Red Hat Product Errata RHSA-2026:0537 - Security Advisory
Issued:
2026-01-14
Updated:
2026-01-14

RHSA-2026:0537 - Security Advisory

Synopsis

Important: kernel-rt security update

Type/Severity

Security Advisory: Important

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kernel-rt is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

  • kernel: can: j1939: prevent deadlock by changing j1939_socks_lock to rwlock (CVE-2023-52638)
  • kernel: smb: client: fix potential UAF in cifs_stats_proc_write() (CVE-2024-35868)
  • kernel: Linux kernel: SCTP use-after-free due to race condition in sendmsg (CVE-2025-23142)
  • kernel: nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm() (CVE-2025-38724)
  • kernel: smb: client: fix race with concurrent opens in rename(2) (CVE-2025-39825)
  • kernel: can: j1939: implement NETDEV_UNREGISTER notification handler (CVE-2025-39925)
  • kernel: net/mlx5e: Check for NOT_READY flag state after locking (CVE-2023-53581)
  • kernel: NFSD: Avoid calling OPDESC() with ops->opnum == OP_ILLEGAL (CVE-2023-53680)
  • kernel: scsi: ses: Fix possible desc_ptr out-of-bounds accesses (CVE-2023-53675)
  • kernel: Bluetooth: hci_event: Fix UAF in hci_acl_create_conn_sync (CVE-2025-39982)
  • kernel: ipv6: Fix out-of-bounds access in ipv6_find_tlv() (CVE-2023-53705)
  • kernel: usb: dwc3: Fix race condition between concurrent dwc3_remove_requests() call paths (CVE-2025-68287)
  • kernel: libceph: fix potential use-after-free in have_mon_and_osd_map() (CVE-2025-68285)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0 x86_64

Fixes

  • BZ - 2273082 - CVE-2023-52638 kernel: can: j1939: prevent deadlock by changing j1939_socks_lock to rwlock
  • BZ - 2281745 - CVE-2024-35868 kernel: smb: client: fix potential UAF in cifs_stats_proc_write()
  • BZ - 2363300 - CVE-2025-23142 kernel: Linux kernel: SCTP use-after-free due to race condition in sendmsg
  • BZ - 2393172 - CVE-2025-38724 kernel: nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm()
  • BZ - 2395792 - CVE-2025-39825 kernel: smb: client: fix race with concurrent opens in rename(2)
  • BZ - 2400629 - CVE-2025-39925 kernel: can: j1939: implement NETDEV_UNREGISTER notification handler
  • BZ - 2401545 - CVE-2023-53581 kernel: net/mlx5e: Check for NOT_READY flag state after locking
  • BZ - 2402213 - CVE-2023-53680 kernel: NFSD: Avoid calling OPDESC() with ops->opnum == OP_ILLEGAL
  • BZ - 2402293 - CVE-2023-53675 kernel: scsi: ses: Fix possible desc_ptr out-of-bounds accesses
  • BZ - 2404100 - CVE-2025-39982 kernel: Bluetooth: hci_event: Fix UAF in hci_acl_create_conn_sync
  • BZ - 2405713 - CVE-2023-53705 kernel: ipv6: Fix out-of-bounds access in ipv6_find_tlv()
  • BZ - 2422788 - CVE-2025-68287 kernel: usb: dwc3: Fix race condition between concurrent dwc3_remove_requests() call paths
  • BZ - 2422801 - CVE-2025-68285 kernel: libceph: fix potential use-after-free in have_mon_and_osd_map()

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0

SRPM
kernel-rt-5.14.0-70.161.1.rt21.233.el9_0.src.rpm SHA-256: 86036cb87963bc208d6e48becc86be5e444773113ab35070b28c6ddb891fef46
x86_64
kernel-rt-5.14.0-70.161.1.rt21.233.el9_0.x86_64.rpm SHA-256: 325ea7e922261ab34526ba28ae31f5a079fc386ef6551e536aaf976827268b28
kernel-rt-5.14.0-70.161.1.rt21.233.el9_0.x86_64.rpm SHA-256: 325ea7e922261ab34526ba28ae31f5a079fc386ef6551e536aaf976827268b28
kernel-rt-core-5.14.0-70.161.1.rt21.233.el9_0.x86_64.rpm SHA-256: a380869fa5cb5918a22ca12c925ebdf7eedbaec38f8dd040bad92df8917b5739
kernel-rt-core-5.14.0-70.161.1.rt21.233.el9_0.x86_64.rpm SHA-256: a380869fa5cb5918a22ca12c925ebdf7eedbaec38f8dd040bad92df8917b5739
kernel-rt-debug-5.14.0-70.161.1.rt21.233.el9_0.x86_64.rpm SHA-256: 2a669f2eed3d83c73880ef0400dc352e31f31284d8533fe5c369715129379ebb
kernel-rt-debug-5.14.0-70.161.1.rt21.233.el9_0.x86_64.rpm SHA-256: 2a669f2eed3d83c73880ef0400dc352e31f31284d8533fe5c369715129379ebb
kernel-rt-debug-core-5.14.0-70.161.1.rt21.233.el9_0.x86_64.rpm SHA-256: 61bbda0aff1c803a4d2df7be4c1032bd582ef989905368e8b3fb3c18e16f608f
kernel-rt-debug-core-5.14.0-70.161.1.rt21.233.el9_0.x86_64.rpm SHA-256: 61bbda0aff1c803a4d2df7be4c1032bd582ef989905368e8b3fb3c18e16f608f
kernel-rt-debug-debuginfo-5.14.0-70.161.1.rt21.233.el9_0.x86_64.rpm SHA-256: 4af710beeeccee9ebe12b9f71372219d4703b9fd00fa86b208bc046e36d436be
kernel-rt-debug-debuginfo-5.14.0-70.161.1.rt21.233.el9_0.x86_64.rpm SHA-256: 4af710beeeccee9ebe12b9f71372219d4703b9fd00fa86b208bc046e36d436be
kernel-rt-debug-devel-5.14.0-70.161.1.rt21.233.el9_0.x86_64.rpm SHA-256: 277ef0ad47d290a3a4a8b94e4cea62704a87dcfd1c98dd5d98207c891adf4ab8
kernel-rt-debug-devel-5.14.0-70.161.1.rt21.233.el9_0.x86_64.rpm SHA-256: 277ef0ad47d290a3a4a8b94e4cea62704a87dcfd1c98dd5d98207c891adf4ab8
kernel-rt-debug-kvm-5.14.0-70.161.1.rt21.233.el9_0.x86_64.rpm SHA-256: f9dd04bded7ddc3fc2f5c19e769122645a9eda4fa1214125fbcc79f24d3d5d05
kernel-rt-debug-modules-5.14.0-70.161.1.rt21.233.el9_0.x86_64.rpm SHA-256: bb6bd5f78ee25b2361759c6ccc31c7feb5f5793f7fb612a2ddbfb1868ae6bd67
kernel-rt-debug-modules-5.14.0-70.161.1.rt21.233.el9_0.x86_64.rpm SHA-256: bb6bd5f78ee25b2361759c6ccc31c7feb5f5793f7fb612a2ddbfb1868ae6bd67
kernel-rt-debug-modules-extra-5.14.0-70.161.1.rt21.233.el9_0.x86_64.rpm SHA-256: 7ff57a65e9631966cd855f8de77ab3bd44d300242c48ac1762ce8f2eaaebc7f2
kernel-rt-debug-modules-extra-5.14.0-70.161.1.rt21.233.el9_0.x86_64.rpm SHA-256: 7ff57a65e9631966cd855f8de77ab3bd44d300242c48ac1762ce8f2eaaebc7f2
kernel-rt-debuginfo-5.14.0-70.161.1.rt21.233.el9_0.x86_64.rpm SHA-256: bbee26c5d823bed55440eb8669263376be225fc730da9ed3535ec0cfbdf33ce7
kernel-rt-debuginfo-5.14.0-70.161.1.rt21.233.el9_0.x86_64.rpm SHA-256: bbee26c5d823bed55440eb8669263376be225fc730da9ed3535ec0cfbdf33ce7
kernel-rt-debuginfo-common-x86_64-5.14.0-70.161.1.rt21.233.el9_0.x86_64.rpm SHA-256: cdc7a6192f6aba0d2a77757822097670c6aa4414af75e37ea185cb825ca3b187
kernel-rt-debuginfo-common-x86_64-5.14.0-70.161.1.rt21.233.el9_0.x86_64.rpm SHA-256: cdc7a6192f6aba0d2a77757822097670c6aa4414af75e37ea185cb825ca3b187
kernel-rt-devel-5.14.0-70.161.1.rt21.233.el9_0.x86_64.rpm SHA-256: f9a29ceeed56131094b652c8a51f178e06a62a204e78a0fba3efc1e497774a7c
kernel-rt-devel-5.14.0-70.161.1.rt21.233.el9_0.x86_64.rpm SHA-256: f9a29ceeed56131094b652c8a51f178e06a62a204e78a0fba3efc1e497774a7c
kernel-rt-kvm-5.14.0-70.161.1.rt21.233.el9_0.x86_64.rpm SHA-256: c287c4902b02f8bd82496bd8b7c78886f94bacf4be2c2f2a145511e828bb2ce1
kernel-rt-modules-5.14.0-70.161.1.rt21.233.el9_0.x86_64.rpm SHA-256: ad232650e4352111bfa25bfcef1f57387cfb4bcc70dcb5ed875a4e9d15897778
kernel-rt-modules-5.14.0-70.161.1.rt21.233.el9_0.x86_64.rpm SHA-256: ad232650e4352111bfa25bfcef1f57387cfb4bcc70dcb5ed875a4e9d15897778
kernel-rt-modules-extra-5.14.0-70.161.1.rt21.233.el9_0.x86_64.rpm SHA-256: 49883642e2ecf27ecdf22cf7f13bc8fd72c5e02f3a7886d7576353ef9e610aa3
kernel-rt-modules-extra-5.14.0-70.161.1.rt21.233.el9_0.x86_64.rpm SHA-256: 49883642e2ecf27ecdf22cf7f13bc8fd72c5e02f3a7886d7576353ef9e610aa3

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.