Red Hat Product Errata RHSA-2026:1661 - Security Advisory
Issued:
2026-02-02
Updated:
2026-02-02

RHSA-2026:1661 - Security Advisory

Synopsis

Moderate: kernel-rt security update

Type/Severity

Security Advisory: Moderate

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kernel-rt is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

  • kernel: IB/hfi1: Fix sdma.h tx->num_descs off-by-one error (CVE-2024-26766)
  • kernel: RDMA/core: Fix "KASAN: slab-use-after-free Read in ib_register_device" problem (CVE-2025-38022)
  • kernel: Linux kernel: RDMA/rxe use-after-free vulnerability leading to potential arbitrary code execution (CVE-2025-38024)
  • kernel: Linux kernel: Memory corruption in Squashfs due to incorrect block size calculation (CVE-2025-38415)
  • kernel: Linux kernel: Denial of Service in ATM CLIP module via infinite recursion (CVE-2025-38459)
  • kernel: Linux kernel: Denial of Service via out-of-bounds read in USB configuration parsing (CVE-2025-39760)
  • kernel: mptcp: fix race condition in mptcp_schedule_work() (CVE-2025-40258)
  • kernel: Linux kernel: Use-after-free in proc_readdir_de() can lead to privilege escalation or denial of service. (CVE-2025-40271)
  • kernel: Linux kernel: Information disclosure and denial of service via out-of-bounds read in font glyph handling (CVE-2025-40322)
  • kernel: tcp: fix a signed-integer-overflow bug in tcp_add_backlog() (CVE-2022-50865)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux for Real Time 8 x86_64
  • Red Hat Enterprise Linux for Real Time for NFV 8 x86_64

Fixes

  • BZ - 2273187 - CVE-2024-26766 kernel: IB/hfi1: Fix sdma.h tx->num_descs off-by-one error
  • BZ - 2373326 - CVE-2025-38022 kernel: RDMA/core: Fix "KASAN: slab-use-after-free Read in ib_register_device" problem
  • BZ - 2373354 - CVE-2025-38024 kernel: Linux kernel: RDMA/rxe use-after-free vulnerability leading to potential arbitrary code execution
  • BZ - 2383404 - CVE-2025-38415 kernel: Linux kernel: Memory corruption in Squashfs due to incorrect block size calculation
  • BZ - 2383487 - CVE-2025-38459 kernel: Linux kernel: Denial of Service in ATM CLIP module via infinite recursion
  • BZ - 2394601 - CVE-2025-39760 kernel: Linux kernel: Denial of Service via out-of-bounds read in USB configuration parsing
  • BZ - 2418876 - CVE-2025-40258 kernel: mptcp: fix race condition in mptcp_schedule_work()
  • BZ - 2419837 - CVE-2025-40271 kernel: Linux kernel: Use-after-free in proc_readdir_de() can lead to privilege escalation or denial of service.
  • BZ - 2419902 - CVE-2025-40322 kernel: Linux kernel: Information disclosure and denial of service via out-of-bounds read in font glyph handling
  • BZ - 2426226 - CVE-2022-50865 kernel: tcp: fix a signed-integer-overflow bug in tcp_add_backlog()

Red Hat Enterprise Linux for Real Time 8

SRPM
kernel-rt-4.18.0-553.100.1.rt7.441.el8_10.src.rpm SHA-256: ff98bb4724dcb85f4b586f13b02bd5b3d12df93c055e181dadc7663d776cae71
x86_64
kernel-rt-4.18.0-553.100.1.rt7.441.el8_10.x86_64.rpm SHA-256: 5f413bbb42990001eb856527503144f72cd6dd2aed501be39ceb58d3c57d7845
kernel-rt-core-4.18.0-553.100.1.rt7.441.el8_10.x86_64.rpm SHA-256: bc149aad19a9dcf9ae94af76b08958b1c05d4ed406bcf99e752c68a04add3e3d
kernel-rt-debug-4.18.0-553.100.1.rt7.441.el8_10.x86_64.rpm SHA-256: d5809a257bd8a1cf5070264449cc8378ad7546ad540e245423a4e711c6b49e76
kernel-rt-debug-core-4.18.0-553.100.1.rt7.441.el8_10.x86_64.rpm SHA-256: 85063a34f134234a165baf5b9f0c9b3c9b36573d530e155135db19a130d27d63
kernel-rt-debug-debuginfo-4.18.0-553.100.1.rt7.441.el8_10.x86_64.rpm SHA-256: 9b1059a865a347b07a166fbab7f3df51e47f5798d8d13ee2a258fdd944303eae
kernel-rt-debug-devel-4.18.0-553.100.1.rt7.441.el8_10.x86_64.rpm SHA-256: fecaf6c78f54761371e9a46a268475cb8f38a94df221d28321c279343380e2fe
kernel-rt-debug-modules-4.18.0-553.100.1.rt7.441.el8_10.x86_64.rpm SHA-256: 59b6475c1341b2043d1400ced8b7419a2612f6be04dcd7cbc9367ada53b26fef
kernel-rt-debug-modules-extra-4.18.0-553.100.1.rt7.441.el8_10.x86_64.rpm SHA-256: f26fd60b722bd2216d1330a50ff9e24be7f28cab75b89c607a5861a6a90495ef
kernel-rt-debuginfo-4.18.0-553.100.1.rt7.441.el8_10.x86_64.rpm SHA-256: eddb9be14f938f483307d11c6376983ebfd7a82de491b869c6519d1fd964bf93
kernel-rt-debuginfo-common-x86_64-4.18.0-553.100.1.rt7.441.el8_10.x86_64.rpm SHA-256: af3523090f369614d7f30258cae6c518145b4d0268a75606dd8c3ffccd74f1ab
kernel-rt-devel-4.18.0-553.100.1.rt7.441.el8_10.x86_64.rpm SHA-256: 7d55c4b40a8eec982e5cb15751e318c66ac202059328098f3165e7985d28cd9a
kernel-rt-modules-4.18.0-553.100.1.rt7.441.el8_10.x86_64.rpm SHA-256: b20ea012a712f916dc08665bc1084e636e16346b5b4891b6aeb024a43b6de8be
kernel-rt-modules-extra-4.18.0-553.100.1.rt7.441.el8_10.x86_64.rpm SHA-256: f68a7b3c48121961a4370f37f79e52a98939e12ec1056f7f7a25181b13e1514d

Red Hat Enterprise Linux for Real Time for NFV 8

SRPM
kernel-rt-4.18.0-553.100.1.rt7.441.el8_10.src.rpm SHA-256: ff98bb4724dcb85f4b586f13b02bd5b3d12df93c055e181dadc7663d776cae71
x86_64
kernel-rt-4.18.0-553.100.1.rt7.441.el8_10.x86_64.rpm SHA-256: 5f413bbb42990001eb856527503144f72cd6dd2aed501be39ceb58d3c57d7845
kernel-rt-core-4.18.0-553.100.1.rt7.441.el8_10.x86_64.rpm SHA-256: bc149aad19a9dcf9ae94af76b08958b1c05d4ed406bcf99e752c68a04add3e3d
kernel-rt-debug-4.18.0-553.100.1.rt7.441.el8_10.x86_64.rpm SHA-256: d5809a257bd8a1cf5070264449cc8378ad7546ad540e245423a4e711c6b49e76
kernel-rt-debug-core-4.18.0-553.100.1.rt7.441.el8_10.x86_64.rpm SHA-256: 85063a34f134234a165baf5b9f0c9b3c9b36573d530e155135db19a130d27d63
kernel-rt-debug-debuginfo-4.18.0-553.100.1.rt7.441.el8_10.x86_64.rpm SHA-256: 9b1059a865a347b07a166fbab7f3df51e47f5798d8d13ee2a258fdd944303eae
kernel-rt-debug-devel-4.18.0-553.100.1.rt7.441.el8_10.x86_64.rpm SHA-256: fecaf6c78f54761371e9a46a268475cb8f38a94df221d28321c279343380e2fe
kernel-rt-debug-kvm-4.18.0-553.100.1.rt7.441.el8_10.x86_64.rpm SHA-256: 812beb5a2ad1865dcf95503eaf914be6c8b7b60f5dff1e632100d280e0cdda3a
kernel-rt-debug-modules-4.18.0-553.100.1.rt7.441.el8_10.x86_64.rpm SHA-256: 59b6475c1341b2043d1400ced8b7419a2612f6be04dcd7cbc9367ada53b26fef
kernel-rt-debug-modules-extra-4.18.0-553.100.1.rt7.441.el8_10.x86_64.rpm SHA-256: f26fd60b722bd2216d1330a50ff9e24be7f28cab75b89c607a5861a6a90495ef
kernel-rt-debuginfo-4.18.0-553.100.1.rt7.441.el8_10.x86_64.rpm SHA-256: eddb9be14f938f483307d11c6376983ebfd7a82de491b869c6519d1fd964bf93
kernel-rt-debuginfo-common-x86_64-4.18.0-553.100.1.rt7.441.el8_10.x86_64.rpm SHA-256: af3523090f369614d7f30258cae6c518145b4d0268a75606dd8c3ffccd74f1ab
kernel-rt-devel-4.18.0-553.100.1.rt7.441.el8_10.x86_64.rpm SHA-256: 7d55c4b40a8eec982e5cb15751e318c66ac202059328098f3165e7985d28cd9a
kernel-rt-kvm-4.18.0-553.100.1.rt7.441.el8_10.x86_64.rpm SHA-256: 95434e4cff33a86dcb126e3baf7ddcda03c46c5703b4c17fa26ff3a7e840e135
kernel-rt-modules-4.18.0-553.100.1.rt7.441.el8_10.x86_64.rpm SHA-256: b20ea012a712f916dc08665bc1084e636e16346b5b4891b6aeb024a43b6de8be
kernel-rt-modules-extra-4.18.0-553.100.1.rt7.441.el8_10.x86_64.rpm SHA-256: f68a7b3c48121961a4370f37f79e52a98939e12ec1056f7f7a25181b13e1514d

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.