Red Hat Product Errata RHSA-2026:14165 - Security Advisory
Issued:
2026-05-06
Updated:
2026-05-06

RHSA-2026:14165 - Security Advisory

Synopsis

Important: kernel security update

Type/Severity

Security Advisory: Important

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kernel is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • kernel: scsi: target: iscsi: Fix use-after-free in iscsit_dec_session_usage_count() (CVE-2026-23193)
  • kernel: Linux kernel (qla2xxx): Double free vulnerability leads to denial of service and potential privilege escalation. (CVE-2025-71238)
  • kernel: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache (CVE-2026-31402)
  • kernel: crypto: algif_aead - Revert to operating out-of-place (CVE-2026-31431)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.4 x86_64
  • Red Hat Enterprise Linux Server - AUS 8.4 x86_64

Fixes

  • BZ - 2439887 - CVE-2026-23193 kernel: scsi: target: iscsi: Fix use-after-free in iscsit_dec_session_usage_count()
  • BZ - 2444398 - CVE-2025-71238 kernel: Linux kernel (qla2xxx): Double free vulnerability leads to denial of service and potential privilege escalation.
  • BZ - 2454844 - CVE-2026-31402 kernel: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache
  • BZ - 2460538 - CVE-2026-31431 kernel: crypto: algif_aead - Revert to operating out-of-place

Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.4

SRPM
kernel-4.18.0-305.190.1.el8_4.src.rpm SHA-256: b3bce762a1bbae78dff5d20d5e6d7e27a547cc371719047ef51e44d630fca395
x86_64
bpftool-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: 57e2f9d59a3ebc445f8a2ad2dcdb543ef7ade7648b3a5e58c50b84e0db3dc1d2
bpftool-debuginfo-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: 58a09d99c3dd2f741638cf36e0ebd98249428b72b3a32b3f43907310b09b4d5b
kernel-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: 18a6757a18e80e783c70dfb6c9b2b6378fc83cf0dcf6d87c85fabcc6c375e956
kernel-abi-stablelists-4.18.0-305.190.1.el8_4.noarch.rpm SHA-256: 28dd2f3a164bc2f264a148ac1d849e21cf5ec261b438cda2cec092ea6ea06f2a
kernel-core-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: 619dd5afc3d4c636ae6eeea43865f0ab57a9363cf2ecf6c1688f14e7944b2710
kernel-cross-headers-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: a67aaa53d8bdd3a24bed2fbecbad2fa79245382d6cfef318a15378b8290e9c2d
kernel-debug-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: 1acdb0e55ec11585819797e5a2d2df3d6365a54be940d6c4204c5b3081d69e83
kernel-debug-core-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: ad9b88a9f8116c24c88c9f1402d01b138a806d534929084e0c68695de98fc720
kernel-debug-debuginfo-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: 02b23b4c4312d40848bf17f413d478fa9d475e82cd39b2830a0a0211260f58de
kernel-debug-devel-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: a80df787580886005dc836ff067917b2afc57d02ca81026a1d5ceab5514e130f
kernel-debug-modules-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: 3ad80966b5fd5c9fe0868284586da2e2181abfadf62b5cf25fcdc969c2220c68
kernel-debug-modules-extra-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: e020601c39cc23fad9faedbcaf3d3109b513d748d2fa519c50dafc80f4b5e022
kernel-debuginfo-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: ea4355aa908f12ff8f6fa07a5e87b22eb09ff31fca420a3571a9a55a57cd82eb
kernel-debuginfo-common-x86_64-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: e5152e86de85e693103bb129840810055a777c91cee09e2cabd845cb466bf7e8
kernel-devel-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: 6a081b0bc0fdbf971ee3934ebdd9131dc56d192751a3750195a1655256c93e9f
kernel-doc-4.18.0-305.190.1.el8_4.noarch.rpm SHA-256: 9b8f2d9a607cc3dde5349890f9314b9e20f5870177845adca55fb2f5e2b47e75
kernel-headers-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: 3d23306574aac9bc2d5a6e686bdf44c215cabd4d09ad0f14b34c7dffced9d97b
kernel-modules-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: 2f555b15a99c0015624acfc9a6ee40cc14c5810641b1608d571d5a8055f5639e
kernel-modules-extra-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: 92e2cc5b1cd5e441ab26462ca6f68cbf0eac37985ad0dd74085a4975a976001a
kernel-tools-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: 102c8fc558b48bd58a9fc93b30acedaf70c6e7c4c01c9514d6b772ae593423f5
kernel-tools-debuginfo-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: 6ad754217a011d776c2d92d109614ce9e5887da73f467bbcb844d57b291e691c
kernel-tools-libs-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: c991c9a2d9580701f441c76ed3b99ca83c67cd52d4f931afc4851e5202a3ff69
perf-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: 86d38fc9bad31f555f4bbd04715494c917b62cf57043e85bbbdf821af789c2dd
perf-debuginfo-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: 1d4420921d930515b7e47ba90629856f259ca33a8770fe9b2439baa9b31370ee
python3-perf-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: c65d283251921ae98019c5d9fe2ecf6c64d3883995f9fbf6da98324fe9de893a
python3-perf-debuginfo-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: 740c594c94e4b895f4181fd1f4a4710d5ccd2164b02e114d7770bd159b2a9ea6

Red Hat Enterprise Linux Server - AUS 8.4

SRPM
kernel-4.18.0-305.190.1.el8_4.src.rpm SHA-256: b3bce762a1bbae78dff5d20d5e6d7e27a547cc371719047ef51e44d630fca395
x86_64
bpftool-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: 57e2f9d59a3ebc445f8a2ad2dcdb543ef7ade7648b3a5e58c50b84e0db3dc1d2
bpftool-debuginfo-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: 58a09d99c3dd2f741638cf36e0ebd98249428b72b3a32b3f43907310b09b4d5b
kernel-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: 18a6757a18e80e783c70dfb6c9b2b6378fc83cf0dcf6d87c85fabcc6c375e956
kernel-abi-stablelists-4.18.0-305.190.1.el8_4.noarch.rpm SHA-256: 28dd2f3a164bc2f264a148ac1d849e21cf5ec261b438cda2cec092ea6ea06f2a
kernel-core-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: 619dd5afc3d4c636ae6eeea43865f0ab57a9363cf2ecf6c1688f14e7944b2710
kernel-cross-headers-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: a67aaa53d8bdd3a24bed2fbecbad2fa79245382d6cfef318a15378b8290e9c2d
kernel-debug-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: 1acdb0e55ec11585819797e5a2d2df3d6365a54be940d6c4204c5b3081d69e83
kernel-debug-core-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: ad9b88a9f8116c24c88c9f1402d01b138a806d534929084e0c68695de98fc720
kernel-debug-debuginfo-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: 02b23b4c4312d40848bf17f413d478fa9d475e82cd39b2830a0a0211260f58de
kernel-debug-devel-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: a80df787580886005dc836ff067917b2afc57d02ca81026a1d5ceab5514e130f
kernel-debug-modules-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: 3ad80966b5fd5c9fe0868284586da2e2181abfadf62b5cf25fcdc969c2220c68
kernel-debug-modules-extra-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: e020601c39cc23fad9faedbcaf3d3109b513d748d2fa519c50dafc80f4b5e022
kernel-debuginfo-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: ea4355aa908f12ff8f6fa07a5e87b22eb09ff31fca420a3571a9a55a57cd82eb
kernel-debuginfo-common-x86_64-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: e5152e86de85e693103bb129840810055a777c91cee09e2cabd845cb466bf7e8
kernel-devel-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: 6a081b0bc0fdbf971ee3934ebdd9131dc56d192751a3750195a1655256c93e9f
kernel-doc-4.18.0-305.190.1.el8_4.noarch.rpm SHA-256: 9b8f2d9a607cc3dde5349890f9314b9e20f5870177845adca55fb2f5e2b47e75
kernel-headers-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: 3d23306574aac9bc2d5a6e686bdf44c215cabd4d09ad0f14b34c7dffced9d97b
kernel-modules-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: 2f555b15a99c0015624acfc9a6ee40cc14c5810641b1608d571d5a8055f5639e
kernel-modules-extra-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: 92e2cc5b1cd5e441ab26462ca6f68cbf0eac37985ad0dd74085a4975a976001a
kernel-tools-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: 102c8fc558b48bd58a9fc93b30acedaf70c6e7c4c01c9514d6b772ae593423f5
kernel-tools-debuginfo-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: 6ad754217a011d776c2d92d109614ce9e5887da73f467bbcb844d57b291e691c
kernel-tools-libs-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: c991c9a2d9580701f441c76ed3b99ca83c67cd52d4f931afc4851e5202a3ff69
perf-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: 86d38fc9bad31f555f4bbd04715494c917b62cf57043e85bbbdf821af789c2dd
perf-debuginfo-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: 1d4420921d930515b7e47ba90629856f259ca33a8770fe9b2439baa9b31370ee
python3-perf-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: c65d283251921ae98019c5d9fe2ecf6c64d3883995f9fbf6da98324fe9de893a
python3-perf-debuginfo-4.18.0-305.190.1.el8_4.x86_64.rpm SHA-256: 740c594c94e4b895f4181fd1f4a4710d5ccd2164b02e114d7770bd159b2a9ea6

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.