Red Hat Product Errata RHSA-2026:0643 - Security Advisory
Issued:
2026-01-15
Updated:
2026-01-15

RHSA-2026:0643 - Security Advisory

Synopsis

Important: kernel security update

Type/Severity

Security Advisory: Important

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kernel is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • kernel: smb: client: Fix use-after-free in cifs_fill_dirent (CVE-2025-38051)
  • kernel: scsi: qla2xxx: Wait for io return on terminate rport (CVE-2023-53322)
  • kernel: scsi: ses: Fix possible desc_ptr out-of-bounds accesses (CVE-2023-53675)
  • kernel: i40e: fix idx validation in config queues msg (CVE-2025-39971)
  • kernel: libceph: fix potential use-after-free in have_mon_and_osd_map() (CVE-2025-68285)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux Server - AUS 8.2 x86_64

Fixes

  • BZ - 2373329 - CVE-2025-38051 kernel: smb: client: Fix use-after-free in cifs_fill_dirent
  • BZ - 2395891 - CVE-2023-53322 kernel: scsi: qla2xxx: Wait for io return on terminate rport
  • BZ - 2402293 - CVE-2023-53675 kernel: scsi: ses: Fix possible desc_ptr out-of-bounds accesses
  • BZ - 2404108 - CVE-2025-39971 kernel: i40e: fix idx validation in config queues msg
  • BZ - 2422801 - CVE-2025-68285 kernel: libceph: fix potential use-after-free in have_mon_and_osd_map()

Red Hat Enterprise Linux Server - AUS 8.2

SRPM
kernel-4.18.0-193.181.1.el8_2.src.rpm SHA-256: 08124450c1df6d35a7bbaf3df3a2229df305af3efaeb4f7af0952ad46f796e5f
x86_64
bpftool-4.18.0-193.181.1.el8_2.x86_64.rpm SHA-256: baa3c998cf0ab934ded44237e8f0988c68ae9b6056d303adf8a5246b33417b35
bpftool-debuginfo-4.18.0-193.181.1.el8_2.x86_64.rpm SHA-256: 42ad7c19cf74e89b07885384108b7dc79f5621c5afd1237ac3a1b1c6f207f460
kernel-4.18.0-193.181.1.el8_2.x86_64.rpm SHA-256: dc3896e7bc134e4106f9c7272b05396d000f071156ddd4273afeaea5d68667b3
kernel-abi-whitelists-4.18.0-193.181.1.el8_2.noarch.rpm SHA-256: 309c88345136663ad40014a70f34d34d9023ca3b139931cb84c2122012917802
kernel-core-4.18.0-193.181.1.el8_2.x86_64.rpm SHA-256: 88b4e7cf86c6c6159795fd8a26383e3dcac975ad25ec3297d3bcc7642ea35ae7
kernel-cross-headers-4.18.0-193.181.1.el8_2.x86_64.rpm SHA-256: 4b7b743cafe91d59ccdce4afce406840209fe84dc1e78baaaab99907f4f3dd09
kernel-debug-4.18.0-193.181.1.el8_2.x86_64.rpm SHA-256: d1a6fdc7a60e4117caa7f4fb1d8f74eb43d715a60826119e8ab794ca663c973c
kernel-debug-core-4.18.0-193.181.1.el8_2.x86_64.rpm SHA-256: a72cc098964449c746b1504b96e62df32a06c4b3aae8724168055ed76b6698ff
kernel-debug-debuginfo-4.18.0-193.181.1.el8_2.x86_64.rpm SHA-256: dd3ba62f26be27f2f19d2c729290deaa4f94d10e5953ba0c9f2fb100751c2b9d
kernel-debug-devel-4.18.0-193.181.1.el8_2.x86_64.rpm SHA-256: 501bcd814f69e86db725065148869c79cc154f6791000f1cbce7de174b7624be
kernel-debug-modules-4.18.0-193.181.1.el8_2.x86_64.rpm SHA-256: f63e8bd2d71033ad767f0ca3a8436e09c67e941eb0dc641a04bfd42c93a1a339
kernel-debug-modules-extra-4.18.0-193.181.1.el8_2.x86_64.rpm SHA-256: d8b7d7f6e68b22b83dde9e312d42ca27060bd06dac720f2f3cae8d78a00270bc
kernel-debuginfo-4.18.0-193.181.1.el8_2.x86_64.rpm SHA-256: 275c793e7341b6e374126c5c8917cd239588d58a796c12c06c4435ad78badabc
kernel-debuginfo-common-x86_64-4.18.0-193.181.1.el8_2.x86_64.rpm SHA-256: 551c7e8fd3af004ec653c67e8a4ec3775a7d26c6a5f70886c4e42385e4069188
kernel-devel-4.18.0-193.181.1.el8_2.x86_64.rpm SHA-256: 0dab9c225a3d01770dc0933d46e20431c50deefc3d075a0bc288101264f8d0d8
kernel-doc-4.18.0-193.181.1.el8_2.noarch.rpm SHA-256: 966f6b07bc9cee7f2e0080880297d99077bf6abeb1dd1754360254a438a50e1c
kernel-headers-4.18.0-193.181.1.el8_2.x86_64.rpm SHA-256: 5415a83f36804a81699c03944802654e79190da688485cf96097bfd337573e96
kernel-modules-4.18.0-193.181.1.el8_2.x86_64.rpm SHA-256: 6d19174eea2cab30010bf721a60e2ba04e3cbbc7c7b8e112cfce33656293b01e
kernel-modules-extra-4.18.0-193.181.1.el8_2.x86_64.rpm SHA-256: 12a2c79e2327023f755938321285c942ec66e5073062ec00434273ae47818a9f
kernel-tools-4.18.0-193.181.1.el8_2.x86_64.rpm SHA-256: 4cf04b5dd4cf17154475e5340b9890f1d9044dfa8be2c957f32f3c1031f2ed77
kernel-tools-debuginfo-4.18.0-193.181.1.el8_2.x86_64.rpm SHA-256: 8770b15ef4848438db4e6d219ccbf9e7943b1558f978eabb35196c7eefae78fd
kernel-tools-libs-4.18.0-193.181.1.el8_2.x86_64.rpm SHA-256: 0c287ca553e39db3914fb7020b1df7dbf21795ae7c6e3179b1cc39273f575b39
perf-4.18.0-193.181.1.el8_2.x86_64.rpm SHA-256: 0bdcf44146c425fb187fa4a89e9881185cc6f47d15e54d4f58092def8e6a9624
perf-debuginfo-4.18.0-193.181.1.el8_2.x86_64.rpm SHA-256: ee2255fb7019a043f4a4ef95614949ccc4013d312ef3a2234ec991b3b57aa31d
python3-perf-4.18.0-193.181.1.el8_2.x86_64.rpm SHA-256: 68c251e3081142abd0477f47cb676620d1fb075d8e393db2140d06599302e25d
python3-perf-debuginfo-4.18.0-193.181.1.el8_2.x86_64.rpm SHA-256: 3eee6f3ba2fab402bab003f27ae711fe283aa5787cc88cae3a9cd9735b81ebea

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.