lead to local privilege escalation, information disclosure, or denial of service. Other vulnerabilities include denial of service via out-of-bounds USB configuration parsing (CVE-2025-39760), incorrect pointer arithmetic in HID intel-thc (CVE-2025-39818), a BUG() in ipv6 skb buffer handling (CVE-2025-71085), deadlock in hugetlb folio migration (CVE-2026-23097), and information disclosure in efivarfs (CVE-2026-23156). The advisory provides updated kernel packages to address these issues and requires rebooting the system to apply the fixes.
Potential Impact
The vulnerabilities collectively allow for local privilege escalation, information disclosure, and denial of service conditions on affected Red Hat Enterprise Linux 10 systems. Exploitation could enable attackers with local access to escalate privileges or cause system instability. No known exploits in the wild have been reported. The overall security impact is rated as moderate by Red Hat.
Mitigation Recommendations
Red Hat has released updated kernel packages for Red Hat Enterprise Linux 10 and related products that address these vulnerabilities. Users should apply the available kernel updates as described in the Red Hat advisory RHSA-2026:4012 and reboot their systems to ensure the fixes take effect. Patch status is confirmed by the vendor advisory. No additional mitigations are specified beyond applying the official update and rebooting.
Red Hat Security Advisory: kernel security update
Description
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: Linux kernel: Use-after-free in device mapper due to race condition in zone reporting (CVE-2025-38141) * kernel: Linux kernel io_uring: Local privilege escalation, information disclosure, or denial of service via use-after-free (CVE-2025-38106) * kernel: drm/xe: Make dma-fences compliant with the safe access rules (CVE-2025-38703) * kernel: Linux kernel: Denial of Service via out-of-bounds read in USB configuration parsing (CVE-2025-39760) * kernel: HID: intel-thc-hid: intel-thc: Fix incorrect pointer arithmetic in I2C regs save (CVE-2025-39818) * kernel: Kernel: Use-after-free in GPIO character device allows privilege escalation or denial of service (CVE-2025-40249) * kernel: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (CVE-2025-71085) * kernel: macvlan: fix possible UAF in macvlan_forward_source() (CVE-2026-23001) * kernel: Linux kernel: Denial of Service due to a deadlock in hugetlb folio migration (CVE-2026-23097) * kernel: Linux kernel: Information disclosure in efivarfs via incorrect error propagation (CVE-2026-23156) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The advisory covers a set of 10 vulnerabilities in the Linux kernel used by Red Hat Enterprise Linux 10 and associated products. Key issues include use-after-free vulnerabilities in device mapper (CVE-2025-38141), io_uring (CVE-2025-38106), GPIO character device (CVE-2025-40249), and macvlan (CVE-2026-23001), which can lead to local privilege escalation, information disclosure, or denial of service. Other vulnerabilities include denial of service via out-of-bounds USB configuration parsing (CVE-2025-39760), incorrect pointer arithmetic in HID intel-thc (CVE-2025-39818), a BUG() in ipv6 skb buffer handling (CVE-2025-71085), deadlock in hugetlb folio migration (CVE-2026-23097), and information disclosure in efivarfs (CVE-2026-23156). The advisory provides updated kernel packages to address these issues and requires rebooting the system to apply the fixes.
Potential Impact
The vulnerabilities collectively allow for local privilege escalation, information disclosure, and denial of service conditions on affected Red Hat Enterprise Linux 10 systems. Exploitation could enable attackers with local access to escalate privileges or cause system instability. No known exploits in the wild have been reported. The overall security impact is rated as moderate by Red Hat.
Mitigation Recommendations
Red Hat has released updated kernel packages for Red Hat Enterprise Linux 10 and related products that address these vulnerabilities. Users should apply the available kernel updates as described in the Red Hat advisory RHSA-2026:4012 and reboot their systems to ensure the fixes take effect. Patch status is confirmed by the vendor advisory. No additional mitigations are specified beyond applying the official update and rebooting.
Technical Details
- Gcve Source
- db.gcve.eu
- Csaf Category
- csaf_security_advisory
- Csaf Version
- 2.0
- Publisher
- Red Hat Product Security
- Advisory Id
- RHSA-2026:4012
- Cve Count
- 10
- Additional Cves
- ["CVE-2025-38141","CVE-2025-38703","CVE-2025-39760","CVE-2025-39818","CVE-2025-40249","CVE-2025-71085","CVE-2026-23001","CVE-2026-23097","CVE-2026-23156"]
- Cvss Version
- null
Threat ID: 6a27e9fd8dd33fbd8517cfde
Added to database: 6/9/2026, 10:25:01 AM
Last enriched: 6/9/2026, 10:26:44 AM
Last updated: 6/9/2026, 3:13:05 PM
Views: 6
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.