红帽产品勘误 RHSA-2026:3360 - Security Advisory
发布:
2026-02-25
已更新:
2026-02-25

RHSA-2026:3360 - Security Advisory

概述

Important: kernel security update

类型/严重性

Security Advisory: Important

Red Hat Lightspeed patch analysis

识别并修复受此公告影响的系统。

查看受影响的系统

标题

An update for kernel is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

描述

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • kernel: RDMA/core: Fix "KASAN: slab-use-after-free Read in ib_register_device" problem (CVE-2025-38022)
  • kernel: Linux kernel: Memory corruption in Squashfs due to incorrect block size calculation (CVE-2025-38415)
  • kernel: Linux kernel: Denial of Service in ATM CLIP module via infinite recursion (CVE-2025-38459)
  • kernel: Linux kernel: Denial of Service via out-of-bounds read in USB configuration parsing (CVE-2025-39760)
  • kernel: smb: client: let recv_done verify data_offset, data_length and remaining_data_length (CVE-2025-39933)
  • kernel: RDMA/rxe: Fix incomplete state save in rxe_requester (CVE-2023-53539)
  • kernel: net/mlx5e: Check for NOT_READY flag state after locking (CVE-2023-53581)
  • kernel: Bluetooth: hci_event: call disconnect callback before deleting conn (CVE-2023-53673)
  • kernel: Linux kernel: Use-after-free in proc_readdir_de() can lead to privilege escalation or denial of service. (CVE-2025-40271)
  • kernel: Linux kernel: Out-of-bounds write in fbdev can lead to privilege escalation, information disclosure, or denial of service. (CVE-2025-40304)
  • kernel: Linux kernel: Information disclosure and denial of service via out-of-bounds read in font glyph handling (CVE-2025-40322)
  • kernel: ip6_vti: fix slab-use-after-free in decode_session6 (CVE-2023-53821)
  • kernel: ext4: fix use-after-free in ext4_orphan_cleanup (CVE-2022-50673)
  • kernel: drm/i915: Fix NULL ptr deref by checking new_crtc_state (CVE-2023-53833)
  • kernel: Bluetooth: L2CAP: Fix use-after-free in l2cap_disconnect_{req,rsp} (CVE-2023-53827)
  • kernel: NFSv4/pNFS: Clear NFS_INO_LAYOUTCOMMIT in pnfs_mark_layout_stateid_invalid (CVE-2025-68349)
  • kernel: tcp: fix a signed-integer-overflow bug in tcp_add_backlog() (CVE-2022-50865)
  • kernel: Linux kernel: Use-after-free in teql queueing discipline can lead to privilege escalation (CVE-2026-23074)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

解决方案

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

受影响的产品

  • Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.4 x86_64
  • Red Hat Enterprise Linux Server - AUS 8.4 x86_64

修复

  • BZ - 2373326 - CVE-2025-38022 kernel: RDMA/core: Fix "KASAN: slab-use-after-free Read in ib_register_device" problem
  • BZ - 2383404 - CVE-2025-38415 kernel: Linux kernel: Memory corruption in Squashfs due to incorrect block size calculation
  • BZ - 2383487 - CVE-2025-38459 kernel: Linux kernel: Denial of Service in ATM CLIP module via infinite recursion
  • BZ - 2394601 - CVE-2025-39760 kernel: Linux kernel: Denial of Service via out-of-bounds read in USB configuration parsing
  • BZ - 2401432 - CVE-2025-39933 kernel: smb: client: let recv_done verify data_offset, data_length and remaining_data_length
  • BZ - 2401510 - CVE-2023-53539 kernel: RDMA/rxe: Fix incomplete state save in rxe_requester
  • BZ - 2401545 - CVE-2023-53581 kernel: net/mlx5e: Check for NOT_READY flag state after locking
  • BZ - 2402193 - CVE-2023-53673 kernel: Bluetooth: hci_event: call disconnect callback before deleting conn
  • BZ - 2419837 - CVE-2025-40271 kernel: Linux kernel: Use-after-free in proc_readdir_de() can lead to privilege escalation or denial of service.
  • BZ - 2419870 - CVE-2025-40304 kernel: Linux kernel: Out-of-bounds write in fbdev can lead to privilege escalation, information disclosure, or denial of service.
  • BZ - 2419902 - CVE-2025-40322 kernel: Linux kernel: Information disclosure and denial of service via out-of-bounds read in font glyph handling
  • BZ - 2420329 - CVE-2023-53821 kernel: ip6_vti: fix slab-use-after-free in decode_session6
  • BZ - 2420347 - CVE-2022-50673 kernel: ext4: fix use-after-free in ext4_orphan_cleanup
  • BZ - 2420366 - CVE-2023-53833 kernel: drm/i915: Fix NULL ptr deref by checking new_crtc_state
  • BZ - 2420376 - CVE-2023-53827 kernel: Bluetooth: L2CAP: Fix use-after-free in l2cap_disconnect_{req,rsp}
  • BZ - 2424880 - CVE-2025-68349 kernel: NFSv4/pNFS: Clear NFS_INO_LAYOUTCOMMIT in pnfs_mark_layout_stateid_invalid
  • BZ - 2426226 - CVE-2022-50865 kernel: tcp: fix a signed-integer-overflow bug in tcp_add_backlog()
  • BZ - 2436791 - CVE-2026-23074 kernel: Linux kernel: Use-after-free in teql queueing discipline can lead to privilege escalation

Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.4

SRPM
kernel-4.18.0-305.186.1.el8_4.src.rpm SHA-256: caeada906ea81dfcade78bda455107e115149926978675dbcbfda5a42428846d
x86_64
bpftool-4.18.0-305.186.1.el8_4.x86_64.rpm SHA-256: 4482a1627ea5efb9920282b801102f5d68e9d25c87dc55ea447801643320f29b
bpftool-debuginfo-4.18.0-305.186.1.el8_4.x86_64.rpm SHA-256: 85b34f22b2ed4654e62dd41a552bf6da7dd13a002d12ebc30df6bd2adfd224a1
kernel-4.18.0-305.186.1.el8_4.x86_64.rpm SHA-256: b80cf4f527393895d1923492733f347d91974d8b3d3fd6d03ee91e2351e8c7cd
kernel-abi-stablelists-4.18.0-305.186.1.el8_4.noarch.rpm SHA-256: f5daaee801fd1326a4afd1f8142946acc6ac0bc50bd809a0fa1314ae6ad3c1b6
kernel-core-4.18.0-305.186.1.el8_4.x86_64.rpm SHA-256: b0d0e468607f5c53c6f9ca23033a4db3485c627d4326a6879a3792f7a657e431
kernel-cross-headers-4.18.0-305.186.1.el8_4.x86_64.rpm SHA-256: 57a4422b43d8b922fa4329adb86fbb7a4f7422e6139556971a085bc65761ac99
kernel-debug-4.18.0-305.186.1.el8_4.x86_64.rpm SHA-256: 1a922bacbb7e72da7826fddd2255aaf616dc396ac98042901890c05e226da1d6
kernel-debug-core-4.18.0-305.186.1.el8_4.x86_64.rpm SHA-256: 776ad9cff98dfdca6a2d83e9238e87dd2e893609391fb77c7649fd840ea2a243
kernel-debug-debuginfo-4.18.0-305.186.1.el8_4.x86_64.rpm SHA-256: 9eff8e7e7cd60b15fe3750c1563071cd1b162a72a656bef660fea5e9c1bc5117
kernel-debug-devel-4.18.0-305.186.1.el8_4.x86_64.rpm SHA-256: b271a3bc3f0d20c1a18b45d408633bb0161bac0d8cc26ee3f62de7942270357b
kernel-debug-modules-4.18.0-305.186.1.el8_4.x86_64.rpm SHA-256: 5e744a44271fe5e68fd13ce2aa9f9bd38115420ba444e17886605b741ed50a5b
kernel-debug-modules-extra-4.18.0-305.186.1.el8_4.x86_64.rpm SHA-256: 3f703155dc86f5a850b8a6124edee4fb82f3ef9e9f7ec14a86a00668cb5be201
kernel-debuginfo-4.18.0-305.186.1.el8_4.x86_64.rpm SHA-256: 63c1df23312afb0ff17eb8b160bbb9e851f43bc309fbcd971724f8bd273225e9
kernel-debuginfo-common-x86_64-4.18.0-305.186.1.el8_4.x86_64.rpm SHA-256: 9406317aa46bf332cbb644289a6348df4de5f74f6797715e3697eedfecff5532
kernel-devel-4.18.0-305.186.1.el8_4.x86_64.rpm SHA-256: 931ea626270ab7b17c7adc1913def636c628da8e9f46483db152e4bdf9f5ea3f
kernel-doc-4.18.0-305.186.1.el8_4.noarch.rpm SHA-256: 6b148bdae11c52a0889664042a80d9666e98b1446e876fb7a8689b348caf7dfb
kernel-headers-4.18.0-305.186.1.el8_4.x86_64.rpm SHA-256: db91bc33ae4f02d96230e37e10ef876ac2a3b943fcaab5a1b908bb5ce4bc321b
kernel-modules-4.18.0-305.186.1.el8_4.x86_64.rpm SHA-256: 98b499ff748ae8bb6f5dd1afcba3883e207c8878074a3badb550633f8f229f50
kernel-modules-extra-4.18.0-305.186.1.el8_4.x86_64.rpm SHA-256: 48808a8fca78604afb13bbd0d0d8a54ecbb362d005d46e35cb3a4151abffc837
kernel-tools-4.18.0-305.186.1.el8_4.x86_64.rpm SHA-256: 646ba2f52ee849cedcabe56c3280d68b944e68760e07a4497581d0d746cef89d
kernel-tools-debuginfo-4.18.0-305.186.1.el8_4.x86_64.rpm SHA-256: 869a2d95085a859f298361bb27c00dda36eb2cfce9c90e54578a73913e06a0b6
kernel-tools-libs-4.18.0-305.186.1.el8_4.x86_64.rpm SHA-256: 8de4e888dc087b5611882fe23a69565b7c158069f97667bd6f96128de5b5d04b
perf-4.18.0-305.186.1.el8_4.x86_64.rpm SHA-256: 2101d98a9c2a4fee3ac0fe059a7048272fa10b6dd9d7ed11abeac13e412ab905
perf-debuginfo-4.18.0-305.186.1.el8_4.x86_64.rpm SHA-256: 102f1d50cde529648486884270cc08b51e8e45f8689d47fbe074d26abf445197
python3-perf-4.18.0-305.186.1.el8_4.x86_64.rpm SHA-256: b0c582897b33ef98c54ed884c177a80efc9ba0607d4cd69f0bb51abfbd7f6ce2
python3-perf-debuginfo-4.18.0-305.186.1.el8_4.x86_64.rpm SHA-256: ab5f03b4295f9aa9c8dd9e79bd14d28182a6e4f5525f7e2560e077fcfe9e5436

Red Hat Enterprise Linux Server - AUS 8.4

SRPM
kernel-4.18.0-305.186.1.el8_4.src.rpm SHA-256: caeada906ea81dfcade78bda455107e115149926978675dbcbfda5a42428846d
x86_64
bpftool-4.18.0-305.186.1.el8_4.x86_64.rpm SHA-256: 4482a1627ea5efb9920282b801102f5d68e9d25c87dc55ea447801643320f29b
bpftool-debuginfo-4.18.0-305.186.1.el8_4.x86_64.rpm SHA-256: 85b34f22b2ed4654e62dd41a552bf6da7dd13a002d12ebc30df6bd2adfd224a1
kernel-4.18.0-305.186.1.el8_4.x86_64.rpm SHA-256: b80cf4f527393895d1923492733f347d91974d8b3d3fd6d03ee91e2351e8c7cd
kernel-abi-stablelists-4.18.0-305.186.1.el8_4.noarch.rpm SHA-256: f5daaee801fd1326a4afd1f8142946acc6ac0bc50bd809a0fa1314ae6ad3c1b6
kernel-core-4.18.0-305.186.1.el8_4.x86_64.rpm SHA-256: b0d0e468607f5c53c6f9ca23033a4db3485c627d4326a6879a3792f7a657e431
kernel-cross-headers-4.18.0-305.186.1.el8_4.x86_64.rpm SHA-256: 57a4422b43d8b922fa4329adb86fbb7a4f7422e6139556971a085bc65761ac99
kernel-debug-4.18.0-305.186.1.el8_4.x86_64.rpm SHA-256: 1a922bacbb7e72da7826fddd2255aaf616dc396ac98042901890c05e226da1d6
kernel-debug-core-4.18.0-305.186.1.el8_4.x86_64.rpm SHA-256: 776ad9cff98dfdca6a2d83e9238e87dd2e893609391fb77c7649fd840ea2a243
kernel-debug-debuginfo-4.18.0-305.186.1.el8_4.x86_64.rpm SHA-256: 9eff8e7e7cd60b15fe3750c1563071cd1b162a72a656bef660fea5e9c1bc5117
kernel-debug-devel-4.18.0-305.186.1.el8_4.x86_64.rpm SHA-256: b271a3bc3f0d20c1a18b45d408633bb0161bac0d8cc26ee3f62de7942270357b
kernel-debug-modules-4.18.0-305.186.1.el8_4.x86_64.rpm SHA-256: 5e744a44271fe5e68fd13ce2aa9f9bd38115420ba444e17886605b741ed50a5b
kernel-debug-modules-extra-4.18.0-305.186.1.el8_4.x86_64.rpm SHA-256: 3f703155dc86f5a850b8a6124edee4fb82f3ef9e9f7ec14a86a00668cb5be201
kernel-debuginfo-4.18.0-305.186.1.el8_4.x86_64.rpm SHA-256: 63c1df23312afb0ff17eb8b160bbb9e851f43bc309fbcd971724f8bd273225e9
kernel-debuginfo-common-x86_64-4.18.0-305.186.1.el8_4.x86_64.rpm SHA-256: 9406317aa46bf332cbb644289a6348df4de5f74f6797715e3697eedfecff5532
kernel-devel-4.18.0-305.186.1.el8_4.x86_64.rpm SHA-256: 931ea626270ab7b17c7adc1913def636c628da8e9f46483db152e4bdf9f5ea3f
kernel-doc-4.18.0-305.186.1.el8_4.noarch.rpm SHA-256: 6b148bdae11c52a0889664042a80d9666e98b1446e876fb7a8689b348caf7dfb
kernel-headers-4.18.0-305.186.1.el8_4.x86_64.rpm SHA-256: db91bc33ae4f02d96230e37e10ef876ac2a3b943fcaab5a1b908bb5ce4bc321b
kernel-modules-4.18.0-305.186.1.el8_4.x86_64.rpm SHA-256: 98b499ff748ae8bb6f5dd1afcba3883e207c8878074a3badb550633f8f229f50
kernel-modules-extra-4.18.0-305.186.1.el8_4.x86_64.rpm SHA-256: 48808a8fca78604afb13bbd0d0d8a54ecbb362d005d46e35cb3a4151abffc837
kernel-tools-4.18.0-305.186.1.el8_4.x86_64.rpm SHA-256: 646ba2f52ee849cedcabe56c3280d68b944e68760e07a4497581d0d746cef89d
kernel-tools-debuginfo-4.18.0-305.186.1.el8_4.x86_64.rpm SHA-256: 869a2d95085a859f298361bb27c00dda36eb2cfce9c90e54578a73913e06a0b6
kernel-tools-libs-4.18.0-305.186.1.el8_4.x86_64.rpm SHA-256: 8de4e888dc087b5611882fe23a69565b7c158069f97667bd6f96128de5b5d04b
perf-4.18.0-305.186.1.el8_4.x86_64.rpm SHA-256: 2101d98a9c2a4fee3ac0fe059a7048272fa10b6dd9d7ed11abeac13e412ab905
perf-debuginfo-4.18.0-305.186.1.el8_4.x86_64.rpm SHA-256: 102f1d50cde529648486884270cc08b51e8e45f8689d47fbe074d26abf445197
python3-perf-4.18.0-305.186.1.el8_4.x86_64.rpm SHA-256: b0c582897b33ef98c54ed884c177a80efc9ba0607d4cd69f0bb51abfbd7f6ce2
python3-perf-debuginfo-4.18.0-305.186.1.el8_4.x86_64.rpm SHA-256: ab5f03b4295f9aa9c8dd9e79bd14d28182a6e4f5525f7e2560e077fcfe9e5436

Red Hat 安全团队联络方式为 secalert@redhat.com。 更多联络细节请参考 https://access.redhat.com/security/team/contact/