Threats Tagged 'cve-2026-31402'

Red Hat has issued a security advisory for the kernel-rt packages, which provide the Real Time Linux Kernel for systems requiring high determinism. The update addresses multiple vulnerabilities including denial of service, use-after-free, privilege escalation, memory corruption, deadlocks, and heap overflow issues across various kernel components such as SCSI, ALSA, RDMA, KVM, and NFS. These vulnerabilities affect Red Hat Enterprise Linux 9. 0 and related products. The advisory rates the update as Important and requires a system reboot after applying the patch. No known exploits in the wild have been reported at this time.

Red Hat has issued a security advisory for multiple vulnerabilities in the Linux kernel packages used in Red Hat Enterprise Linux 8 and related products. The update addresses several issues including a double free vulnerability in the NVMe driver (CVE-2024-41073), out-of-bounds reads in network drivers, overflow and heap overflow issues in cryptographic and NFS components, and privilege escalation or denial of service in the KVM virtualization module. These vulnerabilities have been rated with a security impact of Important by Red Hat. The advisory includes fixes for seven CVEs affecting various kernel subsystems. Systems must be updated and rebooted to apply the fixes. No known exploits in the wild have been reported at this time.

This Red Hat security advisory addresses multiple vulnerabilities in the Linux kernel packages for Red Hat Enterprise Linux 10. 0 Extended Update Support and related products. The issues include denial of service due to deadlocks and memory corruption, privilege escalation risks, heap overflow, and use-after-free bugs. The advisory rates the overall security impact as Important and provides updated kernel packages to fix these vulnerabilities. Systems must be rebooted after applying the update for the fixes to take effect.

A security update for the Red Hat kernel-rt packages addresses multiple vulnerabilities affecting the Real Time Linux Kernel used in Red Hat Enterprise Linux 8 and related variants. The update fixes issues including double free, out-of-bounds reads, heap overflow, privilege escalation, and cryptographic key generation overflow. These vulnerabilities impact kernel components such as NVMe, network drivers, cryptographic keys, NFS server, and KVM virtualization. The update is rated as important by Red Hat and requires a system reboot to take effect.

This Red Hat security advisory addresses multiple vulnerabilities in the Linux kernel packages for Red Hat Enterprise Linux 9. 0 and related variants. The issues include denial of service, use-after-free, heap overflow, memory corruption, privilege escalation, and race conditions across various kernel subsystems such as SCSI, ALSA, RDMA, KVM, and NFS. The advisory rates the overall security impact as Important and provides updated kernel packages to remediate these vulnerabilities. A system reboot is required to apply the updates. No known exploits are reported in the wild at this time.

This Red Hat security advisory addresses multiple vulnerabilities in the Linux kernel packages for Red Hat Enterprise Linux 8. 6. The issues include a denial of service caused by a deadlock in hugetlb folio migration (CVE-2026-23097), a use-after-free vulnerability in the iSCSI target code (CVE-2026-23193), a double free vulnerability in the qla2xxx driver that can lead to denial of service and potential privilege escalation (CVE-2025-71238), and a heap overflow in the NFSv4. 0 LOCK replay cache (CVE-2026-31402). Red Hat has released updated kernel packages to address these vulnerabilities, and a system reboot is required to apply the fixes. The advisory rates the update as important and the severity of the double free vulnerability as high. No known exploits in the wild have been reported at this time.

This Red Hat security advisory addresses multiple vulnerabilities in the Linux kernel packages for Red Hat Enterprise Linux 8. 4. The issues include a double free vulnerability in the qla2xxx driver (CVE-2025-71238) that can lead to denial of service and potential privilege escalation, a use-after-free in the iSCSI target code (CVE-2026-23193), a heap overflow in the NFSv4. 0 LOCK replay cache (CVE-2026-31402), and a cryptographic algorithm interface regression (CVE-2026-31431). These vulnerabilities affect the core Linux kernel components and have been rated with an overall security impact of Important by Red Hat. A kernel update is available that addresses these issues, and a system reboot is required to apply the fixes.

Red Hat has released a security advisory addressing multiple vulnerabilities in the Linux kernel packages for Red Hat Enterprise Linux 10 and related products. The issues include use-after-free vulnerabilities in the traffic control subsystem (act_ct) and bonding driver, a heap overflow in the NFSv4. 0 LOCK replay cache, and a cryptographic component regression. These vulnerabilities may lead to denial of service or privilege escalation. The update is rated as Important by Red Hat and requires a system reboot to take effect.