Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
  • Products

    Top Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Products

    Downloads and Containers

    • Downloads
    • Packages
    • Containers

    Top Resources

    • Documentation
    • Product Life Cycles
    • Product Compliance
    • Errata
  • Knowledge

    Red Hat Knowledge Center

    • Knowledgebase Solutions
    • Knowledgebase Articles
    • Customer Portal Labs
    • Errata

    Top Product Docs

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Product Docs

    Training and Certification

    • About
    • Course Index
    • Certification Index
    • Skill Assessment
  • Security

    Red Hat Product Security Center

    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Errata

    References

    • Security Bulletins
    • Severity Ratings
    • Security Data

    Top Resources

    • Security Labs
    • Backporting Policies
    • Security Blog
  • Support

    Red Hat Support

    • Support Cases
    • Troubleshoot
    • Get Support
    • Contact Red Hat Support

    Red Hat Community Support

    • Customer Portal Community
    • Community Discussions
    • Red Hat Accelerator Program

    Top Resources

    • Product Life Cycles
    • Customer Portal Labs
    • Red Hat JBoss Supported Configurations
    • Red Hat Lightspeed
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Lightspeed
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift
  • Red Hat OpenShift AI
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat build of Keycloak
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2026:33899 - Security Advisory
Issued:
2026-07-01
Updated:
2026-07-01

RHSA-2026:33899 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: kernel security, bug fix, and enhancement update

Type/Severity

Security Advisory: Important

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kernel is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • kernel: libceph: make decode_pool() more resilient against corrupted osdmaps (CVE-2025-71116)
  • kernel: libceph: prevent potential out-of-bounds reads in handle_auth_done() (CVE-2026-22984)
  • kernel: libceph: replace overzealous BUG_ON in osdmap_apply_incremental() (CVE-2026-22990)
  • kernel: netfilter: nf_conntrack_h323: check for zero length in DecodeQ931() (CVE-2026-23455)
  • kernel: dlm: validate length in dlm_search_rsb_tree (CVE-2026-43125)
  • kernel: netfilter: flowtable: strictly check for maximum number of actions (CVE-2026-43329)
  • kernel: ALSA: aloop: Fix peer runtime UAF during format-change stop (CVE-2026-46090)
  • kernel: RDMA/rxe: Fix double free in rxe_srq_from_init (CVE-2026-45852)
  • kernel: sctp: revalidate list cursor after sctp_sendmsg_to_asoc() in SCTP_SENDALL (CVE-2026-46227)

Bug Fix(es) and Enhancement(s):

  • NVMe-FC: Panic during NVMe Controller Reset tests (JIRA:RHEL-178448)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Extended Life Cycle Long Life 8.6 x86_64
  • Red Hat Enterprise Linux Server - AUS 8.6 x86_64

Fixes

  • BZ - 2429602 - CVE-2025-71116 kernel: libceph: make decode_pool() more resilient against corrupted osdmaps
  • BZ - 2432389 - CVE-2026-22984 kernel: libceph: prevent potential out-of-bounds reads in handle_auth_done()
  • BZ - 2432400 - CVE-2026-22990 kernel: libceph: replace overzealous BUG_ON in osdmap_apply_incremental()
  • BZ - 2454810 - CVE-2026-23455 kernel: netfilter: nf_conntrack_h323: check for zero length in DecodeQ931()
  • BZ - 2467234 - CVE-2026-43125 kernel: dlm: validate length in dlm_search_rsb_tree
  • BZ - 2468124 - CVE-2026-43329 kernel: netfilter: flowtable: strictly check for maximum number of actions
  • BZ - 2481980 - CVE-2026-46090 kernel: ALSA: aloop: Fix peer runtime UAF during format-change stop
  • BZ - 2482166 - CVE-2026-45852 kernel: RDMA/rxe: Fix double free in rxe_srq_from_init
  • BZ - 2482564 - CVE-2026-46227 kernel: sctp: revalidate list cursor after sctp_sendmsg_to_asoc() in SCTP_SENDALL

CVEs

  • CVE-2025-71116
  • CVE-2026-22984
  • CVE-2026-22990
  • CVE-2026-23455
  • CVE-2026-43125
  • CVE-2026-43329
  • CVE-2026-45852
  • CVE-2026-46090
  • CVE-2026-46227

References

  • https://access.redhat.com/security/updates/classification/#important
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for x86_64 - Extended Life Cycle Long Life 8.6

SRPM
kernel-4.18.0-372.198.1.el8_6.src.rpm SHA-256: 158be451109f0a5b152174e1f314693ea0b44a1295142dbdf7dfdbe1c866c18e
x86_64
bpftool-4.18.0-372.198.1.el8_6.x86_64.rpm SHA-256: 08140814f994d95ed6a7578829095503c68571489562f7eab0b70780dbd0e873
bpftool-debuginfo-4.18.0-372.198.1.el8_6.x86_64.rpm SHA-256: 13fccb2e0b46b1591c62e5de03db0aad2a2542269bf76a743d6156aa71e935ce
kernel-4.18.0-372.198.1.el8_6.x86_64.rpm SHA-256: 4ab7da279ebae7fc0e47dfb19383f41eadc10d5a0268bef0ede30cf27101f84a
kernel-abi-stablelists-4.18.0-372.198.1.el8_6.noarch.rpm SHA-256: 348a644dea1fbd9c028b64d2eda0f1d0fc7c14d2d5bbee0f15a45a8ee7ac3a6d
kernel-core-4.18.0-372.198.1.el8_6.x86_64.rpm SHA-256: 4af414611e57e97b9fa145ea15b93e7cbeaf75fa305211585fbba7e781fae402
kernel-cross-headers-4.18.0-372.198.1.el8_6.x86_64.rpm SHA-256: 76e905bb585977b5b9c7d903a8eb7bec0dcd101ba47d4bba68760ca8c8382352
kernel-debug-4.18.0-372.198.1.el8_6.x86_64.rpm SHA-256: 578ece8a97bbdcb05579939d6bf2890ec9deea10c06d0d77972490b45b2d38c3
kernel-debug-core-4.18.0-372.198.1.el8_6.x86_64.rpm SHA-256: 36d4ddecc0b3570295773ea062f3638f69c8f72bb5b3d2e3940e3ededcf3eb63
kernel-debug-debuginfo-4.18.0-372.198.1.el8_6.x86_64.rpm SHA-256: 2e24b6d79791f92f0b9ceeb3f20e0f599f5097228c7629b5bb67bfa329429f0e
kernel-debug-devel-4.18.0-372.198.1.el8_6.x86_64.rpm SHA-256: 077da9f1c53b1e9893d7277dea9c05190ac8a6e8ea36eaab048eb3f8b4dd5fd9
kernel-debug-modules-4.18.0-372.198.1.el8_6.x86_64.rpm SHA-256: 5b7bde156d852c50139cc9d665705be3ac75e74af69480148c5bdcd2d4f6c7a2
kernel-debug-modules-extra-4.18.0-372.198.1.el8_6.x86_64.rpm SHA-256: c1bf9c08d52508981ce42ba631d07db8996cf5e85cd4cd2d760723ead1454997
kernel-debuginfo-4.18.0-372.198.1.el8_6.x86_64.rpm SHA-256: 0dc3dbfb44a113a27575fe1bad2dcba37b5f85091ff17d2b459aa39466d205ca
kernel-debuginfo-common-x86_64-4.18.0-372.198.1.el8_6.x86_64.rpm SHA-256: de4fba7ef08080c8a735f57cea7b4bbdefebfffb747e88e5dcb47d20076f029b
kernel-devel-4.18.0-372.198.1.el8_6.x86_64.rpm SHA-256: b057641e5e944ac09850b148c570776638bfca2b913a3e6febedf750612cde89
kernel-doc-4.18.0-372.198.1.el8_6.noarch.rpm SHA-256: dae9edd485149f5b9adfb57d700cfb9bf02c372f3d75b0a6d9c880eb80565344
kernel-headers-4.18.0-372.198.1.el8_6.x86_64.rpm SHA-256: 4b86c57f787cab665e174587488c14fe3f9590cb98437158001ebe2f6179f447
kernel-modules-4.18.0-372.198.1.el8_6.x86_64.rpm SHA-256: 609e4672b7fa4308cc690db8f4c6b16fde2ebfcb5d4be33d821ecd2ea89b6f57
kernel-modules-extra-4.18.0-372.198.1.el8_6.x86_64.rpm SHA-256: 5d2304a708ac65270eb42f5b9fda894cb09441adbb9d643f34aae7f4229e23db
kernel-tools-4.18.0-372.198.1.el8_6.x86_64.rpm SHA-256: 72250c52f8f3b7d700a7ed2543220b81c495c5d3e1c7591005492abf58e31e93
kernel-tools-debuginfo-4.18.0-372.198.1.el8_6.x86_64.rpm SHA-256: 4668a977239af03ed74c319755cad1c22d52a8c6f55b4e298c0e568ca58f9c20
kernel-tools-libs-4.18.0-372.198.1.el8_6.x86_64.rpm SHA-256: 6caa3c3a2366759ddf2fdfb8455cdf0861c97ededf059a9dfa76a0d9b20e090c
perf-4.18.0-372.198.1.el8_6.x86_64.rpm SHA-256: 47c25d89c3bf56cb4c652fe51b28400eeba23537237cbe9fbe947492764db55d
perf-debuginfo-4.18.0-372.198.1.el8_6.x86_64.rpm SHA-256: 08f957910c4126ca036d603d363a5f7d971a3dcf45edf85758514b653b2eadc4
python3-perf-4.18.0-372.198.1.el8_6.x86_64.rpm SHA-256: 2a151ce8486906637d57ed99e63f1530ca09f2647f578f87b3eae6bf952a6ca1
python3-perf-debuginfo-4.18.0-372.198.1.el8_6.x86_64.rpm SHA-256: bf36367f9adf822f5a31d9ec91fdde6f955f1c4f73f54325c6148988617644d3

Red Hat Enterprise Linux Server - AUS 8.6

SRPM
kernel-4.18.0-372.198.1.el8_6.src.rpm SHA-256: 158be451109f0a5b152174e1f314693ea0b44a1295142dbdf7dfdbe1c866c18e
x86_64
bpftool-4.18.0-372.198.1.el8_6.x86_64.rpm SHA-256: 08140814f994d95ed6a7578829095503c68571489562f7eab0b70780dbd0e873
bpftool-debuginfo-4.18.0-372.198.1.el8_6.x86_64.rpm SHA-256: 13fccb2e0b46b1591c62e5de03db0aad2a2542269bf76a743d6156aa71e935ce
kernel-4.18.0-372.198.1.el8_6.x86_64.rpm SHA-256: 4ab7da279ebae7fc0e47dfb19383f41eadc10d5a0268bef0ede30cf27101f84a
kernel-abi-stablelists-4.18.0-372.198.1.el8_6.noarch.rpm SHA-256: 348a644dea1fbd9c028b64d2eda0f1d0fc7c14d2d5bbee0f15a45a8ee7ac3a6d
kernel-core-4.18.0-372.198.1.el8_6.x86_64.rpm SHA-256: 4af414611e57e97b9fa145ea15b93e7cbeaf75fa305211585fbba7e781fae402
kernel-cross-headers-4.18.0-372.198.1.el8_6.x86_64.rpm SHA-256: 76e905bb585977b5b9c7d903a8eb7bec0dcd101ba47d4bba68760ca8c8382352
kernel-debug-4.18.0-372.198.1.el8_6.x86_64.rpm SHA-256: 578ece8a97bbdcb05579939d6bf2890ec9deea10c06d0d77972490b45b2d38c3
kernel-debug-core-4.18.0-372.198.1.el8_6.x86_64.rpm SHA-256: 36d4ddecc0b3570295773ea062f3638f69c8f72bb5b3d2e3940e3ededcf3eb63
kernel-debug-debuginfo-4.18.0-372.198.1.el8_6.x86_64.rpm SHA-256: 2e24b6d79791f92f0b9ceeb3f20e0f599f5097228c7629b5bb67bfa329429f0e
kernel-debug-devel-4.18.0-372.198.1.el8_6.x86_64.rpm SHA-256: 077da9f1c53b1e9893d7277dea9c05190ac8a6e8ea36eaab048eb3f8b4dd5fd9
kernel-debug-modules-4.18.0-372.198.1.el8_6.x86_64.rpm SHA-256: 5b7bde156d852c50139cc9d665705be3ac75e74af69480148c5bdcd2d4f6c7a2
kernel-debug-modules-extra-4.18.0-372.198.1.el8_6.x86_64.rpm SHA-256: c1bf9c08d52508981ce42ba631d07db8996cf5e85cd4cd2d760723ead1454997
kernel-debuginfo-4.18.0-372.198.1.el8_6.x86_64.rpm SHA-256: 0dc3dbfb44a113a27575fe1bad2dcba37b5f85091ff17d2b459aa39466d205ca
kernel-debuginfo-common-x86_64-4.18.0-372.198.1.el8_6.x86_64.rpm SHA-256: de4fba7ef08080c8a735f57cea7b4bbdefebfffb747e88e5dcb47d20076f029b
kernel-devel-4.18.0-372.198.1.el8_6.x86_64.rpm SHA-256: b057641e5e944ac09850b148c570776638bfca2b913a3e6febedf750612cde89
kernel-doc-4.18.0-372.198.1.el8_6.noarch.rpm SHA-256: dae9edd485149f5b9adfb57d700cfb9bf02c372f3d75b0a6d9c880eb80565344
kernel-headers-4.18.0-372.198.1.el8_6.x86_64.rpm SHA-256: 4b86c57f787cab665e174587488c14fe3f9590cb98437158001ebe2f6179f447
kernel-modules-4.18.0-372.198.1.el8_6.x86_64.rpm SHA-256: 609e4672b7fa4308cc690db8f4c6b16fde2ebfcb5d4be33d821ecd2ea89b6f57
kernel-modules-extra-4.18.0-372.198.1.el8_6.x86_64.rpm SHA-256: 5d2304a708ac65270eb42f5b9fda894cb09441adbb9d643f34aae7f4229e23db
kernel-tools-4.18.0-372.198.1.el8_6.x86_64.rpm SHA-256: 72250c52f8f3b7d700a7ed2543220b81c495c5d3e1c7591005492abf58e31e93
kernel-tools-debuginfo-4.18.0-372.198.1.el8_6.x86_64.rpm SHA-256: 4668a977239af03ed74c319755cad1c22d52a8c6f55b4e298c0e568ca58f9c20
kernel-tools-libs-4.18.0-372.198.1.el8_6.x86_64.rpm SHA-256: 6caa3c3a2366759ddf2fdfb8455cdf0861c97ededf059a9dfa76a0d9b20e090c
perf-4.18.0-372.198.1.el8_6.x86_64.rpm SHA-256: 47c25d89c3bf56cb4c652fe51b28400eeba23537237cbe9fbe947492764db55d
perf-debuginfo-4.18.0-372.198.1.el8_6.x86_64.rpm SHA-256: 08f957910c4126ca036d603d363a5f7d971a3dcf45edf85758514b653b2eadc4
python3-perf-4.18.0-372.198.1.el8_6.x86_64.rpm SHA-256: 2a151ce8486906637d57ed99e63f1530ca09f2647f578f87b3eae6bf952a6ca1
python3-perf-debuginfo-4.18.0-372.198.1.el8_6.x86_64.rpm SHA-256: bf36367f9adf822f5a31d9ec91fdde6f955f1c4f73f54325c6148988617644d3

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat LinkedIn YouTube Facebook X, formerly Twitter

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

Red Hat legal and privacy links

  • About Red Hat
  • Jobs
  • Events
  • Locations
  • Contact Red Hat
  • Red Hat Blog
  • Inclusion at Red Hat
  • Cool Stuff Store
  • Red Hat Summit
© 2026 Red Hat

Red Hat legal and privacy links

  • Privacy statement
  • Terms of use
  • All policies and guidelines
  • Digital accessibility