Threats Tagged 'cve-2026-31431'

Red Hat has issued a security advisory for the kernel-rt packages, which provide the Real Time Linux Kernel for systems requiring high determinism. The update addresses multiple vulnerabilities including denial of service, use-after-free, privilege escalation, memory corruption, deadlocks, and heap overflow issues across various kernel components such as SCSI, ALSA, RDMA, KVM, and NFS. These vulnerabilities affect Red Hat Enterprise Linux 9. 0 and related products. The advisory rates the update as Important and requires a system reboot after applying the patch. No known exploits in the wild have been reported at this time.

Red Hat has issued a security advisory for multiple vulnerabilities in the Linux kernel packages used in Red Hat Enterprise Linux 8 and related products. The update addresses several issues including a double free vulnerability in the NVMe driver (CVE-2024-41073), out-of-bounds reads in network drivers, overflow and heap overflow issues in cryptographic and NFS components, and privilege escalation or denial of service in the KVM virtualization module. These vulnerabilities have been rated with a security impact of Important by Red Hat. The advisory includes fixes for seven CVEs affecting various kernel subsystems. Systems must be updated and rebooted to apply the fixes. No known exploits in the wild have been reported at this time.

A security update for the Red Hat kernel-rt packages addresses multiple vulnerabilities affecting the Real Time Linux Kernel used in Red Hat Enterprise Linux 8 and related variants. The update fixes issues including double free, out-of-bounds reads, heap overflow, privilege escalation, and cryptographic key generation overflow. These vulnerabilities impact kernel components such as NVMe, network drivers, cryptographic keys, NFS server, and KVM virtualization. The update is rated as important by Red Hat and requires a system reboot to take effect.

This Red Hat security advisory addresses multiple vulnerabilities in the Linux kernel packages for Red Hat Enterprise Linux 9. 0 and related variants. The issues include denial of service, use-after-free, heap overflow, memory corruption, privilege escalation, and race conditions across various kernel subsystems such as SCSI, ALSA, RDMA, KVM, and NFS. The advisory rates the overall security impact as Important and provides updated kernel packages to remediate these vulnerabilities. A system reboot is required to apply the updates. No known exploits are reported in the wild at this time.

This Red Hat security advisory addresses multiple vulnerabilities in the Linux kernel packages for Red Hat Enterprise Linux 9. 6 Extended Update Support and related products. The issues include memory corruption, denial of service, privilege escalation, and use-after-free bugs across various kernel components such as NFS daemon, SCSI, RDMA, KVM, crypto, and CAN raw sockets. The advisory rates the overall impact as Important and provides updated kernel packages to fix these vulnerabilities. Systems must be rebooted after applying the update for the fixes to take effect.

A security advisory from Red Hat addresses multiple vulnerabilities in the Linux kernel packages used in Red Hat Enterprise Linux 9. 4 Extended Update Support and related products. The vulnerabilities include a double free in the qla2xxx driver (CVE-2025-71238) that can lead to denial of service and potential privilege escalation, privilege escalation or denial of service in KVM due to improper shadow page table handling (CVE-2026-23401), and several use-after-free and race condition issues in kernel components such as ALSA aloop, crypto algif_aead, and CAN raw sockets. These issues are rated as important by Red Hat and require applying the provided kernel update and rebooting the system. No known exploits in the wild have been reported. The advisory covers multiple architectures and product variants of Red Hat Enterprise Linux 9. 4 EUS.

This Red Hat security advisory addresses multiple vulnerabilities in the Linux kernel packages for Red Hat Enterprise Linux 8. 4. The issues include a double free vulnerability in the qla2xxx driver (CVE-2025-71238) that can lead to denial of service and potential privilege escalation, a use-after-free in the iSCSI target code (CVE-2026-23193), a heap overflow in the NFSv4. 0 LOCK replay cache (CVE-2026-31402), and a cryptographic algorithm interface regression (CVE-2026-31431). These vulnerabilities affect the core Linux kernel components and have been rated with an overall security impact of Important by Red Hat. A kernel update is available that addresses these issues, and a system reboot is required to apply the fixes.

Red Hat has released a security advisory addressing multiple vulnerabilities in the Linux kernel packages for Red Hat Enterprise Linux 10 and related products. The issues include use-after-free vulnerabilities in the traffic control subsystem (act_ct) and bonding driver, a heap overflow in the NFSv4. 0 LOCK replay cache, and a cryptographic component regression. These vulnerabilities may lead to denial of service or privilege escalation. The update is rated as Important by Red Hat and requires a system reboot to take effect.