RLSA-2026:6632

Опубликовано: 12 апр. 2026

Источник: rocky

Оценка: Moderate

Описание

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

kernel: Linux kernel (net/mlx5): Use-after-free in ECVF vports unload leads to denial of service (CVE-2025-38109)
kernel: Linux kernel: Local denial of service and memory leak in DAMON sysfs via setup failure (CVE-2026-23144)
kernel: Linux kernel: Use-after-free in bonding module can cause system crash or arbitrary code execution (CVE-2026-23171)
kernel: scsi: target: iscsi: Fix use-after-free in iscsit_dec_session_usage_count() (CVE-2026-23193)
kernel: macvlan: fix error recovery in macvlan_common_newlink() (CVE-2026-23209)
kernel: net/sched: cls_u32: use skb_header_pointer_careful() (CVE-2026-23204)
kernel: ALSA: aloop: Fix racy access at PCM trigger (CVE-2026-23191)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Затронутые продукты

Rocky Linux 10

Наименование	Архитектура	Релиз	RPM
kernel-debug-uki-virt	x86_64	124.49.1.el10_1	kernel-debug-uki-virt-6.12.0-124.49.1.el10_1.x86_64.rpm
kernel-abi-stablelists	noarch	124.49.1.el10_1	kernel-abi-stablelists-6.12.0-124.49.1.el10_1.noarch.rpm
kernel-debug-modules-core	x86_64	124.49.1.el10_1	kernel-debug-modules-core-6.12.0-124.49.1.el10_1.x86_64.rpm
kernel	x86_64	124.49.1.el10_1	kernel-6.12.0-124.49.1.el10_1.x86_64.rpm
kernel-uki-virt-addons	x86_64	124.49.1.el10_1	kernel-uki-virt-addons-6.12.0-124.49.1.el10_1.x86_64.rpm
kernel-modules-extra-matched	x86_64	124.49.1.el10_1	kernel-modules-extra-matched-6.12.0-124.49.1.el10_1.x86_64.rpm
kernel-tools-libs	x86_64	124.49.1.el10_1	kernel-tools-libs-6.12.0-124.49.1.el10_1.x86_64.rpm
kernel-debug-modules-extra	x86_64	124.49.1.el10_1	kernel-debug-modules-extra-6.12.0-124.49.1.el10_1.x86_64.rpm
kernel-uki-virt	x86_64	124.49.1.el10_1	kernel-uki-virt-6.12.0-124.49.1.el10_1.x86_64.rpm
kernel-modules-extra	x86_64	124.49.1.el10_1	kernel-modules-extra-6.12.0-124.49.1.el10_1.x86_64.rpm

Показывать по

Связанные CVE

Ссылки на источники

Исправления

https://bugzilla.redhat.com/show_bug.cgi?id=2439872
Red Hat - 2439872
https://bugzilla.redhat.com/show_bug.cgi?id=2439886
Red Hat - 2439886
https://bugzilla.redhat.com/show_bug.cgi?id=2439947
Red Hat - 2439947
https://bugzilla.redhat.com/show_bug.cgi?id=2439931
Red Hat - 2439931
https://bugzilla.redhat.com/show_bug.cgi?id=2376101
Red Hat - 2376101
https://bugzilla.redhat.com/show_bug.cgi?id=2439887
Red Hat - 2439887
https://bugzilla.redhat.com/show_bug.cgi?id=2439900
Red Hat - 2439900

Связанные уязвимости

ELSA-2026-6632

oracle-oval

30 дней назад

ELSA-2026-6632: kernel security update (MODERATE)

RLSA-2026:6153

rocky

28 дней назад

Moderate: kernel security update

ELSA-2026-6153

oracle-oval

около 1 месяца назад

ELSA-2026-6153: kernel security update (MODERATE)

CVE-2026-23144

CVSS3: 5.5

ubuntu

3 месяца назад

In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: cleanup attrs subdirs on context dir setup failure When a context DAMON sysfs directory setup is failed after setup of attrs/ directory, subdirectories of attrs/ directory are not cleaned up. As a result, DAMON sysfs interface is nearly broken until the system reboots, and the memory for the unremoved directory is leaked. Cleanup the directories under such failures.

CVE-2026-23144

CVSS3: 7.3

redhat

3 месяца назад

exploitDog

RLSA-2026:6632

Описание

Затронутые продукты

Rocky Linux 10: обновленные пакеты

Связанные CVE

Ссылки на источники

Исправления

Связанные уязвимости