[Apollo] Advisories Statistics light light Login

RLSA-2026:27789

Security Mirrored from RHSA-2026:27789
Issued at: 2026-06-25
Updated at: 2026-06-25

Synopsis

Important: kernel security, bug fix, and enhancement update



Description

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

* kernel: can: isotp: fix tx.buf use-after-free in isotp_sendmsg() (CVE-2026-31474)

* kernel: mptcp: fix slab-use-after-free in __inet_lookup_established (CVE-2026-31669)

* kernel: xen/privcmd: fix double free via VMA splitting (CVE-2026-31787)

* kernel: Bluetooth: hci_sync: fix stack buffer overflow in hci_le_big_create_sync (CVE-2026-31772)

* kernel: bnxt_en: Fix RSS context delete logic (CVE-2026-43260)

* kernel: ALSA: usb-audio: Add sanity check for OOB writes at silencing (CVE-2026-43279)

* kernel: scsi: qla2xxx: Completely fix fcport double free (CVE-2026-43414)

* kernel: net/sched: act_pedit: extend the writable skb range per key (CVE-2026-46331)

* kernel: gfs2: Fix use-after-free in iomap inline data write path (CVE-2026-45984)

* kernel: Bluetooth: hci_event: fix potential UAF in SSP passkey handlers (CVE-2026-46056)

* kernel: wifi: mac80211: drop stray 'static' from fast-RX rx_result (CVE-2026-46152)

* kernel: RDMA/mana: Remove user triggerable WARN_ON() in mana_ib_create_qp_rss() (CVE-2026-46117)

* kernel: RDMA/mana: Validate rx_hash_key_len (CVE-2026-46145)

* kernel: wifi: mac80211: remove station if connection prep fails (CVE-2026-46125)

* kernel: exit: prevent preemption of oopsing TASK_DEAD task (CVE-2026-46173)

* kernel: wifi: mac80211: use safe list iteration in radar detect work (CVE-2026-46166)

* kernel: nvmet-tcp: fix race between ICReq handling and queue teardown (CVE-2026-46135)

Bug Fix(es) and Enhancement(s):

* Rocky Linux9.4 - s390/ap: Expose ap_bindings_complete_count counter via sysfs [rhel-9.8.z] (JIRA:Rocky Linux-166048)

* [Rocky Linux 9.8] Hung tasks during both suspend and hibernate operations on systems with Intel E810 NICs [rhel-9.8.z] (JIRA:Rocky Linux-175699)

* DPLL: Add support for pin operational state [rhel-9.8.z] (JIRA:Rocky Linux-175820)

* DPLL: Add support for fractional frequency offset between pin and device [rhel-9.8.z] (JIRA:Rocky Linux-175823)

* ibmveth Adapter Freeze with Small MSS [rhel-9.8.z] (JIRA:Rocky Linux-178308)

* Rocky Linux9.4 - s390/mm: Add missing secure storage access fixups [rhel-9.8.z] (JIRA:Rocky Linux-183317)

* rbd: eliminate a race in lock_dwork draining on unmap [rhel-9.8.z] (JIRA:Rocky Linux-183130)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.



Affected products

Rocky Linux 9 aarch64 Rocky Linux 9 ppc64le Rocky Linux 9 s390x Rocky Linux 9 x86_64

Fixes

2460646 2461503 2464092 2464502 2467083 2467215 2468155 2479492 2481922 2482181 2482563 2482576 2482581 2482608 2482634 2482645 2482654

CVEs

CVE-2026-31474 CVE-2026-31669 CVE-2026-31772 CVE-2026-31787 CVE-2026-43260 CVE-2026-43279 CVE-2026-43414 CVE-2026-45984 CVE-2026-46056 CVE-2026-46117 CVE-2026-46125 CVE-2026-46135 CVE-2026-46145 CVE-2026-46152 CVE-2026-46166 CVE-2026-46173 CVE-2026-46331

Affected packages

Rocky Linux 9 aarch64 - BaseOS

kernel-0:5.14.0-687.17.1.el9_8.aarch64.rpm kernel-0:5.14.0-687.17.1.el9_8.src.rpm kernel-64k-0:5.14.0-687.17.1.el9_8.aarch64.rpm kernel-64k-core-0:5.14.0-687.17.1.el9_8.aarch64.rpm kernel-64k-debug-0:5.14.0-687.17.1.el9_8.aarch64.rpm kernel-64k-debug-core-0:5.14.0-687.17.1.el9_8.aarch64.rpm kernel-64k-debug-debuginfo-0:5.14.0-687.17.1.el9_8.aarch64.rpm kernel-64k-debuginfo-0:5.14.0-687.17.1.el9_8.aarch64.rpm kernel-64k-debug-modules-0:5.14.0-687.17.1.el9_8.aarch64.rpm kernel-64k-debug-modules-core-0:5.14.0-687.17.1.el9_8.aarch64.rpm kernel-64k-debug-modules-extra-0:5.14.0-687.17.1.el9_8.aarch64.rpm kernel-64k-modules-0:5.14.0-687.17.1.el9_8.aarch64.rpm kernel-64k-modules-core-0:5.14.0-687.17.1.el9_8.aarch64.rpm kernel-64k-modules-extra-0:5.14.0-687.17.1.el9_8.aarch64.rpm kernel-abi-stablelists-0:5.14.0-687.17.1.el9_8.noarch.rpm kernel-core-0:5.14.0-687.17.1.el9_8.aarch64.rpm kernel-debug-0:5.14.0-687.17.1.el9_8.aarch64.rpm kernel-debug-core-0:5.14.0-687.17.1.el9_8.aarch64.rpm kernel-debug-debuginfo-0:5.14.0-687.17.1.el9_8.aarch64.rpm kernel-debuginfo-0:5.14.0-687.17.1.el9_8.aarch64.rpm kernel-debuginfo-common-aarch64-0:5.14.0-687.17.1.el9_8.aarch64.rpm kernel-debug-modules-0:5.14.0-687.17.1.el9_8.aarch64.rpm kernel-debug-modules-core-0:5.14.0-687.17.1.el9_8.aarch64.rpm kernel-debug-modules-extra-0:5.14.0-687.17.1.el9_8.aarch64.rpm kernel-modules-0:5.14.0-687.17.1.el9_8.aarch64.rpm kernel-modules-core-0:5.14.0-687.17.1.el9_8.aarch64.rpm kernel-modules-extra-0:5.14.0-687.17.1.el9_8.aarch64.rpm kernel-tools-0:5.14.0-687.17.1.el9_8.aarch64.rpm kernel-tools-debuginfo-0:5.14.0-687.17.1.el9_8.aarch64.rpm kernel-tools-libs-0:5.14.0-687.17.1.el9_8.aarch64.rpm

Rocky Linux 9 x86_64 - BaseOS

kernel-0:5.14.0-687.17.1.el9_8.src.rpm kernel-0:5.14.0-687.17.1.el9_8.x86_64.rpm kernel-abi-stablelists-0:5.14.0-687.17.1.el9_8.noarch.rpm kernel-core-0:5.14.0-687.17.1.el9_8.x86_64.rpm kernel-debug-0:5.14.0-687.17.1.el9_8.x86_64.rpm kernel-debug-core-0:5.14.0-687.17.1.el9_8.x86_64.rpm kernel-debug-debuginfo-0:5.14.0-687.17.1.el9_8.x86_64.rpm kernel-debuginfo-0:5.14.0-687.17.1.el9_8.x86_64.rpm kernel-debuginfo-common-x86_64-0:5.14.0-687.17.1.el9_8.x86_64.rpm kernel-debug-modules-0:5.14.0-687.17.1.el9_8.x86_64.rpm kernel-debug-modules-core-0:5.14.0-687.17.1.el9_8.x86_64.rpm kernel-debug-modules-extra-0:5.14.0-687.17.1.el9_8.x86_64.rpm kernel-debug-uki-virt-0:5.14.0-687.17.1.el9_8.x86_64.rpm kernel-modules-0:5.14.0-687.17.1.el9_8.x86_64.rpm kernel-modules-core-0:5.14.0-687.17.1.el9_8.x86_64.rpm kernel-modules-extra-0:5.14.0-687.17.1.el9_8.x86_64.rpm kernel-tools-0:5.14.0-687.17.1.el9_8.x86_64.rpm kernel-tools-debuginfo-0:5.14.0-687.17.1.el9_8.x86_64.rpm kernel-tools-libs-0:5.14.0-687.17.1.el9_8.x86_64.rpm kernel-uki-virt-0:5.14.0-687.17.1.el9_8.x86_64.rpm kernel-uki-virt-addons-0:5.14.0-687.17.1.el9_8.x86_64.rpm

Rocky Linux 9 s390x - BaseOS

kernel-0:5.14.0-687.17.1.el9_8.src.rpm kernel-abi-stablelists-0:5.14.0-687.17.1.el9_8.noarch.rpm

Rocky Linux 9 ppc64le - BaseOS

kernel-0:5.14.0-687.17.1.el9_8.src.rpm kernel-abi-stablelists-0:5.14.0-687.17.1.el9_8.noarch.rpm

Rocky Linux 9 aarch64 - AppStream

kernel-64k-debug-devel-0:5.14.0-687.17.1.el9_8.aarch64.rpm kernel-64k-debug-devel-matched-0:5.14.0-687.17.1.el9_8.aarch64.rpm kernel-64k-devel-0:5.14.0-687.17.1.el9_8.aarch64.rpm kernel-64k-devel-matched-0:5.14.0-687.17.1.el9_8.aarch64.rpm kernel-debug-devel-0:5.14.0-687.17.1.el9_8.aarch64.rpm kernel-debug-devel-matched-0:5.14.0-687.17.1.el9_8.aarch64.rpm kernel-devel-0:5.14.0-687.17.1.el9_8.aarch64.rpm kernel-devel-matched-0:5.14.0-687.17.1.el9_8.aarch64.rpm kernel-doc-0:5.14.0-687.17.1.el9_8.noarch.rpm perf-0:5.14.0-687.17.1.el9_8.aarch64.rpm perf-debuginfo-0:5.14.0-687.17.1.el9_8.aarch64.rpm python3-perf-0:5.14.0-687.17.1.el9_8.aarch64.rpm python3-perf-debuginfo-0:5.14.0-687.17.1.el9_8.aarch64.rpm rtla-0:5.14.0-687.17.1.el9_8.aarch64.rpm rv-0:5.14.0-687.17.1.el9_8.aarch64.rpm

Rocky Linux 9 x86_64 - AppStream

kernel-debug-devel-0:5.14.0-687.17.1.el9_8.x86_64.rpm kernel-debug-devel-matched-0:5.14.0-687.17.1.el9_8.x86_64.rpm kernel-devel-0:5.14.0-687.17.1.el9_8.x86_64.rpm kernel-devel-matched-0:5.14.0-687.17.1.el9_8.x86_64.rpm kernel-doc-0:5.14.0-687.17.1.el9_8.noarch.rpm perf-0:5.14.0-687.17.1.el9_8.x86_64.rpm perf-debuginfo-0:5.14.0-687.17.1.el9_8.x86_64.rpm python3-perf-0:5.14.0-687.17.1.el9_8.x86_64.rpm python3-perf-debuginfo-0:5.14.0-687.17.1.el9_8.x86_64.rpm rtla-0:5.14.0-687.17.1.el9_8.x86_64.rpm rv-0:5.14.0-687.17.1.el9_8.x86_64.rpm

Rocky Linux 9 s390x - AppStream

kernel-doc-0:5.14.0-687.17.1.el9_8.noarch.rpm

Rocky Linux 9 ppc64le - AppStream

kernel-doc-0:5.14.0-687.17.1.el9_8.noarch.rpm

Rocky Linux 9 x86_64 - NFV

kernel-rt-0:5.14.0-687.17.1.el9_8.x86_64.rpm kernel-rt-core-0:5.14.0-687.17.1.el9_8.x86_64.rpm kernel-rt-debug-0:5.14.0-687.17.1.el9_8.x86_64.rpm kernel-rt-debug-core-0:5.14.0-687.17.1.el9_8.x86_64.rpm kernel-rt-debug-debuginfo-0:5.14.0-687.17.1.el9_8.x86_64.rpm kernel-rt-debug-devel-0:5.14.0-687.17.1.el9_8.x86_64.rpm kernel-rt-debuginfo-0:5.14.0-687.17.1.el9_8.x86_64.rpm kernel-rt-debug-modules-0:5.14.0-687.17.1.el9_8.x86_64.rpm kernel-rt-debug-modules-core-0:5.14.0-687.17.1.el9_8.x86_64.rpm kernel-rt-debug-modules-extra-0:5.14.0-687.17.1.el9_8.x86_64.rpm kernel-rt-devel-0:5.14.0-687.17.1.el9_8.x86_64.rpm kernel-rt-modules-0:5.14.0-687.17.1.el9_8.x86_64.rpm kernel-rt-modules-core-0:5.14.0-687.17.1.el9_8.x86_64.rpm kernel-rt-modules-extra-0:5.14.0-687.17.1.el9_8.x86_64.rpm

Rocky Linux 9 x86_64 - RT

kernel-rt-0:5.14.0-687.17.1.el9_8.x86_64.rpm kernel-rt-core-0:5.14.0-687.17.1.el9_8.x86_64.rpm kernel-rt-debug-0:5.14.0-687.17.1.el9_8.x86_64.rpm kernel-rt-debug-core-0:5.14.0-687.17.1.el9_8.x86_64.rpm kernel-rt-debug-debuginfo-0:5.14.0-687.17.1.el9_8.x86_64.rpm kernel-rt-debug-devel-0:5.14.0-687.17.1.el9_8.x86_64.rpm kernel-rt-debuginfo-0:5.14.0-687.17.1.el9_8.x86_64.rpm kernel-rt-debug-modules-0:5.14.0-687.17.1.el9_8.x86_64.rpm kernel-rt-debug-modules-core-0:5.14.0-687.17.1.el9_8.x86_64.rpm kernel-rt-debug-modules-extra-0:5.14.0-687.17.1.el9_8.x86_64.rpm kernel-rt-devel-0:5.14.0-687.17.1.el9_8.x86_64.rpm kernel-rt-modules-0:5.14.0-687.17.1.el9_8.x86_64.rpm kernel-rt-modules-core-0:5.14.0-687.17.1.el9_8.x86_64.rpm kernel-rt-modules-extra-0:5.14.0-687.17.1.el9_8.x86_64.rpm

Rocky Linux 9 aarch64 - RT

kernel-rt-64k-0:5.14.0-687.17.1.el9_8.aarch64.rpm kernel-rt-64k-core-0:5.14.0-687.17.1.el9_8.aarch64.rpm kernel-rt-64k-debug-0:5.14.0-687.17.1.el9_8.aarch64.rpm kernel-rt-64k-debug-core-0:5.14.0-687.17.1.el9_8.aarch64.rpm kernel-rt-64k-debug-debuginfo-0:5.14.0-687.17.1.el9_8.aarch64.rpm kernel-rt-64k-debug-devel-0:5.14.0-687.17.1.el9_8.aarch64.rpm kernel-rt-64k-debuginfo-0:5.14.0-687.17.1.el9_8.aarch64.rpm kernel-rt-64k-debug-modules-0:5.14.0-687.17.1.el9_8.aarch64.rpm kernel-rt-64k-debug-modules-core-0:5.14.0-687.17.1.el9_8.aarch64.rpm kernel-rt-64k-debug-modules-extra-0:5.14.0-687.17.1.el9_8.aarch64.rpm kernel-rt-64k-devel-0:5.14.0-687.17.1.el9_8.aarch64.rpm kernel-rt-64k-modules-0:5.14.0-687.17.1.el9_8.aarch64.rpm kernel-rt-64k-modules-core-0:5.14.0-687.17.1.el9_8.aarch64.rpm kernel-rt-64k-modules-extra-0:5.14.0-687.17.1.el9_8.aarch64.rpm

Rocky Linux 9 aarch64 - CRB

kernel-tools-libs-devel-0:5.14.0-687.17.1.el9_8.aarch64.rpm libperf-0:5.14.0-687.17.1.el9_8.aarch64.rpm libperf-debuginfo-0:5.14.0-687.17.1.el9_8.aarch64.rpm

Rocky Linux 9 x86_64 - CRB

kernel-tools-libs-devel-0:5.14.0-687.17.1.el9_8.x86_64.rpm libperf-0:5.14.0-687.17.1.el9_8.x86_64.rpm libperf-debuginfo-0:5.14.0-687.17.1.el9_8.x86_64.rpm