Threats Tagged 'cve-2026-23243'

This Red Hat security advisory addresses multiple vulnerabilities in the Linux kernel packages included in Red Hat Enterprise Linux 10 and related products. The update fixes a range of issues including memory leaks, use-after-free bugs, privilege escalation, denial of service, and null pointer dereferences across various kernel subsystems such as tcp_bpf, KVM, block device handling, dmaengine, bpf, netfilter, VLAN, filesystem writeback, PCI, and others. The advisory rates the overall security impact as moderate. The update requires a system reboot to take effect.

This Red Hat security advisory addresses multiple vulnerabilities in the Linux kernel packages included with Red Hat Enterprise Linux 9 and related variants. The update fixes a range of issues including resource leaks, memory leaks, use-after-free, NULL pointer dereferences, denial of service, and memory corruption across various kernel subsystems such as bonding, block device handling, DMA engine, BPF, NFS, netfilter, VLAN, filesystem writeback, device mapper, WiFi simulation, and RDMA. The advisory rates the overall security impact as moderate and requires a system reboot after applying the update.

Red Hat has issued a security advisory for the kernel-rt packages, which provide the Real Time Linux Kernel for systems requiring high determinism. The update addresses multiple vulnerabilities including denial of service, use-after-free, privilege escalation, memory corruption, deadlocks, and heap overflow issues across various kernel components such as SCSI, ALSA, RDMA, KVM, and NFS. These vulnerabilities affect Red Hat Enterprise Linux 9. 0 and related products. The advisory rates the update as Important and requires a system reboot after applying the patch. No known exploits in the wild have been reported at this time.

This Red Hat security advisory addresses multiple vulnerabilities in the Linux kernel packages for Red Hat Enterprise Linux 10. 0 Extended Update Support and related products. The issues include denial of service due to deadlocks and memory corruption, privilege escalation risks, heap overflow, and use-after-free bugs. The advisory rates the overall security impact as Important and provides updated kernel packages to fix these vulnerabilities. Systems must be rebooted after applying the update for the fixes to take effect.

This Red Hat security advisory addresses multiple vulnerabilities in the Linux kernel packages for Red Hat Enterprise Linux 9. 0 and related variants. The issues include denial of service, use-after-free, heap overflow, memory corruption, privilege escalation, and race conditions across various kernel subsystems such as SCSI, ALSA, RDMA, KVM, and NFS. The advisory rates the overall security impact as Important and provides updated kernel packages to remediate these vulnerabilities. A system reboot is required to apply the updates. No known exploits are reported in the wild at this time.

This Red Hat security advisory addresses multiple vulnerabilities in the Linux kernel packages for Red Hat Enterprise Linux 9. 6 Extended Update Support and related products. The issues include memory corruption, denial of service, privilege escalation, and use-after-free bugs across various kernel components such as NFS daemon, SCSI, RDMA, KVM, crypto, and CAN raw sockets. The advisory rates the overall impact as Important and provides updated kernel packages to fix these vulnerabilities. Systems must be rebooted after applying the update for the fixes to take effect.

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es): * kernel: proc: fix UAF in proc_get_inode() (CVE-2025-21999) * kernel: Linux kernel (qla2xxx): Double free vulnerability leads to denial of service and potential privilege escalation. (CVE-2025-71238) * kernel: Linux kernel: Denial of service and memory corruption in RDMA umad (CVE-2026-23243) * kernel: Linux kernel KVM: Privilege escalation or denial of service due to improper shadow page table entry handling (CVE-2026-23401) * kernel: can: raw: fix ro->uniq use-after-free in raw_rcv() (CVE-2026-31532) * kernel: "Fragnesia" is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation (LPE) vulnerability in the Linux kernel (CVE-2026-46300) * kernel: Read root-owned files as an unprivileged user (CVE-2026-46333) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.