Threats Tagged 'cve-2026-46300'

This Red Hat security advisory addresses multiple vulnerabilities in the kernel-rt packages, which provide the Real Time Linux Kernel for systems requiring high determinism. The update fixes use-after-free, double free, denial of service, memory corruption, and local privilege escalation vulnerabilities across various kernel components including proc, qla2xxx, RDMA umad, KVM, CAN raw sockets, ESP/XFRM, and file access controls. The advisory rates the security impact as Important and affects Red Hat Enterprise Linux 9. 2 Real Time variants. A system reboot is required after applying the update for the fixes to take effect.

Red Hat has issued a security advisory for a kernel update addressing two vulnerabilities in the Linux kernel used in Red Hat Enterprise Linux 10. 0 and related products. The first vulnerability (CVE-2026-46300) is a local privilege escalation issue caused by a variant of the Dirty Frag vulnerability in the ESP/XFRM subsystem, known as "Fragnesia. " The second vulnerability (CVE-2026-46333) allows an unprivileged user to read root-owned files. These vulnerabilities could allow unauthorized local users to gain elevated privileges or access sensitive files. Red Hat has rated the security impact as Important and released updated kernel packages to fix these issues. Systems must be rebooted after applying the update for the fixes to take effect. No known exploits in the wild have been reported at this time.

This advisory addresses two vulnerabilities in the Linux kernel packages used by Red Hat Enterprise Linux for NVIDIA and related products. The first vulnerability (CVE-2026-46333) allows an unprivileged user to read root-owned files. The second vulnerability (CVE-2026-46300), known as "Fragnesia," is a variant of the Dirty Frag vulnerability affecting ESP/XFRM, leading to a local privilege escalation (LPE) in the Linux kernel. Red Hat has released an important security update to fix these issues. The update requires a system reboot to take effect. No known exploits are reported in the wild at this time.

This advisory addresses multiple security vulnerabilities in the Red Hat Real Time Linux Kernel (kernel-rt) packages. The issues include a use-after-free bug in the CAN raw socket receive function (CVE-2026-31532), a local privilege escalation vulnerability related to a variant of the Dirty Frag vulnerability in ESP/XFRM (CVE-2026-46300), and an information disclosure vulnerability allowing unprivileged users to read root-owned files (CVE-2026-46333). Red Hat has released updated kernel-rt packages to fix these vulnerabilities. Systems must be rebooted after applying the update for the fixes to take effect. The update is rated as Important by Red Hat Product Security. No known exploits in the wild have been reported at this time.