RLSA-2026:25121

Synopsis

Critical: kernel security update

Description

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

* kernel: geneve: Fix use-after-free in geneve_find_dev(). (CVE-2025-21858)

* kernel: smc: Fix use-after-free in tcp_write_timer_handler() (CVE-2023-53781)

* kernel: nbd: defer config unlock in nbd_genl_connect (CVE-2025-68366)

* kernel: libceph: prevent potential out-of-bounds reads in handle_auth_done() (CVE-2026-22984)

* kernel: libceph: replace overzealous BUG_ON in osdmap_apply_incremental() (CVE-2026-22990)

* kernel: netfilter: nf_tables: release flowtable after rcu grace period on error (CVE-2026-23392)

* kernel: ALSA: 6fire: fix use-after-free on disconnect (CVE-2026-31581)

* kernel: smb: client: fix OOB reads parsing symlink error response (CVE-2026-31613)

* kernel: ip6_tunnel: clear skb2->cb[] in ip4ip6_err() (CVE-2026-43037)

* kernel: ipv6: icmp: clear skb2->cb[] in ip6_err_gen_icmpv6_unreach() (CVE-2026-43038)

* kernel: dlm: validate length in dlm_search_rsb_tree (CVE-2026-43125)

* kernel: RDMA/rxe: Fix double free in rxe_srq_from_init (CVE-2026-45852)

* kernel: RDMA/mlx4: Fix mis-use of RCU in mlx4_srq_event() (CVE-2026-46181)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected products

Rocky Linux 8 aarch64 Rocky Linux 8 x86_64

Fixes

2351619 2420279 2424881 2432389 2432400 2451218 2461471 2461480 2464351 2464397 2467234 2482166 2482532

CVEs

CVE-2023-53781 CVE-2025-21858 CVE-2025-68366 CVE-2026-22984 CVE-2026-22990 CVE-2026-23392 CVE-2026-31581 CVE-2026-31613 CVE-2026-43037 CVE-2026-43038 CVE-2026-43125 CVE-2026-45852 CVE-2026-46181

Affected packages

Rocky Linux 8 x86_64 - BaseOS

kernel-core-0:4.18.0-553.132.1.el8_10.x86_64.rpm kernel-debug-0:4.18.0-553.132.1.el8_10.x86_64.rpm kernel-debug-core-0:4.18.0-553.132.1.el8_10.x86_64.rpm kernel-debug-debuginfo-0:4.18.0-553.132.1.el8_10.x86_64.rpm kernel-debug-devel-0:4.18.0-553.132.1.el8_10.x86_64.rpm kernel-debuginfo-0:4.18.0-553.132.1.el8_10.x86_64.rpm kernel-debuginfo-common-x86_64-0:4.18.0-553.132.1.el8_10.x86_64.rpm kernel-debug-modules-0:4.18.0-553.132.1.el8_10.x86_64.rpm kernel-debug-modules-extra-0:4.18.0-553.132.1.el8_10.x86_64.rpm kernel-devel-0:4.18.0-553.132.1.el8_10.x86_64.rpm kernel-doc-0:4.18.0-553.132.1.el8_10.noarch.rpm bpftool-0:4.18.0-553.132.1.el8_10.x86_64.rpm bpftool-debuginfo-0:4.18.0-553.132.1.el8_10.x86_64.rpm kernel-0:4.18.0-553.132.1.el8_10.src.rpm kernel-0:4.18.0-553.132.1.el8_10.x86_64.rpm kernel-abi-stablelists-0:4.18.0-553.132.1.el8_10.noarch.rpm kernel-modules-0:4.18.0-553.132.1.el8_10.x86_64.rpm kernel-modules-extra-0:4.18.0-553.132.1.el8_10.x86_64.rpm kernel-tools-0:4.18.0-553.132.1.el8_10.x86_64.rpm kernel-tools-debuginfo-0:4.18.0-553.132.1.el8_10.x86_64.rpm kernel-tools-libs-0:4.18.0-553.132.1.el8_10.x86_64.rpm perf-0:4.18.0-553.132.1.el8_10.x86_64.rpm perf-debuginfo-0:4.18.0-553.132.1.el8_10.x86_64.rpm python3-perf-0:4.18.0-553.132.1.el8_10.x86_64.rpm python3-perf-debuginfo-0:4.18.0-553.132.1.el8_10.x86_64.rpm

Rocky Linux 8 aarch64 - BaseOS

kernel-doc-0:4.18.0-553.132.1.el8_10.noarch.rpm kernel-debug-0:4.18.0-553.132.1.el8_10.aarch64.rpm kernel-debug-core-0:4.18.0-553.132.1.el8_10.aarch64.rpm kernel-debug-debuginfo-0:4.18.0-553.132.1.el8_10.aarch64.rpm kernel-debug-devel-0:4.18.0-553.132.1.el8_10.aarch64.rpm kernel-debuginfo-0:4.18.0-553.132.1.el8_10.aarch64.rpm kernel-debuginfo-common-aarch64-0:4.18.0-553.132.1.el8_10.aarch64.rpm kernel-debug-modules-0:4.18.0-553.132.1.el8_10.aarch64.rpm kernel-debug-modules-extra-0:4.18.0-553.132.1.el8_10.aarch64.rpm kernel-devel-0:4.18.0-553.132.1.el8_10.aarch64.rpm bpftool-0:4.18.0-553.132.1.el8_10.aarch64.rpm bpftool-debuginfo-0:4.18.0-553.132.1.el8_10.aarch64.rpm kernel-0:4.18.0-553.132.1.el8_10.aarch64.rpm kernel-0:4.18.0-553.132.1.el8_10.src.rpm kernel-abi-stablelists-0:4.18.0-553.132.1.el8_10.noarch.rpm kernel-core-0:4.18.0-553.132.1.el8_10.aarch64.rpm kernel-modules-0:4.18.0-553.132.1.el8_10.aarch64.rpm kernel-modules-extra-0:4.18.0-553.132.1.el8_10.aarch64.rpm kernel-tools-0:4.18.0-553.132.1.el8_10.aarch64.rpm kernel-tools-debuginfo-0:4.18.0-553.132.1.el8_10.aarch64.rpm kernel-tools-libs-0:4.18.0-553.132.1.el8_10.aarch64.rpm perf-0:4.18.0-553.132.1.el8_10.aarch64.rpm perf-debuginfo-0:4.18.0-553.132.1.el8_10.aarch64.rpm python3-perf-0:4.18.0-553.132.1.el8_10.aarch64.rpm python3-perf-debuginfo-0:4.18.0-553.132.1.el8_10.aarch64.rpm

Rocky Linux 8 aarch64 - PowerTools

kernel-tools-libs-devel-0:4.18.0-553.132.1.el8_10.aarch64.rpm

Rocky Linux 8 x86_64 - PowerTools

kernel-tools-libs-devel-0:4.18.0-553.132.1.el8_10.x86_64.rpm