RHSA-2026:6953
Vulnerability from csaf_redhat - Published: 2026-04-08 03:26 - Updated: 2026-04-08 19:37Summary
Red Hat Security Advisory: kernel security update
Severity
Moderate
Notes
Topic: An update for kernel is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
* kernel: Linux kernel: Device Mapper RAID out-of-bounds access (CVE-2022-49674)
* kernel: Linux kernel: Use-After-Free vulnerability in ATM subsystem (CVE-2025-38180)
* kernel: Linux kernel: integer overflow and information disclosure via undefined shift operation in drm/amdkfd (CVE-2021-4460)
* kernel: macvlan: fix error recovery in macvlan_common_newlink() (CVE-2026-23209)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the Linux kernel’s AMD Kernel Fusion Driver (amdkfd) within the drm subsystem. When either get_num_sdma_queues() or get_num_xgmi_sdma_queues() returned 0, the driver performed a bit shift where the number of bits shifted equaled the operand width. Such a shift is undefined behavior in C and can lead to incorrect values being used in subsequent logic.A local user with the ability to exercise the affected kernel APIs could trigger unintended behavior in the DRM/AMD GPU driver, which may result in a kernel crash and impact system availability
5.5 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2026:6953
Workaround
To mitigate this issue, the `amdkfd` kernel module can be prevented from loading by blacklisting it. Create a file `/etc/modprobe.d/blacklist-amdkfd.conf` with the content `blacklist amdkfd`. A system reboot is required for this change to take effect. This may impact functionality that relies on the AMDGPU kernel graphics driver.
A flaw was found in the Linux kernel's device mapper (dm) RAID component. This vulnerability allows an attacker to cause an out-of-bounds memory access via loading a crafted dm-raid table. This may lead to a crash.
6.1 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2026:6953
A flaw was found in the Linux kernel's Asynchronous Transfer Mode (ATM) subsystem. An authenticated local attacker could exploit a Use-After-Free (UAF) vulnerability in the /proc/net/atm/lec handling. This flaw occurs due to improper dev_put() calls without prior dev_hold() calls, leading to an imbalance in reference counting. Successful exploitation could allow the attacker to achieve privilege escalation or cause a denial of service.
7.1 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2026:6953
A use-after-free vulnerability was found in the macvlan driver. When creating a macvlan interface in source mode fails after the source MAC has been added to the hash table (e.g., due to an invalid interface name), the hash entry still references the freed net_device structure. Subsequent packets matching that source MAC trigger use-after-free in macvlan_forward_source().
7.0 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2026:6953
Workaround
To mitigate this issue, prevent module macvlan from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.
References
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for kernel is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* kernel: Linux kernel: Device Mapper RAID out-of-bounds access (CVE-2022-49674)\n\n* kernel: Linux kernel: Use-After-Free vulnerability in ATM subsystem (CVE-2025-38180)\n\n* kernel: Linux kernel: integer overflow and information disclosure via undefined shift operation in drm/amdkfd (CVE-2021-4460)\n\n* kernel: macvlan: fix error recovery in macvlan_common_newlink() (CVE-2026-23209)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:6953",
"url": "https://access.redhat.com/errata/RHSA-2026:6953"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2347967",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2347967"
},
{
"category": "external",
"summary": "2376376",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2376376"
},
{
"category": "external",
"summary": "2400732",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2400732"
},
{
"category": "external",
"summary": "2439900",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439900"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_6953.json"
}
],
"title": "Red Hat Security Advisory: kernel security update",
"tracking": {
"current_release_date": "2026-04-08T19:37:33+00:00",
"generator": {
"date": "2026-04-08T19:37:33+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.5"
}
},
"id": "RHSA-2026:6953",
"initial_release_date": "2026-04-08T03:26:26+00:00",
"revision_history": [
{
"date": "2026-04-08T03:26:26+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-04-08T03:26:26+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-08T19:37:33+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_aus:8.2::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "bpftool-0:4.18.0-193.193.1.el8_2.x86_64",
"product": {
"name": "bpftool-0:4.18.0-193.193.1.el8_2.x86_64",
"product_id": "bpftool-0:4.18.0-193.193.1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bpftool@4.18.0-193.193.1.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-0:4.18.0-193.193.1.el8_2.x86_64",
"product": {
"name": "kernel-0:4.18.0-193.193.1.el8_2.x86_64",
"product_id": "kernel-0:4.18.0-193.193.1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel@4.18.0-193.193.1.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-core-0:4.18.0-193.193.1.el8_2.x86_64",
"product": {
"name": "kernel-core-0:4.18.0-193.193.1.el8_2.x86_64",
"product_id": "kernel-core-0:4.18.0-193.193.1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-core@4.18.0-193.193.1.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-0:4.18.0-193.193.1.el8_2.x86_64",
"product": {
"name": "kernel-debug-0:4.18.0-193.193.1.el8_2.x86_64",
"product_id": "kernel-debug-0:4.18.0-193.193.1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug@4.18.0-193.193.1.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-core-0:4.18.0-193.193.1.el8_2.x86_64",
"product": {
"name": "kernel-debug-core-0:4.18.0-193.193.1.el8_2.x86_64",
"product_id": "kernel-debug-core-0:4.18.0-193.193.1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-core@4.18.0-193.193.1.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-0:4.18.0-193.193.1.el8_2.x86_64",
"product": {
"name": "kernel-debug-devel-0:4.18.0-193.193.1.el8_2.x86_64",
"product_id": "kernel-debug-devel-0:4.18.0-193.193.1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-devel@4.18.0-193.193.1.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-0:4.18.0-193.193.1.el8_2.x86_64",
"product": {
"name": "kernel-debug-modules-0:4.18.0-193.193.1.el8_2.x86_64",
"product_id": "kernel-debug-modules-0:4.18.0-193.193.1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules@4.18.0-193.193.1.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-extra-0:4.18.0-193.193.1.el8_2.x86_64",
"product": {
"name": "kernel-debug-modules-extra-0:4.18.0-193.193.1.el8_2.x86_64",
"product_id": "kernel-debug-modules-extra-0:4.18.0-193.193.1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules-extra@4.18.0-193.193.1.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-devel-0:4.18.0-193.193.1.el8_2.x86_64",
"product": {
"name": "kernel-devel-0:4.18.0-193.193.1.el8_2.x86_64",
"product_id": "kernel-devel-0:4.18.0-193.193.1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-devel@4.18.0-193.193.1.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-0:4.18.0-193.193.1.el8_2.x86_64",
"product": {
"name": "kernel-modules-0:4.18.0-193.193.1.el8_2.x86_64",
"product_id": "kernel-modules-0:4.18.0-193.193.1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules@4.18.0-193.193.1.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-extra-0:4.18.0-193.193.1.el8_2.x86_64",
"product": {
"name": "kernel-modules-extra-0:4.18.0-193.193.1.el8_2.x86_64",
"product_id": "kernel-modules-extra-0:4.18.0-193.193.1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules-extra@4.18.0-193.193.1.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-0:4.18.0-193.193.1.el8_2.x86_64",
"product": {
"name": "kernel-tools-0:4.18.0-193.193.1.el8_2.x86_64",
"product_id": "kernel-tools-0:4.18.0-193.193.1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools@4.18.0-193.193.1.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-libs-0:4.18.0-193.193.1.el8_2.x86_64",
"product": {
"name": "kernel-tools-libs-0:4.18.0-193.193.1.el8_2.x86_64",
"product_id": "kernel-tools-libs-0:4.18.0-193.193.1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-libs@4.18.0-193.193.1.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "perf-0:4.18.0-193.193.1.el8_2.x86_64",
"product": {
"name": "perf-0:4.18.0-193.193.1.el8_2.x86_64",
"product_id": "perf-0:4.18.0-193.193.1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/perf@4.18.0-193.193.1.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-perf-0:4.18.0-193.193.1.el8_2.x86_64",
"product": {
"name": "python3-perf-0:4.18.0-193.193.1.el8_2.x86_64",
"product_id": "python3-perf-0:4.18.0-193.193.1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-perf@4.18.0-193.193.1.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "bpftool-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"product": {
"name": "bpftool-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"product_id": "bpftool-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bpftool-debuginfo@4.18.0-193.193.1.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"product": {
"name": "kernel-debug-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"product_id": "kernel-debug-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-debuginfo@4.18.0-193.193.1.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"product": {
"name": "kernel-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"product_id": "kernel-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo@4.18.0-193.193.1.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-common-x86_64-0:4.18.0-193.193.1.el8_2.x86_64",
"product": {
"name": "kernel-debuginfo-common-x86_64-0:4.18.0-193.193.1.el8_2.x86_64",
"product_id": "kernel-debuginfo-common-x86_64-0:4.18.0-193.193.1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo-common-x86_64@4.18.0-193.193.1.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"product": {
"name": "kernel-tools-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"product_id": "kernel-tools-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-debuginfo@4.18.0-193.193.1.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "perf-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"product": {
"name": "perf-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"product_id": "perf-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/perf-debuginfo@4.18.0-193.193.1.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-perf-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"product": {
"name": "python3-perf-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"product_id": "python3-perf-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-perf-debuginfo@4.18.0-193.193.1.el8_2?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-0:4.18.0-193.193.1.el8_2.src",
"product": {
"name": "kernel-0:4.18.0-193.193.1.el8_2.src",
"product_id": "kernel-0:4.18.0-193.193.1.el8_2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel@4.18.0-193.193.1.el8_2?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-abi-whitelists-0:4.18.0-193.193.1.el8_2.noarch",
"product": {
"name": "kernel-abi-whitelists-0:4.18.0-193.193.1.el8_2.noarch",
"product_id": "kernel-abi-whitelists-0:4.18.0-193.193.1.el8_2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-abi-whitelists@4.18.0-193.193.1.el8_2?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "kernel-doc-0:4.18.0-193.193.1.el8_2.noarch",
"product": {
"name": "kernel-doc-0:4.18.0-193.193.1.el8_2.noarch",
"product_id": "kernel-doc-0:4.18.0-193.193.1.el8_2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-doc@4.18.0-193.193.1.el8_2?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "bpftool-0:4.18.0-193.193.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.193.1.el8_2.x86_64"
},
"product_reference": "bpftool-0:4.18.0-193.193.1.el8_2.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bpftool-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64"
},
"product_reference": "bpftool-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:4.18.0-193.193.1.el8_2.src as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.193.1.el8_2.src"
},
"product_reference": "kernel-0:4.18.0-193.193.1.el8_2.src",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:4.18.0-193.193.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.193.1.el8_2.x86_64"
},
"product_reference": "kernel-0:4.18.0-193.193.1.el8_2.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-abi-whitelists-0:4.18.0-193.193.1.el8_2.noarch as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.193.1.el8_2.noarch"
},
"product_reference": "kernel-abi-whitelists-0:4.18.0-193.193.1.el8_2.noarch",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-core-0:4.18.0-193.193.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.193.1.el8_2.x86_64"
},
"product_reference": "kernel-core-0:4.18.0-193.193.1.el8_2.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-0:4.18.0-193.193.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.193.1.el8_2.x86_64"
},
"product_reference": "kernel-debug-0:4.18.0-193.193.1.el8_2.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-core-0:4.18.0-193.193.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.193.1.el8_2.x86_64"
},
"product_reference": "kernel-debug-core-0:4.18.0-193.193.1.el8_2.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64"
},
"product_reference": "kernel-debug-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-0:4.18.0-193.193.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.193.1.el8_2.x86_64"
},
"product_reference": "kernel-debug-devel-0:4.18.0-193.193.1.el8_2.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-0:4.18.0-193.193.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.193.1.el8_2.x86_64"
},
"product_reference": "kernel-debug-modules-0:4.18.0-193.193.1.el8_2.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-extra-0:4.18.0-193.193.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.193.1.el8_2.x86_64"
},
"product_reference": "kernel-debug-modules-extra-0:4.18.0-193.193.1.el8_2.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64"
},
"product_reference": "kernel-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-common-x86_64-0:4.18.0-193.193.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.193.1.el8_2.x86_64"
},
"product_reference": "kernel-debuginfo-common-x86_64-0:4.18.0-193.193.1.el8_2.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-0:4.18.0-193.193.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.193.1.el8_2.x86_64"
},
"product_reference": "kernel-devel-0:4.18.0-193.193.1.el8_2.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-doc-0:4.18.0-193.193.1.el8_2.noarch as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.193.1.el8_2.noarch"
},
"product_reference": "kernel-doc-0:4.18.0-193.193.1.el8_2.noarch",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-0:4.18.0-193.193.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.193.1.el8_2.x86_64"
},
"product_reference": "kernel-modules-0:4.18.0-193.193.1.el8_2.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-extra-0:4.18.0-193.193.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.193.1.el8_2.x86_64"
},
"product_reference": "kernel-modules-extra-0:4.18.0-193.193.1.el8_2.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-0:4.18.0-193.193.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.193.1.el8_2.x86_64"
},
"product_reference": "kernel-tools-0:4.18.0-193.193.1.el8_2.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64"
},
"product_reference": "kernel-tools-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-libs-0:4.18.0-193.193.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.193.1.el8_2.x86_64"
},
"product_reference": "kernel-tools-libs-0:4.18.0-193.193.1.el8_2.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-0:4.18.0-193.193.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.193.1.el8_2.x86_64"
},
"product_reference": "perf-0:4.18.0-193.193.1.el8_2.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64"
},
"product_reference": "perf-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-perf-0:4.18.0-193.193.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.193.1.el8_2.x86_64"
},
"product_reference": "python3-perf-0:4.18.0-193.193.1.el8_2.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-perf-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64"
},
"product_reference": "python3-perf-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-4460",
"cwe": {
"id": "CWE-1335",
"name": "Incorrect Bitwise Shift of Integer"
},
"discovery_date": "2025-10-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2400732"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u2019s AMD Kernel Fusion Driver (amdkfd) within the drm subsystem. When either get_num_sdma_queues() or get_num_xgmi_sdma_queues() returned 0, the driver performed a bit shift where the number of bits shifted equaled the operand width. Such a shift is undefined behavior in C and can lead to incorrect values being used in subsequent logic.A local user with the ability to exercise the affected kernel APIs could trigger unintended behavior in the DRM/AMD GPU driver, which may result in a kernel crash and impact system availability",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Linux kernel: integer overflow and information disclosure via undefined shift operation in drm/amdkfd",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.193.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.193.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.193.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-4460"
},
{
"category": "external",
"summary": "RHBZ#2400732",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2400732"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-4460",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4460"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-4460",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4460"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025100114-CVE-2021-4460-aa71@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025100114-CVE-2021-4460-aa71@gregkh/T"
}
],
"release_date": "2025-10-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T03:26:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.193.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.193.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.193.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64"
],
"restart_required": {
"category": "machine"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6953"
},
{
"category": "workaround",
"details": "To mitigate this issue, the `amdkfd` kernel module can be prevented from loading by blacklisting it. Create a file `/etc/modprobe.d/blacklist-amdkfd.conf` with the content `blacklist amdkfd`. A system reboot is required for this change to take effect. This may impact functionality that relies on the AMDGPU kernel graphics driver.",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.193.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.193.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.193.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.193.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.193.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.193.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Linux kernel: integer overflow and information disclosure via undefined shift operation in drm/amdkfd"
},
{
"cve": "CVE-2022-49674",
"cwe": {
"id": "CWE-805",
"name": "Buffer Access with Incorrect Length Value"
},
"discovery_date": "2025-02-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2347967"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u0027s device mapper (dm) RAID component. This vulnerability allows an attacker to cause an out-of-bounds memory access via loading a crafted dm-raid table. This may lead to a crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Linux kernel: Device Mapper RAID out-of-bounds access",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The highest threat of this flaw is to system availability. A local attacker could trigger an out-of-bounds access in the dm-raid module by loading a specially crafted dm-raid table, leading to a system crash.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.193.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.193.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.193.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-49674"
},
{
"category": "external",
"summary": "RHBZ#2347967",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2347967"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-49674",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49674"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-49674",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-49674"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025022624-CVE-2022-49674-90d4@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025022624-CVE-2022-49674-90d4@gregkh/T"
}
],
"release_date": "2025-02-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T03:26:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.193.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.193.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.193.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64"
],
"restart_required": {
"category": "machine"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6953"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.193.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.193.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.193.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Linux kernel: Device Mapper RAID out-of-bounds access"
},
{
"cve": "CVE-2025-38180",
"cwe": {
"id": "CWE-911",
"name": "Improper Update of Reference Count"
},
"discovery_date": "2025-07-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2376376"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u0027s Asynchronous Transfer Mode (ATM) subsystem. An authenticated local attacker could exploit a Use-After-Free (UAF) vulnerability in the /proc/net/atm/lec handling. This flaw occurs due to improper dev_put() calls without prior dev_hold() calls, leading to an imbalance in reference counting. Successful exploitation could allow the attacker to achieve privilege escalation or cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Linux kernel: Use-After-Free vulnerability in ATM subsystem",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.193.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.193.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.193.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-38180"
},
{
"category": "external",
"summary": "RHBZ#2376376",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2376376"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-38180",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38180"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-38180",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-38180"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2025070410-CVE-2025-38180-c6d0@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2025070410-CVE-2025-38180-c6d0@gregkh/T"
}
],
"release_date": "2025-07-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T03:26:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.193.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.193.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.193.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64"
],
"restart_required": {
"category": "machine"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6953"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.193.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.193.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.193.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Linux kernel: Use-After-Free vulnerability in ATM subsystem"
},
{
"cve": "CVE-2026-23209",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2026-02-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2439900"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free vulnerability was found in the macvlan driver. When creating a macvlan interface in source mode fails after the source MAC has been added to the hash table (e.g., due to an invalid interface name), the hash entry still references the freed net_device structure. Subsequent packets matching that source MAC trigger use-after-free in macvlan_forward_source().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: macvlan: fix error recovery in macvlan_common_newlink()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability can be exploited by a local user with CAP_NET_ADMIN to trigger use-after-free by creating a macvlan with an invalid name. The detailed reproducer and analysis were provided by a security researcher. This could potentially be used for privilege escalation via controlled memory corruption.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.193.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.193.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.193.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-23209"
},
{
"category": "external",
"summary": "RHBZ#2439900",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439900"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-23209",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23209"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-23209",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23209"
},
{
"category": "external",
"summary": "https://lore.kernel.org/linux-cve-announce/2026021439-CVE-2026-23209-9ad6@gregkh/T",
"url": "https://lore.kernel.org/linux-cve-announce/2026021439-CVE-2026-23209-9ad6@gregkh/T"
}
],
"release_date": "2026-02-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-08T03:26:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.193.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.193.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.193.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64"
],
"restart_required": {
"category": "machine"
},
"url": "https://access.redhat.com/errata/RHSA-2026:6953"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent module macvlan from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.193.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.193.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.193.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.2.0.Z.AUS:bpftool-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:bpftool-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.193.1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:kernel-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-abi-whitelists-0:4.18.0-193.193.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-core-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-core-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-devel-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debug-modules-extra-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-devel-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-doc-0:4.18.0-193.193.1.el8_2.noarch",
"BaseOS-8.2.0.Z.AUS:kernel-modules-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-modules-extra-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:kernel-tools-libs-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:perf-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-0:4.18.0-193.193.1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-perf-debuginfo-0:4.18.0-193.193.1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: macvlan: fix error recovery in macvlan_common_newlink()"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…