Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
  • Products

    Top Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Products

    Downloads and Containers

    • Downloads
    • Packages
    • Containers

    Top Resources

    • Documentation
    • Product Life Cycles
    • Product Compliance
    • Errata
  • Knowledge

    Red Hat Knowledge Center

    • Knowledgebase Solutions
    • Knowledgebase Articles
    • Customer Portal Labs
    • Errata

    Top Product Docs

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Product Docs

    Training and Certification

    • About
    • Course Index
    • Certification Index
    • Skill Assessment
  • Security

    Red Hat Product Security Center

    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Errata

    References

    • Security Bulletins
    • Severity Ratings
    • Security Data

    Top Resources

    • Security Labs
    • Backporting Policies
    • Security Blog
  • Support

    Red Hat Support

    • Support Cases
    • Troubleshoot
    • Get Support
    • Contact Red Hat Support

    Red Hat Community Support

    • Customer Portal Community
    • Community Discussions
    • Red Hat Accelerator Program

    Top Resources

    • Product Life Cycles
    • Customer Portal Labs
    • Red Hat JBoss Supported Configurations
    • Red Hat Lightspeed
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Lightspeed
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift
  • Red Hat OpenShift AI
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat build of Keycloak
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2026:33486 - Security Advisory
Issued:
2026-06-30
Updated:
2026-06-30

RHSA-2026:33486 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Critical: kernel security, bug fix, and enhancement update

Type/Severity

Security Advisory: Critical

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kernel is now available for Red Hat Enterprise Linux for NVIDIA.

Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

A special build of the kernel packages for Red Hat Enterprise Linux for
NVIDIA.

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

For detailed information on changes in this release, see the RHEL for NVIDIA Release Notes linked from the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux for ARM 64 10 aarch64

Fixes

  • BZ - 2460538 - CVE-2026-31431 kernel: crypto: algif_aead - Revert to operating out-of-place
  • BZ - 2464351 - CVE-2026-43037 kernel: ip6_tunnel: clear skb2->cb[] in ip4ip6_err()
  • BZ - 2467771 - CVE-2026-43284 kernel: "Dirty Frag" ESP XFRM variant is a new universal Local Privilege Escalation (LPE) vulnerability in the Linux kernel
  • BZ - 2477015 - CVE-2026-46300 kernel: "Fragnesia" is a variant of Dirty Frag vulnerability in the ESP/XFRM leading to Local Privilege Escalation (LPE) vulnerability in the Linux kernel
  • BZ - 2477802 - CVE-2026-46333 kernel: Read root-owned files as an unprivileged user
  • BZ - 2481486 - CVE-2026-46243 kernel: Linux kernel: smb: client: reject userspace cifs.spnego descriptions
  • VOYAGER-10 - Backport kernel support for EGM
  • VOYAGER-286 - Backport mm: Implement ECC handling for pfn with no struct page
  • VOYAGER-488 - Backport iommu: Report effective PCIe ATS support status
  • VOYAGER-75 - soc/tegra: pmc: Add support for Tegra410
  • VOYAGER-83 - i3c support for T410 (Vera)
  • VOYAGER-74 - soc/tegra: Use Arm SMCCC to get chip ID, revision, and platform info
  • VOYAGER-240 - [Epic]: NVIDIA:Vera: arm64: Add workaround to convert MT_NORMAL_NC to Device-nGnRE
  • VOYAGER-72 - Kernel support for Vera PMU
  • VOYAGER-82 - i2c support for T410 (Vera)
  • VOYAGER-89 - Allow ATS to be always on for certain ATS-capable devices
  • VOYAGER-732 - [Epic]: Backport sched/fair: SMT-aware asymmetric CPU capacity
  • VOYAGER-490 - Backport iommu/tegra241-cmdqv: Fix initialization and uAPI related to HYP_OWN
  • VOYAGER-281 - Backport iommu/arm-smmu-v3: Introduce an RCU-protected invalidation array
  • VOYAGER-256 - [Epic]: NVIDIA:Vera: Add support for FEAT_{LS64, LS64_V} and related tests
  • VOYAGER-93 - Backport arm64 MPAM support
  • VOYAGER-1034 - CVE-2026-43037 kernel: ip6_tunnel: clear skb2->cb[] in ip4ip6_err() [voyager-26.02]
  • VOYAGER-222 - [Epic]: Backport soc/tegra: fuse: Do not register SoC device on ACPI boot - rhel-10.2
  • VOYAGER-223 - [Epic]: Backport GPIO support for Tegra410 (Vera) - rhel-10.2
  • VOYAGER-224 - [Epic]: NVIDIA:Kernel support for future arm64 CPU - RHEL 10.2
  • VOYAGER-238 - [Epic]: NVIDIA:Backport gpio: tegra186: Simplify GPIO line name prefix handling - RHEL 10.2
  • VOYAGER-6 - Backport VMM can handle guest SEA via KVM_EXIT_ARM_SEA
  • VOYAGER-73 - Backport perf/arm_cspmu: Preparatory patches for NVIDIA T410 PMU
  • VOYAGER-239 - [Epic]: NVIDIA:CPPC: Backport online CPU fixes - RHEL 10.2
  • VOYAGER-418 - Backport iommu/arm-smmu-v3: Do not set disable_ats unless vSTE is Translate
  • VOYAGER-419 - Backport iommu/arm-smmu-v3: Fix hitless STE update in nesting cases

CVEs

  • CVE-2026-31431
  • CVE-2026-43037
  • CVE-2026-43284
  • CVE-2026-43503
  • CVE-2026-46243
  • CVE-2026-46300
  • CVE-2026-46333

References

  • https://access.redhat.com/security/updates/classification/#critical
  • https://docs.redhat.com/en/documentation/red_hat_enterprise_linux_for_nvidia/
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for ARM 64 10

SRPM
kernel-6.12.0-231.12.el10nv.src.rpm SHA-256: b3da98b8a4d489cd34a016914dae59452ecb24224edb5fe2757cb1f00ace49a9
aarch64
kernel-6.12.0-231.12.el10nv.aarch64.rpm SHA-256: e694f8c61239d57eecd6f89bd7366470bb28cac28ab2bf86661998f8f7ca7016
kernel-64k-6.12.0-231.12.el10nv.aarch64.rpm SHA-256: 203f273c7e54d1e65dc4f9e3de20be12346d5994fab78ebe06b78fb700a9de16
kernel-64k-core-6.12.0-231.12.el10nv.aarch64.rpm SHA-256: 4fbb33de803d1ffd5f0d844f89f2df38d5cd99a882d72c51f4cf3f342a6632b4
kernel-64k-debug-6.12.0-231.12.el10nv.aarch64.rpm SHA-256: 98b75a8ba5b16b37e8b88719a2c3b0d43b4c3d2be57a120dc18396d5a9f7d3aa
kernel-64k-debug-core-6.12.0-231.12.el10nv.aarch64.rpm SHA-256: abafe79943865d6647bec9e2b8c4d00a83546d657791fde1e88fceb9e63ae027
kernel-64k-debug-debuginfo-6.12.0-231.12.el10nv.aarch64.rpm SHA-256: 23fd75dd326afb8bc80625d268e7106524f4b2d78c627e456ffceace072eaf95
kernel-64k-debug-modules-6.12.0-231.12.el10nv.aarch64.rpm SHA-256: 35acf0a3f84a015abe9bbd8e7ef8009f41c9ba2763bb2834a84c4208a2c7dbb1
kernel-64k-debug-modules-core-6.12.0-231.12.el10nv.aarch64.rpm SHA-256: bd9c2700577d25bc2da8bcaad8220eaa88c71de2055228d855706e84a930d840
kernel-64k-debug-modules-extra-6.12.0-231.12.el10nv.aarch64.rpm SHA-256: 6f2af702d05772f1d5e7b49a87f3e2b118586558400ef560bc157e5f6b5f8ea0
kernel-64k-debuginfo-6.12.0-231.12.el10nv.aarch64.rpm SHA-256: ec3313d7c06abe50ce3f853b153db28d0579a1d6cedcc0b240290ca62fb6fc22
kernel-64k-modules-6.12.0-231.12.el10nv.aarch64.rpm SHA-256: c8826b3095569852603e41e352e66799fd54af8dc43382f8cc5d7cdf194669a0
kernel-64k-modules-core-6.12.0-231.12.el10nv.aarch64.rpm SHA-256: b9d15c58cf3ab65695a899acf4934c321b3967142d7eed4eff42345f65b1f064
kernel-64k-modules-extra-6.12.0-231.12.el10nv.aarch64.rpm SHA-256: 512fb5cf3bd6808d6f7c11b0650d981d45c0bf71d0617369ab1a58048e715ede
kernel-abi-stablelists-6.12.0-231.12.el10nv.noarch.rpm SHA-256: ee04849fb749c10afd7eb5e077febd7a41726a236430907c1891ea6cd9796d83
kernel-core-6.12.0-231.12.el10nv.aarch64.rpm SHA-256: c964e46db4a0e6f899898e0256ad6bbda1c84590692c3d425b05a0d20bd37ecd
kernel-debug-6.12.0-231.12.el10nv.aarch64.rpm SHA-256: 68028d24b410f43bbfb58c0fbcf5e2ff2aa62ebef78beac778771053324cdb60
kernel-debug-core-6.12.0-231.12.el10nv.aarch64.rpm SHA-256: bff0cba71523026e1fca7cb7962b486d11f8fbbc747b8ffd6a4186d96eb1bcae
kernel-debug-debuginfo-6.12.0-231.12.el10nv.aarch64.rpm SHA-256: 294e817b475cd6d4ae03d44877f89e06e895949b38e5003379748486878ee26c
kernel-debug-devel-6.12.0-231.12.el10nv.aarch64.rpm SHA-256: d3348f26125317d0139689035b979cc4d9dd1bd852535262a4a7962192e3e40c
kernel-debug-devel-matched-6.12.0-231.12.el10nv.aarch64.rpm SHA-256: 9190926f3400079810424813d804fadc2db742694aa4e4e7631adc7f80a754d6
kernel-debug-modules-6.12.0-231.12.el10nv.aarch64.rpm SHA-256: 337bfca0a449d0d6cb108ee6842fc184a923edf1607496c5c9a653ec46edd98e
kernel-debug-modules-core-6.12.0-231.12.el10nv.aarch64.rpm SHA-256: 793afdfe5cc0933283f9e3041ddaefeddb0c4fadd5c3aaade48dd92e148d4099
kernel-debug-modules-extra-6.12.0-231.12.el10nv.aarch64.rpm SHA-256: ba22de1834ea05e7c97577a1948af0aac8cc7739bc0f449389656fd089620056
kernel-debuginfo-6.12.0-231.12.el10nv.aarch64.rpm SHA-256: deaac44aaf85997c037d33b0ee3638181fa16191de24420677f6a5eee0670518
kernel-debuginfo-common-aarch64-6.12.0-231.12.el10nv.aarch64.rpm SHA-256: c8ae4564d62cdec18045c13c867e0cee42a9b8f113333be61d833d7f7d8c4319
kernel-devel-6.12.0-231.12.el10nv.aarch64.rpm SHA-256: 9568300504863f4d9ee8659a9a96107eba3ba6434d6aae55e64a175cb7e2567a
kernel-devel-matched-6.12.0-231.12.el10nv.aarch64.rpm SHA-256: 03d41015bc919c512d33beaeeff1e65fc73d364af56780b0438d2817591f9098
kernel-doc-6.12.0-231.12.el10nv.noarch.rpm SHA-256: 619f5e5a0495de0886566bce623f391b65e96cabd607cb3fc34e50b1552293df
kernel-headers-6.12.0-231.12.el10nv.aarch64.rpm SHA-256: 7c6680491db6e9d25f19ec6d66baf2193649843f15c4b1a685b30c602da5906d
kernel-modules-6.12.0-231.12.el10nv.aarch64.rpm SHA-256: dee6e4b5730680d3cca324bb40595010ab0b362fd5f965eb819a56c9a2f6b8f5
kernel-modules-core-6.12.0-231.12.el10nv.aarch64.rpm SHA-256: e03b5dab2cbc1017b00a1eee9f5f744b7f3a3eae06d40831a3db2fc41cff3137
kernel-modules-extra-6.12.0-231.12.el10nv.aarch64.rpm SHA-256: 95d55883273f74669e14cbb9bce3b54ab37e95cebebcfc8e23e4d2dac9c87f72
kernel-modules-extra-matched-6.12.0-231.12.el10nv.aarch64.rpm SHA-256: 8e04e85f60bd411804004fe83aa1d965253eb75bd2b628ad9656bd69b88c0062
kernel-tools-6.12.0-231.12.el10nv.aarch64.rpm SHA-256: 9ec22e7a653fb15fa9774c1ffcf33968ae600c8b0538f1f81b0f1ed55926848d
kernel-tools-debuginfo-6.12.0-231.12.el10nv.aarch64.rpm SHA-256: f1340de7a293eccc3acf41216c5f8648abed582fd6f5f4769ecc404786d986a6
kernel-tools-libs-6.12.0-231.12.el10nv.aarch64.rpm SHA-256: bab548394332f792b468fc8f1613637bbb774de726138f2cff63e8b6c67307d0
kernel-uki-virt-6.12.0-231.12.el10nv.aarch64.rpm SHA-256: 14e7302138352667504f24dfebed0100a6aff966221aa4ca4aea98d368a55ecc
kernel-uki-virt-addons-6.12.0-231.12.el10nv.aarch64.rpm SHA-256: a420d98810f44fb6c8f9bc5e42eeb26d6c06ef358d80b6ee0e1b82ebd7d1321d
libperf-debuginfo-6.12.0-231.12.el10nv.aarch64.rpm SHA-256: b0847b11d68952014a63d3a6a283fc9667f050ee46b0f1b896fc8489fff9e445
perf-6.12.0-231.12.el10nv.aarch64.rpm SHA-256: 0017cbc3457fbe6ba4b0871fc40ccb07dda6332863bf2cb2ae2b6f1f9f02d860
perf-debuginfo-6.12.0-231.12.el10nv.aarch64.rpm SHA-256: 207a2b4f1d40e828463f7e17efb1e23c6f45c92fefbe3f1e3313b7bd420dbd10
python3-perf-6.12.0-231.12.el10nv.aarch64.rpm SHA-256: 91648b0c742dada72d73966beaf67db1e96cb66e2958a05f0c01fad428d0d5ae
python3-perf-debuginfo-6.12.0-231.12.el10nv.aarch64.rpm SHA-256: 79675b334341cae59171cbef76a37d9abbaac63786c7594d06579ebd1d93151a
rtla-6.12.0-231.12.el10nv.aarch64.rpm SHA-256: 4d4361d93a75c245ce732dde197e688a5325b5593bf9bb3c9b76f9855d1bc9c0
rtla-debuginfo-6.12.0-231.12.el10nv.aarch64.rpm SHA-256: efdae42cbc3b9b6d11e6cba24820e25cc4485f2784b34f78e58731bf7ca4edac
rv-6.12.0-231.12.el10nv.aarch64.rpm SHA-256: 53c98bdf36eefbee10e5c7bafb4faa4ed4c73ee245fc011571eeb140170f6ce8
rv-debuginfo-6.12.0-231.12.el10nv.aarch64.rpm SHA-256: f91a932501e431f821a4cceafe03b260cc019f8fa95557d5f34e244be55c1a65

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat LinkedIn YouTube Facebook X, formerly Twitter

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

Red Hat legal and privacy links

  • About Red Hat
  • Jobs
  • Events
  • Locations
  • Contact Red Hat
  • Red Hat Blog
  • Inclusion at Red Hat
  • Cool Stuff Store
  • Red Hat Summit
© 2026 Red Hat

Red Hat legal and privacy links

  • Privacy statement
  • Terms of use
  • All policies and guidelines
  • Digital accessibility