Threats Tagged 'cve-2026-23231'

Red Hat has issued a security advisory for the kernel-rt packages, which provide the Real Time Linux Kernel for systems requiring high determinism. The update addresses four vulnerabilities: a race condition in nouveau (CVE-2024-26984), a use-after-free in iscsi target code (CVE-2026-23193), a use-after-free in nf_tables_addchain() that can lead to privilege escalation or denial of service (CVE-2026-23231), and a double free vulnerability in the qla2xxx driver causing denial of service and potential privilege escalation (CVE-2025-71238). These vulnerabilities have a moderate security impact. The advisory includes updated packages for affected Red Hat Enterprise Linux 8 Real Time variants. Systems must be rebooted after applying the update for the fixes to take effect.

This advisory addresses two vulnerabilities in the Linux kernel packages for Red Hat Enterprise Linux 10. The first is a use-after-free vulnerability in nf_tables_addchain() (CVE-2026-23231) that can lead to privilege escalation or denial of service. The second is a double free vulnerability in the qla2xxx driver (CVE-2025-71238) that can also cause denial of service and potential privilege escalation. Red Hat has released updated kernel packages to fix these issues. A system reboot is required to apply the updates. The security impact is rated as moderate by Red Hat.

Red Hat has issued a moderate severity security advisory for multiple vulnerabilities in the Linux kernel packages used in Red Hat Enterprise Linux 8 and related products. The update addresses four vulnerabilities including race conditions, use-after-free, and double free bugs that could lead to denial of service or privilege escalation. The affected components include nouveau, iscsi target, nf_tables, and qla2xxx kernel modules. A system reboot is required after applying the update for the fixes to take effect.